[HN Gopher] Denuvo Analysis
___________________________________________________________________
Denuvo Analysis
Author : StefanBatory
Score : 196 points
Date : 2025-06-09 16:50 UTC (1 days ago)
(HTM) web link (connorjaydunn.github.io)
(TXT) w3m dump (connorjaydunn.github.io)
| mdaniel wrote:
| I haven't pirated games since I was in highshool, but this
| nonsense has resulted in the worst UX for games I have _paid_ for
| - with no recourse on my part. I guess it 's like Cloudflare:
| some people have to suffer because other people don't behave
| nicely
| alias_neo wrote:
| I also haven't pirated games since I was a child, but I run
| Linux, and I game on Linux, whether desktop or on my ROG Ally
| (Bazzite).
|
| The experience for me, when I buy a game, is that I either
| don't buy one with DRM, or, I buy one that _might_ work, and
| then I spend a little while trying to get the right version of
| Proton that runs correctly, and get banned / blocked
| temporarily for switching my machine identifiers or something
| too much.
|
| It really is a sick joke that the experience for gaming, music
| and video is all far, far better for those who _don't_ pay than
| for those who do.
| Kokouane wrote:
| > It really is a sick joke that the experience for gaming,
| music and video is all far, far better for those who _don't_
| pay than for those who do.
|
| Denuvo is effective enough that if a game has it, it is
| almost impossible to pirate. So in most cases, it is either
| pay or do not play the game at all.
|
| There was one key player who knew how to crack Denuvo DRM.
| They went by the name Empress but haven't cracked anything in
| the past year, and also mentally deranged, often including
| very transphobic rants in the NFO file of the torrents they
| release.
| alias_neo wrote:
| > it is either pay or do not play the game at all
|
| That's still a net win for the pirate I'd argue; for them
| it's zero steps to "don't play the game at all", for
| someone like myself it's pay->waste time trying to get it
| run and fail->refund/no-refund.
| charcircuit wrote:
| The wasting of time is because you are using an
| unsupported operating system. It sounds like if you
| switched to one you wouldn't have to waste time since the
| OS would support everything the game needs.
| protimewaster wrote:
| It feels optimistic to think that the DRM works perfectly
| on every possible configuration running a supported OS
| though, does it not?
| kbolino wrote:
| There is quite a bit of anecdotal evidence that many
| Denuvo-protected games run worse _on the recommended
| hardware and O /S_ until the Denuvo protection is
| removed. The end result is a worse day-one experience for
| the people who pay the most than for either the pirates
| (if any) or the people who wait for the game to fall out
| of the early hype phase.
| josu wrote:
| >some people have to suffer because other people don't behave
| nicely
|
| It's self fulfilling though. Some people won't behave nicely if
| a game comes with Denuvo.
| izzydata wrote:
| What part of the experience suffers from Denuvo? I've had games
| with Denuvo and then had Denuvo removed and at least in my
| limited personal experience there has been no discernible
| difference.
|
| I can understand the argument against DRM in general and owning
| things you buy, but that seems like a different problem.
| RedCardRef wrote:
| https://youtu.be/07NMuobVVwQ?si=6X_uZQoK11ZJcebI
|
| https://youtu.be/1VpWKwIjwLk?si=JxjXuhJJAutXp1ww
| izzydata wrote:
| Interesting. For how effective Denuvo is the impact is
| negligible. Less than 1% average framerate and seconds of
| loading time.
|
| The disk space usage is weird, but 100mb to 300mb
| executables is irrelevant in the age of terabyte drives and
| 50gb game installs.
|
| Nice to confirm that there was no way I was ever going to
| notice its impact.
| nneonneo wrote:
| The clever thing here is that Denuvo is only used to
| protect certain functions, not the entire game. The
| functions it protects should be functions that run
| infrequently, but contain enough critical game logic that
| they can't just be replaced wholesale by a cracker. I
| believe the game developer themselves chooses what
| functions to protect. If they protect too much (or
| protect the wrong functions) performance can suffer,
| whereas if they don't protect enough, the crackers' job
| is too easy.
| izzydata wrote:
| I wonder if Denuvo the company charges more or less
| depending on how much function protection the developer
| chooses or if it is a flat rate.
| Cold_Miserable wrote:
| From the "analysis" I gather it works by encrypting the
| .exe and the key's are server-side. The hardware info is
| used to further encrypt it.
|
| I think the goal should be to fool the checks rather than
| remove the encryption which would be a nightmare. CPUID
| can output whatever you want, it just reads MSR's. I'm
| sure there are possibilities to use kernel drivers to
| make windows functions also read out whatever you want.
| onli wrote:
| Just in case that's helpful, there is a Steam curator that
| marks games protected with Denuvo, to make that fact more
| visible before you buy them.
| https://store.steampowered.com/curator/26095454-Denuvo-Watch...
| tristor wrote:
| Very interesting analysis and as someone who practiced
| reversing/cracking in my youth, it helps me to understand why
| Denuvo is so effective. I have, for awhile, had a policy that I
| will not buy any game with Denuvo, and I continue to stand by
| that policy. I only play games w/ Steam on Linux (Steam Deck or
| Framework 13 laptop) and Denuvo makes this impossible, so it's a
| hard no from me. But I respect the engineering they invested into
| this DRM.
| xienze wrote:
| > I only play games w/ Steam on Linux (Steam Deck or Framework
| 13 laptop) and Denuvo makes this impossible
|
| Are you sure about that? I have a ROG Ally running Bazzite and
| I have played several games on this page[0] that use Denuvo.
|
| 0: https://store.steampowered.com/curator/26095454-Denuvo-
| Watch...
| akimbostrawman wrote:
| Denuvo DRM works on linux however it does require an internet
| connection and you can get banned for +24 hours if you play on
| more than 3-5 devices a day (a proton prefix also counts as 1
| device).
| andoando wrote:
| I mean why shouldn't game developers protect their game from
| piracy?
| yjftsjthsd-h wrote:
| Because it punishes legitimate users
| kbolino wrote:
| The best protection from piracy has always been making the
| product available at a reasonable price in a convenient
| fashion. This is echoed by Gabe Newell, founder of Valve, the
| makers of Steam, who said: "piracy is almost always a service
| problem and not a pricing problem...." I think the actual
| operation of Steam has shown that pricing matters too, since
| it is well known for its unusually generous sales compared to
| other (legitimate) digital stores. The point is that if you
| meet the customer where they're at, as frictionlessly as
| possible, you will outcompete the pirates.
|
| DRM's primary purpose is to force consumers into an
| ultimatum: accept our inflated pricing and enforced
| inconveniences, or get nothing at all. For some products,
| this is part of their brand identity, since they bill
| themselves as "premium" or "AAA". For others, it's
| enforcement of their monopoly control (e.g., sports
| broadcasting). In all cases, it's treating the consumer like
| a disposable and squeezable commodity, which isn't
| necessarily inaccurate for some products and their target
| audiences, but certainly isn't the only way to do business.
| andoando wrote:
| 1. There is certainly a large number of people who will
| pirate whether the game is $60 or $5. If you made pirating
| easier and consequence free, itd be a donation model. Gabe
| Newells statement speaks more to doing the best under bad
| circumstances, than openly espousing piracy (make games
| cheap enough that paying is worth the convenience of going
| through hoops to pirate it). If he was fully sincere in
| that statement he ought to allow all their steam store to
| be downloaded for free.
|
| If you cut down the difficulty of cracking a game, and
| generally made it easier to pirate, wed just have a nice
| cracked Steam store anyone can download any play anything
| they want, do you really think thats going to help the
| market?
|
| 2. Characterizing the buying and selling of a goods, a non
| essential like a video games no less, as an "ultimatium" is
| ridiculous. By pirating youre just subsidizing the cost of
| the game onto people who paid for the game legitimately.
|
| You developed the game, you have the right to charge
| whatever you want for it.
|
| Perhaps there are arguments to be made since copies of
| digital goods are essentially free, but this isnt it
| kbolino wrote:
| You can characterize it as you wish, but the optimal
| amount of piracy is not zero, it's whatever amount costs
| more to quash than you will gain in revenue from quashing
| it. For many endeavors, this is quite a large amount of
| piracy, perhaps even larger in numbers than legitimate
| acquisition. For other endeavors, the balance lies
| somewhere that feels more favorable to the creator. There
| are many ways to find roughly where this line is, and DRM
| can be part of an effective scheme, but it can also be
| (and usually is) a crutch that obfuscates the line
| instead.
|
| Valve is not a charity and tolerating some piracy
| pragmatically is not equivalent to wanting a free-for-
| all. What's good for the consumer can still be good for
| the creator and Steam has proved that. It doesn't need to
| meet some purity test.
| justsomehnguy wrote:
| The pesky pirates don't have a problem running the game.
|
| The legitimate _buyers_ do have.
|
| Who you want to annoy more - the people who gives you money
| or the people you never heard and you would never hear about?
| farmdve wrote:
| What isn't mentioned in the article is _why_ UD2 is chosen. It is
| a relic from the SecuROM days, in fact, one of the developers on
| SecuROM is the one who also works or worked at Denuvo.
|
| I would imagine many things from the SecuROM era live on in
| Denuvo.
|
| But if you read the article you will realize that certain games
| will not work in the future due to Denuvo.
|
| "This destroyed any exception-based hooking since majority of the
| time an exception is triggered, Windows will write an
| EXCEPTION_RECORD high up in unused stack space. You can probably
| see where this is going. Now, whenever the CPUID is hooked via an
| exception, that important value will become overwritten with an
| EXCEPTION_RECORD, causing undefined behaviour later on. I believe
| this can be bypassed if you attach a debugger to the process and
| set certain flags when it comes to exception handling, but the
| method of patching every hardware check is still cumbersome due
| to randomness anyway."
|
| As Windows matures, behaviour can change, breaking certain stuff.
| musjleman wrote:
| > As Windows matures, behaviour can change, breaking certain
| stuff.
|
| How do you expect the aforementioned tech to break the games
| it's on? If anything it "breaking" will just make the anti-
| tamper feature ineffective.
| ainiriand wrote:
| I imagine that if some Denuvo servers enter legacy status at
| some point they'll be removed entirely.
| sbarre wrote:
| Yeah it's not uncommon to see Denuvo patched out of a game
| title once the initial sales window has passed..
|
| I wonder if that's because they want to avoid these kinds
| of future incompatiblities with the underlying OS as it
| evolves.
| transcriptase wrote:
| IIRC Denuvo costs a fortune to keep in a game, since it's
| a subscription model. Once sales sufficiently taper off
| there's not much sense in paying for it anymore.
| everyone wrote:
| Some games have had it for an extremely long time. and
| some publishers _never_ remove it (Eg. Sega). In some
| cases I guess they got a lifetime deal with an older
| version of Denuvo, but other cases are sus. I wonder is
| it for money laundering purposes.
|
| Theres a list of every game that currently has denuvo
| here... https://www.reddit.com/r/CrackWatch/comments/p9ak
| 4n/crack_wa...
| evilkorn wrote:
| I think the dev pays for the service window and after the
| Denuvo contact is up they update the game without it.
| farmdve wrote:
| The anti-tamper codes, if any tampering is detected will
| crash on undefined/unallocated regions. Meaning that if
| Windows ever were to overwrite that region for whatever
| reason, will trigger the crash.
|
| Such was the case for SecuROM in early days. It featured the
| CRC checks mentioned, if any single byte was changed,
| including an INT (breakpoint) instruction, it would crash.
| Here it's unlikely that it wont crash. Rendering the game
| inoperable.
| flerchin wrote:
| I'm confused by calling the identifying information "stolen
| constants" or "stolen instructions". I don't understand why it's
| considered stolen. Do we mean "intercepted"?
| nneonneo wrote:
| The "stolen" constants/instructions are bits of code that were
| in the original (VM-obfuscated) binary. These
| constants/instructions are deleted from the binary and provided
| by the server in an obfuscated form. Effectively, the binary
| you get when buying the game is incomplete: you get a dynamic,
| encrypted, system-dependent patch from the server that supplies
| the missing pieces (the "stolen" pieces).
| mpeg wrote:
| It's a very common term in reverse engineering, and low level
| programming in general. In VMs you usually say "stolen" to
| refer to bytes/instructions/constants that have been taken from
| the original binary and put somewhere else (whether obfuscated
| or not, whether still in the local binary or in a server like
| with denuvo)
| rjh29 wrote:
| It is clearly effective. Go to a PC game piracy site and most
| games will be available, but anything covered by Denuvo is
| unavailable even years later. Either nobody is willing to crack
| it (unlikely) or Denuvo have done an exceptional job.
| devmor wrote:
| To some degree this is true, but it's cost-benefit analysis
| rather than being uncrackable. Denuvo is so invasive that
| software exploits aren't worth the effort (or risk on behalf of
| the user), and physical exploits are sold instead.
|
| For example, physical FPS exploits include devices that sit in
| the HDMI/DP chain with a USB output and emulate a keyboard and
| mouse.
| clayhacks wrote:
| There's definitely been plenty of denuvo games cracked, but I'd
| say most games that haven't been cracked have denuvo. I think
| it also depends on the version of denuvo. Newer versions seem
| pretty well protected
| 0cf8612b2e1e wrote:
| Could some of that be the decreasing share of single player
| games? Multiplayer, always online games are a moving target vs
| an offline game you only need to crack once. Everything "needs"
| to be online, user experience be damned.
| sph wrote:
| There are cracked Denuvo games, and no anti-piracy scheme is
| unbreakable, ever.
|
| If it can run on your PC when copy-protected, it means at some
| point the CPU executed the right instructions, so a crack is
| always possible to create. It's just a matter of how much
| effort and time is it to reverse-engineer it. You cannot copy-
| protect software indefinitely.
|
| I remember feeling cool as fuck as a teenager because I cracked
| GTA 3 by dumping the live memory of the binary post decryption.
| Of course it's been 25 years, so the status quo has improved by
| a lot and god knows how many man-years and kWh are wasted on
| copy protection.
| gpderetta wrote:
| Technically some CPUs support secure enclaves that should
| support end to end encryption which should be robust short of
| lifting the encryption keys from the die. In practice things
| like SGX have been full of holes.
| hansvm wrote:
| Even assuming those are flawless, lifting keys is still
| O(n) in the key size, and the battle is just increasing the
| constant factor enough to make it unattractive. The problem
| is that lifting keys is attractive for reasons much more
| valuable than game cracking, so after a few years they
| should always be assumed compromised.
| dist-epoch wrote:
| X-box is unbreakable.
| phantompeace wrote:
| So was the PS3, until it wasn't.
| zeusk wrote:
| but afaik, we still don't have a break on xbox one
| released 2013 - 12 years later.
| OptionOfT wrote:
| I love this presentation by a Microsoft person on the
| security aspects of the Xbox One:
| https://www.youtube.com/watch?v=U7VwtOrwceo
| dyingkneepad wrote:
| Perhaps it's just that xbox is irrelevant, when you have
| PC and Playstation?
|
| To me, Xbox is that video-game you get when you ask for a
| Playstation and your parents don't understand video-
| games. Their versioning scheme even helps make sure the
| parents fail to purchase the latest generation.
| davikr wrote:
| there has been one recently that led to the dumping of
| games on xbox one and serie and the beginning of
| emulation projects
| jampa wrote:
| I think it is a combination of both. From what I heard, Denuvo
| hires many people from "the scene," and when someone cracks it,
| they pursue them aggressively.
|
| Denuvo is also not a massive target because there are too many
| games nowadays to care about a specific one. The exception was
| when "Hogwarts Legacy" was released with Denuvo, and people
| went crazy for a crack which was delivered just 13 days later.
| mathverse wrote:
| Denuvo does not need to hire from the scene. The scene is not
| some magical place full of uber leet crackers. People doing
| denuvo have the same or better skills.
| qualeed wrote:
| > _anything covered by Denuvo is unavailable even years later._
|
| That sounds like a marketing claim. There's a bunch of denuvo-
| protected games that have been cracked. As far as I am aware,
| although I am not completely up to date, there are more denuvo-
| protected games that have been cracked than not.
|
| For awhile I feel like there were monthly headlines along the
| lines of "Denuvo cracked within hours of game release" (e.g.
| https://www.techspot.com/news/71543-denuvo-protected-
| games-n...).
|
| (I agree that Denuvo is generally effective for its goals,
| especially at game launch when it is most valuable. It's just
| not infallible, by any stretch.)
| MallocVoidstar wrote:
| The vast majority of Denuvo games are no longer cracked.
| There's a list of cracked/uncracked Denuvo games here: https:
| //old.reddit.com/r/CrackWatch/comments/p9ak4n/crack_wa...
|
| I think some of the recent 'cracks' were mostly errors by the
| developers, allowing the demo of a game to load the full data
| files or shipping an unprotected EXE on accident somewhere
| (sometimes they leave a debug EXE lying around).
| guizadillas wrote:
| Well you need to update, there no one right now actually
| cracking denuvo
|
| Most "cracked" denuvo games are games cracked AFTER denuvo
| was removed by the publisher in an update (usually 6 months
| after release)
|
| Just look at the Yakuza/Like a Dragon games
| qualeed wrote:
| > _there no one right now actually cracking denuvo_
|
| The claim was that games protected by denuvo are uncracked
| _years later_.
|
| What is happening _right now_ is important and interesting,
| too, but not the claim the person I replied to made.
|
| " _anything covered by Denuvo is unavailable even years
| later_ " just isn't true. And that's what I was replying
| to.
| xdfgh1112 wrote:
| One example is anno 1800. Games where the profit model is
| continually selling dlc (as opposed to making most of
| their money on day 1) will likely continue to pay for
| denuvo.
| SSLy wrote:
| by my best count there are ~80 uncracked and ~190 cracked
| denuvo games. Demo bypassess etc count as uncracked. Further
| ~130 games had Denuvo removed after release.
| mardifoufs wrote:
| I thought EMPRESS (the only one that was able to consistently
| put out cracks and only for some games) retired. So there's
| literally no one who's cracking any recent games, which is
| all that matters for publishers.
| qualeed wrote:
| > _no one who 's cracking any recent games, which is all
| that matters for publishers._
|
| Sure!
|
| That wasn't the claim made by the person I replied to. They
| said " _anything covered by Denuvo is unavailable even
| years later._ " which isn't true. That's what my comment is
| about.
| bri3d wrote:
| The most important thing about Denuvo is that it's on a
| subscription license to the game publishers, so it's almost
| always removed after some length of time. This is critical in
| understanding why it isn't cracked as often, because they've
| shifted the economics to "spend 3 months tediously removing
| obfuscation methods or wait 1 year and the game is unprotected
| anyway."
|
| > anything covered by Denuvo is unavailable even years later
|
| I don't think this is true in the general case.
|
| > Either nobody is willing to crack it (unlikely)
|
| That's exactly what's going on - it's a matter of time-benefit,
| not "possible." What's groundbreaking with Denuvo isn't that
| the overall technique is incomprehensible but rather that it's
| insanely tedious to remove and very difficult to automate. They
| haven't made some groundbreaking theoretical technique, they've
| applied so many "standard" ways to obfuscate a binary that it
| becomes more annoying than it's worth to remove.
| bee_rider wrote:
| Is this, uh... actually a good outcome? If games make most of
| their money in the first couple months anyway (I'm not sure
| about this claim but it seems intuitively possible, at least
| for AAA), then getting anti-piracy for that timeframe seems
| like a high priority.
|
| Then, the subscription can be allowed to lapse... and the
| game can be preserved, at least to the extent to which it can
| run without servers. If we have any belief in the "games as
| art" idea, this seems like a good result for preserving art.
| nemomarx wrote:
| It works out pretty well as long as publishers follow that
| step yeah. it would be nicest to open source the game after
| it's life span maybe
| phoronixrly wrote:
| It would be nicest not to use unethical software (Denuvo
| or any other DRM) and distribute the game source with the
| binaries since the initial release. I can't believe that
| this needs to be repeated and that our understanding of
| open source has been perverted to 'is it on Github, and
| do the devs/community work for free so we can take
| advantage from them?' and that it's ok for games to be
| proprietary software...
| delta_p_delta_x wrote:
| As someone who regularly used to visit the ship and heavy
| rain websites for video games, I actually feel the modern
| usage of Denuvo--protect sales for the first bit, and
| then remove it for the long tail--is a decent middle
| ground between EA-style DRM that locks down a game and
| its servers for ever, versus having a game completely
| blown open the first day, and a new-ish studio losing a
| considerable amount of genuinely-deserved revenue the
| first few days after release because they had no DRM on.
| 12_throw_away wrote:
| I mean, I'm pretty happy with the arrangement. People who
| buy day-1 bugfests for full price have to deal with awful
| DRM. But if you wait a year or two, then the most egregious
| bugs get fixed, it goes on sale, and the intrusive DRM is
| gone.
|
| Of course, this means that casuals like me get a much
| better experience than their core, dedicated, day-1
| customers ... but really, that sort of contempt for your
| core audience is a foundational principle of AAA these
| days.
| KennyBlanken wrote:
| > The most important thing about Denuvo is that it's on a
| subscription license to the game publishers, so it's almost
| always removed after some length of time.
|
| No, the most important thing about Denuvo is that PC gamers
| are forced to upgrade their hardware because Denuvo is such a
| performance hog. All you have to do is wait until Denuvo is
| stripped and the game will run much faster.
|
| Frankly, it wouldn't surprise me if there's a conspiracy
| between Denuvo and Intel/AMD/NVIDIA where Denuvo goes out of
| their way to hurt performance on a really popular title, thus
| forcing people to upgrade.
|
| Idiot writers at gaming websites claim a new patch to a game
| that's been out for a while has "optimizations" and lauds the
| developers for slaving away to make an already-finished game
| faster. The reality is that they just stripped out Denuvo.
| Tadpole9181 wrote:
| I agree that I've seen anecdotal evidence that Denovu slows
| down _some_ games considerably. That said, a conspiracy
| between every major hardware manufacturer and Denovu is
| certainly a bridge too far. It 's far more reasonable,
| especially after reading this article, that there's a
| significant cost to all this encryption and wrapping and
| redirection if it's not applied carefully and enters a hot
| path.
| Thaxll wrote:
| The goal is to get your game protected at release because this
| where most of the money is made.
| perching_aix wrote:
| Successfully got me out of gaming as a kid a decade ago when it
| started being implemented everywhere. Not exactly the business
| idea they had behind it I don't think. Now I just play F2P
| gachas and check in on Game Pass every now and then, so no
| conversion ever since either.
| StefanBatory wrote:
| Also unrelated, but seeing "A 2nd Year Computer Science Student"
| in the blog name was both breathtaking in a positive way, but
| also hurts a little. Kudos to the author, seriously.
| mpeg wrote:
| Students are the only people with the patience for deep RE, I
| spent hours and hours in my teens unpacking binaries that used
| similar VMs and got pretty decent at it.
|
| Nowadays, there is no way I could do it, I tried to get back
| into hackthebox recently and the new RE challenges make my
| brain hurt.
| doctorpangloss wrote:
| Game developers have Denuvo as an anti-piracy option. This is
| your choice for single player PC games.
|
| There's also multiplayer as anti piracy. It is impracticable to
| spoof unseen, complex server code forever.
|
| Environment Integrity is the most flexible. That means you can't
| pirate because you can't sideload code that doesn't belong to
| you, and that a remote license check cannot be spoofed. The
| environment also has to provide enough incremental value in
| updates that most people will keep auto-update on. Although, of
| course, Apple could force updates.
|
| To me, the problem is how to avoid this conversation altogether.
| The kind of person who has the personality defect that makes him
| post rants about DRM doesn't listen long enough to figure out
| "validity" in games.
|
| Like imagine when people invoke that word, "valid." This is what
| DRM is about to audiences, not technology. Video games are
| aesthetic experiences, you don't have to play them to survive, to
| me it is valid to consider anything related to the game, like its
| DRM or the development team or whatever, as fair game for
| "valid." But.
|
| If you don't think Denuvo is valid, you don't think "AAA single
| player games on PC" is valid. And maybe that's okay, maybe you
| can only go to iOS or the Switch or PS5 (Environment Integrity
| DRM) for AAA single player. There are no indie developers on
| consoles, so suddenly, you are also saying, "the only place for
| single player that costs money to make for self published is
| iOS."
|
| This is why I personally find the crusade against Denuvo so
| ironic: the people who could take the biggest creative risks and
| reap the most reward, including the right to keep making whatever
| it is they want, benefit the most from Denuvo.
| keyringlight wrote:
| One thing I try to bear in mind with this is while there's a
| lot of anti-corporate discussion alongside video games, they're
| quite often contrary to what happens in the wider world when
| you compare against what games or companies are successful. A
| lot of it skirts around the concept that developers big or
| small take money to be made and don't seem to have a good idea
| on how success should be rewarded (or differing rules depending
| on who you are). The video game audience is also going to be
| incredibly broad across a huge range of circumstances around
| the globe, so the question of what something is worth will have
| a wide range too.
| cainxinth wrote:
| Lets see Empress's analysis
| Traubenfuchs wrote:
| What happened to the empress?
|
| Is she (he?) still schizoposting via homophobic and transphobic
| .nfo files, combining super natural female moon goddess intuition
| with deep rooted cracking knowledge and has a growing telegram
| community full of G*mer simps?
|
| For those not in the know, empress is/was THE famous denuvo
| cracker with a rather... eccentric online presentation of
| themself.
| davikr wrote:
| empress went dark after being exposed by a scene group as
| "voksi, the bulgarian". no one knows, but it did coincide with
| that.
| menthe wrote:
| Nothing a well-trained model won't be able to instantly solve.
| It's literally just grunt work, not rocket science.
|
| F DRMs though. Good news is those AAA games are rarely worth
| anyone's time anyways. Better spin up indies or classic games - a
| good SNES game is worth a hundred of those garbo AAA license
| rehashes.
| ainiriand wrote:
| Not for normies.
| formerly_proven wrote:
| It's hard to overstate how poor the technical quality of modern
| games is. Pretty much every DX12/Raytracing title is just a
| stuttering mess with absurd shader compilation and traversal
| stutter. Nevermind ridiculous ghosting artifacts and the like
| produced by Lumen. Modern games are optimized to look good on
| screenshots and not-realtime in-engine renders for trailers.
| Hardware and APIs have never been more powerful, and engine
| developers turn out the worst-running games since 30 fps
| hardlocked Xbox ports from the 2000s.
| andrewmcwatters wrote:
| I can't stress enough how much this is not true for any
| meaningful production threat detection software. Models
| regularly fail reversing even basic obfuscation tasks. Try it
| yourself. No, ChatGPT is not going to break Denuvo. Probably
| not even in OpenAI's wildest dreams.
|
| Generating an image or sound is seemingly child's play compared
| to actual complex software tasks. There's not 1,000 different
| open source DRM codebases you can train against. It's not a
| diverse field.
|
| Generating code to do script kiddie hooking? Sure. Reversing a
| complex multi-tiered obfuscation and trust platform? Yeah,
| right.
| yukIttEft wrote:
| Had also a look at Denuvo a while ago. Used LLVM to remove the
| x86 obfuscation and broke it down to VM-Opcodes. Atleast back
| then, Denuvo seemd to translate gamecode into a stackmachine.
|
| This is how a VM push looks like:
| temp[0]=add(mem[e268], fffffffffffffff8)
| mem[temp[0]]]=mem[e560] mem[e268]=temp[0]
|
| (vmreg_e268 is stackpointer, its decremented and stored in
| tempreg, then the value of vmreg_e560 is copied to
| stackpointeraddr, then new stackpointervalue is written back)
|
| But i quickly lost interest when it became MBA galore:
| temp[7]=sub(add(add(and(mem[ebe8], b2f7), 3fd8),
| xor(lshr(mem[ebe8], 1), 2684)), lshr(add(mem[ebe8], b2f8), 1))
| temp[d]=or(sub(sub(4ad, temp[7]), xor(and(shl(temp[7], 1), 95c),
| 95c)), 8000) temp[e]=lshr(temp[d], 1)
| temp[11]=lshr(add(temp[d], 8001), 1)
| mem[ebe8]=sub(xor(xor(temp[e], 3fff), temp[11]),
| shl(and(and(temp[e], 3fff), temp[11]), 1))
|
| (looks like its doing some operation with a constant to
| vmreg_ebe8, but obfuscated by MBAs and most likely the result
| won't ever being used, so its just noise to drown out the real
| operations)
|
| BTW: anyone aware of LLVM optimizer passimplementations that can
| deal with MBAs ?
| jcranmer wrote:
| > BTW: anyone aware of LLVM optimizer passimplementations that
| can deal with MBAs ?
|
| Your best bet is InstCombine, but likely most of the MBA
| patterns aren't going to be InstCombine patterns because who
| writes that kind of code?
|
| In principle, you might see if you can tickle Alive2 (which can
| map LLVM IR to SMT logic) to see if you can get a peephole
| optimizer that's querying an SMT solver. But I'm not aware of
| anyone who's built a pass like that yet, and it's definitely
| not a regular pass in the compiler.
| yukIttEft wrote:
| Wasn't aware of Alive2. Thx, I'll have look.
|
| I had some success with https://github.com/mrphrazer/msynth
| But its hard to glue this to LLVM.
| jor-el wrote:
| You can take a look at SiMBA++ ->
| https://github.com/pgarba/SiMBA-
|
| It is a C++ implementation of SiMBA [1] - a tool to handle
| linear MBAs, made available by Denuvo itself. Denuvo have
| another tool - Gamba for handling some variety of non-linear
| MBAs. And then further improvisation by another researcher -
| MSiMBA [3].
|
| SiMBA++ since written in C++, it is fast and it integrates well
| into the LLVM passes to automatically identify the MBAs and
| replace them in the LLVM IR with simplified expressions. So no
| additional work required.
|
| Shameless plug - me and my colleague (author of SiMBA++)
| recently gave a talk about using LLVM for deobfuscation of
| WASM, where we talk about MBAs, SiMBA++ etc. The idea is not
| limited to WASM, it is language agnostic once you have a binary
| lifted to LLVM IR. https://www.youtube.com/watch?v=gKRdOcuXbYI
|
| [1] SiMBA - https://github.com/DenuvoSoftwareSolutions/SiMBA
| [2] Gamba - https://github.com/DenuvoSoftwareSolutions/GAMBA
| [3] MSiMBA - https://github.com/mazeworks-security/MSiMBA
| yukIttEft wrote:
| oh
| 2c2c2c wrote:
| years ago, a friend of mine built something functionally
| equivalent to Denuvo in his spare time over the span of a few
| years. I think his original idea was "DRM for the little guy",
| recognizing that indie games probably lose massive revenue from
| initial release piracy.
|
| He had no idea how to sell it. After it sitting around for
| awhile, I tried pitching the technology to few friends in VC, who
| had absolutely no idea what I was talking about.
|
| It bothered me for a long time to see such a culmination of
| talent and effort get 0 reward for it. I've wondered if such
| technology would be interesting to some large publisher to just
| buy outright, bringing their anti-piracy in-house rather than
| relying on Denuvo. Any ideas/help appreciated :)
| HighGoldstein wrote:
| > recognizing that indie games probably lose massive revenue
| from initial release piracy.
|
| This seems like an odd claim _especially_ for indie games.
| Indie games tend to already have trouble attracting buyers, it
| feels like anyone considering pirating it would just move on if
| they couldn't do so.
| 2c2c2c wrote:
| Can't say I was sold with the target market mostly because
| the sales problem becomes orders of magnitude harder
|
| My thought regarding indie games were successful ones though.
| Something like Celeste or Balatro.
| ronsor wrote:
| I pay for games because it's convenient. Most DRM is
| decidedly inconvenient for me, especially Denuvo-tier DRM.
| The end result is that if there's DRM, I'm more likely to
| pirate it or not play it if there's no crack.
| andrewmcwatters wrote:
| Many years ago I was publishing work independently with a few
| other colleagues, and yes, piracy was a big deal. It was
| flattering, because you knew the demand was there, but maybe
| the audience couldn't or wasn't willing to pay for the
| product, but you don't want to see your work obtained for
| free when you're charging for it.
| shmerl wrote:
| Vote with your wallet and don't buy games with this junk.
| LightHugger wrote:
| Worth noting that denuvo causes a lot of hitching, massive load
| time increases and overall performance problems. Denuvo
| marketing dept likes to say this isn't true but you only have
| to look at the before/after on games with and without it,
| monster hunter world was a very stark example. I have no doubt
| denuvo is also massively contributing to the performance
| problems on Monster Hunter Wilds as well.
| shmerl wrote:
| Of course. DRM can never improve user experience, it's an
| anti-user feature by definition.
| GuB-42 wrote:
| I think Denuvo impact on performance is as much exaggerated
| by gamers as it is downplayed by Denuvo.
|
| I didn't play MH:World on PC but from what I have seen
| MH:Wilds suffers from piss-poor optimization that is
| unrelated to the (two!) DRM they have put in. It may be
| Denuvo, but from what I've seen, it is just the usual
| laziness that is prevalent in most AAA games today. Instead
| of spending the performance budget where it matters by having
| programmers collaborate with artists, they just throw
| everything at the engine which ends up overwhelmed and in
| turn throws everything to DLSS and framegen resulting in an
| ugly mess (but a raytraced ugly mess!) if you don't have the
| latest overpriced hardware.
|
| And it may be the same problem with Denuvo. Denuvo doesn't
| have to cause massive performance problems, but developers
| have to implement it correctly, using license checks
| sparingly, and certainly not in performance-critical code.
|
| Also note that when the publisher removes Denuvo, it may also
| come with other performance optimizations, not everything
| comes from the removal of Denuvo.
| LightHugger wrote:
| I don't think is exaggerated by gamers, if anything it's
| widely understated. The issue is that denuvo affects the 1%
| lows and latency much more than the average FPS. But the 1%
| lows and latency have an outsized effect on player
| experience, average framerate can be the same but if 1%
| lows and latency are miserable then you are playing a
| completely different game.
|
| You are not wrong about the additional failure of AAA to
| keep their games optimized but the ways denuvo affects
| performance are particularly insidious.
| larodi wrote:
| ph34r!
|
| op is top
___________________________________________________________________
(page generated 2025-06-10 23:00 UTC)