SecuROM is a CD/DVD copy protection product, most often used for computer games running under Microsoft Windows, developed by Sony DADC. SecuROM aims to resist home media duplication devices, professional duplicators, and reverse engineering attempts. The newest versions (v4 and up) prevent 1:1 CD-R copies from being made. Certain programs can circumvent its protection. The use of SecuROM is controversial because certain aspects of the protection are similar to functions of malware, and users are not always informed when SecuROM is included with a product. [] A class action suit has been filed against Electronic Arts for this very issue. [ [ Class action suit against EA] ]

Versions, detection and technology of SecuROM

ecuROM v1.x–v3.x

One of the following files should exist in the installed directory (Depending on the operating system) or in the root of the original CDs:
* CMS_95.DLL
* CMS_NT.DLL.The protection can also be recognized by DADC on the inside ring of the CD.DADC is a CD manufacturing plant; the more recent SecuROM protected games are also pressed in other plants.Open the main executable using a hex editor and search for the following ASCII text (it should appear twice): CMS

ecuROM v4.6

The protection modifies a CD-ROM's "q-channel" in order to make a protected original distinguishable from a copy.

A set of nine locations where the Q-Channel is purposely destroyed is computed by the following function (demonstrated as Python code), using a vendor specific key.

VendorKey = [0,0,0,0,0,0,0,0,0] Seed = [0,0,0,0,0,0,0,0,0] BadSQTable = [0,0,0,0,0,0,0,0,0] BadSQ = 0round = 0for a in xrange(256): BadSQ += (VendorKey [a % 9] & 0x1F) + 0x20 for b in xrange(9): if Seed [b] = a: BadSQTable [round] = BadSQ round += 1

# VendorKey [] , Seed [] and BadSQ are initialized to secret values.

The function calculates nine sector numbers; if the corresponding "Q-channel" is not readable at these locations, the CD is considered being original. Note that the key is always the same for all titles issued by a specific vendor, resulting in identical "Q-channel" patterns. Also note that every key has 134,217,727 "twins" that will produce an identical BadSQTable.

ecuROM v4.7 and above

After development on SecuROM had apparently been stopped, SecuROM v4.7 had been the first updated version for months. The new SecuROM brought several major changes about how the protection works and how it is integrated into the target program.

Unlike SecuROM v4.6, which relied on non-compliant SubQ-Information, the new scheme utilizes "data density measurement" (not to be confused with "data position measurement" as being used by other protections). While the data density on normal CD/DVD-ROMs constantly degrades from the most inner to the most outer sector, data density on SecuROM v4.7 (and up) protected CD/DVD-ROMs is diversified by a certain, vendor specific pattern. This pattern can be reconstructed by high-precision time measurement during software<->CD/DVD-drive interaction and reflects the vendor-key as mentioned above.

To do so the protection defines a set of locations spread over the disc and issue two SCSI-read-commands per location to the drive. As the disc spins, the time it takes for the second command to return depends on the time it takes the disc to do a full round and thus depends on the data-density. To achieve the required timing-precision, the "RDTSC" instruction is used, which typically has a resolution better than 0.01 microseconds.

The pattern is made up from 72 locations, each either with normal or higher than normal density and thus reflects a binary pattern which assembles to the vendor specific key mentioned above.

SecuROM v4.84 and beyond includes "Trigger Functions" which allow the developer to program multiple and fully customizable authentication checks throughout the entire application. As the protection places itself between the application's code and the OS, it can alter the behaviour of selected system functions.

Consider the following pseudocode:

if (GetCurrentDate() = '13-32-2999') then WorkCorrectly()else PreventProgramUse()end if

Obviously, a "normal" GetCurrentDate() function will never return '13-32-2999'. However, as SecuROM can modify the function's result, the application can check for the protection's presence during runtime; if the protection has been removed, the function will return with some other "valid" value, giving the application the opportunity to display an error message or render the application unusable (e.g. provoking a crash to desktop or making enemies invincible).

There are many different ways how "triggers" can be integrated into a program, making it much more complicated to universally circumvent the protection.

ecuROM v 7.x

Latest SecuROM Versions are all 7.x versions which are released and updated continuously.Fact|date=September 2007

SecuROM 7.x, if run under a non-admin user account, installs its own service called UAService7.exe, which works in ring 3 of the computer's operating system.Fact|date=September 2008

Securom has said: "it has been developed to enable users without Windows administrator rights the ability to access all SecuROM features." [ [ SecuROM ] ]

Known problems

The version of SecuROM that comes with "Armed Assault", "S.T.A.L.K.E.R" (European release only), "Neverwinter Nights 2", ' (patched to v1.04), "Tomb Raider Anniversary" (demo and full version), "Overlord", "BioShock" (demo and full version), ' (single player mode), "Rayman Raving Rabbids" (PC version), "World in Conflict" (single-player campaign only) and "Spore" (full game and "Creature Creator") prevents the game from running at all if older versions (before v11) of Process Explorer, a free tool by Sysinternals/Microsoft, has been run since the previous reboot. However, a workaround for this SecuROM detection bug (v9.25 is not affected) can be found [ here] . Microsoft has worked around this particular bug with Process Explorer v11.0.

Under Windows Vista, this same version of SecuROM also prevents the game from running if Explicit Congestion Notification is enabled in Vista's networking configuration. [cite web | url = | title = Casual Friday: Why Spore Won't Work | date = 2008-09-12 | accessdate = 2008-09-16 | publisher = PC World] The workaround is to disable ECN by running the command netsh interface tcp set global ecncapability=disabled.

The version of SecuROM that is installed with the first German retail version of the game "" installs a shell extension that makes explorer.exe crash at least on some systems running Windows XP. The same can be seen in systems running Windows Vista with the version of SecuROM that comes with "Neverwinter Nights 2" [ (see forums)] . SecuROM is hosting a fix to the issue that apparently removes the extension. As of version 1.0.1, this fix is not included in the official patches.


Conflicts with other software

Some versions of SecuROM, particularly older 2.x versions, may silently install a shell extension that prevents Windows Explorer from deleting 16-bit executables.

BioShock and rootkit accusations

"BioShock", a game using SecuROM protection, has been accused of installing a rootkit. An official announcement was made denying the use of any type of rootkit. [cite web | url = | title = The Cult of Rapture FAQ | date = 2007-08-23 | accessdate = 2007-09-08 | publisher = 2k Games] [cite web | url = | title = Clearing the air: Bioshock does not contain a rootkit | publisher = Ars Technica | first = Ken | last = Fisher | date = 2007-08-26 | accessdate = 2007-08-26 ] The detection of a possible rootkit is difficult, due to limitation in rootkit detection tools. Use of a common Microsoft rootkit detection tool known as RootkitRevealer flags issues related to "BioShock"'s copy protection which indicate a need for additional scrutiny. In this case, the flag is raised on account of a null byte in a string of characters in one of the related registry entries. Null bytes in value strings are generally interpreted by common registry visualization tools as end-of-string characters; such tools tend to fail to display the whole string. This is caused by the limitations of those tools and can be used by malicious parties to conceal data.

"The Sims" controversy

"The Sims 2" and some of its add-ons had previously used SafeDisc for copy protection until April 2007. Electronic Arts replaced SafeDisc with SecuROM v 7.x software protection since, beginning with "The Sims Pet Stories". This includes "The Sims Castaway Stories", "The Sims 2 Deluxe", ', ', ', "The Sims 2 Double Deluxe", ', "The Sims 2: Kitchen & Bath Interior Design Stuff", "The Sims 2: IKEA Home Stuff", and "". Claimed problems relating to SecuROM include prevention of proper launching of games, disabling of CD/DVD/Blu-ray disc burners, and disruption of antivirus programs. Some users have reported severe damage caused by SecuROM, resulting in system failures that required complete system reformats to fix. EA attempted to address some of these concerns on the official website. Despite user complaints, EA plans to continue employing SecuROM and its future versions in their future releases.

"Mass Effect" controversy

In May 2008 EA announced that "Mass Effect" for the PC would be using SecuROM 7.x requiring a reactivation of the software every 10 days.cite web | url =| title= Mass Effect, Spore To Use Recurring Validation | accessmonthday = June 03 | accessyear= 2008] Due to a massive outpouring of complaints EA removed the 10-day activation while keeping SecuROM tied to the installation. SecuROM's product activation facility was still used to impose a limit of three times that a customer is allowed to activate the copy of "Mass Effect" they purchased. The game becomes unplayable after the activations are used up, until EA's customer support is contacted to reset the activation limit. Unlike "BioShock", uninstalling the game does not refund a previously used activation.cite web | url =| title= Electronic Arts Responds to Copy Protection Outcry, Removes 10-day SecuROM Check for the Troops | accessmonthday = June 03 | accessyear= 2008]

Mass Effect class action lawsuit file by Bradon Gardner represented by the same attorney filing for the Spore class action suit, Alan Himmelfarb.

"Spore" controversy

On September 7, 2008 EA released "Spore" using SecuROM. Public reaction has been swift and sharp, with many users posting one-star reviews on (the lowest possible rating). As of October 2nd, 2008, there were 3073 reviews, approximately 85% of which give a single star (out of five) rating. Many of these comments cite SecuROM as the main reason for the low rating. [ [ Amazon listing for "Spore"] ]

"Spore" has also seen relatively substantial rates of piracy among peer-to-peer groups, possibly as a result of the backlash against its SecuROM-based DRM.cite web | url =| title= Spore's Piracy Problem | accessmonthday = September 17 | accessyear= 2008|publisher=Forbes] cite web | url =| title= Spore: Most Pirated Game Ever Thanks to DRM | accessmonthday = September 23 | accessyear= 2008|publisher=TorrentFreak] As a result of its inclusion within Spore, a class-action lawsuit was filed by Maryland resident Melissa Thomas within U.S. District Court against Electronic Arts. []

[ PDF copy of the court file against EA's use of SecuROM DRM in the game Spore.]

"Crysis Warhead"

Released on September 16 in Europe and September 18 in the US, "Crysis Warhead" has received a large amount of negative ratings in its first week. This is very similar to the release of "Spore", with numerous one-star ratings by discontented gamers due to the SecuROM protection. [ [ Amazon listing for "Crysis Warhead"] ]

"Sacred 2 - Fallen Angel"

To be released on October 2 in Europe and November 6 in the US, "Sacred 2" will be protected by SecuROM. Developer Ascaron has announced that the version of SecuROM installed with Sacred 2 will be a customer friendly version, and will come with an unlimited number of installations. Once the installation process is completed, the game DVD is no longer required in the computer's CD drive. Sacred 2 allows two players in Singleplayer mode and LAN mode per copy, and one player over the Internet per copy. Despite a number of one-star ratings with Amazon by discontented gamers, this copy protection policy is now quite welcomed as it's very customer friendly among the press and with Amazon commentators and in several media reports. [ [ Amazon listing for "Sacred 2"] ]

See also

*Extended Copy Protection
*Sony BMG CD copy prevention scandal


External links

* [ SecuROM]
* [ Sony DADC]

Wikimedia Foundation. 2010.

Look at other dictionaries:

  • SecuROM — ist ein CD/DVD Kopierschutz von Sony DADC für Microsoft Windows sowie Mac OS. Die aktuelle Version ist SecuROM v8 (Zuerst benutzt in Medal of Honor 2010). Erkennbar sind CDs und DVDs mit SecuROM meist anhand der Beschriftung „Sony DADC“ am… …   Deutsch Wikipedia

  • Securom — est un système de protection contre la copie des CD/DVD. Il est developpé par Sony DADC et est le plus souvent utilisé pour les jeux vidéos PC. SecuROM a pour but de résister aux périphériques de copie professionnels et personnels, ainsi qu aux… …   Wikipédia en Français

  • SecuROM — est un système de protection contre la copie des CD/DVD. Il est développé par Sony DADC et est le plus souvent utilisé pour les jeux vidéo PC. SecuROM a pour but de résister aux périphériques de copie professionnels et personnels, ainsi qu aux… …   Wikipédia en Français

  • SecuROM — es una protección de copia de CD/DVD desarrollada por Sony DADC, usualmente utilizada en videojuegos comerciales para Windows. SecuROM se especializa en evitar la copia con aparatos en casa, equipos profesionales y de intentos de ingeniería… …   Wikipedia Español

  • SecuROM — Тип Технические средства защиты авторских прав Разработчик Sony DADC Сайт SecuROM  программа для защиты CD/DVD от копирования программа создана Sony DADC. Для того что бы избежать копирование медиа и видео файлов и компьютерных… …   Википедия

  • SecuROM — noun A digital rights management system by Sony that provides copy protection for CDs and DVDs …   Wiktionary

  • BioShock — For the video game series, see BioShock (series). BioShock …   Wikipedia

  • Spore (2008 video game) — Spore Spore box art (2008) Developer(s) Maxis Publisher(s) Electronic Arts …   Wikipedia

  • TransGaming Technologies — infobox company company name = TransGaming Inc company company type = Public company slogan = Broadening the Playing Field foundation = 2001 location city = Toronto, Ontario location country = Canada key people = Vikas Gupta, CEO Gavriel State,… …   Wikipedia

  • Command & Conquer: Red Alert 3 — Red Alert 3 cover art Developer(s) EA Los Angeles Publisher(s) Elect …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”