bofh1459 (bofh1459) wrote,

  • Music:

It's official: DRM has jumped the shark.

So I grabbed a copy of Antares' Auto-Tune VFX in order to make an ""operatic"" version of My Immortal as a result of a silly idea I had while chatting on IRC. Turns out... the Auto-Tune VST has DRM inbuilt, and it's the iLok USB-key type DRM. This DRM system loads two drivers, iLokDrvr.sys, which does low-level communication with the USB dongle, and TPkd.sys, which is the main driver for the rootk^H^H^H^H^Hcopy protection system here. Now, all I wanted was the 10-day trial, but it turns out that no, you need to install the relevant drivers for that as well. Now, given that I'm about as reluctant to install drivers for a DRM/Copy Protection scheme on my main computer as I am to try to restrain a cat which recently had an enforced bath, I first take a look at the current cracks for the damn thing. They all load an emulator for the iLok dongle, which...isn't hard, that thing's pathetically easy to emulate and they change device keys so infrequently that you only really have to check about once a year to see if there are any programs with which your crack no longer function, but this now means I'm loading three kernel-mode drivers, and they're all from sketchy sources, security-wise. So I decide to poke around in Auto-Tune EFX.dll...

...5 minutes later I have unlinked the iLok DRM system from it completely. Turns out all I had to do this was NOP over a single conditional JMP and a single call to Kernel32.ExitProcess, as well as changing 3 conditional JMPs to unconditional JMPs. There are probably more things I'd need to change for everything to be fully functional, but so far every feature I've wanted to use out of Auto-Tune is present, available, and does not seem to mind this crack at all, hilariously enough.

This really is hilariously dumb. iLok, while not exactly StarForce 3.4/3.6, is decently complex as copy-protection software, and is actually quite expensive for a site license if you want to redistribute it with your software as its means of copy protection. While the copy protection software itsself is implemented somewhat decent, the actual means of calling it is hilariously stupid and lends itsself to being bypassed by simple conditional JMP changes to unconditional JMP or NOP. Come on, don't these people learn the ancient JMP-CMP bypass method of cracking every single shitty copy protection algo ever? It's stupidly popular and stupidly easy and floating all over the internet still. Seems like Antares needs to read said PDF in question sometime.

This is the copy-protection code equivalent of putting the most expensive, complex, difficult-to-pick Medeco lock on your door...which is made of corrugated cardboard. The lock sure as hell isn't going to get opened, but good luck preventing the thieves from breaking into the room by other means, which, you have to admit, in this case, are painfully obvious.

God, can we please just scrap copy protection already? It doesn't work and will never work, just give it up. And if you're not going to give it up, then at least give us INTERESTING copy protection schemes to crack, instead of this bullshit that I can reverse quite literally in under 15 minutes. Seriously. What the hell, guize. This is just idiotic, on multiple levels. Fix it. Seriously.
  • Post a new comment


    default userpic

    Your IP address will be recorded