Vaporware DRM - A solution in a technique

[Purr4me]

keep it simple to drive the hobby back on track.

Overcompensate things, the desire to mod goes away.

the theories can be applied to all games but the concern here is just one game and web site. Something we need to get an understanding set.

Don't steal stuff...you will be caught.

[Jeoshua]

 

not worried about the human factor, I'm worried about the software factor. Steam will delete unauthentic data. many users are not as proficient as good authentication software's. we need something simple and non invasive that can not be removed.

The process as described in my old forum post is exceptionally simple.

 

That being said, watermarks can be removed. PEX scripts can be decompiled / rewritten. The point of my old process and the process by Jeoshua is to make it harder for thieves to claim a mod as their own - there is no foolproof method, however. If a thief is smart enough they will circumvent any protections or watermarking system.

 

 

Precisely so. The process you describe is substantially similar, and I hope you don't feel I've stepped on any toes. We have the same taste in software, so I doubt it.

 

And the private/public key pair answers the decompillation issue. You can even put it in plaintext and it's substantially the same effect, if much less flashy.

 

And there will always be thieves. This just raises the bar on the ones who can get away with it scott free without evidence.

Edited June 10, 2016 by Jeoshua

[Reneer]

Precisely so. The process you describe is substantially similar, and I hope you don't feel I've stepped on any toes. We have the same taste in software, so I doubt it.

 

And the private/public key pair answers the decompillation issue. You can even put it in plaintext and it's substantially the same effect, if much less flashy.

 

And there will always be thieves. This just raises the bar on the ones who can get away with it scott free without evidence.

I certainly don't feel that you've stepped on anyones' toes.

 

The private / public key does kinda answer the decompilation issue - but once they've gone through the effort of decompiling it, it is trivial to remove the key and modify the source code. But most mod thieves will never do that.

[Jeoshua]

Right. Hence, the bar is raised to those who know what they're doing anyways, and are less likely to mess up your reputation by substantially misrepresenting what you have written. A Moriarty villain, not a common hooligan.

 

And if they are a moron, and break your mod when taking out the DRM, then good. Because that's what happens when you rip DRM off anything, when it's done right. And the only thing this really needs to protect is your signature, which you're keeping in your hands anyways.

Edited June 10, 2016 by Jeoshua

[Reneer]

Right. Hence, the bar is raised to those who know what they're doing anyways, and are less likely to mess up your reputation by substantially misrepresenting what you have written. A Moriarty villain, not a common hooligan.

 

And if they are a moron, and break your mod when taking out the DRM, then good. Because that's what happens when you rip DRM off anything, when it's done right. And the only thing this really needs to protect is your signature, which you're keeping in your hands anyways.

Exactly. We can't really protect from Moriarty-style villains (but then again, neither can Bethesda :tongue:).

Edited June 10, 2016 by Reneer

[Jeoshua]

At least they're interesting. And the community always bands together against them.

[Skyviper086]

Master Magnus suggested I read this post and I'm glad I acted on that suggestion.

 

My stupid butt posted this WITHOUT knowing this thread existed. So I feel somewhat smart because overall the method you are talking about here is a much more intelligent version of what I just posted. But as I've said a wise person, such as yourselves, can gain more insight from the question of a foolish person like me than I could a wise statement made by you. So here's my post and I hope something in here can help. If not well you were already warned that I'm a complete idiot.

 

 

 

I don't know jack about programing but I do know just about anything can be done.

 

I'm thinking about a system that can generate a serial number to tag a mod with. As well as install a unique Challenge File which needs to be integral with a mod (can't be removed without causing repercussions). The mod maker will be given an auto-generated code and only the mod maker will need to have this code. A Proof of Development Code. (PDC). When a challenge arises a moderator or administrator can access the challenge file. The file will ask for the key. If the wrong key is given a message should display that the given key is incorrect. The mod maker can submit their code and of course since that would work it should be obvious who created the file and who has permissions to do what with it.

 

The challenge file needs to be set in a manner that if it is removed it will also remove certain elements from the mod file to make it useless.

 

To actually prevent the theft of a mod in the first place is something I have no idea how to stop. Well actually as you may have already read I don't know a thing.

 

But I was thinking that maybe an ini.file can be adjusted. or added.

 

All mods made for PC should require that particular ini.file or esp or something. Kind of like how some mods require a DLC to work properly because the mod uses resources from that DLC. Well something along those lines should be made. This mod requires the file and this file can only be used for PC

 

But if the mod maker wants to they can remove the dependency and leave the mod open to be used on consoles or something.

 

Maybe call the whole thing NEMOCS? Nexus Mod Copyright System?

 

 

I know it's a stupid idea but there are a lot of you out there who are much wiser than I am. It has been said that a wise person can learn more from a foolish question than a fool can learn from a wise statement.

 

Edited June 12, 2016 by Skyviper086

[Jeoshua]

I'm not sure of the question? It seems like the same questions and ideas were being batted around in your head like they have mine and others. How to actually STOP a mod from being stolen. Sure, we can use methods like these to ensure that when it does happen, you have the proof you need to do something about it. But to stop it entirely requires something more. A few associates and I have been throwing ideas on that front back and forth. So far, nothing solid really. But the more we look into it, the more we're refining the technique here. As it stands, if followed correctly, this technique outlines a perfect and unassailable way to sign your works in a unique fashion.

 

I don't know if there every will be a perfect way to stop theft from happening in the first place, but then if there was I think the police and the court systems would have a much easier go of it. In general, you cannot stop people from doing anything at all, and people are free to do whatever they please, and it is only afterwards that we can say anything about it. Stopping people from stealing isn't something that is possible, and that isn't really the aim here.

 

If you watch closely, you will see that the people who have had their mods stolen rarely have definitive proof that it is theirs, in a legal sense. This technique proveds that proof. That's all it needs to to, and currently that's all it does. If you find some way to do what you're aiming, it will be compatible with this technique, but it's not truly core module, required usage stuff.

[Skyviper086]

Very true.

 

You're right there is no way to stop theft.

 

Every method I can think of will either add a useless obstacle or prevent mods from being used at all or just stupid.

 

I keep thinking of ways to digitally chain down a file to a particular website. If one could just have a digital chain or rope. A tiny file that can be added by a mod sites systems when a file is being uploaded. And when that file that has been downloaded from one site and uploaded to another that site will question the upload and flag it. For instance a file on Nexus when getting uploaded to ModDB can be checked by ModDBs uploading systems. When it recognizes the Nexus tag it can cancel the upload or challenge the authorization. Then that special code the mod author has and only the mod author has can be used to verify ownership.

 

I'm like the rest of you I can't think of a way to stop the theft.

 

Other than not to mod at all.

[NorthWolf]

Very true.

 

You're right there is no way to stop theft.

 

Every method I can think of will either add a useless obstacle or prevent mods from being used at all or just stupid.

 

I keep thinking of ways to digitally chain down a file to a particular website. If one could just have a digital chain or rope. A tiny file that can be added by a mod sites systems when a file is being uploaded. And when that file that has been downloaded from one site and uploaded to another that site will question the upload and flag it. For instance a file on Nexus when getting uploaded to ModDB can be checked by ModDBs uploading systems. When it recognizes the Nexus tag it can cancel the upload or challenge the authorization. Then that special code the mod author has and only the mod author has can be used to verify ownership.

 

I'm like the rest of you I can't think of a way to stop the theft.

 

Other than not to mod at all.

 

What you are describing is entirely possible but would require the cooperation of several websites. And as far as I can understand part of this huge problem with Bethesda.net is a lack of cooperation. Also, it would be just another hurdle for a potential thief to jump: once they've removed this signature, the file can be uploaded anywhere and signed by this new site. And that's the big problem: unless it was a real pain to remove this signature, which would require Bethesda embedding it deep into the ESP, it would be a lot of work for web developers for a really fragile system.