It seems that you're using an outdated browser. Some things may not work as they should (or don't work at all).
We suggest you upgrade newer and better browser like: Chrome, Firefox, Internet Explorer or Opera

×
high rated
Hey guys,

this is a message I wrote to GOG support some days ago:

Dear GOG support team,

I'll make it short. I know there exists a short topic about SecuROM being active in both of the F.E.A.R. expansions included in your Platinum Edition, but it does not contain any kind of solid proof. That's were I come in. I have more than five years of experience in debugging assembly code, and I took a look both at the FEARXP.exe and the FEARXP2.exe (I won't talk about your poorly hidden FEARMP.exe to spare you the additional shame). The results are perfectly clear: All you did is to take the original SecuROM-protected binaries and remove the actual disc-check so that the games run without the original discs inserted. But you, the "DRM-free company" (https://en.wikipedia.org/wiki/Digital_rights_management), did not even try to remove the DRM entirely or simply "borrow" the RELOADED resp. HATRED cracks (like you did in dozens of other games in the past), no, instead you blatantly lied to your customers about the .exes being "clean". So, getting technical: Both .exes have ALL features of SecuROM v7.40.0006 (https://en.wikipedia.org/wiki/SecuROM) still present and active: 1.) Entry point is in .Sitext region instead of .text, but that does not has to mean anything I admit. 2.) Debugging the .exes shows all sort of SecuROM's sophisticated anti-debug measures (but I managed to do it nonetheless ;) ), like the usual "A required security module cannot be executed" message and other stuff. 3.) Having a non-cloaked emulated disc drive mounted will trigger SecuROM to "blacklist" it the standard way. 4.) The entire Virtual Machine is fully intact and still used to process the game code on runtime. 5.) Running one of the two .exes creates a.) SecuROM's infamous zero-embedded registry data as well as b) its less infamous local file data on the resp. system. 6.) The SecuROM driver routine activates its kernel hooks on startup. 7.) Easy test for you to do: Run Sysinternals "Process Explorer", then try to start one of the addons - it will fail due to this process being on SecuROMs blacklist.
Ok, enough of the nice talk, fact is you are deliberately lying on your faithful customers by withholding all this - important - information and approve their systems getting "infected" by this obnoxiously intrusive DRM in a permanent way. I really hope you will be clever enough to just grab the cracked .exes and release a patch which removes SecuROM entirely from both addons AND get rid of the MP .exe (in disguise), or I'll open up a public huge post about this topic in the not-so-far future, and I'm pretty sure that most of your - I love this term - faithful customers won't be very pleased to hear about your shady practices, don't you think?

Sincerely yours,

Christsnatcher


I also attached a few images as "basic proof".

The response I got was just another blatant lie:

Hello

The topic was raised in the past and I can only give you the same answer:
I've talked with the Production Lead and this is not DRM, it is an anti-debugger protection and we will not be allocating resources to remove it. Process Explorer (Process Monitor) is an optional software, since it is interfering with the game we recommend to close it.
It is not uncommon for software to interfere with games and in some cases closing other programs before launching will be required.

Regards
Genoan
GOG.com Support


I answered a not-so-nice-way since I really got upset::

“Interfere”, yeah, sounds legit. Try to fool some kids, not me.

And got the standard automated response of:

Hello

Thank you for the feedback.
Have a nice day.
Regards
Genoan
GOG.com Support


So please just be aware that not only the multiplayer .exe did install fully active SecuROM file and registry data on your systems, the main .exes of both addons still do the very same. Just wanted to let you know, cheers!
Attachments:
entry.png (67 Kb)
init.png (231 Kb)
ooops.png (242 Kb)
Post edited October 05, 2019 by Christsnatcher
Thank you for this info sir. I was gonna buy it as I miss playing the original FEAR but I do not want to touch SecuROM with a ten foot pole. Removed from wishlist and will not buy, sorry GOG.
avatar
v0idkat: Thank you for this info sir. I was gonna buy it as I miss playing the original FEAR but I do not want to touch SecuROM with a ten foot pole. Removed from wishlist and will not buy, sorry GOG.
Seconded. I was interested in this game for years but given pause by this post. Here's hoping there is no DRM in this game in the future?
Why are you being such a dick to them? Why are you even blaming GOG and not the developer that but it on GOG?

Get a grip dude, you could at least be polite and rational, instead of having your head up your own arse with your pretentious " I have more than five years of experience in debugging assembly code."

You'd probably get a much nicer response and have a better chance of getting the issue resolved if you approached this in a much kinder, humane way.
I would say gog promises no DRM and in their contracts require no DRM, as a such it is for gog to enforce on those contracts.

As to whether SecuROM is DRM from wikipedia: "SecuROM was a CD/DVD copy protection and digital rights management (DRM) product developed by Sony DADC." and removing the disc check alone does not remove the DRM.

Finally the excuse it is only anti-debugger, DRM == digital rights management, one to those "digital rights" is being able to attach debuggers and memory viewers/modifiers, by removing capability one is "managing" it.
avatar
JoshuaAshton: Why are you being such a dick to them? Why are you even blaming GOG and not the developer that but it on GOG?

Get a grip dude, you could at least be polite and rational, instead of having your head up your own arse with your pretentious " I have more than five years of experience in debugging assembly code."

You'd probably get a much nicer response and have a better chance of getting the issue resolved if you approached this in a much kinder, humane way.
This. People like OP are very annoying to deal with, instead of trying to resolve issues in rational manner, they immediately go for insults and accusations. Instead of giving benetit of the doubt, they immediately assume malice. It is exhausting.
I don't really know anything about SecuROM, I obviously didn't know about it when I bought FEAR.
Should I be worried?

It's installed right now, but I have not played it.
A worthwhile topic but please try to maintain a neutral tone.
high rated
I did a scan of GOG's legal docs, FAQs, and their fckdrm.com/ page to see if they define DRM or provide any explicit guarantees with respect to DRM. I don't believe they provide any technical definition of what is and isn't DRM, nor do they provide a guarantee that all of their games satisfy specific "DRM-Free" technical criteria. "DRM-Free" is used as a marketing term rather than a guarantee.

They do clarify what "DRM-Free" means in very general terms: "Backup, copy, use anywhere", "Access offline", and a rejection of "killswitches" or "repeatedly proving ownership". In the FAQ, they say "you won't find any DRMs or other intrusive copy protection in items available at GOG.com." Here, "any DRMs or other intrusive copy protection" should probably cover leaving most of the functionality of SecurROM in the game.

They do not claim that their games are free of any software that that could interfere with any possible "rights", such as being able to connect debugging software, and are clearly focused on providing installers that can be downloaded and stored indefinitely to provide something like "ownership" of your copy. Downloadable installers is likely their only condition for "DRM-Free". But, I agree that SecuROM is exactly the type of intrusive software that many gog.com users are trying to avoid and the community is better off to be informed about software being sold here that includes it.

I wonder if gog.com could commit to a specific technical guarantee of what's covered in their "DRM-Free" philosophy. And, I wonder if they can commit to providing greater clarity around how previous DRM software was removed from the products they are selling.
avatar
happyprancer: I did a scan of GOG's legal docs, FAQs, and their fckdrm.com/ page to see if they define DRM or provide any explicit guarantees with respect to DRM. I don't believe they provide any technical definition of what is and isn't DRM, nor do they provide a guarantee that all of their games satisfy specific "DRM-Free" technical criteria. "DRM-Free" is used as a marketing term rather than a guarantee.

They do clarify what "DRM-Free" means in very general terms: "Backup, copy, use anywhere", "Access offline", and a rejection of "killswitches" or "repeatedly proving ownership". In the FAQ, they say "you won't find any DRMs or other intrusive copy protection in items available at GOG.com." Here, "any DRMs or other intrusive copy protection" should probably cover leaving most of the functionality of SecurROM in the game.

They do not claim that their games are free of any software that that could interfere with any possible "rights", such as being able to connect debugging software, and are clearly focused on providing installers that can be downloaded and stored indefinitely to provide something like "ownership" of your copy. Downloadable installers is likely their only condition for "DRM-Free". But, I agree that SecuROM is exactly the type of intrusive software that many gog.com users are trying to avoid and the community is better off to be informed about software being sold here that includes it.

I wonder if gog.com could commit to a specific technical guarantee of what's covered in their "DRM-Free" philosophy. And, I wonder if they can commit to providing greater clarity around how previous DRM software was removed from the products they are selling.
DRM is copy protection. That aspect of SecuROM has been disabled so you can play the game without anything bothering that element. Game will run no matter where you put it.

Whether other elements of SecuROM remain is still is irrelevant here. This is anti-debugging, which would be nice to remove, but doesn’t affect many people and OP being a rude dick doesn’t help.
avatar
gameragodzilla: DRM is copy protection. That aspect of SecuROM has been disabled so you can play the game without anything bothering that element. Game will run no matter where you put it.

Whether other elements of SecuROM remain is still is irrelevant here. This is anti-debugging, which would be nice to remove, but doesn’t affect many people and OP being a rude dick doesn’t help.
Except that "anti-debug" is by definition a DRM, because it restricts ways you can use the product.

Also being negative about GERALDO is being "rude dick" is a fanboyism mindset that only opens way for all sorts of abuse. And disservice everyone, because only fanboy sees GOG as innocent as Pope, while everyone else would keep seeing those problems and leaving the platform. You only disservice Store and community as a gatekeeper that prevents fixing problems.
Post edited May 26, 2019 by trynoval
high rated
Bottom line is whether or not you believe that the SecuRom protocols that exist in the F.E.A.R. expansion packs are 'DRM', SecuRom should have been completely removed, period.
Well, I ain't happy with this, I already have to deal with random crap caused by incompatibility/instability caused by windows 10, but I'm pretty sure that securom games shouldn't run by default on it unless you enable legacy drivers.

And that not counting any kind of software that this game wouldn't allow me to have installed due to its bitching.

I gladily hope that GOG will fix this, as this is a concerning issue, and I don't want to deal with some other games being here who used securom in the past (fear shouldn't be the only one, right?).
avatar
JoshuaAshton: Why are you being such a dick to them? Why are you even blaming GOG and not the developer that but it on GOG?

Get a grip dude, you could at least be polite and rational, instead of having your head up your own arse with your pretentious " I have more than five years of experience in debugging assembly code."

You'd probably get a much nicer response and have a better chance of getting the issue resolved if you approached this in a much kinder, humane way.
GERALDO IS GOOD, you're a dick!

and right after that you ask for politeness.

You can read right on the front page of GOG, that GOG is a curated store. And if GOG let a game with DRM to be sold on their store it's 100% GOG's responsibility.
Post edited May 27, 2019 by trynoval
@Christsnatcher

You may want to add this to your OP post for clarification.
Digital rights management (DRM) tools or technological protection measures (TPM) are a set of access control technologies for restricting the use of proprietary hardware and copyrighted works. DRM technologies try to control the use, modification, and distribution of copyrighted works (such as software and multimedia content), as well as systems within devices that enforce these policies.
Wikipedia.