| DRM does work. Whether Denuvo is successful depends on how it is implemented. Implementations of Denuvo have survived a year+ without being cracked. As you said, DRM often isn't intended to be secure forever, just for long enough that the major sales buzz is over anyway. You can also think of DRM as branching into online services. DRM commonly required some form of interaction with an online service to validate a key or whatever else. As a result, some DRM is in fact built into the foundation of the software and this is the most successful. Think of World of Warcraft or Everquest. To essentially crack that DRM, you have to recreate the server backend which is a serious undertaking. This has been done, but it took a long time, only applies to older versions and doesn't connect you to the legitimate service. Steam is an online service and games which use SteamWorks are coupling at least some of their features with the online service, but this is not as complicated as something like World of Warcraft so it is easily cracked. Denuvo attempts to fill that gap by more strongly coupling the software with Steam. As a result, Steam is technically the DRM while Denuvo is helping to enforce it and thus is not labeled as "3rd party DRM" on the Steam Store pages. There is a balance between the popularity of your software and the difficulty of breaking the DRM. If your software isn't extremely popular, then a crack is not in high demand. If the software is easy to crack, then even if it isn't in high demand it may get drive-by cracked. If it's difficult enough, many people will decide that their time is better spent elsewhere even if it is possible to crack. As we enter the age of encrypted processing where both the code and data are encrypted during execution on the processor, cracking will be time consuming enough and have enough prerequisites that it simply won't be able to keep up with even the most popular software. It will be a while before this can become mainstream, because unless governments start requiring it, there will always be devices without encrypted processing that companies can't ignore in order to maximize profit. It won't surprise me if we see both governments that require encrypted processing and governments that ban encrypted processing. Obviously for static media like audio or video this is harder to deal with, but there have been a number of novel solutions to this that just haven't been widely adopted. There are also still a lot of consumers with older hardware that publishers want to target, because not targeting them is worse than the concern of piracy. These are more about mitigation rather than outright making it impossible for a time period. |