Anno 2070's Draconian DRM: Guru3D's Graphics Card Review Killed Off (UPDATED)

Hilbert Hagedoorn of well-known PC tech review site guru3d.com recently bought a copy of Ubisoft's Anno 2070 and wanted to use it in one of his graphics card reviews. However, he became badly unstuck. This game comes on the Steam platform and the store page states: "3rd-party DRM: Solidshield Tages SAS 3 machine activation limit". Unfortunately for Guru3D, they found out exactly what this means, which resulted in just one performance graph, an aborted review, an unplayable game - and bad publicity for Ubisoft once again. They have published an article about their experience, pledging not to use their titles again because of this DRM.

We have brought you the potential perils of the upcoming UEFI Forum-implemented - www.uefi.org - Windows 8 secure boot feature here, here and here. However, it appears that it may not be so 'secure' after all, since there appears to be a surefire way to circumvent it, at least for the moment, while it's in development.

Softpedia has scored an exclusive interview with security researcher Peter Kleissner, who has created various Windows (XP, Server 2003 etc) "bootkits", which allow OS infection at the highest privilege level, giving unrestricted access to the whole of the PC. His latest one, called Stoned Lite, shows how the Windows 8 secure boot process, still in development, can be subverted, as it stands. He is planning to release details of how the code works at the upcoming International Malware Conference (MalCon) - malcon.org - that will take place in India on November 25th. It appears that the real vulnerability exists in the legacy BIOS boot procedure, not in Microsoft's implementation of secure boot, as Kleissner said:

The problem with the legacy startup is that no one verifies the MBR, which makes it the vulnerable point. With UEFI and secure boot, all the boot applications and drivers have to be signed (otherwise they won't be loaded). You can compare it to TPM, although Arie van der Hoeven from Microsoft announced that the secure boot feature is mandatory for OEMs who want to be UEFI certified. It is a good message that security is not an option.