I'm creating an arcade cabinet using my own game which I plan to sell, but would like to make the game unplayable unless it's played on the arcade itself. Since it's PC based, anyone can simply connect the hard drive to their own computer, find the files and distribute the game. Here's what I thought would work:
-Every arcade cabinet has a hidden file. In the file there's the motherboard serial number which is encrypted.
-The game when launched would decrypt the file and compare the machine's serial number it's being played on with the file's serial number.
-If they match, run the game.
Any way to hack this you think?
If it runs on a PC based platform then it can be hacked. Actually, if it runs on any platform without a specialist security chip and very clever programming which obscure the purpose of the protection but integrate it's functionality into every step of the game then it can be hacked, easily.
The only thing that stands between you and a hacked copy of your game being distributed is if somebody cares enough to hack it.
You can put extra security measures in, but if they inconvenience your legitimate customers then you'll just get more complaints, and the pirates will still pirate your games.
I find it amazing that the games industry haven't realised this yet, even the music industry have caught onto the fact that trying to add protection to their music, be it on CD or on downloads dosen't actually STOP anybody copying it, and if anything encourages more people to copy it because they have so many problems with the original.
These are simple facts, the only thing you can do to encourage legitimate sales is by providing additional bonuses to people who actually pay for it, such as after-sales support, giving them quick access to updates / patches etc. Providing them with previews / location tests of new games / products. Actually make them feel GOOD for being a legitimate customer. This is something the games industry is getting very, very wrong lately (and the reason I stopped buying PC games, and have now decided to get rid of my PS3)
On a PC I can't think of a single security measure that I've encountered that been worth the development cost, and at an Arcade level I can only think of a handful which have been effective. Even amongst the emulated games most of the tough ones could be cracked by copying the protection chips (which the professionals will do for a reasonable charge if you're planning on making money out of it, which MAME isn't) There are a tiny, tiny number of protection schemes which are actually effective against people trying to crack them, and all those fall into the 'tightly integrated into the game logic, entirely custom solutions' category.
Recent PC solutions include running things on a remote server, but this requires an 'always-on' connection (which many arcades won't have) and also introduces reliability issues. For things like Poker machines it makes sense, central management of the entire business online; some of the recent ones are just flash based clients which connect to a secure server. For real games this doesn't work unless you're doing something like World of Warcraft, which inherently can't really be pirated and still give a genuine experience. Not everybody wants that kind of game tho.
If you had a huge budget dedicated to this sort of thing, and designed each system to run one very specific game, then you could probably come up with something. As of yet not even the likes of Sega and Taito have made that kind of investment in security for their PC based systems (I suspect they will if people continue to crack them) but you have to consider that something of that magnitude might actually cost just as much to develop as your entire game, and there is still a risk of it being cracked. At which point do you just decide to take your chances, and go the 'good support for legitimate customers' route?
For mainstream arcades the biggest 'current' protection systems are custom cabs. Who wants to bootleg an entire custom cabinet, with very specific controls, that can't really be swapped into a generic cabinet, or one from another game even if it was bootlegged? Aside from giving people a different experience to a home system it's also a great anti-piracy measure, and one that actually does fall under the 'reward legitimate customers' roof. Obviously for smaller, more regular type games this isn't an option.
Bottom line is, if your game is popular enough then people will pirate it. In some cases you might even have a ratio of 99% pirates to 1% buyers (this has been seen on some iPhone apps..) but the reality is, even if you had a perfect protection system you might only see a small increase to your sales, and a decrease in your exposure, not the hypothetical 100x increase in sales, and besides, such systems don't exist.