sc_neo

A question to the testers in case they know and are at liberty to answer. If i am not mistaken, ED's map building tools and techniques are in constant development and thus each new map should be more detailed and advanced than the ones that came before. So i reckon the new Caucasus will be better on various fronts than NTTR in its current iteration. SoH would then be even better than the 2.5 Caucasus version. Now, NTTR looks realy amazing overall. For helicopter pilots though, hovering over the ground at a couple of feet, the terrains flatness and close up low texture quality really shows. First, do you have any info whether SoH will be build with new techniques or engine enhancements that give more grainularity to the ground (small rocks, holes, cracks etc. generally more uneven/rugged surface) including HD textures when looking from 2-1 meters height? If that is the case, might we see this transferred over to NTTR at some later point as well?

Hey, i know this is of low priority, but it would be cool if at some point we see Nevada/desert like loading screens and not the default Caucasus ones in NTTR Nevada 2.1.

hrm...i would think they reimburse the rightful holder of the credit card. Again, unless ED feels it necessary to further explain in detail what they are trying to achieve and why some measures would suffice and others are not really suitable, we are a bit clueless, i am afraid. Not the smartest move by ED i would think. Its advisable to explain exactly what you want to achieve with a change that in all likelyhood they have known would be contentious. I mean, if they explained ''here folks, thats whats going in significants numbers in todays 'e-commerce online world' and we see this happening all the time (to you customers and us developers)...and thats what we're trying to accomplish...'', people here might have reacted a bit different. Anyway, i am sure they read our well intentioned proposions and maybe some of it fits their bill. Cheers mate

MonnieRock's proposal does not adequately deal with the account theft and creditcard/paypal fraud issue that seems to be on EDs mind when they designed the new system. When someone manages to steal a legit account and then installs that account's modules and activates these per one time requirement, its quite unlikely that comes to the attention of the paying customer before that onetime activation has been passed. Now theres no way of disabling the illegitimate module installation. Same goes for buying modules with stolen credicard details or outright paypal ''booking back'' fraud. As i have outlined earlier, you get yourself a prepaid creditcard and then use paypal for the actual DCS module purchase, install, activate, rebook the money via paypal. If you want to combat both fraudschemes effectively, you need three things in place: 1.) two-factor verification via email on activating modules 2.) overview of DCS world installations/activations on different hardware configs i.e. laptops, pc which the user can identify, and time and date of activation attempts inside you ED webprofile 3.) 30+ day (i would rather say 60 or more) period with repeated online verification every x days AFTER installing DCS world on a new hardware config with your account. This gives hopefully enough time to either the rightful customer become aware that someone got access to his account and uses it to play for free. This gives ED enough time revoke fraudulent activations after creditcard fraud in whatever shape or form has been brougth to their attention. I kinda got the feeling that ED will not go back to the onetime activation thing. I kinda come around and think its fair enough for them to get at least a time period where they can identify and shutout fraudsters. BUT, at the same time i believe it totally possible to lift the repeated online verification requirement for a specific DCS world installation after some time has passed and the validity of said installation has been established. Too complicated for the enduser? I can't see that. Right now, we get our starforce keys per email (besides profile of course). Then, we'd get an activation link via email which acts as a notification simultaneously incase someone else is doing shady stuff with our account. Easy enough to implement a day counter ingame that tells you when you can sail off to Bermuda and never come back :)

Just elaborating a bit more on my earlier post and what i would deem an acceptable system that combines the best of both worlds i should hope: What might work though, is a kind of karma system (or 'good standing' system) where a new customer has his modules repeatedly verified by internet over the first 30 - 180 days or something (depending for howlong a creditcard fraud claim is valid). Thus once the financial transaction is finally through and ED and 3rd party devs. have gotten paid, the repeated online verification is lifted and only happens when you actually go online and/or update. This might help deal with creditcard/paypal fraud in conjunction with the fraudster setting up a new account for each stolen module. That same inital time period of 1 to 6 months repeated online verificaion should also be applied to new installations of DCS on different PC hardware configurations for existing accounts with honestly bought modules in it. Thus if someone really manages to steal the account of an honest customer then there is a multiple months long period where this irregularity might come to the attention of said customer. For instance, if users could track inside their ED store customer webprofile all their DCS installations plus when and on what hardware configuration a new installation has been activated (and an addtional email notification could be sent as well), then it should be quite easy to catch irregular installations by the user itself and revoke that activation. Thus, there needed to be, as already mentioned, an initial time period with repeated online verification that gives ample time to catch fradulent installations. Lifting of that repeated online verification after x number of weeks/months needed not be happening automatically but could be done by the customer via two-factor authentification if he/she so desires, and always not for the account in general, but for a specific installation only. I know, this system would kinda suck for someone getting a new laptop, installing DCS and going on a multiple months sea voyage or something shortly thereafter. You needed to get over those inital months before you could enjoy that total offline freedom. But how often do people make a new dcs installation? The question is, should this 'initial period' always restart from scratch if a new module is bought and added to an existing account. I should think that would not be necessary. It kinda dependes on the customers to keep a bit track on there installations and whether something shady is going on inside there account profile as described in the paragraph above. Anyway, i think this system would combine best of both worlds and give customers their highly valued offline freedom and asure ED to high degree that fraudulent installations can be tracked down and deactivated. I, for one, could live with this system.

There is at the minimum at least one fraud scenario where i see a repeated online verification (at least for a couple of weeks or months, like a karma system) as the only way of protection. Buying modules with stolen creditcard details and setting up a new DCS account, or if a scammer buys one of these anonymous prepaid creditcards and uses that in combinaton with paypal or such to buy DCS modules and after activating the DCS module books the money back. With the onetime activation he's easily gotten himself a free copy of whatever module he desired, without the need to sniff out someone elses account or email data. This is might be the scenario ED is confronted atm with the starforce system. What might work though, is a kind of karma system (or 'good standing' system) where a new customer has his modules repeatedly verified by internet over the first 30 - 180 days or something (depending for howlong a creditcard fraud claim is valid). Thus once the financial transaction is finally through and ED and 3rd devs. have gotten paid, the repeated online verification is lifted and only happens when you actually go online and/or update. By the way, the most common scenario i often hear when accounts get stolen is due to the very owns website or companys database being hacked. I am sure some of you guys are more knowledgable than me or have first hand experience in IT or gamedevelopmen. What protection schemes do you know of that would not require repeated online verification for paying customers, but effectively protect against fraud as described above? This debate has gotten me really curious as to how a protection design in todays creditcard, paypal, instant payment world could look like!

@shagrat There you go, thats the first technical explanation (account theft) i have heard in this debate that has something going for repeated verification, which is mainly due to moving from a key-based system (which worked without issues for me by the way) to an account based system. I have not thought of account theft as an issue yet. I'd then propose an email based two-factor verification when either installing DCS or running a ''copied over'' DCS version for the first time. Is there a good reason to assume a DCS activation is transfered over to a new PC/Windows installation with simply copying over the DCS folder? That should be easy to remedy i reckon. If i understand it correctly, with the current starforece based key-system, i can essentially install and activate DCS on 10 different PCs and an additional 12 installations per year thereafter. Hence 22 installations after one year...and growing with each passing month. Is there a limit on how many activations i can have simultaneously at the moment? What could be implemented in addition is an additional password based system (with a seperate password than your normal DCS login details) inside your personal DCS store profile, where you can lock or unlock the ability to activate new installations. Hence even if someone manages to steal your account AND your email account that is used for the two-factor verification process, he'd still needed a third password. This third password would not be changeable via the same email address and require a second email address or only be changle after direct contact with ED cusomer support. I personally have installed DCS on only one compuer and have not needed to activate a seond time as of yet. Doing this two factor thing when logging in with my account on a new computer would not really bother me. Running around and jumping through hoops to online re-verify would! I'd rather accept a limitation of how many activations on different pcs/hardware configs i can have at the same time before deactivating one than having to worry about internet availability.

I still don't understand how this helps. Those that have bought modules get logged out after x days without internet connection and those that get themselves a pirated copy will not be bothered at all? If i have everything legal and dandy, calling ED support on a landline or via sattelite phone or what not to get a special unlock key makes only sense, if i own all that stuff legally, right? So why would i then have to do it at all? I still don't understand how repeated verification vs one time activation helps overcome piracy issues. Either you buy it via steam or ED store, than you have payed for it and your good. Or you download it somewhere illegally which means the internet activation requiremen has been removed althogeher i would presume. Thus, why would it be harder for pirate groups to remove protection that checks in muliple times vs one time only? Once the protection mechanism is broken it is removed i would think. We end up in a situation where he paying customer ends up with all the inconviniece and burden of proof and the freeriders laugh!

+1

Maybe add the option 'When updating the game'.

do guys think Caucasus will be the 'fullest or most detailed' map compared to NTTR and Normandy? Or will it be way better than the old one, but because its derived from the old and due to its sheer size won't be as detailed and high poly as the more recent ones?

He might refer to the AH-64 that seems to be in delevopment for TBS for quite some time now. I think it even says this on the TBS website, or i read it in one interview or heard in a podcast he was featured in.

@Moderators Will there be a detailed post outlining how and why repeated internet verification will actually help against organized groups from ''TheScene''?

It has been mentioned that even now, starforce requires you to reactivate after 30? days or such without internet connection. Is that really the case? If yes, some people should have run into that issue already although no one here has said so if i am not mistaken. By the way; i have texted my brother to ask him (hes was a judge and prosecutor in Germany) what he thinks of ''requieres internet activation'' oder ''benötigt Internetaktivierung'', as it states on the german store front, and its retroactive change to a new system. My guess is that a german court (if it ever came to this) would side with the customer here. I think if the wording is somewhat unspecific it usually is interpreted in a 'common sense' notion.

and to the community managers: thx for staying this late or long responding to our concerns.

I would rather vote 3 months or such, but 30 days should overcome most odd situations of moving to a new premises or enduring the hussle of hooking up a phone with mobile interent to verify. Longterm though, there should be a mechanism to allow for longer periods (multiple months) that you can activate via your account in the ED store or something like that. I reckon a compromise can be achieved afterall :)

I rest my case for today but would hope and recommend that ED communicate clearly, with some technical details, why and how repeated home calls vs one time verification (or on updates as well) significanly help them fight piracy and if possible back that up with some numbers and projections of reduction in pirated copies. If i feel convinced that the occasional reminder and hussle of that repeated verification leads to more resources in the longterm to make DCS an even fuller experience, i might accept the new system. Maybe you could even work out some extended grace period (3 months/6months whatever) that one can be activated in the account section on the ED store website. @Hellfire257 ...exactly my questions as well. How is that gonna help against piracy. I have read the latest Assassin's Creed hast not been cracked as of yet, and this is due to using at least three of the strongest anti-temper protections out there. But afaik not because of repeaed online verification. @159th Viper '' What is important is that this constructive discussion has highlighted a possible solution. Whether it is a feasible solution will depend on the Developers and/or the relevant DRM software utilized.'' What possible solution that was discussed here are you referring to?

Do the verification when shipping updates and let the god damn pirates be stuck on an old version if they can crack the initial verified module and have their pirate provider friends work their asses off every two weeks when a new patch is being released.

Just to be sure....is the steam version affected by this as well when you have it in offline mode? Or does steam DCS perform the same login and verification process after starting from the steam client?

So then generally speaking: can someone explain to me how repeated online verification helps against software piracy vs onetime or ''when game is being updated''? I am just asking ouf of real curiosity here. Why could a software pirate beat the onetime verification requirement but not the repeated ones?

But SithSpawn: how does a repeated online verification help combat that? If software pirates crack a DCS module, would they not defeat the verification scheme in its entirety?

By the way, if the verification was mandatory when the game is being updated, would that not be the ideal timing because during the update process the entire folder is being scannend for changed/messy files and cleaned up?

Yep, best would be a detailed post that explaines why the repeated online verification protects better against cracked/pirated versions. Because if i have to choose between something as intrusive as Denuvo or such (that is suspected of being performance hungry) and the new style i pick the latter. But, i'd like to understand how it technically is supposed to do so to get on board. I just thought of a good system as well. Remove the 3 or whatever day verification requirement and limit it to 1.) login into multiplayer (where you need contact the multiplayer master server anyway, and in case you do some direct IP connect with a friend bypassing the official lobby you obviously have internet thus the verification should work just fine) and 2.) when updating the game which necessitates being online anyway. And at the rate ED is shipping updates this would encourage people to verify like every two weeks anyway. I think that would be a compromise most people could get onboard with in a heartbeat.

@Viper ...and i would like to understand how the repeated verification actually protects ED's work? Is it not mostly so, that protection of software comes from anti temper technology as Denuvo and such that actually break functionality if altered?

''The only complication rises if you are trying to play DCS World with no internet connection for greater than three days. This is the topic we will be re-evaluating.'' First, thanks to both of you for clearing this up for us. I do understand that you want to protect your IP, but this is the very thing that i have grave concerns about. I have invested way more money inside one year on DCS than i have with any other franchise over the last 5 years. Personally, i would not feel comfortable doing so as liberally as i have up to this point with that limitation in place. I do like to entertain the idea of taking my sim with me to my little hut or Dacha (the russian folks know what i am talking about) in the woods...where i probably have no energy but g3 wifi! :) Maybe you could outline in detail how this online verification actually helps against module piracy. I would reckon that a pirated DCS module would have to overcome module verification. I would also assume that this crack would then stop, block or outright remove any need to online very. The question thus is: would the online verification make it harder to crack DCS modules than starforce now. If i come to think about the new system, it makes account sharing even simpler. Way easier to set up because you simply share login details and there's no need to send and share every key for every module and activate that seperately. Yes, you cannot exchange modules via key exchange or such. Bit this stems from binding a module to an ccount, and i would think, would not require repeated phone calls home though. I am just trying to understand what would actually be gained protection wise vis a vis starforce?