Personally I don't care about the illegal distribution - it's about making a personal backup.
But anyway....
And I agree, the process of copying the data was a far more effective "restriction"/DRM then the key itself ever was. It's just too silly to call it DRM (regardless of intention). Writing "please don't copy" on the front of the box would probably be more effective.

It's semantics. "DRM", as it was introduced, referred more-or-less to a system by which the person possessing data or software was unable to use it without the assistance of an agent of a second party who decides if and how you can use it. As an early example, DVDs required a cryptographic key to play, and to get a key DVD player manufacturers needed to agree to a contract to, among other things, refuse to allow the owner and operator of the DVD and player to skip past ads in the DVD. So the player was an agent of the licensor and not its owner.

DRM can be used, for example, as a form of copy protection. So a synechdoche developed where DRM and all those other things that can also be used "for example, as a form of copy protection" are all called "DRM". Serial keys, for instance.

I personally wouldn't consider serial keys to be a form of DRM because if I have the key then I am the authority on whether I can use the product. As I prefer to use the term "DRM" that firmly disqualifies it. But that's just my choice of semantics - others prefer a more synecdochical usage of the term, and that's perfectly valid.

Well I remember the days when various groups went to great lengths to make keygens. And people on forums, usenet, irc, everywhere asking for keys, or trying to google keys because they didn't have the required keys. Furthermore, legit owners would be discouraged from sharing their keys for various reasons. For example, people were often offered to "register" their single player game for goodies, obviously you wouldn't want anybody else to use that key.

So clearly it had an effect. It is a restriction. And I can tell you what it is like when you have a game but no key to it...

You argue that it is silly to call it DRM because it is easy to work around. Well guess what, lots of old DRM schemes have become trivial to work around. And many new DRM schemes can be worked around too.

Really how easy or hard it is to break has nothing to do with whether it *is* DRM or not.
Then we can pretty much stop calling all DRM schemes DRM. Because nearly all of them involve a key or keys, and if you have the keys, you effectively become the authority on whether you can use the product. This includes the DRM on DVDs....

I genuinely don't understand your line of reasoning. Why do you feel that simply involving a key or keys in some way causes you to effectively become the authority on whether you can use the product? Could you please explain what you mean?

It's the new hot to require online authentication, so the game dials home snap shots your computer specs and then locks the key down. Or a little more savvy is it locks the key to an account.

If the game checks the system requirements, and there's no way to override the check if your system doesn't pass, then it is DRM.

If the game will still try (and possibly) fail to run if the system requirements aren't met, or if there is a way to bypass the check, then it is not DRM, even if the game ultimately fails to run (for example, due to lack of RAM).

Now you're talking about the key as a "DRM mechanism" for (online) support. I agree, that's more effective than what we were talking about here: the serial key as copy protection for the game itself and only that.

If a game requires online activation, then without the activation server(s), owning even a thousand keys makes you nothing more then the proud owner of... useless installation files.


Anyway, I've got my answer! Something could be regarded as DRM if there's the intention to restrict usage, even if it's hardly effective at doing that.
Someone in the 80s(70s?) must've thought: The cost of printing those serial numbers are all worth it if even a few would-be pirates are dumb enough to not write down the key (and the original owner or previous pirate dies so they can't go back for it). :-D

But the serial key is least of all a copy protection! It does absolutely nothing to prevent copying; it is used to restrict the *use* of copies. Most activation schemes (whether online or offline) ultimately rely on keys and encryption. An online activation server (or the lack of one) doesn't prevent you from playing a game; the game itself prevents you, and the online server enables you, by providing you with the key that makes the game unlock itself. The catch here is that the key you might see printed in your game's manual is not THE KEY; your key is more like the Certificate of Authenticity that is tacked on computers with an OEM copy of Windows. This is what might be confusing you.

THE KEY is often a decryption key that enables you to execute an application or watch a movie or whatever. It might be returned to you (well, to your software) in the process of online activation through a key server, or it might be stored in BIOS (for OEM copies of Windows), in the firmware of your DVD player, whatever.

In all cases, having THE KEY gives you the ultimate say in what you do with your data. The earliest known breach of the DRM on DVDs involved basically nothing more than THE KEYS extracted from the firmware of a DVD player, while better methods can use brute force to obtain THE KEY (see libdvdcss). A common method for pirates to bypass Windows' activation involves inserting (or faking) SLP keys in the BIOS, or by using a leaked VLK. If I try to watch a DRM protected vide on youtube, well it doesn't work in my browser without flash, and youtube-dl won't download the video. But if I had flash, I could find THE KEY in flash's memory or in the network traffic, the key that is used to decrypt the rtmpe stream. And I could use that key with rtmpdump to download a copy of the DRM protected video and simultaneously have the DRM stripped out. More DRM in the movie playback chain involves e.g. HDCP, which, as you might guess, is reliant on encryption.. and keys to decode the encrypted stream.

And SecuROM? Well, the activation process returns you THE KEY. If you have THE KEY, or if you can generate THE KEY... you're in luck. https://www.youtube.com/watch?v=x6M5bOvv0Fg

The old CD key based protection is weak because it effectively places THE KEY (or a code that yields THE KEY offline in software on your PC) in your hands, only trusting you not to share it with the world. So these newer mechanisms either place THE KEY somewhere out of sight (firmware, BIOS, etc.) or they give you a token of authenticity that enables you to obtain THE KEY from an online server.

I mean you said it yourself: if you have THE KEY, you become the authority. So with CD keys, so with DVD decryption keys, so with Windows SLPs and SecuROM unlock keys and so on.

Of course merely involving keys doesn't mean you always get full access just by having the keys. But most schemes really rely on nothing more than keys! Now if they did rely on something else, e.g. half of your game data being stored on the publisher's server, only accessible by logging in to your account, well in that case keys alone aren't all you need. But people could copy that data and after that it boils down to having the keys.

Keys are a form of copy-protection/DRM, although generally with just installing not it's usage (usually). Still if you lose your key, there's bound to be endless lists of keys just dumped out there for anyone to use. I'd prefer fully DRM-free but work with what you can. Reminds me of NWN where I wanted to play with my GF and it of course refused. It also was annoyed when you try to use a ISO mounting program...

Yep... Quite an annoyance for making free players for Linux and the like, although the keys are locked to the devices so once discovered they can be used everywhere to decrypt (which was done back in the early 2000's as I recall).

To add to this, not that long ago (2 years?) I considered getting the Starcraft 2 game, but I didn't want to buy it new. Found some discs on Ebay, but looked up that you required a unique key because it gets locked to your account. This means such a purchase was pointless because I couldn't play it myself offline.


Not that long ago there was the discussion of how DVD's movies and DRM wasn't a bad thing because it works and is invisible; They refused to acknowledge that maybe we didn't want to use the 'officially licensed' players and require our keys and licenses checked before we wanted to do something. Something of a problem. Like the DRM used in iPods and Zune and iTunes with proprietary software.