After hearing plenty of heated feedback, GOG.com has now backtracked from their use of encrypted RAR files in their Windows installers, something which has raised concerns about the potential for encroaching DRM on their service as well as causing technical problems for some Linux users.
Source: http://www.gog.com/forum/general/on_gnulinux_has_anyone_be_able_to_extract_the_rar_innosetup_installers/post470
As was explained in our earlier article by Samsai, the new installer format used password protected RAR files that were encrypted to stop pirates from adding malware to the installer and then spreading the package through torrents to users, as well as trying to prevent the user from unpacking the RAR file without running the installer.
Problems arose when Linux users tried to use the extraction utility innoextract to unpack the installers of the games without having to use Wine, something that can be useful when using certain versions of Wine that do not support the official GOG.com installers or when you only want to access the game's data files to use them with an alternate game engine. It also raised additional concerns about its potential use as DRM, due to the limits it places on the user that make them more beholden to using the official installers. In my own case, any attempt to bypass these measures might also have resulted in my running afoul of my country's current copyright laws, which strongly prohibit the breaking of any form of digital lock.
As usual though GOG.com was quick to respond to the less than satisfied feedback they received in response to this, and has reversed the decision pending the implementation of a solution that is more acceptable to its users. The mention of not wanting to deliberately break compatibility with third-party extraction tools or emulators is especially heartening. GOG.com do need to be commended for their willingness to quickly bring user feedback on board and either enact or reverse decisions based on whether they prove to be popular or not, lest we forget that it was this same stance that brought us official Linux support from GOG.com in the first place.
GOG.com TeamAs the topic of password protected archives included inside some of our Windows game installers sparked some heated discussions, we’d like to address some misunderstandings around this topic and let you know that changes will be made.
Password protection appeared in selected multi-part Windows installers, about 30 games from our catalogue that had large install files, over 6 months ago. We implemented it for various other reasons as well, many of which have been mentioned in previous posts. One of them was streamlining installation for the less tech-savvy users to avoid the issue of “broken” games after not using the installer to install them (you more proficient tinkerers have proven that it was a trivial barrier against the more advanced users).
We’ve heard your concerns regarding this solution and we do agree it could have been better. Although the same could probably be said about many other answers to this problem, it doesn’t mean we shouldn’t try to do better for our community. To that end we will be removing the mentioned archive protection from the select Windows installers that had it until a better solution, both technically and philosophically, is ready. Please continue sharing your suggestions regarding such a solution in this topic - your feedback is very appreciated.
On a side note, we’d also like to invite Captain Obvious here for a moment to remind that GOG offers and supports games compatible with specific operating systems and prepared to be installed on a given system using our included installer for a reason. This is, from the very first day, our way of offering a hassle-free, user-friendly and welcoming experience for millions of our users, no matter what their technical skill level may be.
That is why we cannot guarantee that our installers will never change and will forever remain compatible with each of such unsupported tools. However, it never was and our goal to purposely break compatibility with some third-party extraction tools or emulators used by some of our customers - and, rest assured, it never will be.
Source: http://www.gog.com/forum/general/on_gnulinux_has_anyone_be_able_to_extract_the_rar_innosetup_installers/post470
As was explained in our earlier article by Samsai, the new installer format used password protected RAR files that were encrypted to stop pirates from adding malware to the installer and then spreading the package through torrents to users, as well as trying to prevent the user from unpacking the RAR file without running the installer.
Problems arose when Linux users tried to use the extraction utility innoextract to unpack the installers of the games without having to use Wine, something that can be useful when using certain versions of Wine that do not support the official GOG.com installers or when you only want to access the game's data files to use them with an alternate game engine. It also raised additional concerns about its potential use as DRM, due to the limits it places on the user that make them more beholden to using the official installers. In my own case, any attempt to bypass these measures might also have resulted in my running afoul of my country's current copyright laws, which strongly prohibit the breaking of any form of digital lock.
As usual though GOG.com was quick to respond to the less than satisfied feedback they received in response to this, and has reversed the decision pending the implementation of a solution that is more acceptable to its users. The mention of not wanting to deliberately break compatibility with third-party extraction tools or emulators is especially heartening. GOG.com do need to be commended for their willingness to quickly bring user feedback on board and either enact or reverse decisions based on whether they prove to be popular or not, lest we forget that it was this same stance that brought us official Linux support from GOG.com in the first place.
Some you may have missed, popular articles from the last month:
3 comments
Good. I wasn't in the party who bashed this as "DRM OMYGERD" but it seemed pointless given how trivial it actually was to circumvent not to mention they should have known they were going to catch slack for it.
My first thought on this whole "fiasco" was why on earth does GOG care if pirates download a malware laden torrent? If your gonna be a pirate then be smart about it or deal with the possible consequences.. period. I also found the point of making sure users install stuff properly to be laughable at best.
My first thought on this whole "fiasco" was why on earth does GOG care if pirates download a malware laden torrent? If your gonna be a pirate then be smart about it or deal with the possible consequences.. period. I also found the point of making sure users install stuff properly to be laughable at best.
2 Likes, Who?
Freedoms are not pointless,
1 Likes, Who?
This one is potentially resolved (let's see what their new solution would be). What's still pending is their TOS problem.
See here: https://www.gog.com/forum/general/please_fix_your_user_agreement_to_allow_reverse_engineering_and_tinkering_when_its_fair_use_to_ret/post1
See here: https://www.gog.com/forum/general/please_fix_your_user_agreement_to_allow_reverse_engineering_and_tinkering_when_its_fair_use_to_ret/post1
2 Likes, Who?
See more from me