Install Steam
login
|
language
简体中文 (Simplified Chinese)
繁體中文 (Traditional Chinese)
日本語 (Japanese)
한국어 (Korean)
ไทย (Thai)
Български (Bulgarian)
Čeština (Czech)
Dansk (Danish)
Deutsch (German)
Español - España (Spanish - Spain)
Español - Latinoamérica (Spanish - Latin America)
Ελληνικά (Greek)
Français (French)
Italiano (Italian)
Bahasa Indonesia (Indonesian)
Magyar (Hungarian)
Nederlands (Dutch)
Norsk (Norwegian)
Polski (Polish)
Português (Portuguese - Portugal)
Português - Brasil (Portuguese - Brazil)
Română (Romanian)
Русский (Russian)
Suomi (Finnish)
Svenska (Swedish)
Türkçe (Turkish)
Tiếng Việt (Vietnamese)
Українська (Ukrainian)
Report a translation problem
Discussions Rules and Guidelines
Report this post
The signature is from 2022-08-01 11:26:22 UTC and from Zodiac Games as claimed by the .exe itself. The file in addition is however not signed with a verifiable certificate which means any name mentioned can be falsified with ease, Which is not the case with Capcom releases as far as we know. There game are properly signed normally as forgoing signing would increase the likelihood of false positives regardless of the presence of Enigma Protector.
With regards to the business address that is most likely a privacy service from a listed ISP that is wrongly added as business address. We have to use legal constructions for our services as well sometimes in which we need to register a foreign top level domain like for several years .de domains. German law required us to have a physical address in Germany before the domain could be registered. As even governments understand that is not always feasible thus they allow certified companies to act as middlemen for any legal communication and contract handling. We call those depositary and trustee services.
The second reason why you might do this is spam prevention from whois resellers. As a privacy protection middleman.
Those are legitimate reasons for not having your actual company data listed when hosting data.
However what is really a redflag is that the company page itself on there own site has no real address listed. That is not normal behavior. There is no valid reason to not have any company contact information listed there in fact in most countries its against the law to not list the information and the lack of privacy policy as well as legal contacts is very bad.
[edit]
Doing some wayback machine resulted in the following
https://web.archive.org/web/20080820023947/https://enigmaprotector.com/
ShareIt! Inc.
9625 West 76th Street, Suite 150
Eden Prairie, MN 55344
USA
https://www.formatcode.com/reseller.php
And than we come to the most likely conclusion that this address is not the business address itself but from Digital River GmbH the e-commerce service they use to handle the transaction part of the orders. Or at-least an old location of them they closed of
https://www.glassdoor.com/Location/All-Digital-River-Office-Locations-E8393.htm
https://www.google.com/search?q=Digital+River+GmbH+eden+praire&sca_esv=599157406&rlz=1C1ONGR_nlNL997NL997&ei=xPinZeeNIYrY7_UP_u6KyAg&ved=0ahUKEwjn_5Pd5OSDAxUK7LsIHX63AokQ4dUDCBA&uact=5&oq=Digital+River+GmbH+eden+praire&gs_lp=Egxnd3Mtd2l6LXNlcnAiHkRpZ2l0YWwgUml2ZXIgR21iSCBlZGVuIHByYWlyZTIHECEYChigATIHECEYChigAUj8QFBzWMs_cAN4AZABAJgBiAGgAc4JqgEEMTAuNLgBA8gBAPgBAcICChAAGEcY1gQYsAPCAg0QABiABBiKBRhDGLADwgIZEC4YgAQYigUYQxjHARjRAxjIAxiwA9gBAcICBRAAGIAEwgIGEAAYFhgewgIIEAAYFhgeGArCAgsQABiABBiKBRiGA8ICBRAhGKAB4gMEGAAgQYgGAZAGEboGBggBEAEYCA&sclient=gws-wiz-serp
It shouldn't be this much of a hassle to find anything relevant about the company. We still don't even know which country the company is from. There are multiple locations listed when you scour the internet, but there's nothing official listed by the company itself.
Capcom had better options that this.
But it doesnt matter for now.
Whats really matter now, that PC users should destroy Steam raitings for Capcom games. This is only way to show that modding is important in singleplayer games. Cant believe we should backup DECADE OLD games where ppl using mods for years already...
More info, worth watching
This is just to stop modding period, adding drm to old games is scummy, disgusting anti-consummer and they cant get away with it.
In case you do not know already, Capcom stopped selling all of its games in Russia shortly after a certain world event happened. Yet they are still doing business with a company from there? Worse still, it's for a very poor reason (drm/anti cheat/mod). They might as well drop the facade and start selling to Russia again.
Some will say politics should not be involved in this. Sure, but it doesn't change the fact that Capcom chose to make a politically motivated move in the first place by joining the ban movement and that their current acton contradicts the former. Trying to have one's cake and eat it too is the lowest of the low.
Yeah but pirates can mod the hell of Capcom games and legit customers not. While I don’t care if Enigma does his job right or not makes just no sense to force that to customers. Since the DRM is cracked it shouldn’t be in use for buyers who support that company.
but then again, such move never had any valid reasoning
Some one else on youtube did a bit more in-depth explanation of the implementations as a whole (not specific to Enigma) and there is pretty good information in it that if you are interested in the lower level access stuff is worth watching. https://www.youtube.com/watch?v=YzkvfAGiKeU
However I do not agree with the entire conclusion that the person made myself. Not because his answer is wrong but because the threat-landscape is mostly examined from a publisher, developer point of view vs the user. I am not worried Capcom is actually spying on us stealing information because what this person says is true they could already do that unless you have very strict firewall rules and IDS to combat and detect it.
Personally I am worried we have the third party in this picture (Enigma Protector) with sketchy background in this case that potentially can do stuff outside of Capcom there own knowledge. Just because a buyer of some security implementation has no interest in abusing privacy law does not mean that the seller has the same stance nor security in place to prevent so.
A example of this is CrapCleaner (that is the actual product name) or something most people know as CCleaner from former Piriform. It was a basic maintenance software with arguable functionality how ever most IT adopted it to end-users because it was lightweight could be run on auto (cronjob) and for end users mostly easy to understand with minimal change of damage. That changed when Avast snatched up the company to add to there portfolio. Within months there were high alerts because CCleaner was starting to transmit data it had no permission for it was deliberate had obfuscation and was in fact acting towards a Command Control Server (C2)
It was so bad Microsoft actually started implementing precautions for this program alone and banned them from there store for a good while. They released the following security message and press message which though not listing CCleaner as name we all know it was directed at them. https://support.microsoft.com/en-us/topic/microsoft-support-policy-for-the-use-of-registry-cleaning-utilities-0485f4df-9520-3691-2461-7b0fd54e8b3a
Avast has ever since been under extra watch and while most end-users that even know of this hold Piriform accountable the Industry holds Avast accountable. And guess what happened later. Actual malicious threat actors got ideas and they hacked the company signing service a few years later to piggy back there malware on the product in a similar fashion the company had done so. Avast to there credit jumped fast on it but two years later it happened again with some painful details that they left holes in there security during the migration of the company data from Piriform to Avast HQ infrastructure.
Do you think they started implementing extra security measures to reduce risk after that?
Oh no they got hit at the end of 2023 by something called the MOVEit attack and they failed to keep there infrastructure again safe. If we are to believe there own numbers 1.3 million users there data was stolen. Which is sadly these days a very small dataleak numbers which used to be unimaginable to say. 10 years ago this would be in the top 10 of data theft now it barely will reach top 50.
Now to be honest it was a never before seen attack an so called zero-day and cyber-security industry had a field day containing this mess. How ever just because something has not been seen before does not mean companies do not have security measures that can detect anomalies on the network. And most companies plainly put failed doing monitoring even if the attack itself could not have been stopped.
And these are not isolated cases we have had numerous cases that came from reputable companies even in the form of hardware manufacturers and still managed to start acting as threat actors or inspired others to do so because they did not follow safety procedures.
To conclude if a Cyber-security specialized company division can't keep there infrastructure safe than what change does a end-user have except for having the advantage of a potential smaller bulls-eye on there back. The answer is None.
As end-user you should not be overly worried about these matters in the same regards as the industry is or companies. We can not expect end-users to understand the nuance of these matters nor spend hours of doing research yet here we are.
These companies need to take there responsibility and not put extra dangers for users in there software. It does not matter if its against cheats, against mods, against vague threats to revenue. They are increasing the risk of customer data being miss used and reducing the user safety in all cases in way the average user has no way to combat against themselves.
And while most will be angry about DRM, anticheat stance of Capcom that is really not the primary issue, your online safety is.
also this is what i posted to steam staff after they banned me from steam discussion cause "topic doesn't belong" like wth where do they want me to talk about this then
"and by harm i mean enigma , the product is clearly available without knowledge what it is being used for and yes that includes criminals and hackers. In addition the security of Enigma Protector as a company is a joke.It is running on outdated forum software and insecure server infrastructure by some russian dev team.
Honestly the fact that Enigma is a russian Company and trying to hide it by giving false addresses everywhere already is very suspicious. Not to mention from a quick look on it i can already tell their DRM is not very secure, easy to crack/unpack and generally shoddily made. It's basically shovel ware compared to something like Denuvo or even lesser known products like Arxan."
you guys with old games and maybe new games lost more then what you were given, i hate third party drm but denuvo is so much better then this crud. Don't fight against this though, there is nothing you can do now sadly
edit: don't reply to me, i'm not in the mood. if you have a problem with what i posted then just ignore me.
you wanna know a funnie thing, some denuvo don't even have an eula for publishers to hide behind if some one takes them to court, they just know that no one is gonna do anything and they are right. we are mentally weak sheep who want sugar daddy corpo-san to give them insurance that everything is ok.