Click to view Spore's digital rights management and copy protection has gotten a lot of people up in arms. The reaction has been so strong, with nega-reviews flooding Amazon and DRM creatures flooding the Sporepedia, that Electronic Arts said they're planning on implementing a patch to loosen up their current installation guidelines. But Electronic Arts isn't the only company to ever use a built-in online copy protection system. A small company called Valve, publishers of such indie titles as Portal, Half-Life 2 and Team Fortress 2, knows all about the ups and downs of DRM and copy protection. Back in 2004 Valve was at the heart of a hurricane of controversy surrounding the use of online authentication after their relatively new digital distribution system, Steam, ran into a hiccup and was unable to keep up with the online validations for mega-hit Half-Life 2. But things have run relatively smooth since then, with the exception of a major outtage in 2006. I talked to Valve's Doug Lombardi yesterday to ask how they've managed to smooth out the wrinkles of DRM with Steam and how their copy protection compares to Spore's."Half-Life 2 was one of the first games to require authentication to play the game and require it with an online component, prior to that you had CD keys," Lombardi said. "There was a lot of pushback about that at the time. It was two-fold. One was social engineering on the part of pirates. The other was Steam, in general, at launch time, was busted. It wasn't nearly as elegant as it is today." "Since then we have stayed with the same system and put a lot of hardware behind it and made (authentication) more immediate." Lombardi, and others I spoke to off the record, say that at least for digitally downloaded PC games, DRM and copy protection is here to stay. For Valve the biggest push is to lock down those "zero day" pirates. Day zero is the time between when a game goes gold and when it is available for purchase. Lombardi, and many others, are convinced that that's when a bulk of piracy occurs. "That's the biggest problem," he said. "I'd be willing to guess that well over 50 percent of piracy occurs then." "I think our solution solves the game zero piracy." The key to making a good authentication system, Lombardi says, is to not stand in the way of customers enjoying what they bought. A bad system is like telling a customer "Wait, before you go on this roller coaster you need to change your shoes," he said. As with SecuRom, Steam's validation system has a number of options that are left up to the game developer to decide. Like how often a game need to be authenticated. "They can make it the first time on purchase and never again or they can do it every hour," Lombardi said. For instance the authentication and rights for Spore and The Orange Box through Steam are fairly similar: Number of concurrent installations Spore: While EA says a change is coming to allow deauthentication of computers, currently Spore can only be installed on three computers total in it's lifetime. The Orange Box: There is no limit to the number of computers it can be installed on. You just install the Steam client, but can only play on one computer at a time. Spyware Neither Spore nor The Orange Box have anything akin to spyware built into their copy protection and DRM systems. Lombardi calls spyware, or even the perception of spyware, the kiss of death in the gaming business. Authentication Spore: An EA spokesperson told me that Spore only checks authentication when you first install the game. The Orange Box: Every time you play the game online Steam checks your authentication. Number of accounts per a copy Spore: Despite what the manually erroneously states, only one account can be created per a copy of the game. The Orange Box: One account per a copy of the game. It seems as we move forward, toward disc-less gaming, DRM and online copy protection are inevitable. The only question is how they will be implemented. What do you think the DRM sweet spot is?