The pirate life for me

« »

The naughty 90s
Permutations of existing techniques were coming thick and fast. Ever more vendors shipped ever increasingly convoluted solutions using dongles, keys, checksums and validation methods. With the advent of the Internet and popularisation of network-connected computers, challenge and response codes became popular. A user would receive their software in a box with an activation key on it. They would install the software, and then the software would ask for a validation code. The end user would put their activation key in and a validation key would come back from the software vendor server. This would then be input into the software - and provided it 'matched up' on both sides, the product would be activated.

This gave rise to the ever-popular keygen. Key generators became popular when the power of decompilation tools (and thus, reverse engineering) became accessible to those outside of large-scale software development teams. The premise of the keygen was simple. Pull apart the proprietary code by disassembling it into near-machine code, then figure out what sequences of keys or algorithms were used to create said keys. Once this information is obtained, put it into software that can run externally to the application, and generate based upon the algorithm.

Key generators today represent the largest 'market' for open piracy, often being created for everything from games to applications and operating systems. For many of the groups and individuals that make key generators, it's all about the challenge of the reverse engineering method and technique, rather than simply stealing software.

Of deformities and wobble sectors
Along the time line, it's now early turn of the century. Software companies are under threat, people are losing jobs, and the industry is under a slow but definite landslide. Here is where the 'fun' stopped and things became serious.

The RedBook CD standard was well in place for audio CDs, as were the respective standards for data DVDs. It became painfully apparent that it wasn't a problem for people with the right equipment to 1:1 copy media, no questions asked. The vendors had an ace up their sleeves, though. Along came SafeDisc.

Command and Conquer: Red Alert 2 started the trend. The disc would copy fine. Everything seemed sensible. It would then be installed from, and everything still seemed sane. Then the problems would arise. People couldn't play from their backup burnt media. Was the burner missing something? It sure was!

Weak sector and Eight to Fourteen Modulation (EFM) encoding were the key to the protection mechanism in Macrovision's SafeDisc.

First, the concept of the 'exclusive or' (XOR) needs to be understood. XOR is a bitwise operation. XORing a number with 1 flips a bit, but XORing with 0 does not. If your input bit reading from a disk was 1, and it was XORed with 1, the result would be 0. If your input bit was 1, and it was XORed with 0, the result would be 1.

The next part of the equation comes in understanding of how a CD/DVD drive actually works. A laser in the most modern of drives still finds it hard to detect frequent changes between physical pits and lands. As a result, changing the number of pits and lands frequently is a recipe for failure. In this respect, when reading/writing a CD or DVD, the number of these pit/land changes must be minimised. This is where EFM was invented. It turned eight bits into 14 bits, with an XOR lookup table alongside, as a hardware encoder/decoder.

The next step in understanding SafeDisc is the Digital Sum Value (DSV).

The DSV is an integer that changes at each point along the media. For every pit on the disc, the DSV is incremented by one, and for every land it is decremented by one. For instance, take the following series of pits and lands:

Pit-Pit-Pit-Pit-Land-Land-Land-Pit-Pit-Land-Land-Land-Land.

Here, the sequence of pits to lands would be +6, -7.

Here is where SafeDisc and several other copy protection techniques kick in. SafeDisc's weak sectors are already XORed with the verified outputs of what a sector XOR engine will be. Once this hits the EFM encoder on the way 'in', because it's already XOR'ed, it'll be twice the pattern that it was previously, and thus have to traverse twice the length on read 'in' or write 'out'. The algorithm used for calculating these merged bit patterns is far too intensive and slow for a burner to deal with. When confronted with these long chains of weak sectors a drive doesn't know what to do, so it throws the read away as garbage data or a read error. When this happens, the SafeDisc module gets the hint, understands that the media is forged, and refuses to run.

« »

This article appeared in the February, 2010 issue of Atomic.

Aliens: Colonial Marines in depth; Z-77 Motherboard round-up; strategy gaming special; Home Server tutorial. PLUS MUCH MORE - ON SALE NOW!

Ads by Google

14 Comments

orcone Mar 2, 2010 11:37 AM	pyrates on the carrebeen was a terribel movie, stop sayin its good you moran
bastard Mar 2, 2010 12:12 PM	Pyrates = Pirates Carrebeen = caribbean Terribel = terrible sayin = saying its = it's moran = moron Pyrates on the Carrebeen = Pirates of the Caribbean There is a moron on here, but I am not sure the direction of the insult is correct. About the article: Really found it interesting, I have seen many of the copy protections take place and it was a good read seeing it all in one article. Thankyou.
Hawkeye Mar 2, 2010 12:30 PM	Once again, orcone shoots and scores :)
Sir_Substance Mar 2, 2010 7:05 PM	"Wouldn't you rather play for the good guys, than the bad?" But who are the good guys?
thesorehead Mar 2, 2010 9:08 PM	1 internets for orcone. Also, FWIW IMHO the biggest problem with piracy is the trading of counterfeit software. Not because it reduces the profits of the original creator, but because it delivers an inferior product that degrades the value of the original product. This contributes to lower profitability of course, but it includes such problems as faulty merchandise being attributed to the original creator and malicious code inserted for nefarious purposes.
Count Mar 3, 2010 8:58 AM	You're forgetting the earliest copy protection of them all, the "Answer this question from X page in the supplied manual". Most prominantly featured in Battle Chess (the original) and Return to Zork. I remember trying to back up RA2, back in the day. Even then it only took 10 minutes to go online on my 56k modem and get the instructions on how to disable the EFM protection. Heh, good times.
sirtrancealot Mar 3, 2010 12:52 PM	I still lol at the fact that most pirates get a better experience than those who pay for stuff, due to the fact there are no ads, warnings, compatibility issues. IMHO this is one of the reasons why most people choose to pirate movies and TV, software not so much. do i pay $40 for a blu-ray disk watch 10 mins of govt warnings about anti-piracy? or download it and get straight to the content..with a negligible difference in quality? hmmmmm decisions decisions!
sirtrancealot Mar 3, 2010 2:19 PM	Don't forget the potions with letters from Prince of Persia! classic copy protection!
Kythin Mar 4, 2010 12:34 PM	what about the brilliant red-cellophane (sp?) window copy protection in the old sierra adventure games? I think it was to protect against photocopying the manual more than copying the 20+ floppy disks!
karlm Mar 7, 2010 10:57 PM	what is nuts about copy protection these days is that usually it hinders those who do the right thing, (i.e. those who buy the software), rather than the pirates. Several games in the last year I have bought either failed to run or got the shits about what drive i ran it from - purely because of the copy protection schemes. Isn't it sad the fixes came in the form of 'no cds', even some of the companies realsing that the copy protection was ass-about and removed it totally - Quake 4 anyone? Nowadays even though i have to be careful with my bandwidth - I buy through steam, or buy the boxed version and activate it through steam.
Doc Forrest Mar 9, 2010 7:04 PM	Indiana Jones and the Fate of Atlantis worked using a code-wheel.
CodeMaster Mar 19, 2010 6:26 PM	I bought GTA4 for PC and it didn't work, although my PC was high-end and met all of the requirements and then some. Tech support were unable to help me get the game to work, so I went out and bought the same game on PS3. Of course, it worked first go. After 5 months of e-mails to and from tech support, the PC version of GTA4 still did not work. In desperation I tried a not-so-legal PC version of GTA4 and it worked first go. Why is it that the legitimate product didn't work, whilst the 'other' version did? Is it still regarded as piracy to go to such extremes to get a game (that I had bought on 2 platforms already) to work?
es02 Mar 31, 2010 12:00 PM	"At some point in time, somebody realised it was hurting profits. Of all the somebodies... it was a games company." I thought it was an anti piracy letter to the silicon valley computer g=club from Bill re some form of BASIC that was being shared around. Maybe I'll have to dig out my copy of hackers again :S
Athlonite May 18, 2010 6:35 PM	@ es02 your correct it was Bill Gates and it spelled the beginning of the end for the Home-brew computer club @ CodeMaster no it does not as you already own the game legally and tech sup couldn't fix it for you

Comments have been disabled on this article.

Atomic Magazine

Issue: 137 | June, 2012

Atomic is a magazine aimed squarely at computer enthusiasts, gamers, and serious PC upgraders.

Every month we bring you the latest reviews of new technology and PC components, in depth features on everything from overclocking to console hacking, and gaming previews and interviews.

What's in this issue?