On Mon, 13 Oct 2003, Jerrold Leichter wrote:

> different forms.  It's been broken repeatedly.  The one advantage they have
> this time around is that CD readers - and, even more, DVD readers; there is
> mention of applying the same trick to DVD's - is, compared to the floppy
> readers of yesteryear, sealed boxes.  It's considerably harder to get at the
> raw datastream and play games.  Of course, this cuts both ways - there are
> limits to what the guys writing the protection code can do, too.

>From the POV of a coder for this kind of protection, there's probably some
API you can use to get at the error correction info somewhere -- or you
can use timing info... i.e. ask for a bad sector, and see how long it
takes to return the sector vs one that's supposed to be good...  

You can't stray too far from published API's, since if you do, you'll
potentially break your game when future OS's, patches, service packs,
hotfixes, or devices come out...  I.E. if you don't support anything but
IDE CDROM's, will you fuck users that use SATA, scsi, FireWire, or USB
cdroms? etc...  What happens under Windblows 2005?  Does your business
model say that they can't play on future OS's/hardware?  You won't be in
business very long if you do that.

>From the POV of the cracker, you can write a driver that looks like a
CDROM driver to the OS, and run the game.  It would act as a proxy to the
real CDROM, but also log any unusual activity (errors, odd timing,
etc...)  So then, the cracker can write a second virtual cdrom driver, one
that passes through the usual data off the CDR copy, but for those
"unusual" sectors that it captured earlier, replay the action.

Might even want to do this with two machines so you lessen the chance that
the game will find the original CD and ignore the virtual. :)

Of course the game could somehow figure out if a CD is virtual - by
getting driver information?  But if you're sneaky enough you can make your
virtual CDROM driver look like a second IDE controller, etc.. (see above
about SATA, USB, etc...)

Doing a search on google for "virtual cdrom" I see quite a few such
beasts...  It's possible one of these even has source code, but I don't
much care to bother searching further as I've no interested in this except
from the theoretical. :)

(In terms of things like Linux/*BSD you don't need no stinkin' driver, you
can directly mount an ISO file, but you could very easily write a block
device driver that added the errors/delays or whatever these things depend

That said, the scheme isn't without merit provided that it tells the luser
that he should purchase a real one.... maybe after it stops working pop up
an ad and say "Now that you've played your friend's copy, and saw the
demo, you can continue if you buy the full version..."

I seem to remember lots of old Macintosh software doing this.  You were
allowed and even encouraged to copy the floppy it came on and give it to
your friends.  When your friend installed the software, it would ask for
the serial #, (which you weren't supposed to give out.)

At that point, it would go into demo mode and run for a week, or two, and
then refuse to run.  So if your friend wanted the cool program you
recommended, they'd buy their own copy.  I'm not sure how successful that
was, but I'm assuming it did quite well...

The difference between that and this, is that if you put the floppy on
your fridge door with a magnet, you could always get your backup (or ask
your friend for her copy.)  With this, even if you have a legally
purchased copy, one or two scratches and it's literraly "Game Over Man!"  


 + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of   /|\
  \|/  :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\
<--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech.  \/|\/
  /|\  :Found to date: 0.  Cost of war: $800,000,000,000 USD.        \|/
 + v + :           The look on Sadam's face - priceless!       
[EMAIL PROTECTED] http://www.sunder.net ------------

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to