I really am surprised at the lack of "old-timer" hacks for copy
protection displayed here so far.
(BTW - If you legally buy a copy of "superwonderultramegaware", you
are ALWAYS entitled to to use that software on one computer at a
time; you have paid for the license - even if it was second hand from
another person... and this is regardless of any "copy limit" involved
in the original disk.
IT IS NOT PIRACY TO RE-USE that software on fifty computers - as long
as they are your own, and it is done serially. (one at a time.)
Here's a couple of "oldies":
- The simplest was to format a track with a "super" number (higher
than that normally found on a conventionally-formatted disk), then
write the "special" information there. ( e.g. - number of copies
made, or CMOS checksum of the machine upon which it was installed, or
the disk serial number, etc.) This "supertrack" was of course read
by the install program - and it would crash if the track didn't
exist.
Obviously, a simple diskcopy wouldn't work.
(FIX: too complicated for today's point-n-clickers, but a quick
disassembly - with Ralf Brown's interrupt list kept very handy -
could generally find the supertrack formatting. Of course, you had
to be familiar with the BIOS interrupts, but that was how you learned
about computers!)
- Another way required booting from the install disk; there often was
a different operating system used (or a highly-modified DOS) which
used a different format. (This prevented diskcopies, and also had
the effect that many DOS utility commands didn't work - or sometimes
even trashed the originals, if they were really snotty!) These
almost always RE-BOOTED the machine to "normal" DOS when the program
finished.
(FIX: If the new format could be determined, a slow, track-by-track
format and copy could be performed. Otherwise, it required the track
info, a massive move into a memory image of the disk, then rewriting
to a new disk en masse from RAM in the new format.)
- Those who were good at assembly language could often disassemble
and find the point where the program CALLed to the copy-protection
scheme, then overwrite it with a few NOPs. (Thus, the
copy-protection scheme was never called in the copy.) I used this
method quite a bit in the early days, when a LOT of software checked
for exactly DOS version X.XX, and wouldn't work with a later version.
(It's also useful today, when a lot of software demands a Pentium or
higher. A 586 is perfectly capable of running the software - but
reports that it is a "486" instead of a Pentium. I've bypassed that
check on a lot of my sons' games - and they work just fine on this
586/133Mhz.)
- one nasty way was for the install program to overwrite one of the
"standard" BIOS software interrupts (the timer, keyboard, and error
number were commonly used), then "POPping" a few less addresses from
the stack than were "PUSHed", and issuing a RETurn instruction. (to
the modified interrupt, of course!!!) The FIX for this could be VERY
complicated, depending upon how devilish the authors were.
Just in case you kept reading thus far... many of these schemes will
work just fine today, on more modern software. The most secure
serial number/internet check/query means nothing if the program words
which call it are changed to NOPs. (JUMPs instead of CALLs are only
a little more difficult - especially LONG jumps.)
So if you paid for it, it ain't piracy.
If you just ran off a bootleg copy, shame on you!
- John T.
__________________________________________________
Do You Yahoo!?
Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free!
http://photos.yahoo.com/
To unsubscribe from SURVPC send a message to [EMAIL PROTECTED] with
unsubscribe SURVPC in the body of the message.
Also, trim this footer from any quoted replies.
More info can be found at;
http://www.softcon.com/archives/SURVPC.html
