We’ve reviewed the most powerful BBC Micro model B disc protection scheme I found, across an audit of most of the copy protected discs released for the machine. It’s clever in that you don’t need specialized hardware to create the disc, or read the disc. But you’re going to struggle to duplicate the disc.
Copy protection schemes from the ’80 and early ’90s are fascinating, and this one is no exception.
That’s the funny thing about the analog domain, it’s sometimes possible to exploit specific circuits in unanticipated ways. It reminds me a lot of macrovision “copy protection” in the VCR days when they used signals that were out of spec to exploit the automatic gain control units. The problem with this type of “copy protection” is that it abuses the spec. While it’s “clever” it often assumes a specific hardware implementation of the spec but on another implementation you could get different results even though the hardware is to spec.
The company behind macrovision eventually may have gotten it’s out of spec signals into the spec (or at least got the industry on board) such that DVD players of the day would explicitly have electronics added to produce these signals. And digital TV capture cards that weren’t vulnerable to the signal were never-the-less programmed to block recording. These kinds of “tilt bits” were notorious in Vista where windows would intentionally enter a low quality data path and sometimes legitimate consumers were effected. It caused enough things to break that it wasn’t that widely used. For better or worse a lot of engineering effort goes into making sure some systems don’t work correctly or optimally when the content producers flip a bit, adding to the cost and complexity of a product with no positive gains for the consumer. Maybe I am biased, but I’ve never been a fan of this because those pirating the media can generally circumvent any copy protections and it is those who are not pirating the media who are inconvenienced and denied fair use rights.
Back in the day I invented a BBC Micro disc copy protection scheme and tried to sell the idea to Bug Byte. They weren’t interested (and their royalties were appalingly low at the best of times) so disappointed I gave up. I found out a few years later that a game company set up by ex Bug byte staff may have used this scheme for one game, a spaceship shooter game if I recall, released in the last couple of years of the BBC Micro’s games market existing. According to the magazine I read they claimed it had never been cracked. This doesn’t mean it was crack proof but more like nobody had bothered. Even so… It’s nice to know it had commercial success but I’d rather, if they had pinched it, they hadn’t stolen my intellectual property off me without so much as a thank you.
It’s been so long I can barely remember how the scheme worked. I think it took advantage of disc layout and OS loader code so if it was a copy the code would load chunks in a different order. This meant a legit disc would load code properly and start at the proper entry point while a copied disc either wouldn’t load essential code or execute different code.
My scheme was an obfuscator which worked with the ROM and disc as is. It didn’t use anything flash or analogue tricks.
My views on copy protection and security are fairly loose. I’m not against super strong and deeply invasive schemes like permissions down to the bit level for the internet in principle but anything has to be balanced with human rights and fairness. Genuine security and protection of copyright, sure, but not at the cost of abuse or creating monopolies or punsih the user for existing or creating social exclusion and poverty.
Its hilariously ironic that your copy protection was itself pirated.
Yeah. lol.
I also worked on a few schemes, based on non important sections of the file system, so they were never read by standard file commands and couldn’t be accessed directly through a typical file read/write interface.. A bit for bit copy would fail as it contained a drive serial number as part of a hash and also phoned home periodically allowing us to detect any duplicates. As cool as it was, it was ultimately pointless as our sales guys always authorized free copies as a way of apologizing for the poor software quality of the product ( written before my time, but yes management was insane they wanted us to copy protect terrible software…. ) .
The other one was done in paranoia that china would steal our valuable ip, which I guess wasn’t that insane of a fear, It slowed everything down as it was basically a custom encrypted file system and was more obfuscation than anything. I think it worked, it was a successful product and as far as we knew it was never cloned successfully. But would absolutely not consider that secure even back then.
I also worked on a few schemes, based on non important sections of the file system, so they were never read by standard file commands and couldn’t be accessed directly through a typical file read/write interface.. A bit for bit copy would fail as it contained a drive serial number as part of a hash and also phoned home periodically allowing us to detect any duplicates. As cool as it was, it was ultimately pointless as our sales guys always authorized free copies as a way of apologizing for the poor software quality of the product ( written before my time, but yes management was insane they wanted us to copy protect terrible software…. ) .
The other one was done in paranoia that china would steal our valuable ip, which I guess wasn’t that insane of a fear, It slowed everything down as it was basically a custom encrypted file system and was more obfuscation than anything. I think it worked, it was a successful product and as far as we knew it was never cloned successfully. But would absolutely not consider that secure even back then.
Back in the day the internet didn’t exist and many had not even heard of BBSs or computer clubs of above end user level so the likelihood of an average person doing any reading up of the technical issues or knowing where to start with breaking even a rudimentary copy protection scheme was low. This situation has obviously changed. The business, legal, and security situation has changed too as has the general politics as well as software production. In spite of knowing the issues it appears never ending “crunch” is still a thing with some software developers.
One software company I did an internship with was a competitor of Lotus and used a hardware dongle to protect their software. The inventor of the dongle used by the company had previously been a technical officer with GCHQ and it took over a year (or three) for GCHQ to clear their invention. In exchange for licencing and being able to comemrcially exploit the rights they had been made a director of the compay. Adjusted for inflation the companies software retailed at £2000+ in todays prices which explained how they could afford half a mansion house in one of the more select postcodes. The dongle protection mechanism was also sold as a seperate product to other software developers. At one point a shipment of dongles went missing in transit courtesy of Russia who “lost” them for three months. It was a bother for commerical reasons but the director said the Russians wouldn’t be able to crack the scheme behind the dongle. One day we received an excited call from a programmer at a customers saying they had cracked the protection. The technical director wanted to know if it was the dongle or software which had been cracked. The second they heard it was the software they lost interest.
Even if the current environment I don’t think copyright infringement is a huge issue. Most law enforcement in Europe at least focus on mass copyright infringers especially those making money off it. To some degree solutions to problems can be pinched (and reverse engineering is legal in many jurisdictions) but replicating the brains behind it and customer support and business relationships is much more difficult. It’s abuse of market power or when law enforcement or legal action is taken against people trying to get buy or make up for lack of access to expensive education I begin to have an issue.