Jump to content
  • entries
  • comments
  • views

Clever anti-piracy schemes

Mira Yurizaki



Many companies like to protect the sales of their software by incorporating anti-piracy schemes. A lot of them fall flat, being annoying and inconvenient to use to outright dangerous and perhaps legally dubious. However, there were a few that I thought were pretty clever in that not only was it transparent to people who purchased the game legitimately, but served as frustration to pirates at the same time.


Sony's "Wobble" Detection Mechanism On the PlayStation 1

Most of this is really from Technology Connection's video on the subject:


The gist of it is that as the laser is trying to read the disc, there are smarts in the reader in order to keep it on target with the data on disc. The way Sony did this was to use a couple of electromagnets in a flat X-Y plane configuration. The thing is that in the PlayStation, the reader also detected whenever the laser head moved around or "wobbled." In a particular part of the CD, an imperfection was pressed to induce a deliberate, specific wobble that the console understood. So if the wobble happened on startup, the console knew the disc was legitimate. Whenever a person tried to copy a PS1 game, the CD drive would read this data just fine. However, when it came to burning the disc, the burner wrote the data without the imperfections to induce the wobble. This meant that unless you had the actual CD press from Sony, you couldn't create a copy of a PS1 disc that the PS1 liked.


It was defeated by mod chips by pausing the disk after the initial verification was done, but certain games also were aware of mod chips installed on the system.


Insomniac's "Checksumception" on Spyro: Year of the Dragon

Insomniac faced a problem after the release of Spyro 2, it was heavily pirated. They didn't want this happening again with their new game and thought of a way to solve the problem. They came to one conclusion: You can't. But, what they did find out is that most of the time, a majority of sales of games happen within the first few months. So rather than try to stop pirates, they wanted to delay them from releasing a fully playable version of the game. Rather than try to do copy protection, the developers decided on crack protection.


The way they did this was sprinkled through the game were routines that calculated the checksum of the code as a means of integrity checking. But this wasn't enough. If a hacker can find where the routine to calculate the checksum is, they can just modify what's expected after making changes to the code. So Insonmiac decided another layer of checksum calculation was in order, using the checksum itself as part of the calculation. So effectively, checksums on checksums on checksums. And if you changed anything and tried to modify one of them, you'd have a ripple effect that would make all the rest invalid. Essentially, it was impractical at the time to modify anything in the code and still have the checksums line up.


But it didn't stop there. If the game detected an incorrect checksum was encountered, it would only break the game in subtle ways like removing collectibles used to advance to the next part of the game. This meant that when the hackers thought they broke the game's protections, they'd call it victory, release it, and then find out nope, they actually didn't. (from what it sounds like, people who make cracks are likely don't test it completely because in the world of making cracks, speed gets you cred)


The problem was that this method required 10 seconds or so of disc access. Obviously this can't do while you're playing the game so they limited it to just when the game is booting and masking it with showing logos and such. Another problem was this increased the development effort. But as a result of this method, it took over two months before the game was cracked in a time when a week was considered long. And the developers don't even think it was defeated, just bypassed.


Also if any of this sounds familiar to another DRM's method of protection, it's very likely that Denuvo runs on the same principle. Just using encryption instead.


You can read about the whole thing at https://www.gamasutra.com/view/feature/131439/keeping_the_pirates_at_bay.php


Breaking the Game If You Pirated It

A few studios also took Insomniac's approach to piracy. Only they left out the "Checksumception" and used the "break the game" method. The ones that stood out to me over the years are:



There are no comments to display.