<< Previous Message Main Index Next Message >>
<< Previous Message in Thread This Month Next Message in Thread >> 
Date   : Mon, 28 Apr 2003 13:04:43 +0100
From   : "bill.carr" <bill.carr@...>
Subject: BBC Micro Games Copy Protection

Recently I was asked whether I had a "cracked" version of Brian Jacks
Superstar Challenge.  I didn't but decided to look at what was keeping
it protected.
I found that the game was checking the "last tape block loaded" section
of memory,  more specifically an undefined region of this which can be
set to whatever the programmer chooses.  The knock-on effect of this
protection, other than checking whether the game had been *LOADed and
then *SAVEd is that it wouldn't work from disk.
Luckily, the crack consisted of changing just 1 byte to make a
conditional jump go nowhere.  The end result of this story is that it
got me interested in "cracking" BBC games again.

I am interested in any tales about fiendish protection schemes.  Also
what constitutes a good "crack", eg. to crack most later Superior
Software titles, IIRC using a Kevin Edwards protection, a JMP
instruction can be stopped by replacing with an RTS and then the code
which has been loaded from a "blank" area of the disc can be saved
safely, if you know where the start address, length and execute address
are stored.

Exile, being an important release had a more sophisticated protection
scheme which showed a disc with just the !BOOT file on 1 track (rather
than 40 or 80).  This created a virtual catalogue in memory from which
the game was loaded (and can therefore be saved).

Some games, such as Hyper Sports and Boulderdash, had code protection in
the form of timer related EORing, which didn't prevent copying but made
it harder to view the programmers work - and as a side result prevented
them from being emulated.

What software programs did people use to create backup copies?  I used
Ripoff IV which copied most, and Disc Duplicator 3 (both by Howard
Spurr) copied even Exile.
Some ROMs proved useful also, I used Enigma Disc Imager for the *MEDIT
(Memory EDIT) and *DISS (Disassembler) commands.

Sorry if this is an overlong post, but my interest in this subject has
been renewed.
<< Previous Message Main Index Next Message >>
<< Previous Message in Thread This Month Next Message in Thread >>