I used to crack C64 disk games. They were mostly trivial because I wrote a disk sector editor that would disassemble blocks on demand.
One that comes to mind were Ocean’s copy protection that was hacked by a load of 1 into the accumulator and a return. They had a “bool IsValidDisk()” type of routine.
After cracking one of their games I could crack others in less than 2 minutes directly on a copied floppy.
Keeping the bad sectors in place was annoying because future handlers of the disk couldn’t copy it unless they too had a proper copy app. A NOP Slide solves all problems
Random (yet on-topic) question: does anyone know of any IBM PC(-compatible) games/apps which used deleted floppy sectors as part of their copy protection scheme? I can find examples for 8-bit platforms such as Atari, BBC Micro, Amstrad CPC - but not IBM PC, even though the original IBM PC floppy controller supported them.
For those who don’t know, deleted sectors are an obscure legacy feature which was part of IBM’s standard for floppies, and floppy disk controllers which aimed at IBM compatibility often supported it. Essentially, the floppy can contain two types of sectors, normal and “deleted”, with a flag byte in the sector header distinguishing the two, special commands to read/write the deleted sectors, and a setting on the controller to determine whether the normal read sector command skips deleted sectors or not. Very little software used it; copy protection was the main exception. The original use case was to support very primitive databases in which each database record was stored in a separate sector, and hence you could delete a record in-place by marking the sector as deleted.
Platforms which used off-the-shelf IBM-compatible floppy controllers generally supported them, e.g. IBM PC and compatibles, Ataris, Acorns, Amstrad CPC. Whereas platforms which rolled their own floppy controllers, such as Apple II, Macs, C64, generally didn’t.
I remember one trick was to burn a hole in the disk at a specific track/sector location then try to read it. If you got an I/O error then the disk was real.
You are right, there is a a copy with a manual now! It was uploaded 4 months ago and it sure wasn't there all the previous times I've looked.
Unfortunately, the manual doesn't quite match my memories.
I recognize a lot of the text and layout so it is clearly something I have seen before, but the technical info isn't really there.
This manual is from May 1989. I read the manual a bit before that, perhaps in 1987, perhaps 1988.
So, does my memory play tricks on me or did they remove all that lovely tech info? All there's left in this version is Chapter 12 "Technical Terms" (which I recognize as something I have read a version of before).
I know I have read about using track reads to catch some of the copy protection tricks (like in the two MartyPC blog posts) and track writes (occasionally even track writes that are aborted at just the right time) to force the data on disk to be just the right kind of wrong.
I double checked that it wasn't in the Copy II PC manuals I could find: the V6 manual from 1990 and the Copy II PC Option Board manual.
I was hanging out in the computer lab at school, playing the PC version of Rogue, when a exasperated teacher walked into the lab, saying that her students were getting annoyed at having to swap in the real floppy when it started... Well, let me fix that for you... Gathered all the floppies, started copying the original with CopyII PC, and handed out games that would not *ill you by the copy protected mafia. Later that day, the lady came in and reported no problems, and handed me the original disk. I wish I knew how many kids got into gaming after that.
I thought this was going to be about the physical notch switch on some floppies to switch them between read-write and read-only modes... That thought alone brought back some deep childhood memories!
Yep. An ordinary round hole punch worked, but you could also get a purpose built punch that made a nice rectangular notch, had a guide to get the position just right, and had more leverage making it easier to punch through the thick jacket. "Dual sided" floppies (with two factory cut notches) cost enough extra that the tool paid for itself pretty quickly, IIRC.
Of course, the floppy manufacturers warned that the cheaper single sided floppies had only been tested on the front side, and might have defects on the back. But I don't remember that ever being a real problem.
>Of course, the floppy manufacturers warned that the cheaper single sided floppies had only been tested on the front side, and might have defects on the back. But I don't remember that ever being a real problem.
I remember someone telling me that the floppy manufacturers were obviously lying, because C=64 computers normally wrote on one side (back, I think), while Apple ][ series computers wrote on the other side, so the disks had to be tested on both sides anyway so they could be used in either computer.
It’s not super related but all the talk about how easy the Sierra games were to crack reminded me of that time I built a crack for nearly all shareware of the era.
Finding your own software bundled or integrated with someone else's software (assuming those are the terms one desired) would be one of the ultimate feelings of flattery to me.
"THG was run by professional men, who were available each day "by 10:30" when FedEx, or UPS delivered. The other groups had to "wait until they got home" in the afternoons."
My favourite copy protection fail was Office 95 “Upgrade Edition” - when installing it would ask you to point to where your old/existing copy of Office was… funny thing was you could point it to the installer directory itself (i.e the thing you’re currently running to install it) and it would continue LOL
It's hard to believe this was just incompetence - Sierra games were technically impressive for the time, making great use of graphics and sound. But what other explanation is there? If Sierra's goal was simply to prevent casual copying, they didn't have to bother with licensing Superlok at all, a simple bad CRC on one sector would have sufficed. It's all very odd.
Probably the simplest explanation is that management decreed that Superlok was to be used, and the developer tasked with it complied in the most minimal manner possible.
> It's hard to believe this was just incompetence - Sierra games were technically impressive for the time, making great use of graphics and sound. But what other explanation is there? If Sierra's goal was simply to prevent casual copying, they didn't have to bother with licensing Superlok at all, a simple bad CRC on one sector would have sufficed. It's all very odd.
It's not odd at all, if you think again about this:
> Softguard Systems was founded by Joseph Diodati, Paul Sachse and Ken Williams in 1983
Obviously it's not Ken who implemented the copy protection.
Really interesting to me because my grandparents were OG software pirates. They used to share back and forth floppies with some of their US friends. I assumed that they got away with this because floppy copy protection just wasnt a thing, we had a family friend we relied on who had memorised the potion drinking code from Prince of Persia. But now it seems plausible that someone in this piracy ring was breaking copy protection code which is even cooler.
That brought back memories of playing off a backup and having to switch to the original for validation, and of some Amiga program that claimed to copy copy-protected disks. It thrashed the floppy drive like crazy and looked very, uh, sophisticated (as in lots of virtual indicator lights blinking away on-screen), but I was never convinced that it actually worked.
Brings back memories... There was quite an arms race between copy protections schemes, copy software, and people that cracked protected software. The cloud solved all this I guess (much later).
I used to crack C64 disk games. They were mostly trivial because I wrote a disk sector editor that would disassemble blocks on demand.
One that comes to mind were Ocean’s copy protection that was hacked by a load of 1 into the accumulator and a return. They had a “bool IsValidDisk()” type of routine.
After cracking one of their games I could crack others in less than 2 minutes directly on a copied floppy.
Keeping the bad sectors in place was annoying because future handlers of the disk couldn’t copy it unless they too had a proper copy app. A NOP Slide solves all problems
Thank you for your service.
Random (yet on-topic) question: does anyone know of any IBM PC(-compatible) games/apps which used deleted floppy sectors as part of their copy protection scheme? I can find examples for 8-bit platforms such as Atari, BBC Micro, Amstrad CPC - but not IBM PC, even though the original IBM PC floppy controller supported them.
For those who don’t know, deleted sectors are an obscure legacy feature which was part of IBM’s standard for floppies, and floppy disk controllers which aimed at IBM compatibility often supported it. Essentially, the floppy can contain two types of sectors, normal and “deleted”, with a flag byte in the sector header distinguishing the two, special commands to read/write the deleted sectors, and a setting on the controller to determine whether the normal read sector command skips deleted sectors or not. Very little software used it; copy protection was the main exception. The original use case was to support very primitive databases in which each database record was stored in a separate sector, and hence you could delete a record in-place by marking the sector as deleted.
Platforms which used off-the-shelf IBM-compatible floppy controllers generally supported them, e.g. IBM PC and compatibles, Ataris, Acorns, Amstrad CPC. Whereas platforms which rolled their own floppy controllers, such as Apple II, Macs, C64, generally didn’t.
EA's INTERLOCK protection (Marble Madness) uses deleted address marks.
I remember one trick was to burn a hole in the disk at a specific track/sector location then try to read it. If you got an I/O error then the disk was real.
If you used the lower interrupts rather than DOS’ 21h, you could set your own bad sectors so you could copy the disk exactly :)
I confirm it was working at least for Microprose Soccer :-) Was way to easy to crack...
Unlike "Le Manoir de Mortevielle" or "Leisure Suit Larry" which I was never able to crack...
Perhaps this is a good place to ask if anyone has a copy of the manual for CopyWrite by Quaid Software?
The manual had a really good description of the floppy controller interface + various tricks one could use to copy protect floppies.
I know where to find several versions of the program. I am not interested in those. I am only interested in the manual.
I found two versions at https://archive.org, there's a PDF manual too.
You are right, there is a a copy with a manual now! It was uploaded 4 months ago and it sure wasn't there all the previous times I've looked.
Unfortunately, the manual doesn't quite match my memories. I recognize a lot of the text and layout so it is clearly something I have seen before, but the technical info isn't really there.
This manual is from May 1989. I read the manual a bit before that, perhaps in 1987, perhaps 1988.
So, does my memory play tricks on me or did they remove all that lovely tech info? All there's left in this version is Chapter 12 "Technical Terms" (which I recognize as something I have read a version of before).
I know I have read about using track reads to catch some of the copy protection tricks (like in the two MartyPC blog posts) and track writes (occasionally even track writes that are aborted at just the right time) to force the data on disk to be just the right kind of wrong.
I double checked that it wasn't in the Copy II PC manuals I could find: the V6 manual from 1990 and the Copy II PC Option Board manual.
I was hanging out in the computer lab at school, playing the PC version of Rogue, when a exasperated teacher walked into the lab, saying that her students were getting annoyed at having to swap in the real floppy when it started... Well, let me fix that for you... Gathered all the floppies, started copying the original with CopyII PC, and handed out games that would not *ill you by the copy protected mafia. Later that day, the lady came in and reported no problems, and handed me the original disk. I wish I knew how many kids got into gaming after that.
Article from 11 days ago: https://news.ycombinator.com/item?id=41346124
Laugh-ability:
https://www.os2museum.com/wp/lotus-1-2-3-r3-copy-protection/
I thought this was going to be about the physical notch switch on some floppies to switch them between read-write and read-only modes... That thought alone brought back some deep childhood memories!
That reminded me of a couple “hacks” we did back then…
1. Cover the write protect notch on a 5 1/4” floppy with a sticker to enable writing.
2. Melt an extra hole in a 3.5” floppy with a cheap soldering iron to double its capacity to the 1.44MB that later became the standard.
In 5¼" disks, the uncovered notch meant R/W while stickers were used to prevent writing.
I think we used to punch holes in 5¼ floppies to enable writing to their backside?
Yep. An ordinary round hole punch worked, but you could also get a purpose built punch that made a nice rectangular notch, had a guide to get the position just right, and had more leverage making it easier to punch through the thick jacket. "Dual sided" floppies (with two factory cut notches) cost enough extra that the tool paid for itself pretty quickly, IIRC.
Of course, the floppy manufacturers warned that the cheaper single sided floppies had only been tested on the front side, and might have defects on the back. But I don't remember that ever being a real problem.
>Of course, the floppy manufacturers warned that the cheaper single sided floppies had only been tested on the front side, and might have defects on the back. But I don't remember that ever being a real problem.
I remember someone telling me that the floppy manufacturers were obviously lying, because C=64 computers normally wrote on one side (back, I think), while Apple ][ series computers wrote on the other side, so the disks had to be tested on both sides anyway so they could be used in either computer.
There were a lot of commercial hole punchers at that time. See here for some photos e.g.
https://www.forum64.de/index.php?thread/38406-diskettenloche...
We used a drill for #2 but the price difference disappeared pretty quickly iirc
The trick was to line up the write-protected one with one that already had the notch.
Yeah and when you put some tape on it and now you can write.. it felt like neo in the matrix!
Previous article in the series: https://news.ycombinator.com/item?id=41346124
That's for different protection scheme. But also a great read!
Oh wow, I wasn't expecting two floppy disk copy protection articles in one week. Thanks for the correction!
Another great article from the same author that I found when browsing their blog after the previous article:
https://martypc.blogspot.com/2023/06/hardware-validating-emu...
Probably should be a separate HN submission at some point.
Don’t worry.., give it a few hours and someone will repost the Imperial March Disk Drive
It’s not super related but all the talk about how easy the Sierra games were to crack reminded me of that time I built a crack for nearly all shareware of the era.
https://joeldare.com/that-time-i-built-a-crack-for-nearly-al...
Finding your own software bundled or integrated with someone else's software (assuming those are the terms one desired) would be one of the ultimate feelings of flattery to me.
I wonder if one day we’ll ever get to see the identity of the greats like The Humble Guys and Razor 1911.
I imagine a documentary like the one for BBSes but for the cracking/cracktro scene would be k-rad
ahh THG were certainly ruling the scene !!! Nostalgia..
"Lemmings cracked by Fabulous Furlough" will occupy memory synapses for the rest of my life.
Bubba Magillicuty !!!
From the wikipedia page:
"THG was run by professional men, who were available each day "by 10:30" when FedEx, or UPS delivered. The other groups had to "wait until they got home" in the afternoons."
now I understand why they were faster :-)
My favourite copy protection fail was Office 95 “Upgrade Edition” - when installing it would ask you to point to where your old/existing copy of Office was… funny thing was you could point it to the installer directory itself (i.e the thing you’re currently running to install it) and it would continue LOL
It's hard to believe this was just incompetence - Sierra games were technically impressive for the time, making great use of graphics and sound. But what other explanation is there? If Sierra's goal was simply to prevent casual copying, they didn't have to bother with licensing Superlok at all, a simple bad CRC on one sector would have sufficed. It's all very odd.
Probably the simplest explanation is that management decreed that Superlok was to be used, and the developer tasked with it complied in the most minimal manner possible.
> It's hard to believe this was just incompetence - Sierra games were technically impressive for the time, making great use of graphics and sound. But what other explanation is there? If Sierra's goal was simply to prevent casual copying, they didn't have to bother with licensing Superlok at all, a simple bad CRC on one sector would have sufficed. It's all very odd.
It's not odd at all, if you think again about this:
> Softguard Systems was founded by Joseph Diodati, Paul Sachse and Ken Williams in 1983
Obviously it's not Ken who implemented the copy protection.
(ofc if this that Ken at all)
Really interesting to me because my grandparents were OG software pirates. They used to share back and forth floppies with some of their US friends. I assumed that they got away with this because floppy copy protection just wasnt a thing, we had a family friend we relied on who had memorised the potion drinking code from Prince of Persia. But now it seems plausible that someone in this piracy ring was breaking copy protection code which is even cooler.
That brought back memories of playing off a backup and having to switch to the original for validation, and of some Amiga program that claimed to copy copy-protected disks. It thrashed the floppy drive like crazy and looked very, uh, sophisticated (as in lots of virtual indicator lights blinking away on-screen), but I was never convinced that it actually worked.
Anyone else remember owning a Copy Option Board from Central Point Software?
[dead]
Brings back memories... There was quite an arms race between copy protections schemes, copy software, and people that cracked protected software. The cloud solved all this I guess (much later).
I’d love to know how you make this kind of floppy visualization. Looks so cool, I want it framed!
I was able to answer my own question by reading the comments on his blog. The author wrote it themselves: https://github.com/dbalsom/fluxfox
Don't copy that floppy