2. CD Protections
3. Cactus Data Shield
12. SafeDisc 2
14. The Copy-Protected CD & The Bongle
15. CD Protections using other means to "protect" the CD
16. Console CD protection
17. Other Recources
Into our days companies CD protection methods are increasing and try to be always 1 step ahead from people who try to make copies of it. Here you will find out the latest news about CD protection methods and if they really work.
What is copy protection?
The binary information can always be copied, so the manufacturer makes the operation of his program dependent on the presence of some physical key which cannot be copied. He does this by changing his software so that it cannot run unless some sort of initialization is performed, adds additional program code, called the guard module, which carries out the necessary initialization if and only if it detects the presence of the physical key. In a few words : "Copy Protection is a modification to the original code to make it dependent on some external action, a guard module to provide the necessary action when it detects the key & the key itself."
How does it work?
All copy protection schemes must have these three parts in order to work. If any part is missing, the scheme fails :
Dependency on External Action
The original software must be changed in some way so that it will not run without the action of the guard module. This could consist of merely including calls to the guard module in the software. However, the best way of making the software initialization dependent is to encrypt it. Encryption means taking the code and scrambling it so that it cannot run and is no longer recognizable.
The Guard Module
This is the code that restores the software to executable form or in some other way initializes the software and allows it to run. It must do this only when the key is present. When the guard module is satisfied that the key is authentic, it initializes the software and executes it. Besides the function of recognizing the key and restoring the software to executable form, the guard module must do its job in complete secrecy.
It must be impossible to see what it does, impossible to imitate what it does and impossible to trick it into doing its job when the key is not really present. This is called code security. Unless, the guard module itself is protected in some way, usually by encryption and debug-trapping, the protection can be disabled, and the software made to run without the key.
The Physical Key
This is the actual physical device or object that must be present as proof of ownership and the right to use the protected program. The key can take on many forms: an original CD, a key diskette, a dongle or a "smart card".
What makes the software dependent on Guard Module?
There are various ways to do this, though techniques which do not include encryption cannot be considered very safe : Building in Calls to the Key Check, Encryption
Which are the Guard Module functions?
What are the various kinds of physical keys?
Other Hardware ( plug-in board,smart cards)
Personal Characteristics (finger prints, voice prints or retinal images)
So how do people manage to break it? What they do?
- Reverse Engineering
By disassembling the program and finding out how it works, another programmer might use the principles involved to write his own program without actually copying the program itself. This process is time consuming and difficult.
- Creating a "Cracked Copy"
If the protection can be disabled, the software will run without the key. The idea is to either peel off the guard module or find some other way to defeat it, so that the protection check is never made, but the initialization is made anyway. This is very easy now since CloneCD can copy most of current CD Protections.
- Copying the key
If this can be done easily, it is almost as good as creating a cracked version. Dongles and diskettes with physical holes are extremely difficult to copy; for all practical purposes they cannot be copied. Key diskettes made from normal diskettes can or cannot be copied depending on the degree of sophistication of the diskette and of the equipment attempting to copy it.
Commercially available copying boards can defeat many protection schemes. For the serious pirate, there is the synchronized bit copier which moves every bit directly from one diskette to another, using electronically synchronized drives. This can copy all but the very best key diskettes.
- Fooling the Protection
A memory-resident program can be installed which makes the guard module "think" the key is present. If, for example, the guard module checks the key diskette or dongle by way of the system BIOS, a filter can be set up to watch the interrupt and intervene when the key check is made, feeding false input to the guard module and simulating the expected signals.