Cartridge copy protection

Ask anything your want about Megadrive/Genesis programming.

Moderator: BigEvilCorporation

Post Reply
Miquel
Very interested
Posts: 514
Joined: Sat Jul 30, 2016 12:33 am

Cartridge copy protection

Post by Miquel » Wed Jul 19, 2017 8:08 pm

I already know how to detect between emulators and real hardware. Now I need to detect between copiers and the real cartridge.

Should I relay in additional hardware inside the cartridge, or could be a software technique to detect it ? What do you think?
HELP. Spanish TVs are brain washing people to be hostile to me.

TmEE co.(TM)
Very interested
Posts: 2440
Joined: Tue Dec 05, 2006 1:37 pm
Location: Estonia, Rapla City
Contact:

Re: Cartridge copy protection

Post by TmEE co.(TM) » Wed Jul 19, 2017 9:40 pm

Trying to talk to the flash chips is one way to go about it, if the chip isn't giving expected response you knew you're not on original hardware. Most flash chips have means to ask an ID from them. You could even put saves on the chip too if the sectors are small enough, beware of limited write capacity though.
Mida sa loed ? Nagunii aru ei saa ;)
http://www.tmeeco.eu
Files of all broken links and images of mine are found here : http://www.tmeeco.eu/FileDen

Chilly Willy
Very interested
Posts: 2984
Joined: Fri Aug 17, 2007 9:33 pm

Re: Cartridge copy protection

Post by Chilly Willy » Wed Jul 19, 2017 9:54 pm

I hate to say do it in hardware, but if you do it in software the next rev flash cart may not be detected, and hackers will take it on themselves to bypass the software check. Of course, hackers might bypass the hardware check as well. There's no perfect way to deal with this, and many people hate distributors for even trying. What will give you a longer period before it's hacked? Hardware.

Flygon
Very interested
Posts: 60
Joined: Mon Sep 28, 2009 11:26 am
Contact:

Re: Cartridge copy protection

Post by Flygon » Thu Jul 20, 2017 5:48 am

How much would going the full bore, and adding a CPU and/or soundchip the game is dependent on onto the cartridge on deter piracy?

Of course, that makes manufacturing and design a whole lot more expensive. :lol:

cero
Very interested
Posts: 338
Joined: Mon Nov 30, 2015 1:55 pm

Re: Cartridge copy protection

Post by cero » Thu Jul 20, 2017 8:00 am

Eh, it wouldn't be particularly expensive to include a small ARM core with a secure key area, implement public key crypto, and run the check inlined in tons of places in the code. The hw side is unbreakable without an electron microscope, sw side would take a long time if you put in enough checks.

But using such a coprocessor for actual tasks instead of DRM would be much better, and achieve the same goal really.

Miquel
Very interested
Posts: 514
Joined: Sat Jul 30, 2016 12:33 am

Re: Cartridge copy protection

Post by Miquel » Thu Jul 20, 2017 12:48 pm

cero wrote:
Thu Jul 20, 2017 8:00 am
Eh, it wouldn't be particularly expensive to include a small ARM core with a secure key area
The VDP can be accessed directly from cartridge lines ? From the case of SVP I suppose the answer is no. If it's the case it becomes a mess, and still the amount of data transferable is limited by the 68K.
HELP. Spanish TVs are brain washing people to be hostile to me.

Miquel
Very interested
Posts: 514
Joined: Sat Jul 30, 2016 12:33 am

Re: Cartridge copy protection

Post by Miquel » Fri Jul 21, 2017 4:35 pm

Flygon wrote:
Thu Jul 20, 2017 5:48 am
How much would going the full bore, and adding a CPU and/or soundchip the game is dependent on onto the cartridge on deter piracy?

Of course, that makes manufacturing and design a whole lot more expensive. :lol:
That seems to me the best solution, a chip that is used all the time along the game makes it impossible to patch, to produce a work around. But, in the other hand, is relative easy to emulate. I don't think there is the perfect solution.
Chilly Willy wrote:
Wed Jul 19, 2017 9:54 pm
I hate to say do it in hardware, but if you do it in software the next rev flash cart may not be detected, and hackers will take it on themselves to bypass the software check. Of course, hackers might bypass the hardware check as well.
That's true, if you put a barrier somewhere a few people will take it as a personal challenge to by pass it. I was thinking to proceduce a demo version of the game to try to avoid this situation.
Chilly Willy wrote:
Wed Jul 19, 2017 9:54 pm
There's no perfect way to deal with this, and many people hate distributors for even trying. What will give you a longer period before it's hacked? Hardware.
I think people hate it when is easier to play the cracked version that the legitimate version, a situation that is typical in PC gaming, but is not the case here.
HELP. Spanish TVs are brain washing people to be hostile to me.

Flygon
Very interested
Posts: 60
Joined: Mon Sep 28, 2009 11:26 am
Contact:

Re: Cartridge copy protection

Post by Flygon » Sat Jul 22, 2017 3:46 am

Remember the golden rule of sales. If it can't be pirated within 3 months, you've buffered yourself against the worst of piracy.

Never mind the unwritten rule among emulation authors to not go scrambling after emulating new commercial homebrew releases. There's a reason the Pier Solar mapper hasn't been lauded as being emulated by most emulators. Of course, after quite some years, it's now been done anyway.
Never mind the PC release. :P

Miquel
Very interested
Posts: 514
Joined: Sat Jul 30, 2016 12:33 am

Re: Cartridge copy protection

Post by Miquel » Sat Jul 22, 2017 12:57 pm

Flygon wrote:
Sat Jul 22, 2017 3:46 am
Remember the golden rule of sales. If it can't be pirated within 3 months, you've buffered yourself against the worst of piracy.
That's because they expect to do most of the sales within 3 months. Currently for games coming from a big inversion is more likely a week, they expect to do 50% of the sales in that week. Why is that? I have found two reason:

- Commercials (& related) are done within this time. For this kind of game advertising is about 50% of total cost.
- They don't know if their game will be a commercial success due to unknown public response to game dynamics (playability basically). So they force the reviews to be as late as possible... just in case.

Unfortunately I don't have this kind of money, so I must relay in just the opposite: people liking this game must be my publicity. That takes time.

About Pier Solar, you are right, it's done.
HELP. Spanish TVs are brain washing people to be hostile to me.

MetalliC
Interested
Posts: 30
Joined: Sat Aug 25, 2012 12:45 pm
Location: UA

Re: Cartridge copy protection

Post by MetalliC » Sat Jul 22, 2017 1:24 pm

one of good more-less recent examples: NG.DEV's games for Neo-Geo platform - no bootlegs or cracked copies exists, as well as no emulation. mainly because carts have NXP's ARM-based MCU, with internal 512KB flash rom, afaik big part of game logic code there, and no known ways to dump it.

other good examples - various 80x-90x arcade games, many of them was RE-d or cracked 10+ years after release, or some of them still not (properly or at all) emulated:
- Taito C-CHIP based, like Operation Wolf, which CHIP firmware was HLE'd only year ago (mainly thanks to unprotected prototype dump research and comparison), good read about it's RE - http://www.bryanmcphail.com/wp/?p=794
- IGS PGM 1/2, many games uses secured ARM CPU located on game cartridge, where is part of game code.
- Gaelco games which uses Dallas DS5002FP encrypted MCU (only few days ago was found the way to extract its firmwares)
- Seibu games, which uses "COP" coprocessor, like Raiden II - was more-less good understood and simulated only few years ago.

Post Reply