SafeDisc2 Type_Copy Protection

[ZamZiBam]

Common sense should be taken when examining a copy protection scheme such as this. The author writes that there is a segment on the CD-Rom that is useless data designed for difficulty of copying. Let me examine this from a different point of view. Copy protection in general is broken usually before the protected system is even released. For this reason it should be sensible to note that there is more to protecting a disc in this way than to cause a simple nuisance of backup. We should also note that most modern 3D games are going online. Let's examine this concept. Why would we want a large test pattern in a CD if we know everyone will be able to back it up not much after it's released. Well, digital signatures. We know how CD-RW works. Well, CD-RW has material that have properties that can change. For this simple reason, if this type of a pattern were added to a CD-Rom on a track, than when the player plays the game online, a signature can be noted into that pattern. Since most online games require that you have at least the CD-Rom inserted to play. After all, if it is protected, why should you use the CD-Rom when most games allow full installation. Now the question is, would the manufacturer just ad a CD-RW style track. I don't think so. Let me explain why. Believe it or not, if the material is sensitive enough, than you don't even need a CD-R or CD-RW drive to write to it. Simply reading the data, can access certain properties of certain materials. In this way, all anyone has to do, is make sure there is a random pattern in the regular CD-R. Even if it is finalized, the material will still be reactive to lasers. So when the cd-is read, it can create a signature based on what cd rom unit accessed it. The legality is of course questionable. The reason for that is that a user has to have full knoweldge of all dataspace on their computer. Otherwise proper security administration can not be done. In other words if this is done, the manufacturere has to tell everyone about the feature. So at this time, if anyone finds any software like this, a serious lawsuit can be made if data on that system was compromised. Now. Let me explain how something like SafeDisc2 could be used. You have a random pattern. When online, you register and the registration software allows the software itself to read the error prone area. As it is read, let's say you have the random bit pattern
0001010101010001110.
As soon as the first bit is read, it forces the next bit to change properties thus rendering it to 1 instead of 0. Now if you copy the game, the same bit pattern is too difficult to write, so another bit patter will be generated on the copy. They know that. So if someone figures out how to duplicate the physical properties and manufactures cd-s like that, than what will happen is the registration number will test against the serial number and bit pattern. And the same serial number should not come up with another bit pattern unless that is so. Guess what. The legality as I said is extreme. The reason is, tht someone can buy a game. Say it was defective and return it to the store. Once this is done, the protection is defeated legally. In other words it works, but guess what. Even if you can't get your money back, you compromised the security of the computer or another user by returning the game and it is legal to return defective games. So if someone else gets the software and you have a registered pattern. Than the data buffer can be used because the game maker is protected by the reverse engineering law.

[podunkviller]

i give this post a D-. not very well thought out, tends to ramble in spaces. jumps from one topic to another. the reasoning, as well, tends to leave large holes. i recommend anyone that has bothered to read this far totally disregard all information in this post. thank you.

[crispy]

ZamziBam.....I really hope english isn't your first language.

A couple of simple flaws to you grand plan


Flaw number one.

Cdrom read lasers are not poweful enough to later CDRW dye. That is a design necessity. If it wasn't, what a waste of time CDRW would be? You'd backup some data, the laser would read it to verify, but at the same time destroy it!

Flaw number two.

All cdroms and cdr/cdrw MUST conform to the Orange book. If it doesn't then it is incompatible. That's the whole point of a standard. Multi-dyed discs? Impossible to manufacture, let alone write to. How would your cd burner know when it hit a different dye?

Flaw number three.

Even if all of the above miraculously were solved, it would be utterly pointless as all you'd need to do is run from a cdrom or dvdrom.


In the end, your idea is based upon flawed misunderstandings of what cdrom technology is, and can achieve.
To say that

"For this reason it should be sensible to note that there is more to protecting a disc in this way than to cause a simple nuisance of backup"

is there? The whole point of copy protection is to prevent copying and piracy, so to protect a company's/individual's intellectual property and ensure they receive all royalties due. Nothing more.

Also

"We should also note that most modern 3D games are going online"

of course some are but not many. A serial code entered upon set-up is another layer to this protection which is verifed upon on-line connection. It is nothing to do with preventing copying of a cd, but another deterent to piracy.

In the end, you seem to miss the whole point of systems like safedisc. They are designed to prevent stage one of cd piracy. A serial or on-line verification is stage two. No single stage is 100% solid. That is why multiple layers are incorporated.

[Lilith]

Sorry, I don't agree with the different stages you mention.

- stage 1 is of course protecting against 1/1 copy, SD don't do that
-stage 2 is to resist the longest possible time against reverse/hack. WC3 was out 1 week before the commercial release
-stage 3 is to resist to emulation. The most difficult

If a game needs an Internet connection, is has nothing to do with a CD and a pseudo-stage 2, because Internet is "just" a different medium.
In case of online gaming, if the CD is mainly a medium that support the engine and the server build the community, you don't really need to protect the engine...you only need to shut down fake servers.
Of course, in this case, the CD can be the medium of the first stage : offline gaming. So you need to protect it also

Concerning flaw two, you can complain if the CD is incompatible with your reader : a standart do not implies a law oblige you to comply with. As far as the licence fees are paid to the right companies... The reason Philips complain about cactus is because of incompatibilities with the readers, then argument with rainbow books. reason, then argument, in this way, not the reverse!

PS : english is not my mother langage, so I speak at least another one.

[ZamZiBam]

I would like to apoligize for the illiterate post. Let me make up for it with some justification. I have not posted in a forum for a long time, so I skipped some basic rules. I started this thread under the assumption that most people look at this topic with varried perspective. So I do not make any 100% definition to anything other than opinion. For example, one of the responses on how lasers work and etc. First of all, I do not need anyone to explain that, but do argue. Even the slightest transference of light has an effect on a material, provided that the material is sensitive enough to react. In other words, it is obvious that a standard CD-Rom will not be affected by the laser, but material that is different can be effected, and if the CD-Rom is called BLANK Corporation CD-Rom it does not mean that is what it is or that is who makes it. What I went on to explaining is a possible use of this concept and the SafeDisc2 copy protection scheme, seems to be the perfect system to use for what I was explaining. Unfortunately, as I said, I skipped some rules, so I went from defining a technology to arguing how it would be used in a legal form and etc. I still stand by what I wrote and further posts should clear up the illiterate post. As for the technology, let me be more specific. If we have an area on the disc, that if it is read by a laser such as a CD-Rom after it is copied; it does not play, because it was not properly copied because of that protection, than it is a protection scheme. Now after a while, people will crack this protection and it will be common for most software packages to follow a working crack scheme. In other words, a system of cracking the protection will be made. As this scheme becomes obsolete and the pattern is matched the problem will have been solved. However, what will have happened is an internal signature pattern will have been retained. In other words, the crack covers up the pattern, but does not properly duplicate it. As this is so, very distinct and sensitive properties of materials, will remain on the original discs, but will not be duplicated on the copies. So the copies will work just the same on your system, however if you play them online, the signatures will not be properly duplicated. So on a server, the administrators will be able to check your CD for a proper signature and knock you off of the server for example, or a snoop will be able to e-mail you asking you why the signature does not validate and etc., also please read the pattern explanation one more time and if confused ask, it is actually simple. I did explain everything, though I admit I just dumped the data. As for the responses, I welcome them, except now that I have a better bearing on the thread, please ask about anything else that is not obvious or understandable. In other words, all arguments you may have, I have a good response for as long as it pertains to my first post!. Sorry for the confusion!. NOTE! If it is being tested, the legality is questionable!. END NOTE!

[ZamZiBam]

Alright, I suppose there are a few more notes to be added. First, I am proposing the concept, but I am not proposing a question. In other word's I am not asking anyone if this works, I am telling you how it works.

It is obvious and important to note that an individual has the right to protect intellectual property and etc. At the same time, it is just as if not more important to note the damage this can do to the intellectual properties of others. One person can think up an idea that can damage many persons position, but one argument to that idea can protect the many persons position as well as that individuals. Let me go into the legal part of the concept. If there are any technical questions ask, but here is the concept once it is understood how it works and that it does work. If you have a dataspace that is on your system that is proven to be impossible to duplicate, at the same time that it is varied in signature, than you have unknown dataspace. In other words, the signature is designed so that if you purchase the original and you decide to give it away or sell it, the signature will evolve with the original sor of like a polymorphic signature based on a single key. For example if the cd-rom is protected by a hologram, than the varied key can reflect off of the hologram making it impossible to duplicate. At the same time it carries and matches any signatures in any drive it goes into. No 2 drives can match a random burn pattern. All this is great and an awesome idea, but you also have an un-identified dataspace. In other words, you have writeable space on the cd-rom that can not be duplicated, but the random signature can theoretically and conceptually take random data. Here is an argument. OVERBURNING. If you overburn a CD-Rom, it can have varied lenght!? Correct?! So is that not the same thing!? No! Because the adminstrator who would have to contemplate this, could base security on a finalized segment with no possibility to read beyond a specific point on the disc. With a varied signature, you have random dataspace that is different and is part of the data segment that has to be read and can not be patched. What I am saying is, you can not detect this in SafeDisc2 at the time, but just as it is a "POSSIBLE" BETA test of a new security system being designed by an un-named security company, you have the possibility that someone else knows this and can use the BETA test for a simple backdoor, such as nothing more than getting for example a single registry key off of your system. Does THAT make more sense!? In other words, it's just as illegal and I would say out of 100%, less than a quarter of 1% would know how to check for this type of material on the CD-ROM! It's theoretically that sensitive!

[Lilith]

@ ZamZiBam

Seems to me you have some (good) ideas, but I at least agree with podunkviller for one thing: you jump for one to the other with a little lake of logic. (regarding the note, I'm not at school anymore, maybe you're not also)

Confronting your ideas with the reality, you're discribing what is Starforce, and a few part of Tagès - as SW (HW is another matter...). But you want to forget that when a CD is pressed, nothing can be written anymore today. I'm not sure it will make an economic sense to set up another technologie just to write on a part of a pressed CD (I'm not sure, but I think Kodak have already done something similar), as you can write in many other place easily (HD, smart card, server...). Just combine it with your "dataspace" - what I call "protected zone" - and this is it!

Anyway, this is definitely not SafeDisk nore Securom : those protection are ony "press button", and as it is an automatic proccess for the editor or the CD manufacturer, it is also automatic for the hackers : UnSafedisk, Unsecurom

Regarding legal issues, I'm not interressed : as far as CD is concern, almost every one lose sense! (If I broke a glass, I will not file the manufacturer of the glass, and I will not complain to the seller of the glass for a brand new one, I will just buy some if I don't have anymore. A CD is not a fressbie, but it can be a scarecrow)

[podunkviller]

cd lasers have different powers. even writing to different cd-r discs, has a different optimal power rating. you can find this information in the ATIP of the disc. granted, you can probably write at less than the optimal power, but i'm going to wager that reading the disc doesnt change the values held on it.

and as for safedisc 2 - do you know how it works? basically, it overloads the EFM decoder with a DSV (digital sum value) that is unacceptable. currently, to get around it, we use either cracks, or by reading/writing RAW with a writer that does not have a problem with it. AWS is another option - and www.cdfreaks.com 's expert clonecd forum can explain, in depth, how that works - what values it fills in, etc.

also - yamaha's new writers are making it possible to write after finalizing . check those out.

(isnt this much more readable than one big blob?)

[Lilith]

Concerning SD and RAW, it's partly incorrect :
no writer has problem to use RAW, it is mandatory for them to be called CD-Writers (build Frames F1/2/3). The only trouble is that some don't accept to write RAW coming for a SW, because they firmware was made to calculate EFM, ...
Of course, since there is an economical interrest for CD writer manufacturers to produce a firmware able to write RAW for SW because of SD+CCD|BlindWrite...
Or to multiplex subchannel data from SW because of Securom+CCD|BlindWrite...
Or to be able to give RAW or subchannel data to a SW(again, CCD|BlindWrite), out of the firmware (except of course the TOC, which is mandatory)...

Concerning Yamaha, it's not a huge gap filled : finalizing means for a writer to burn few bits of data (as sectors) in the spiral. To go after is not a physical problem, just a modification of firmare. Anyway, data burned will be still conform to ybook, with continous increase of address of sector, so if you ask a reader to read one of those sector, it will read it, in the lead out, after if there is something (valid sector), so it does not anwser ZamZiBam challenge

[Lilith]

@ZamZiBam
"If you overburn a CD-Rom, it can have varied lenght!? Correct?! "

Yes, it can.

But in fact, all CD-R or CD-RW manufactured from the same stamper will have the same behaviour. It's build-in, from the techno (there can be some trouble in metalization, but you 'll be very unlucky). If you take a x CD box, then overburn the x CD until it failed, you have a very very good chance to have the same length for all the x CDs.
And a stamper is used for many many CD-R/W - they're expensive . So length is not as random as you expect

[ZamZiBam]

... continued from post on cdr-info.com

Do not look at any limits of the reading device or the firmware which allows the actual error correction. I have a vague example, but it only argues how a CD-Rom drive operates. So this might explain something you missed. It is a vague example.

The CD-Rom is inserted. It is read. A threshold is standard to the CD-Rom specification, which allows for specific inconsistencies on the disc. In other words, it allows a certain amount of variation between data. This is something that is transparent to all users, as it basically denotes how a CD-Rom operates. This is however firmware and or software error correction for the simple reason as to allow further file formats to exist on the disc, allowing more powerful lasers and or CD-Rom drives to work at a more intense level and speed. In other words the data could be more condensed on a more powerful drive than it could on most standard drives. This threshold however as I said is basic to error correction. So to repeat myself, various errors are allowed that are standard to the operation of the drive and this is to allow various manufacturing processes to be compatible, because after all, not every manufacturer even though using the same concept and specification, makes the same quality disc. Now since we know there is a threshold, than we also know that the best cd-rom media coupled with the best drive on the market will work alot better not because of the basic speed and dataspace representation, but also because less correction will have to be made by the drive. With that said, there is something more obvious. CD-Rom Media manufacturing will always be one better than the other, but CD-Rom devices, can be duplicated so the chances of one drive being as good as the next is higher. This is not a concept now, this is fact. So I am saying just about every CD-Rom drive out there is capable of reading not so much at a specific speed but at a specific constant. Much like a scanner. So it does not matter if the data read is to be interpreted, it just has to know that a specific area has to be accessed. Everyone argues that this error will stop this and that. Look at it like this. put the CD-Rom on a scanner "DON'T ACTUALLY DO THAT" it's not an eprom but the same concept. Every time you scan the CD, it will scan a linear phase. TRUE?!. If you turn the CD at an angle and scan it again, it will do the same thing. Now imagine a PRISM and that is basically what the IOMEGA drive protection key looks like. Just two planes if you turn the CD-Rom and it scans it than if you have two squares that are at an angle, the deflection will be different, because it refracts different. Now imagine the CD-Rom that is not stationary. First of all we know that the read head will always be at the same position, relevant to the angle of the CD-Rom, so the planes can not be at different angles. CORRECT!?. O.K. This is STATIC, now DYNAMIC allows error correction, which will be at the same dataspace location, but will be corrected. The reason being, that the phyisical position and angle on't change, but the deflected angle will be different simply because the the drive will correct. Sort of like RAW as to DEFINED read. In other words, it's obvious that someone can crack that. It's practically saying. LOOK everyone, patch me here and the game will work, but the signature will not be duplicated. It's a simple as reading the same dataspace at 1X and at 24X. After all, why would you want to copy a protected CD at 1X, why do you get a better read. Because the slower speed allows more accuracy and as it corrects over and over, it is more likely to find the right answer. Where if you go faster, it does the same thing, but is less likely to be able to conform to a no error state. It's designed to conform to that idea so it takes away attention from what it really has. A signature. The concept is straightforward, but it's not as obvious. So that is the idea, but what is not obvious is that it's the actual MATERIAL that is impossible to find and using the same principle as the PRISM, the material can be altered. So this is a thin line between the actual operating concept of a CD-Rom drive and the actual physical ability for material to change it's properties. Much like a CDRW but it is not a CDRW drive, but those are the characteristics since you have polymorphic dataspace that can not actually be chaged without changing the properties of the material, which in turn can only change to the drives signature. All CD-Rom drives are different. SO ONE LAST TIME! Even though it can pick up a signature. Another software package, such as a FIRMWARE update will allow the DRIVE to provide an alternate signature. In other words, if the FIRMWARE is a registry key in Windows 2000 than it can be compromised by the CDR. Sounds funny, but as soon as people start getting logged off of game servers it will be more obvious. To security administrators, the dataspace will also be more obvious and perhaps the best intervention is the safest measure for high security systems. Once the CD was in that drive. It will never leave the facilities and etc. but that's getting into the legal information again.

[crispy]

It's a shame that we don't share a common language otherwise this would have been an interesting debate.

I'll just respond to Lilith's queries over my "stages"

"- stage 1 is of course protecting against 1/1 copy, SD don't do that "

The point is not that it protects 100% against copying, but that it is SOLD and MARKETED as an anti-copying scheme, designed to prevent casual copying by the vast %age of end-users. i.e. stage one in the "fight" against copying.

"-stage 2 is to resist the longest possible time against reverse/hack. WC3 was out 1 week before the commercial release "

Serial numbers are not solely incorporated to prevent reverse engineering. They are another "original" verification mechanism to ensure that the original packaging is also present. Current serial number cryptography is too complex to be key genned. Safedisc2 is designed as well to prevent reverse engineering by having anti-debug code, encrypted code sections, and self-modifying code. All of which are there to lengthen the time needed to produce a no-cd patch or crack, and remove a serial check mechanism.Most apps are hacked before release due to employees of these companies passing the stuff on.


My main point to all this (yes I am getting there!) is that the key to ant anti-copying protection is, as Macrovision realised a long time ago, is to produce a method which severely limits writing back to a cdr, whilst providing developers as water-tight, complete product as possible. i.e. one that not only limits cd copying to a handful of cd burners, but also provides protection against reverse engineering.

And finally, again, I'm afraid I can't discuss the points you've raised as unfortunately I find your english hard to follow and thus we may have some crossed wires.

[podunkviller]

not to say that i use pirated software, but the version of warcraft3 released by razor came with a keygen that worked for non-battlenet purposes. this is why blizzard wins out - to play the extremely popular multiplayer version - i still had to buy the game. i just got 2 weeks extra practice in (it was released june 17th, according to the nfo )

but thats all speculation.

[themis_t]

this thread made me get confused...why don't you people try to keep a stable thing to talk about...