Keeping prototypes secret

Discuss technical or other issues relating to programming the Nintendo Entertainment System, Famicom, or compatible systems.

Moderator: Moderators

tepples
Posts: 22147
Joined: Sun Sep 19, 2004 11:12 pm
Location: NE Indiana, USA (NTSC)
Contact:

Keeping prototypes secret

Post by tepples » Fri Feb 12, 2010 1:43 pm

Say I'm developing a video game, but my publisher wants an exclusive on the ROM for the first few months of distribution. So I don't want one of the beta testers to leak a copy to the public. I already have people in my own family that I can't trust to keep a trade secret.

Here's what I plan: For each copy that I hand out to a beta tester, embed the recipient's name in multiple places in the ROM and encrypt important CHR data. If you turn on the game, you get a decoy: some random single-screen puzzle game. But if you hold a specific button and press Reset, you get a password entry screen. Enter the right password to start running the prototype; a wrong password will give either "Denied" or (if the user is lucky) corrupted CHR data.

Is there a better way?

User avatar
tokumaru
Posts: 11907
Joined: Sat Feb 12, 2005 9:43 pm
Location: Rio de Janeiro - Brazil

Post by tokumaru » Fri Feb 12, 2010 1:56 pm

Man, that's a horribly complicated idea. I don't think I have a better solution though...

Maybe give crippled versions to the testers, like with levels and music tracks missing. Make different crippled versions with different things missing, so that the individual parts can still all be tested. I think it's highly unlikely that all your testers will betray you, work together and try to join the pieces from all the crippled versions, but even if they try, this should be really hard to do if the data is shifted around.

If I were to do this I'd probably define some conditionals indicating what's to be assembled and what's not, so that I could quickly use different combinations for different crippled ROMs.

No matter the solution you use, you'll never be sure that the final product is bug-free unless people get to test the exact same binary you'll be selling.

User avatar
Bregalad
Posts: 7988
Joined: Fri Nov 12, 2004 2:49 pm
Location: Chexbres, VD, Switzerland

Re: Keeping prototypes secret

Post by Bregalad » Fri Feb 12, 2010 2:44 pm

tepples wrote: I already have people in my own family that I can't trust to keep a trade secret.
If they're like you this is understandable.
Maybe give crippled versions to the testers, like with levels and music tracks missing. Make different crippled versions with different things missing, so that the individual parts can still all be tested. I think it's highly unlikely that all your testers will betray you, work together and try to join the pieces from all the crippled versions, but even if they try, this should be really hard to do if the data is shifted around.
Sounds like horrible. Anyone here could crack your protection easily anyway.
Useless, lumbering half-wits don't scare us.

User avatar
Jeroen
Posts: 1048
Joined: Tue Jul 03, 2007 1:49 pm

Post by Jeroen » Fri Feb 12, 2010 2:50 pm

Also if someone leaks the rom he'll most likely include the password with it anyway. The best way to get it from not being leaked is either not implement features (sivak didnt have testers have a password version of the rom) or just making absolutly sure the person testing is trustworthy. Also don't put their names in...just put in a random number at a random hex adress...that way they cant find it and erase it.

User avatar
tokumaru
Posts: 11907
Joined: Sat Feb 12, 2005 9:43 pm
Location: Rio de Janeiro - Brazil

Re: Keeping prototypes secret

Post by tokumaru » Fri Feb 12, 2010 3:03 pm

Bregalad wrote:Sounds like horrible. Anyone here could crack your protection easily anyway.
You think it's that easy? With the data all shifted around it should be pretty hard to join them all and fix all the references to it, don't you think?

And you can also cripple by removing code, not only data. Say you make several ROMs, each with a single level for different people to debug, and you also make several ROMs each with a different boss (because the bosses weren't included in the levels)... I think it would be pretty hard to join it all, I wouldn't want that job.

But hey, piracy is piracy, someone always finds a way. If the big companies can't stop the pirates, neither can we. And I don't even know if all this trouble of protecting the ROM is worth it, since anyone that buys the cart can dump the ROM and distribute it the day it is released, so all the effort put into protecting the beta versions would have been for nothing.

And it sucks that you can't even trust people in your own family.

User avatar
Dwedit
Posts: 4365
Joined: Fri Nov 19, 2004 7:35 pm
Contact:

Post by Dwedit » Fri Feb 12, 2010 3:04 pm

This kind of thing is called Data Fingerprinting. But it's really hard to pull off correctly.
And if a password is required to play the game, expect to see that password written on the cartridge in sharpie.
Here come the fortune cookies! Here come the fortune cookies! They're wearing paper hats!

User avatar
tokumaru
Posts: 11907
Joined: Sat Feb 12, 2005 9:43 pm
Location: Rio de Janeiro - Brazil

Post by tokumaru » Fri Feb 12, 2010 3:21 pm

Knowing who leaked your game wouldn't help you much after it's already been done, unless you plan on taking legal action.

And people that want to play a game for free won't give a damn about who leaked it, as long as the game is playable.

User avatar
cpow
NESICIDE developer
Posts: 1097
Joined: Mon Oct 13, 2008 7:55 pm
Location: Minneapolis, MN
Contact:

Post by cpow » Fri Feb 12, 2010 3:37 pm

tokumaru wrote:Man, that's a horribly complicated idea. I don't think I have a better solution though...
Assume you're doing this on an emulator and not on a real NES with a PowerPAK?

If so, why not encrypt the ROM and send with it a modified emulator [binary only] that knows the decryption key? Or scramble the ROM and send with it a modified emulator that knows how to descramble it?

tepples
Posts: 22147
Joined: Sun Sep 19, 2004 11:12 pm
Location: NE Indiana, USA (NTSC)
Contact:

Post by tepples » Fri Feb 12, 2010 3:58 pm

tokumaru wrote:Knowing who leaked your game wouldn't help you much after it's already been done, unless you plan on taking legal action.
I believe Nintendo uses a similar technique to what I described for its official "Ensata" DS emulator, so that it can investigate a leak and apply appropriate contractual sanctions.

And I don't know of any emulator that comes with source code but isn't copylefted.
Last edited by tepples on Fri Feb 12, 2010 3:59 pm, edited 1 time in total.

User avatar
koitsu
Posts: 4218
Joined: Sun Sep 19, 2004 9:28 pm
Location: A world gone mad

Re: Keeping prototypes secret

Post by koitsu » Fri Feb 12, 2010 3:59 pm

Each individual beta tester gets their own cart, which is associated with them digitally (duh). Just want to make that clear. The following would be done *per cart*. Focusing on the ROM itself as a whole, but I guess this would be best in PRG:

Fill in the leftover/unused areas with completely 100% random bytes, ranging from $00 to $FF. The leftover/unused areas should also be somewhat random in size or location (meaning you get to generate a unique ROM image with different offsets and everything per person, fun...).

Make note what the "base offsets" of those unused areas that contain random data are. Then, using the letters from their name, write down/take note of offsets (within the unused areas) which correlate with the letters from their name.

Here's a crummy example, keeping it simple with only 1 section of random data:

Code: Select all

00006000:  f5 41 93 ae 34 e7 54 98  08 2c 42 da d1 93 45 88
00006010:  db c2 9a 68 8f f2 56 ca  25 a5 af a5 f6 06 f1 0e
00006020:  be 2b 46 a5 6e b2 46 04  df d0 fd 0e 70 49 7b 3e
00006030:  89 f5 13 39 45 86 81 ae  b1 b8 92 e9 50 67 89 8e
00006040:  bd 81 f1 5d e8 ff e4 b0  9a 68 cd bc fa 66 03 56
00006050:  b8 e0 3f 82 66 68 99 3b  a5 d2 4e b7 64 a8 f7 2d
00006060:  5b f9 96 66 39 85 87 10  59 93 39 b4 fb 85 52 be
00006070:  95 b0 41 33 8f 6d 6b 2e  c5 d0 6c 40 42 a2 01 d9
00006080:  ac 6c 00 ca f3 8c 28 1a  9b ad 25 3d 83 53 d2 2f
00006090:  68 0c 28 8b e3 99 84 01  81 27 e1 f0 bd 0e 54 51
000060a0:  d2 47 84 34 0c d6 f3 87  2a ba 20 b6 c8 aa 38 ff
000060b0:  14 3f c0 2a 32 84 6e 91  63 ed 8b 11 68 34 e1 36
000060c0:  07 5b cf 22 f8 36 bf d8  a2 6c 3f 41 36 1a e7 48
000060d0:  50 be 06 48 6a 43 d9 80  90 02 42 d8 f4 7f d0 41
000060e0:  31 e7 1e 54 96 3d bd 85  b0 6a a9 51 ca 26 08 db
000060f0:  2e 8e 68 49 53 91 70 01  9c 60 c2 50 b8 b6 2c cd
Let's pretend the individual's name is FAT HEAT. So you'd write down:

FAT HEAT = 0x6000, 23, 01, e4, aa, d4, 0e, cb, 06

The 0x6000 part indicates what base offset you'd need to look at the ROM image (again, assuming PRG) for, and the bytes after are the offsets from that base address.

If you get a hold of a ROM image someone's released on the net (and presumably hasn't modified the hell out of), or a cart someone's put up for sale somewhere, you can simply write a quick script (you know Python ;-) ) to go through your beta tester list, going to that base location + offset and print out the letters.

Well, that's my idea anyway. A good one? Hardly. Failure-prone? Very likely. But you get the idea.

UncleSporky
Posts: 385
Joined: Sat Nov 17, 2007 8:44 pm

Post by UncleSporky » Fri Feb 12, 2010 5:33 pm

Does the publisher want exclusive on cart production, or the ROM in general? If it's just cart production, aren't there some simple changes that could be made that cause the game to run in certain emulators but not a real NES? The hope is that the other cart makers assume it's a poorly-made game rather than hunting for the code you broke.

User avatar
Dwedit
Posts: 4365
Joined: Fri Nov 19, 2004 7:35 pm
Contact:

Post by Dwedit » Fri Feb 12, 2010 6:06 pm

Cartridge pirates just don't care.
Here come the fortune cookies! Here come the fortune cookies! They're wearing paper hats!

User avatar
tokumaru
Posts: 11907
Joined: Sat Feb 12, 2005 9:43 pm
Location: Rio de Janeiro - Brazil

Post by tokumaru » Fri Feb 12, 2010 6:29 pm

@ koitsu:

What you have shown is one way of identifying the person who leaked the game (there are many other possibilities), but that alone won't do it. When the ROM is out, the damage is done. What are you gonna do to the person who did it? Spam their inbox? There isn't much you can do unless you're willing to invest in hiring a lawyer, and that will hardly pay off in the end.

Better than just identifying the culprit after the shit has already hit the fan is to prevent it all from happening in the first place. So I guess the goal here is to find a way to make the distribution of the game impossible, or at least pretty damn hard.

naI
Posts: 114
Joined: Fri Jun 26, 2009 4:58 pm

Post by naI » Fri Feb 12, 2010 6:55 pm

Does the NES version of Contiki have a TCP/IP stack? If so, maybe you could include that on the ROM and have it sporatically make calls to a private server for verification and chunks of code in order to play the game. If said private server is offline, or denying access, then you have incomplete code and a non-working game.

tepples
Posts: 22147
Joined: Sun Sep 19, 2004 11:12 pm
Location: NE Indiana, USA (NTSC)
Contact:

Post by tepples » Fri Feb 12, 2010 7:19 pm

UncleSporky: I'm not sure. This publisher has also put out cart versions of games whose demos are missing levels or (more relevant to my case) missing features. I seem to remember someone else on this publisher not releasing a ROM until the game has been out for months, and the cart got discontinued (on purpose) around the ROM release (also on purpose). So I'm trying to make leaked betas less attractive to casual players or at least try to shame the leaker out of the NESdev community.

Contiki 2.x doesn't support the classic game consoles anymore, only a few commercially significant microcontrollers. Contiki 1.x for NES never had a driver for any serial port hardware over which one could run SLIP or PPP. And even if there were, most of my testers wouldn't have the serial port mod or an emulator that supports it.

Post Reply