Here's what I plan: For each copy that I hand out to a beta tester, embed the recipient's name in multiple places in the ROM and encrypt important CHR data. If you turn on the game, you get a decoy: some random single-screen puzzle game. But if you hold a specific button and press Reset, you get a password entry screen. Enter the right password to start running the prototype; a wrong password will give either "Denied" or (if the user is lucky) corrupted CHR data.
Is there a better way?
Maybe give crippled versions to the testers, like with levels and music tracks missing. Make different crippled versions with different things missing, so that the individual parts can still all be tested. I think it's highly unlikely that all your testers will betray you, work together and try to join the pieces from all the crippled versions, but even if they try, this should be really hard to do if the data is shifted around.
If I were to do this I'd probably define some conditionals indicating what's to be assembled and what's not, so that I could quickly use different combinations for different crippled ROMs.
No matter the solution you use, you'll never be sure that the final product is bug-free unless people get to test the exact same binary you'll be selling.
If they're like you this is understandable.tepples wrote: I already have people in my own family that I can't trust to keep a trade secret.
Sounds like horrible. Anyone here could crack your protection easily anyway.Maybe give crippled versions to the testers, like with levels and music tracks missing. Make different crippled versions with different things missing, so that the individual parts can still all be tested. I think it's highly unlikely that all your testers will betray you, work together and try to join the pieces from all the crippled versions, but even if they try, this should be really hard to do if the data is shifted around.
You think it's that easy? With the data all shifted around it should be pretty hard to join them all and fix all the references to it, don't you think?Bregalad wrote:Sounds like horrible. Anyone here could crack your protection easily anyway.
And you can also cripple by removing code, not only data. Say you make several ROMs, each with a single level for different people to debug, and you also make several ROMs each with a different boss (because the bosses weren't included in the levels)... I think it would be pretty hard to join it all, I wouldn't want that job.
But hey, piracy is piracy, someone always finds a way. If the big companies can't stop the pirates, neither can we. And I don't even know if all this trouble of protecting the ROM is worth it, since anyone that buys the cart can dump the ROM and distribute it the day it is released, so all the effort put into protecting the beta versions would have been for nothing.
And it sucks that you can't even trust people in your own family.
- NESICIDE developer
- Posts: 1097
- Joined: Mon Oct 13, 2008 7:55 pm
- Location: Minneapolis, MN
Assume you're doing this on an emulator and not on a real NES with a PowerPAK?tokumaru wrote:Man, that's a horribly complicated idea. I don't think I have a better solution though...
If so, why not encrypt the ROM and send with it a modified emulator [binary only] that knows the decryption key? Or scramble the ROM and send with it a modified emulator that knows how to descramble it?
I believe Nintendo uses a similar technique to what I described for its official "Ensata" DS emulator, so that it can investigate a leak and apply appropriate contractual sanctions.tokumaru wrote:Knowing who leaked your game wouldn't help you much after it's already been done, unless you plan on taking legal action.
And I don't know of any emulator that comes with source code but isn't copylefted.
Fill in the leftover/unused areas with completely 100% random bytes, ranging from $00 to $FF. The leftover/unused areas should also be somewhat random in size or location (meaning you get to generate a unique ROM image with different offsets and everything per person, fun...).
Make note what the "base offsets" of those unused areas that contain random data are. Then, using the letters from their name, write down/take note of offsets (within the unused areas) which correlate with the letters from their name.
Here's a crummy example, keeping it simple with only 1 section of random data:
Code: Select all
00006000: f5 41 93 ae 34 e7 54 98 08 2c 42 da d1 93 45 88 00006010: db c2 9a 68 8f f2 56 ca 25 a5 af a5 f6 06 f1 0e 00006020: be 2b 46 a5 6e b2 46 04 df d0 fd 0e 70 49 7b 3e 00006030: 89 f5 13 39 45 86 81 ae b1 b8 92 e9 50 67 89 8e 00006040: bd 81 f1 5d e8 ff e4 b0 9a 68 cd bc fa 66 03 56 00006050: b8 e0 3f 82 66 68 99 3b a5 d2 4e b7 64 a8 f7 2d 00006060: 5b f9 96 66 39 85 87 10 59 93 39 b4 fb 85 52 be 00006070: 95 b0 41 33 8f 6d 6b 2e c5 d0 6c 40 42 a2 01 d9 00006080: ac 6c 00 ca f3 8c 28 1a 9b ad 25 3d 83 53 d2 2f 00006090: 68 0c 28 8b e3 99 84 01 81 27 e1 f0 bd 0e 54 51 000060a0: d2 47 84 34 0c d6 f3 87 2a ba 20 b6 c8 aa 38 ff 000060b0: 14 3f c0 2a 32 84 6e 91 63 ed 8b 11 68 34 e1 36 000060c0: 07 5b cf 22 f8 36 bf d8 a2 6c 3f 41 36 1a e7 48 000060d0: 50 be 06 48 6a 43 d9 80 90 02 42 d8 f4 7f d0 41 000060e0: 31 e7 1e 54 96 3d bd 85 b0 6a a9 51 ca 26 08 db 000060f0: 2e 8e 68 49 53 91 70 01 9c 60 c2 50 b8 b6 2c cd
FAT HEAT = 0x6000, 23, 01, e4, aa, d4, 0e, cb, 06
The 0x6000 part indicates what base offset you'd need to look at the ROM image (again, assuming PRG) for, and the bytes after are the offsets from that base address.
If you get a hold of a ROM image someone's released on the net (and presumably hasn't modified the hell out of), or a cart someone's put up for sale somewhere, you can simply write a quick script (you know Python ;-) ) to go through your beta tester list, going to that base location + offset and print out the letters.
Well, that's my idea anyway. A good one? Hardly. Failure-prone? Very likely. But you get the idea.
What you have shown is one way of identifying the person who leaked the game (there are many other possibilities), but that alone won't do it. When the ROM is out, the damage is done. What are you gonna do to the person who did it? Spam their inbox? There isn't much you can do unless you're willing to invest in hiring a lawyer, and that will hardly pay off in the end.
Better than just identifying the culprit after the shit has already hit the fan is to prevent it all from happening in the first place. So I guess the goal here is to find a way to make the distribution of the game impossible, or at least pretty damn hard.
Contiki 2.x doesn't support the classic game consoles anymore, only a few commercially significant microcontrollers. Contiki 1.x for NES never had a driver for any serial port hardware over which one could run SLIP or PPP. And even if there were, most of my testers wouldn't have the serial port mod or an emulator that supports it.