Adventure Forums - View Single Post

imisssunwell · 05-31-2009, 10:05 AM

@stepurhan, I will give a TLDR explanation, no rat race arguments, if you want more details feel free to PM me as I do not wish to keep posting on this topic.

For one there are two types (in terms of security) of physical media available, ones with DRM (e.g. blue ray) and ones without DRM (e.g. region lock aside DVD). DRMless physical media can in principle be cloned but to keep it simpler and easier, I will assume non inherent DRM on the medium and pick DVDs, and will focus on Starforce, as Starforce protected DVDs (not CDs!) cannot be decently cloned even today and the protection scheme is 5 years old.

Starforce uses techniques (e.g. by introducing damaged clusters) that make copying non-feasible. It can get bloody expensive to reverse such a scheme and for some schemes it is practically impossible.The trick for pirated copies will have to work without assuming 100% perfect clones.

In the PC how do reversers bypass protection schemes where a 100% perfect copy is impossible? they use no-CD patches and essentially remove DRM from the game.

Now the big difference between consoles and PCs, is that PCs run any code, while consoles run only signed code(*). In the PC world you can run a noCd exe but in the console world you can only run code which is signed by e.g. MicroSoft for 360, Sony for PS3 and Apple for iPhone. The part of the code which checks for signed code is in the console (atm flash-able) firmware.

The only way to make a console run unsigned code (an imperfect copy ends up in this category) is to flash the firmware. This can be made impossible if you use a non-flashable ROM (so that it cannot be upgraded) whose chip is embedded into the processor chip (so that it cannot be removed from the motherboard & replaced by another flash-able clone) and is what hardcore Palladium proposals suggested. Atm firmware flashing is possible through the use of a mod-chip (**), (***) but mod-chips once flashed can be detected and users who do this get a ban from online services and also sometimes aren't able to run newer games.

(*) Code signing: one can sign any piece of data using asymmetric cryptography techniques (e.g. RSA) which cannot be broken (assuming no implementation specific errata) because they depend on problems which cannot be solved with *classical* algorithms that scale well (polynomial). E.g. you can even sign your emails and then receivers will know 100% that it was you who sent it.

(**) there is a second technique to change the firmware as well but can since it is not common I won't put a wall of text, tldr of it is use an exploit of a signed piece of code (this can also be blocked).

(***) in handhelds changing firmware can be done without modchips, they were less strict on handhelds so far.

05-31-2009, 10:05 AM	#18
imisssunwell Senior Member Join Date: Apr 2009 Posts: 118	@stepurhan, I will give a TLDR explanation, no rat race arguments, if you want more details feel free to PM me as I do not wish to keep posting on this topic. For one there are two types (in terms of security) of physical media available, ones with DRM (e.g. blue ray) and ones without DRM (e.g. region lock aside DVD). DRMless physical media can in principle be cloned but to keep it simpler and easier, I will assume non inherent DRM on the medium and pick DVDs, and will focus on Starforce, as Starforce protected DVDs (not CDs!) cannot be decently cloned even today and the protection scheme is 5 years old. Starforce uses techniques (e.g. by introducing damaged clusters) that make copying non-feasible. It can get bloody expensive to reverse such a scheme and for some schemes it is practically impossible.The trick for pirated copies will have to work without assuming 100% perfect clones. In the PC how do reversers bypass protection schemes where a 100% perfect copy is impossible? they use no-CD patches and essentially remove DRM from the game. Now the big difference between consoles and PCs, is that PCs run any code, while consoles run only signed code(). In the PC world you can run a noCd exe but in the console world you can only run code which is signed by e.g. MicroSoft for 360, Sony for PS3 and Apple for iPhone. The part of the code which checks for signed code is in the console (atm flash-able) firmware. The only way to make a console run unsigned code (an imperfect copy ends up in this category) is to flash the firmware. This can be made impossible if you use a non-flashable ROM (so that it cannot be upgraded) whose chip is embedded into the processor chip (so that it cannot be removed from the motherboard & replaced by another flash-able clone) and is what hardcore Palladium proposals suggested. Atm firmware flashing is possible through the use of a mod-chip (), (*) but mod-chips once flashed can be detected and users who do this get a ban from online services and also sometimes aren't able to run newer games. () Code signing: one can sign any piece of data using asymmetric cryptography techniques (e.g. RSA) which cannot be broken (assuming no implementation specific errata) because they depend on problems which cannot be solved with classical algorithms that scale well (polynomial). E.g. you can even sign your emails and then receivers will know 100% that it was you who sent it. () there is a second technique to change the firmware as well but can since it is not common I won't put a wall of text, tldr of it is use an exploit of a signed piece of code (this can also be blocked). (*) in handhelds changing firmware can be done without modchips, they were less strict on handhelds so far.