This is amazing. The video avoids too technical language, and basically explains the whole process of reverse engineering. I think this is the best explanation of reverse engineering I've seen in a long time.
Micah Scott's toastermelt videos are another great example of reverse engineering workflow/techniques. More technical and detailed but still very accessible.
Wow. I certainly hope someone with a lot of power over company culture at, say, Apple is watching this. And that they get inspired to think about cultural preservation.
I really think it should be a standard act of corporate responsibility and platform stewardship to make it so that work like that of Professor Abrasive's, is not the only spare key we have to current culture a few decades down the road. We as a global culture just might be really, really lost and bereft of history if that was to be the case.
I frankly think that Apple under Tim Cook is in a historically unique position of making cultural preservation of games and software feasible and something built into the whole social and legal contract of proprietary, locked down platforms. It's not like Sony is going to lead the way with the PlayStation?
I mean, to really make preservation legit, there needs to be some sort of useful official emulation and data extraction capability down the road. For all we know now, there might be terrible legislation that prohibits reverse engineering in a lot of jurisdictions.
There's of course a lot problems to solve, with all the crypto and stuff, and licensing, but someone should be on this. Especially since software distribution is becoming all ephemeral and download based! Not to mention the cloud fragmentation of personal data.
To fix it, people should stop using DRM. Or as a first step to repeal crooked corrupted laws which declared breaking DRM illegal even for legitimate purposes.
As an alternative: we could demand that, for works that are only released to the public in encrypted form, an unencrypted copy is put in independent escrow (e.g. Library of Congress) to qualify for copyright protection.
But that database of unencrypted copies would be the ultimate target for industrial espionage, copyright theft, and hacking. I don't think we can trust any one organization with that responsibility.
Yeah, well, I agree that people should stop using DRM, but it's not like it seems to be happening. And from a business point of view, it can be really hard to make that case.
Anyway, the world looks really bleak for open platforms right now.
The main example is Android. If you have like one toe dipped into a role related to infosec at the moment, you can't serioulsy recommend that people you work with or care for even touch mainstream Android phones. Because the patching situation is such a dumpster fire.
Even Google's Nexus crap that is getting patched, seems to be set on a 2 year lifecycle, with 2014 phones getting end of lifed a few months from now. Pretty weak sauce if Google's intention is to set any kind of example for vendor security support on Android.
My sister runs my first iPhone, a 2012 iPhone 5, fully patched. It's going to be supported for another year or two, probably.
I don't particularly want it to be this way, but I have to almost force people I care about to buy iPhones. It feels bad, especially in cases when they'd have better use for their money.
So with Apple, specifically, they're really good at the closed platform game and I don't see them getting out of that, especially if they're getting more into things like payment services or automotive. Their crypto stance really implies that they want institutional-level trust from their customers. http://www.antipope.org/charlie/blog-static/2016/03/follow-t...
###
Game consoles are unlikely to quit DRM too: the only thing that'd make them stop with DRM per se is probably to make all games just streamed from the, uh, cloud. Doable... maybe soonish but that'd rule out a lot of people and use cases where the connectivity just isn't there.
That's kind of why I suggested my half-baked idea to pressure, force and shame closed platform vendors into proper legacy support as part of the "social contract". Or whatever. Not that certain "social contracts", like the ones Western countries have with banks are working out all that great at the moment.
###
But as I said, this idea of mine is half baked. Someone like Apple is only part of the puzzle, since apps and games increasingly rely on server backends to work properly. It's not like Apple could save the gaming world's cultural heritage in 2030 just by offering a binary blob that runs all iPhone apps from 2010.
> And from a business point of view, it can be really hard to make that case.
Not really. DRM usage has nothing to do with (honest) business cases. They are all crooked or Lysenkoist in nature (i.e. based on completely wrong / ignorant reasoning).
Also, I think you are mixing up DRM with security. DRM is the opposite of it. DRM can employ encryption, but its purpose is not to secure your system, but to police you, and because of that it actually compromises your security.
> apps and games increasingly rely on server backends to work properly.
Many multiplayer games surely do. That's why it's good then the server is open source. This way it indeed can be preserved. Otherwise, it will be lost as soon as the servers will go bust. Another option is to provide the server component with the game, to allow running it as server instance. Lot's of older games did that, allowing running LAN / WAN multiplayer without using dedicated servers. It's less common these days. Either developers cut corners with implementing it, or server components got too heavy, not sure.
Making single-player games rely on some remote services as a hard requirement is a very poor taste. Same if they have multiplayer component. It should be optional and single-player part should function without it.
> DRM usage has nothing to do with (honest) business cases. They are all crooked or Lysenkoist in nature (i.e. based on completely wrong / ignorant reasoning).
Can you explain this? The argument and terminology are unfamiliar to me. Wikipedia says:
> Lysenkoism is also used metaphorically to describe the manipulation or distortion of the scientific process as a way to reach a predetermined conclusion as dictated by an ideological bias, often related to social or political objectives.
The goal of DRM is, ostensibly, to be paid for the hard work of creating something that is easy to duplicate after being created. That's a reasonable goal, but really hard to do when the software is executing on a machine in the control of the user. Requiring a remote server is a logical way to accomplish that goal, with unfortunate side effects when that server is inaccessible.
In short, it means that logic of DRM usage is completely invalid and based on false premises (when someone tries to justify it using reasons like increasing sales for example and such).
There can be other possible reasons for DRM usage, which aren't Lyseknoist, but simply crooked. I.e. for instance, covering up incompetence, competition exclusion, standards poisoning, undemocratic policy making and so on. Those are done to achieve dirty goals, and they are harder to counteract than ignorance.
> false premises (when someone tries to justify it using reasons like increasing sales for example and such).
How is it a false premise? For the sake of argument, lets say we have a "perfect" DRM method.
Then do you believe that - for e.g. all the people who're pirating Windows - would switch to a competing product because they were not going to buy it in the first place? IMHO That would be a completely erroneous position. Maybe _some_ might, but there is no evidence that everyone would. Which is the crux of the problem. If DRM didn't increase sales then I don't think you could make the argument that every single publisher who uses DRM is doing it for reasons other than sales.
Because DRM is decreasing sales, not increasing them.
> lets say we have a "perfect" DRM method.
There is no perfect DRM. But let's say there is very hard to break DRM. That means very abusive, extremely privacy invasive policing method. It would fall even more into the crooked territory.
> If DRM didn't increase sales then I don't think you could make the argument that every single publisher who uses DRM is doing it for reasons other than sales.
Why not? I could make an argument that some do it out of ignorance, and the rest (of DRM users) are crooks. That's exactly what I'm saying. I.e. those who aren't dumb are using it for crooked reasons which have nothing to do with preventing piracy (I listed such common reasons above). And the rest (who use it indeed for sales sake) are digital Lysenkoists.
Based on crippling the product for those who pay for it. I.e. there will be those who will simply skip it because of DRM altogether.
In addition, some skilled pirates will remove DRM and provide that product without crippling for everyone else, and there will be those who otherwise could buy it, if it would have been DRM-free, but because it's DRMed they will pirate it instead.
No, that's not correct. It's based on research how DRM reduces sales. An opinion on the other hand is the idea that crippling products increases sales. That's exactly what was called digital Lysenkoism.
Yes, there will be a day when nobody is using iPhones anymore. Hopefully our ancestor will still be able to run some of the apps in the future. Social media apps are off course thin clients.
One of the nice things about Apple's review / publish system is that it encourages multiple parties to keep release binaries around. Both parties will need them in case there's ever an allegation of malicious or dangerous code.
Also app-specific DRM is unnecessary AFAIK, so that will avoid common problems.
Yes, what a wonderfull example of corpoorate paranoia. They are out there- the enemy, the other tribesman and there psychopaths- out to get me, my fortress, my product for cheap- but i will show it to them, i shall leave no mark upon this world, for which i shall be remembered.
I can't wait for him to start selling these! I would buy one in a hot minute. My Saturn is collecting dust and there are so many games I just can't get my hands on for my Saturn, and emulation in my experience hardly works. It's way too weird a machine.
In case it helps, there is actually a very low tech solution to booting copied games on Saturn hardware that works with the vast majority of games released (especially expensive/rare/hard to find games like the Treasure releases).
Tape/wedge the drive lid sensor down, power up with a real game in (you don't need to close the lid as the sensor believes the lid is always shut) and allow it do the initial copy protection check on your real disc.
At this point it stops the disc for just less than second - just enough time to pull the real disc out and swap in a CD-R. It takes a little practice and potentially can damage the drive motor if your timing is frequently poor.
Games this won't work with are those spanning multiple discs where you need to swap discs in game to progress.
I practiced this trick with my original playstation years ago.
Then I killed it trying to mod it. Got a PS1 instead, couldn't figure out the trick anymore.
It was funny that they kept on changing the points where the disc would read info, you had to swap multiple times at different points. They wouldn't stop either, just slow down.
Modding the PS2 is still one of the hardest soldering jobs I've ever done. The worst part is that the modchips were apparently pretty crude in how they worked and ended up burning out the laser diode after about 6 months even if you only used it for imported games and not burned games.
Why not just cut the wobble edge of a real CD off and attach it to a burned CD?
Maybe you can shave the back of the shimmed wobble edge down, so that it won't stick out as much on the burned CD. This shimmed wobble can be your key for all the burned CDs you have.
Maybe double sided tape can keep the wobble shim attached to your burned CD while still allowing it to be removable for other CDs.
I've never had a Saturn, so I don't know what this wobble edge looks like in person. Am I missing something?
You're not getting very technical responses to this, so I'll bite.
> Why not just cut the wobble edge of a real CD off and attach it to a burned CD?
This would have a very low success rate, as the precision required to accurately cut off the wobbled edge on an original disc (and the target area on a CD-R) would a lot of upfront engineering as well as cost-prohibitive tools. Optical discs require more precise measurements than most people who favor the scrapbooking "cut-n-glue" solution can provide.
This is just as long as we're pretending it's possible. Opitcal discs lose a lot of structural integrity the moment you start breaking/cutting them. The reflective portion where the data resides is on a thin film substrate at the back of the CD. Cutting that without outright destroying the disc or (at least reducing the operating life) would take significant effort, as would precisely healing the new gap from combining two separate materials without destroying the alignment of all those microscopic ones and zeroes.
Not to mention that any adhesives you might apply to combine the two pieces would make that level of accuracy impossible, if not highly improbable. And then you have to hope the whole thing holds up while spinning. Even assuming you could get the two pieces to combine seamlessly, there's always the chance that you've done something that destroys the balance of the disc, which could have a number of unfortunate effects in spinning media. I don't think the Saturn drive spins fast enough for it to sling off and demolish your hardware, but it could cause data inaccuracies at the very least.
I mean a company could attempt to do it for you, but it'd be cheaper and more reliable to engineer Saturn-compatible CD-Rs (or offer a disc-pressing service) at that rate. Considering the only use is to defeat old copy protection, it's not going to have a market large enough to sustain it. So you're going to have high prices, and low enough product sales that it would probably not be worth inviting the legal trouble. Even after all that, CD-Rs can have all sorts of QA issues that can affect their shelf life. And then you still have the problem mentioned in the video where the drive hardware fails.
Replacing it with flash data is just a better long-term solution.
it's not a physical wobble, it's a data track written in a wave-like path. You can't write it as all CD-Rs already have the spiral track so it's very hard to fake.
It's similar to the Gamecube using the burst-cutting area to implement DRM - it's impossible to duplicate without a production setup.
The video's graphic is a bit of an approximation. In practice it appears that every second disc sector is displaced, IIRC. And they've got particular bit patterns written into them to produce a visual logo; these patterns (but not the actual logos) are checked too.
The protection ring is visible to the naked eye for this reason. I can't find a picture, sorry!
I tried to figure out how to reproduce the logo at one point (10+ years ago, when people were less worried about dying drives). IIRC, it's that the EFM patterns used to make the pixels don't make valid Red/Yellow Book sector contents, which causes some weird behavior if you try to read them as such.
I think Odin was Windows only, there were multiple old versions floating around and how do you know what you're really running? (as Administrator, too)
Australia has some of the best reverse engineering laws currently. Those four kids reverse the Sydney train system legally (they did responsibly disclose n such).
GDEMU is for the Dreamcast, but the same person/group also produced Phoebe and Rhea which are similar products for the Saturn. Those don't have a separate home page, but most of the menu entries at the top of the page have separate Phoebe and Rhea options.
Looking at the installation instructions, the Rhea claims to require some soldering. The Phoebe doesn't, but still requires disassembling the system. They also each only work on specific versions of the hardware (20- vs 21-pin), and which version a specific Saturn is may not be obvious without disassembly.
The nice thing about this new solution, even ignoring that it furthers public understanding of the hardware, is that it's a simple module that plugs into a slot already available and accessible on every Saturn ever sold by SEGA (presumably it won't work on the Hi-Saturn units made by Hitachi, as they had the MPEG hardware integrated, though they are also very rare and very expensive).
The Rhea doesn't actually require soldering as Dominik will do the soldering first before shipping. For sure having to know 20 versus 21 pin is a pain. But the Rhea/Phoebe have a huge advantage of being here now and known to be very reliable (they work flawlessly). Not discounting this new approach, it seems very promising, but just pointing out there's already a solution available today for those who didn't realize.
You can already buy the Saturn Rhea. It is pretty much the same thing except SD based and it replaces the CD drive. I have one and absolutely love it. It's honestly the best retro gaming purchase I have made in a very long time.
I think that's both why they were so expensive back in the day AND why it was so hard to develop on (all I have -ever- heard about developing games for that platform).
To be fair most devs at the time completely ignored the second CPU because it was apparently very hard to make them work together. So they treated it as a single CPU console. Which kinds of defeats the purpose :)
Going by the Wikipedia description of it, they had multiplexed RAM access. So developers could choose between having two CPUs at half the RAM speed (4KiB CPU-local cache are enough to make up for it, right?) or a single CPU at full RAM speed.
Does anyone know how you go from a PCB to a product? I've made PCBs before, but I wouldn't know where to begin to make it into a product that I can sell to people...
Thank you, I've never seen a PCB assembly service, so that will be useful. I guess one would also need to design some sort of cover as well and talk to a company that makes plastics? Are there plastic assembly companies as well (for if your product has buttons/sprints/etc)?
There's Protomold[1] which does relatively cheap short runs of plastic manufacturing. I'm sure there are plenty of alternatives (and I recall seeing a massive chinese 3d printing contract manufacturer, but forget the name).
Not sure about assembling all the parts into the case. Depending on who does the PCB production and assembly, they might also offer a full assembly service, or not.
The Factory Floor series[2] by Bunnie Huang might be an interesting read about some of the steps necessary for getting an idea to production.
This looks great, thank you. They're still prohibitively expensive for small runs (for 10 boards, above, the cost was $100/board, but for 1000 it fell down to $2/board, and I'm sure protolabs is similar), but at least your comment and the GP takes me from "I wouldn't know how to even begin making this thing" to "Looks like I can just send these guys designs and my box prototype and get assembled PCBs and boxes back", which is almost there, pretty much.
Well, if you want to sell it legally, testing and validation with the relevant government departments. If not, eBay and "intended for novelty use only"?
I'm so so glad he mentions archiving in this video - I don't think enough thought has been given to the impact of DRM on museum collections in 10-50 years.
I'm going through this as a relatively new PS Vita owner. Sony decided to go with proprietary game cartridges, proprietary memory cards, and DRM'd digital distribution. Despite the quality of the games and hardware, the system didn't do well commercially and it appears Sony has lost interest in the system and it's sibling PS TV/Vita TV.
There are a lot of great games (including PS1 and PSP games) for the system, but once the hardware dies or the download servers are shut down, what is left for people who still want to play these games?
In the back of my mind I've been thinking what digital consumer rights look like. It seems like this point in history has laws that favor publishers more than consumers or the public good.
People don't know any better and don't understand the issues. They're not voting with their wallets. They just want to access the "protected" items. I tend to think most people are just going to accept when they lose access to "protected" items they've already purchased (or just have to re-purchase them). I don't like any of this, but I don't expect it will happen differently either.
I don't know any players that are in favor of DRM per se. Players are willing to accept DRM, IF it is transparent, and even more willing if it enables some perks.
There was a time when DRM was only visible when it broke your legitimately purchased game (e.g. SimCity, Diablo 3)
Now at least gamers are getting some decent perks from DRM (e.g. digital loaning, play anywhere, cross platform licensing) so it's a bit easier to stomach.
> Now at least gamers are getting some decent perks from DRM (e.g. digital loaning, play anywhere, cross platform licensing) so it's a bit easier to stomach.
That's because people have been vocal about that. If the companies had it their way, I'm sure the majority would want you to buy a new license for each platform and system (like how the cheap Windows licenses are - locked to your system)
Yes, I'm sure companies want to maximize sales, that is their job. And yes, people were very vocal about shitty DRM (and rightly so).
The old way of doing business was proprietary everything. (See Sony in the 80s and 90s) I'm just glad manufactures finally saw that locking things down so much increased customer anger and frustration more than it increased sales. Being a child of the 80s, I'm still surprised at stuff like using a generic USB thumb drive in an Xbox 360 and things of that nature.
Absolutely. The PSP is still my favorite way to go and play the classic PS1 games like FF7, Metal Gear Solid, etc. It really is a wonderful device, but the DRM Sony has repeatedly strengthened over the years has made using it somewhat of a gamble.
It'd be a shame if we suddenly couldn't play these classics anymore just because Sony wants us to repurchase it on Console XYZ.
The PSP has been thoroughly owned, and just about every game for it is available somewhere on the internet. Even emulating the PSP is getting pretty good.
That said, the Vita is much nicer for PS1 games, and if your firmware is old enough, you can even convert your old discs yourself for it.
There's actually a very large collection of Saturn games archives at archive.org. They're MESS compatible CHD files (I wish other emulators would support it, it's a good way to handle large drive copies), but it's a fairly good collection.
I may be wrong, but a quick Google shows a lack of development resources for the CHD format. Either they need to do some SEO, or some straight up marketing.
Maybe a condition of copyright should be that you submit the unrestricted media to Library of Congress, and it gets released upon expiration of copyright.
But you'd still need to have the build process, so really you'd need submission of the full dev environment. But then you might also need the hardware to run it ...
Personally I think it should be copyright protection or DRM: the demos doesn't get the DRM stuff to enter the public domain so strictly speaking DRM stuff can't be copyright as the deal of time-limited monopoly is broken by the corps that are using DRM.
These crazy reverse engineering projects kind of make me feel insecure about my own abilities, as weird as it sounds.
I wonder if I would have been able to come up with the same solution if I worked at it. My fear is that I would not, but who knows.
A lot of it is purely analytical, but there is a portion that relies on pure creativity and problem solving abilities.
I understand the process he went through as well as the technical details behind it, but following along is much easier than looking at a circuit board with a blank face, wondering where to begin.
I spent the last 2 hours last night just reading about Sega Saturn…
He mentions archival as a motivation but can we trust the rest of the hardware to last more than a few decades? Isn't emulation the real archival solution?
As I think I mentioned that's been another major outcome. I've been working with Yabause developers both to improve their HLE of the CD block, and to implement full low-level emulation using dumped ROMs.
Thanks, hadn't found that one with some quick googling, only found some horrible binary "freeware" stuff. He also mentions using his reverse engineering knowledge to help emulation authors so hopefully that includes Yabause. Having an open-source emulator is particularly important if we want to be able to archive these games forever.
Non Open Source emulators are dead in the water in terms of archiving. 10 years later if the original author is not around anymore, you won't be able to rely on it nor improve on it. I wish all emulator writers understood that.
PPSSPP and Dolphin have made great progress BECAUSE they were open.
And it's not only film. Early television, audio recording, books (in special in times when copying them was costly)... The list of information we lost is enormous.
Saturn emulation on MESS is surprisingly good. Not up to some of the others, but I was pleasantly surprised last time I tried it with how many games were playable.
It would be, but cycle perfect emulation is very difficult and costly. Higan (formerly Bsnes) manages it with Snes emulation and it requires a cpu with a rate over 3GHz. I remember reading the N64 would require a 10GHz cpu to emulate with 100% archival accuracy.
long story short, it is the real solution, but its not a practical one by any means.
That would definitely make cycle accuracy easier between all the system parts.
The hard part is for someone to actually develop the emulation for all the custom chips in the system. In particular, the two graphics chips are very complex and the documentation is very hard to understand. The same goes for the sound chip. The others are all standard enough to be reasonably straightforward (if not actually easy).
Yes. In general there are two real paths to long-term archival of games: emulation and reproduction.
Emulation is the best possible path IMHO since it enables the games to be played (and experienced) on pretty much any hardware. I think this work may do quite a bit to help in that area, there's really no reason the Saturn isn't nearly perfectly emulated these days.
Reproduction is the next best and much harder than Emulation. Basically figuring out how to build the hardware again. There's several versions of this with much older hardware (C64, 2600, etc.) with new hardware being produced that can run the old software natively. There's also "lesser" versions that use modern CPUs, etc. to run the code basically also in emulation, but this is not the same thing. However, reproduction is both technically more difficult and has a smaller audience who's willing to add yet another machine to their collection to see old games.
also, MESS's emulation is also not too terrible, I was pretty surprised with how many games worked under it
Emulation is far from perfect even for older systems. Amiga emulation is still being worked on. Less popular systems have poor standars of emulation too.
Yeah of course. But there's a lot of distracting work that's being done to try to keep old, rapidly failing and limited quantity systems alive (for various definitions of alive).
In a hundred years, the only practical way to experience classic software like this will be via emulation and I believe that's where resources should be put.
There's a weird kind of snobbery in classic gaming that, unless you're playing original games on original hardware, you're doing it entirely wrong and emulation stuff is basically just dirty piracy. Fast forward to today and the talk of the community is that old game and hardware prices are getting sky high, and in the case of some systems (like the 5200) finding working equipment is getting to be impossible. No duh, sucking all of the inventory for a product that's not going to be manufactured in anymore and allowing the prices to slip into normal supply-demand areas means that's what's going to happen -- even worse, the new audience who can be exposed to this material shrinks even smaller every day.
For almost all practical purposes, systems like the Amiga or the SNES or similar vintage are pretty much complete in terms of emulation -- the entire known software libraries are basically completable. In many ways, emulators like UAE offer better software compatibility than real hardware!
Longterm yes, but the cd drives on these things die decades before the roms and processing hardware. He had mentioned in the video that he was surprised that the solid state laser died so soon but I was under the impression that it's almost always the drive motor that's the first to go.
Personal archiving is allowed under USC's Fair Use terms AFAIK whilst emulation isn't; might just be legally protective wording (or an attempt at that).
As a Sega fanboy, this makes me happy. That copy protection scheme (outer ring spiral) is quite something. I find it amusing that Sega went with yet another proprietary disc format for the Dreamcast (GD-ROM) and that system is able to load homebrew code from any CD-R / CD-RW without any modifications to the hardware.
Yeah, that is something. They thought better hardware protection was unnecessary because they believed in the strength of their software solution (which was quickly cracked)? The games could be larger, so that CDs could not fit them without changes. IIRC early Soul Calibur burns had their music down-sampled to fit 650 MB. And was it Skies of Arcadia that really did have too much content to fit on a CD, without serious changes?
Also, you mention CD-RW, but IIRC you could not boot off CD-RW, only CD-R. Or maybe that was the softmodded xbox?
Dreamcast games varied in size massively. Crazy Taxi was only around 100mb. So small in fact that when initially burnt to a CD the drive couldn't load files fast enough (as files were closer to the inner ring of the disc). Tools were then released to 'pad' the game files out to be closer to the outer edge with a dummy file. Files close to the outer edge can be read faster as the drive laser can cover more distance per revolution.
Skies of Arcadia was I believe the biggest ever 'released' - 2x1GB. A group called Echelon did manage to release it after many months/1 year+(?) without anything ripped, sized to fit on 2x700mb CD-R's. They pre-compressed the whole game and wrote a custom on-the-fly decompresser. Apparently this did slow the game down in places, but the technical achievement certainly needs to be appreciated.
Oh yes, I remember padding the image, and Echelon, of course. I still have the tools somewhere in my backups.
You mention the read speed issues, meaning the dreamcast drive was CAV. Were all data drives of the time CAV? Are audio CD players CAV? Not some 40 second skip protection discman, but like a hifi unit from the 80s (since my naive 80s implementation would not like the data rate changing across the disc)? Does CAV vs CLV have any meaning here, or is pretty much laserdisc only terms?
All things I vaguely feel like I should know (like if all optical media has pits that are the same length across the disc. I think not, again laserdisc.) I love my dreamcast. Left one in an apartment 6 years ago when I moved out. It could be still there. Still have one.
CDs are CLV, data-wise. But many CD-ROM drives can also read at faster-than-realtime-audio speeds, and in those cases reading at the outer edge of the disc can net faster rates. IE, a 2x CD-ROM might not be 2x throughout the whole disc.
If you search google for their Skies of Arcadia nfo file, you will see this is clearly what they claim. I won't link to it here due to other material hosted on those sites. The trainer injected into the executable also makes this claim (you can view this on pouet.net).
I have little reason to doubt their claims given their clear technical skill spanning multiple console generations (Echelon might have only been associated with the Dreamcast/PS2, but it's obvious that their 'group' were behind multiple other, very highly technically accomplished scene groups).
Access to the source code is even a possibility - at one point they routinely released games weeks or even months before street dates.
Wonderful. I love things like this. In these days of Steam DB and people scrutinising every byte, it seems like the easter egg / message from the developer has gone by the wayside.
Honestly, inserting compression doesn't sound impossible. Difficult, but a few months and a team of people and it sounds achievable. Warez folks do some crazy stuff.
However, I read some forums from the time, it sounds like the results weren't great. Mainly folks notice sound triggering noticably late. So uh, Maybe instead of downsampling they built a MP3 decoder, but to use the existing system, it couldn't stream the audio, so they had to decompress the clip completely into a buffer before playback?
Sorry, I wasn't very clear. In my head I was thinking in terms of games that weren't ripped/downsampled to 'fit' on an 80min CD-R. I think the largest release was probably D2, which from memory needed 5x99min CDR's and even then numerous elements were downsampled/ripped/etc.
> That copy protection scheme (outer ring spiral) is quite something.
Yeah about that, I don't get it. Is there data hidden in that spiral that acts as a checksum for the CD or something? Or is it of special material that lights up differently under certain light (like money)?
To me it doesn't look that hard to duplicate a simple spiral, but then I know nothing about it.
original Playstation used similar copy protection trick - ASCII string SCE(I/E/A) was stored in pregap pre-groove wobble between the leadin and the first track. PSX used Three-beam pickup and was able to track this wobble and extract code from radial tracking error signals. Modchips simply injected same error signal for couple of seconds after closing CD lid, enough for the CD controller to recognize it as "original".
they didnt. lasers were poor to begin with, plus weaker media(cdr) probably caused extra mechanism movements (focusing)
edit:
hmm, now that I think about it, its possible someone incompetent made modchip that would keep sending wooble constantly, that could cause tracking problems and tire mechanism pretty fast.
Playstation also had a trapdoor Parallel I/O port exposing raw address/data bus, it was meant for network interface, debugging(PSY-Q) and stuff(ActionReplay/GameShark). Great thing about that port is you can hang your own ROM there and console will execute it while booting, no code signing/drm crap.
Afair at the beginning PSIO patched original firmware replacing all CD routines with its own, but later in the project it was discovered a lot of games talked straight to the hardware ignoring SONY requirements for using BIOS routines. This is why current version comes with small board you need to solder inside to reroute chip select signals from the CD controller chip - PSIO emulates that chip completely. You still get data faster than CD due to no seek times. https://www.youtube.com/watch?v=Wc3rOb7Evxc
The problem with a lot of the modchips is that the companies behind them are secretive (leading to loss of knowledge when they close) and they're just so damn expensive.
Why is this being downvoted? I think it is perfectly reasonable to ask for a TLDR on a 30 minute video.
Anyway, the basic story is that the Saturn had copy protection in the form of physical marks on the copy protected CDs. This puts a huge barrier to entry on homebrew and the like, so a guy going by Dr Abrasive tried to reverse engineer a way around that. He first looked into a way of disabling the copy protection on the CDs to allow burned CDs to be used but that proved too difficult.
He eventually hit upon the fact that the Saturn had an external module that could be added to allow the system to play video CDs. He then built a component to take advantage of that fact and feed in his own commands through this interface thereby avoiding the copy protection entirely. This allowed content to be run from USB sticks without the need for CDs at all, lowering the barrier to entry even more. It also helps workaround mechanical failure of the CD drive which is becoming a common problem for the 20 year old hardware.
So now if you have this custom built component, you can take an off the shelf system and start running code from a USB stick without any soldering, hacking, or modification at all beyond plugging the device into the back of the console.
the most impressive part, to me, was how thoroughly he reverse engineered what looks to be a crazy complicated CPU architecture - the Saturn has four of them.
Also, I love that his original motivation was to use the sound processor for mixing chiptune, and basically opening up the entire system at metal level is a happy by product.
ALSO, the fact that he decided that his first working prototype was too hands on and finding a way to piggyback the video playback expansion card to make the mod orders of magnitude less complicated to install / execute.
Wasn't it only one of those CPU's though? He mentioned there is a CPU dedicated to disk operation and that's the one no one had been able to get a ROM dump of, which in turn enabled all the other stuff? Not trying to downplay his achievement or anything, I'm new to all this but it's easy to see that this is some truly amazing work.
2 CPUs, 2 GPUs, and there is a separate CPU dedicated to disk operation which was (almost) completely isolated. His achievement was getting access to that disk CPU, but that access allows access to the rest of the CPUs.
He dumped ROM of Saturn's CD-ROM module's CPU, reverse engineered OS in it, discovered a developer mode which allows Saturn to read non-protected CDs but requires a special protected CD which nobody has, then he turned attention to the slot for Video CD decoder card, discovered that this card can send additional encrypted code to CD-ROM module's CPU, then created replacement for CD-ROM module as a card for Video CD decoder slot, which allows to load CD images from USB mass storage devices connected to it's USB port.
It's definitely IDA Pro. If anyone is considering how difficult this is, let me offer you my experience. It is incredibly hard and requires utmost persistence. I tried to refresh (learn more about) my knowledge of x86/x86-64 asm and decided to give a go on modifying a binary that was not produced by me. It seems to be a common exercise, so I though - how difficult can this be? Right? You follow code procedures, take note of jumps, there's even a handy visual graph of the things, take another application that can offer you to see function names and break calls... Suddenly, you're in this loop where you take notes on paper (yes), you seem to understand a part, move to the next and then you realise you didn't actually understand the part before and go back, and then you get tangled in variables and registers..
It takes a special set of skills and a mindset to do this. I recommend everyone to try that once. Just take a foreign binary, any which you know the application of, and try to modify it. Then, after you give up, take a note this was done on an unknown binary with (almost) unknown functionality. TBH, he did say he looked up a table of known functions on a wiki somewhere, but still...
>I, myself, am not going to release these ROMs. This isn't the first project where I've dumped a commercial object for some other purpose and been asked to share (see: shairport, for one), and after much thought I conclude - now, as then - that it's not the right thing for me to do in any project. There are legal and professional risks which I'm just not comfortable taking. That's not negotiable.
>But that's not to say I won't help you dump it yourself. I'll have a dump feature in the cart, and I'm sure someone will rapidly archive all the available systems.
I'm not a lawyer, but I don't see how "I didn't steal anything; I just broke open the safe and told others how to get the money" would get you of the hook.
By analogy, if the original comment had been "I will not give you a copy of the copyrighted harry potter book, but I can teach you how to use a scanner if you'd like, and I'm sure someone else will scan it" would you say that teaching someone to use a scanner is illegal?
It's actually typically legal to make a backup of a copyrighted item you own for personal use if the original is damaged.
He's teaching people to do something that's typically legal, avoiding infringing copyright by redistributing himself, and commenting that it's quite likely others won't be so scrupulous; I don't see how anyone could reasonably fault him.
A scanner doesn't target a single (intellectual) property. This feature of this hack, on the other hand, would have only one use: dumping the ROM of a Sega Saturn.
I hadn't thought of the 'for personal use' defense, though.
There's an active hobbyist lockpicking community out there with plenty of instructional videos. One could nefariously apply these skills, doesn't make the video producers liable.
Very unlikely that would happen. Sega generally takes a pretty relaxed view to the emulation community and to my knowledge has never pursued anyone for releasing firmware from their systems.
He does claim legal and professional risks as his reasons in the assemblergames forum thread[0] though.
Not to discount this as it's very impressive work. But replacing CD drives with SD/hard drive based solutions is becoming pretty common. For the Dreamcast there is the GDEmu[0], and the Saturn already has the Rhea and Phoebe[1] (basically the same thing, each is for slightly different models of Saturns).
The Playstation also has one, the ps-io[2]. I'm really hoping for someone to step up and do the PC Engine, Neo Geo CD, Sega CD and 3DO.
I'm glad someone else out there digs the Sega Saturn because I always felt left out being into Sega games while the rest of my friends were Nintendo kids all the way.
They probably have contractual restrictions - agreements to help fight against unauthorized copying, or to protect the copyrights of people who create games on the system.
And in general, most console systems are a serious bundle of hacks, mostly tolerated by programmers by the sole fact that you can rely on every system to be identical.
>I don't know. Winning people's hearts? For the fun of it?
That's true, but as long as they can still make money from their IP they won't (i.e. repackaging old source + game(s) into a VM for sale on Steam or next-gen consoles)
Some of the source code/etc may be licensed from a third party, which means that releasing it is treading through a legal minefield.
In cases like these I'm thankful for pirates. When an interesting project is about to die because all the stakeholders lost interest and there's too much legal mess to deal with to give it away, it's good if there's someone that steps in, ignores that legal mess altogether and simply dumps the product on-line.
What's strange is that a lot of the Sega games from this era are just missing completely. Try hunting down Skies of Arcadia (even the GC port) or anything Panzer Dragoon. They were never released in virtual consoles despite significant cult followings.
If there is one thing I learned from internships and various jobs (I'm still a student), it's that companies pretty much always exist of people who care. If there's an opportunity to spread the name SEGA around without any downsides, good odds you could find someone in the company who's up for that.
Trouble is, you probably need to find whoever was on the original product team, or it's going to cost the company more hours than they'd find it worth.
Sega wasn't losing money on the Dreamcast, but they weren't making money either. Sega's exit didn't have to do with sales; they chose to exit the console market because there was more money if they focused on games and less on hardware.
You certainly didnt know the history of Sega or the Dreamcast if you think it died because of piracy.
...with that thinking then the Saturn would of been an ultra success.
I knew a lot of people who owned a Dreamcast and no games.
No modchip required, no soldering, broadband penetration on the rise, filesharing was now a thing.
I completely understand the Saturn's botched launch and limited number of retail outlets, but the Dreamcast had the best launch of all time up to that point and broke sales records.
I'm not convinced piracy is not in fact the cause of the Dreamcast's demise.
I really did love the Dreamcast, built in modem and the second-screen VMU.
If you don't think piracy killed it, what do you think killed it? The PS2?
No EA Games, when Madden was huge; no DVD player, and the PS2 hype cycle was perfectly timed and had an even better launch. Wikipedia sales numbers for the PS2 and Dreamcast say the PS2 sold 10.6M by March 31, 2001, whereas the Dreamcast was dead by then and only sold 9.13M. Sega also had troubled finances as a result of the Saturn.
the 2K Sports series negated the need for EA and sold so well that EA sought out an exclusivity contract with the NFL so that 2K would be killed?
The DVD drive after the ps2 was released probably would be a huge factor though, if the dreamcast wasn't in fact already dead which it was.
I'm sure some business school guys have written papers on this, I should find them. Would be interesting to read all the opinions on Sega's near death and exiting the hardware business.
I believe Sega also had some institutional issues. There was a documentary a while back, can't quite remember the name. Something about the corporate structure a lot of the business was based in the US while the technical knowledge was based in Japan and thru some skulduggery they ended up torpedoing themselves ...
It was impossible to find anyone capable of producing CD's with the wobble when the Saturn was alive. Finding somebody capable today would be possible, but it wouldn't be very profitable because its a dead system.
If a new console used the wobble/burst then surely you'd be able to order these CDR's from Alibaba..
I was just thinking about the Saturn at a nerd memorabilia store, as this was the one system I saved my money up to buy at 11 years old. What an utter disappointment of a system (in terms of games), but what a great hack. Makes Dreamcast hacking look like Lego Logo.
The Saturn had great games what are you talking about?
Maybe it didnt have all those game your schoolmate was playing on his Playstation but does take away from some of the great games it did have
I am not good with electronics tbh but why it is not possible to mitm the connection between CD drive and motherboard? As far as I see from 'swap disk' technique outer protection track is not changing depending on game
You can. That's what traditional modchips do, and there's the Rhea/Phoebe which completely emulates that drive via that interface.
Of course, if you sit at that point in the system you have a different set of problems and capabilities. Much easier to build hardware for, but no data output, and of course you need to disassemble the console to get there in the first place.
I was thinking about controlling an outside door unlock button by MITMing the electrical cables going out of it, but realized I have no idea how to go about it. I just need to generate the same signal... I thought maybe someone reading this could have some pointers.
Possibly stupid question: why didn't some enterprising person figure out how to produce CD-Rs with the copy protection wobble track? Is the market too small vs the cost of required equipment? Would it have been illegal?
"I hope this lays the matter to rest, and prevents anyone from wasting more time on it (like my day burning useless discs).
I'm sure someone will wave their hands around and say that custom burner firmware could do the job, but good luck finding a burner with a programmable DSP in the pregroove tracking loop and managing to modify it to do the job."
Arguably it can be better than blocking threads, which can waste precious time for synchronization. But if you design your code with precise timings, you can ensure that the different processors will complete their work and communicate their data at a precise time, thus saving code and time.
It may interest folks to know that all Sega Saturn games have their audio encoded as plain old CD audio tracks. You can put your Sega Saturn disc into any old CD player and play all of the music tracks.
You can also rip a sega saturn CD in your computer. I particularly enjoy the music from Sega Rally Championship and Virtua Fighter 2.
Many, but certainly not all. Redbook audio (along with tons of grainy low resolution FMV) was more common in the earlier days of the CD-ROM, when creators were trying to justify the format, but hadn't figured out more interesting ways to make use of the space.
wow! THIS is what hacking looks like. these days the term seems to have been muddled and interchanged with "programming". True art of reverse engineering something you don't have a full manual for (and can't ask StackOverflow).
I follow /r/crackstatus but it is far from being really done. This said I think all things equal piracy is a good thing for the gaming industry and without it I would not have been a gamer who now have more than 300 games in Steam and many more in GoG and Blizzard games too Back in the day I wasn't rich and even if I had money I couldn't buy games because I had no access to them living in a third World Country, but piracy made me a gamer.
