A very common trick that I've seen in a lot of Japanese games, for offline material, is to combine a hashing system and encryption. That is, the game will attempt to load "main.script", which is a custom bytecode scripting language. The file stored on disk would have the filename of a SHA1 hash of "main.script", but the contents would be encrypted with a private key like "tprics.niam". "main.script" then loads a number of other files using its scripting system, so it's a very annoying process to take the whole thing apart, as you need to hunt down the original filename through the scripting system. Either that or you guess at filenames.
You tend to see some really high-level effort put into systems, like the one game I took apart that had its own custom scripting language with classes and coroutines.
https://gist.github.com/magcius/bff948b13128b70695e3841e2084...
One game I found had a custom bytecode system that drove me nuts for weeks. The opcodes were specifically picked so that a large number of the popular ones were reflections of each other in dec, hex and binary. So you'd go "I've seen opcode 0x0353 before", but alas, you had actually seen opcode decimal 353. Similarly, there were opcodes 101 and 0x101 and 0b101 and they all did slightly different things. You think you could stick to hex, but there's enough slop in the process and your brain is so used to pattern-matching that it was pretty effective.
They really are much closer disciplines than most people might imagine.
Or, like people do in RE, you fall back to things you know (OP knew hex, decimal and binary before he encountered the reflected codes he talks about) and you try to force the paper through your personal veil. I guess when people reverse engineer hardware you follow the routes you took (maybe taking months) the first time you took something apart.
Usually, it makes sense to do so because the reason why you read the paper in the first place is because you think that it has some connection with your own work.
In Quantum Mechanics circles, many authors have different mathematical backgrounds, so just translating what they are doing and thinking is already RE. A good example of this is logical semantics: There are countless flavours of how to write logic down, each with their own symbols and motivations. I would prefer if any logic that you end up with is the internal logic of a category, but analogously this would be like Apple forcing everyone to use their hardware connector pins.
A paper usually does have a path that is chosen by the author, but the RE component is inevitable if you want the paper to be in context with your own reasearch. Otherwise I guess it would be more like a class or university module, where you are following along, but you don't really have an intention of building on the subject matter in your own time. Science also has the disadvantage to newcomers that you don't know how much has already been done, and hence you are forced to have endless lectures to just bring you up to speed.
One of the reasons I was attracted to computers when I was a kid was figuring out Windows secrets.
See [0] and page 25 of [1]
[0] (PDF) https://cs.oberlin.edu/~ctaylor/classes/341F2012/xbox.pdf
[1] (PDF) https://events.ccc.de/congress/2005/fahrplan/attachments/674...
while(true) {
Animate(image);
wait 200;
}
What kind of games are we talking about? Computer games or mobile ones?
Since the code presented in the article didn't look like handwritten Asm (and if it was, it would've probably been even more insanely obfuscated and greatly confused IDA's decompilation), I wonder if compilers of the time were far worse at optimisation, or if the author deliberately disabled it so that the code would be more bloated and harder to understand as well as containing the source obfuscations; seems like "Here's addition implemented by multiplying the result with some number and its reciprocal" would be something that's replaced-on-sight by an optimiser doing constant propagation.
Also, I was not surprised to discover that this program appears to be both [1] of German origin, and [2] shareware. When I was in the cracking scene long ago, "German shareware" was widely known for the insane strength of its protection.
I'm staggered at the skills needed to do that.
Once you throw real public-key encryption into the game, which is what any competent company trying to avoid cloned servers should be doing, there is no way to create alternate servers just from game data. You need to at the very least patch the game and change the key.
It's really impressive! It's based on some kind of subdivision primitive I've never seen used like this before.
The "Image Warping" I'm pretty sure you can do in Photoshop these days tho'.
Yes, you can do exactly that. To me the app looks like a happy medium between 2D and 3D art software.
It also seems that Plasma was never actually sold. It was a preview that just required a free signup.
He wrote an article explaining that the DDOS they suffered when first releasing Cube World had a lot of impact on his mental health and that is why he rarely communicated and then he disappeared again.
> It's not pretty, but this is probably the first time anyone's been able to use Plasma at all in the better part of a decade. It seems that Wollay removed a critical UI file (for the sheet which artwork exists on) from Plasma, and made it so that the server would provide an obfuscated version of it to the client. That way, no amount of tampering could get an unauthorized copy of Plasma to work. Unfortunately, without the authentication server, authorized copies of Plasma cannot work anyway.
Around this time, I started looking at what the picroma.de domain used to point to. I didn't find much of interest on archive.org, but...
The domain was now available after all these years, and I bought it.
To clarify, none of the reverse engineering stuff is the issue. However, when your start reimplementing or circumventing "authorization", then you're potentially in some trouble. Worse, it's not civil, like copyright infringement, whereby the IP owner has to go after you. It's criminal, so technically law enforcement themselves can go after you.
In this case it seems unlikely, still though, be careful, folks.
The DMCA provides a singularly annoying exemption process. Every three years, the Librarian of Congress makes a determination of valid exemptions to the DMCA. These exemptions are complicated to apply for, and having been previously granted theoretically has no impact on whether it is granted the next time, so anyone who wants to maintain an exemption needs to reapply and make their case every three years.
From 2018 and until 2021, there are 14 DMCA exemptions in effect. One of them is "Computer programs, except videos games, no longer reasonably available in commercial marketplace, for preservation by eligible libraries, archives, and museums." Unfortunately, while this software is not a video game, nor is it reasonably available, it is not covered by this clause, as "the work cannot be made available or distributed outside the physical premises of the eligible institution."
Not to worry, though! There is one other possible exemption. Number 11: "Computer programs, for purposes of good-faith security research." Is this good-faith security research? Well, one of the tests there is whether the "information is used primarily to promote security of devices on which the program operates." This probably does the opposite, being an effective argument and tutorial AGAINST security, so it probably doesn't work, either.
So yes, this is probably illegal. It could maybe even be a felony, technically. You could probably get years in prison for it. You wouldn't, but that won't stop a fed from convincing you of that in order to get you to sign a confession.
The US strong-armed most their trade-partners into implementing DMCA-compatible laws. Here in Australia we have "compatible" laws, but to my knowledge no exemption process.
EDIT: It's probably worth noting we didn't even bother amending our existing legislation, we just introduced new conflicting legislation. It's a real mess.
As pertains to Latvia specifically (I apologise if my Github <-> HN username assumption is inaccurate), then the relevant laws are implemented under "Copyright Law, Chapter XI, Section 68".
We also still have laws in Australia that permit reverse engineering for the purpose of interoperability. This is what I meant above where I wrote:
> To clarify, none of the reverse engineering stuff is the issue.
The problem is these laws are superseded when circumvention of technological measures pertaining to copy protection is involved.
https://www.wipo.int/treaties/en/ip/wct/summary_wct.html
> The Treaty obliges Contracting Parties to provide legal remedies against the circumvention of technological measures (e.g., encryption) used by authors in connection with the exercise of their rights, and against the removal or altering of information, such as certain data that identify works or their authors, necessary for the management (e.g., licensing, collecting and distribution of royalties) of their rights ("rights management information").
This got written into many local copyright laws.
There are similar reverse engineering tools that are open source such as:
- Ghidra: https://ghidra-sre.org/
- radare2: https://rada.re/n/radare2.html
QA: Are you still need that again with your developer tools?
Do you think the creator would have been net up in revenue terms to add features, or using this feature to reduce piracy?