from Hacker News

How the Dreamcast Copy Protection Was Defeated

by fafner on 12/11/18, 9:47 AM with 161 comments

  • by new299 on 12/11/18, 11:55 AM

    There are two points to note.

    The first is piracy probably didn’t lead to the failure of the Dreamcast. They didn’t sell many of the consoles... if it was a piracy issue then you’d expect they’d sell many consoles, but few games (the line up of games was really good).

    The article mentions Ikaruga a lot. It worth noting that Ikaruga for the Dreamcast was released a year after the Dreamcast was cancelled. They probably weren’t hugely concerned about piracy at this point.

    From memory it was an easy port for them, because the arcade board that Ikaruga ran on is also the same as the Dreamcast.

  • by dsco on 12/11/18, 11:10 AM

    Related and _very_ inspiring; how the Sega Saturn CD was cracked after 20 years. Even my very non-technical girlfriend sat through this thing, being intrigued by the dedication.

    https://www.youtube.com/watch?v=jOyfZex7B3E

  • by AdmiralAsshat on 12/11/18, 2:18 PM

    I was heavily into burning DC ROMs back in the day. Its most valuable utility was making backups of the games we owned, as our first copy of Sonic Adventure 2 became scratched and nearly unreadable after awhile. The backups allowed me to keep our "critical" games like Soul Calibur, MvC2, and Power Stone 2 (that one cost a pretty penny) in their cases while we used the backups. It also allowed a handful of custom soundtrack-editions of games to float around on the web, like one which changed MvC2's (IMO, awful) soundtrack.

    One thing I lament in hindsight was that the CD's we burned were not GD-ROMs, and so the backups or ROMs we burned often had their assets compressed in order to fit on the smaller disk.

    Further pity is that even 15ish years later, many people in the ROM collection scene are still relying on those early, compressed CDI rips that were made over a decade ago. The higher-fidelity GDI dumps are comparatively rare and hard-to-find, especially with such reliable repositories as Emuparadise shutting down. If I had the proper equipment, I would probably try to make proper GDI dumps of my collection.

  • by amatecha on 12/11/18, 5:51 PM

    I just wanted to drop in and point out this author has published a couple excellent books analyzing the engines behind the popular first-person-shooter games Wolfenstein 3D[0] and DOOM[1]. Excellent reads if you're interested in the inner workings of these games (and by extension, others like them)! (Yes, he links the DOOM one in the article, but wanted to call them out specifically as being awesome ;))

    [0] http://fabiensanglard.net/gebbwolf3d/ [1] http://fabiensanglard.net/gebbdoom/

  • by gwbas1c on 12/11/18, 2:38 PM

    > SEGA engineers knew that MIL-CD booting could be used as an attack vector so they added a protection.

    > The mashed potatoes problem was solved when a Katana SDK (the official Sega SDK for the Dreamcast) was stolen[6] by the hacking team "Utopia" in late 1999. It turned out that the scrambler was nothing more than "security through obscurity".

    I doubt this was security through obscurity. Most likely, it was hard (or impossible) to burn a GD-ROM for internal testing. Thus, this mechanism was probably used to burn games onto CDR for internal testing.

    I haven't seen anything that explains how scrambling and descrambling work; but it's important to understand that, at a certain level, all encryption is "security by obscurity." It just comes down to how easy or hard it is to figure out how to bypass. In this case, hacking to get ahold of the scrambler is no different than getting ahold of the private part of a key pair.

    Edit:

    > SEGA quickly released a DC v2 which disabled MIL-CD altogether but unfortunately damage had been done. With revenues plummeting and the PS2 ogre coming out, developers abandoned the Dreamcast and SEGA retired from the hardware manufacturing business in order to focus on software.

    I also wonder if disabling this system was "the straw that broke the camel's back?" If I were a developer and it suddenly became much harder to test, I'd probably think very critically if it's "worth it" to jump through so many hoops for such a small market.

  • by londons_explore on 12/11/18, 11:22 AM

    Did the breaking of the copy protection on the Dreamcast really play a big part in Sega's downfall?

    If so, it would be one of the only cases I know of where IP piracy led to financial ruin of the content creator.

  • by laurent123456 on 12/11/18, 2:24 PM

    Interesting that they've invested so much in designing a new unique type of CD-ROM, even being the only one to manufacture it, and then being caught by a feature they didn't even need. The obfuscating trick was also kind of lazy from the dev team who added it.

    But I don't think this hacking was the reason for the end of Sega, because nearly all consoles at that time could be modded to play hacked games. Sega had been messing up for years before that, with all the useless hardware (Sega-CD, Sega 32X, and even the Game Gear and Saturn weren't big successes) they had been releasing after the Megadrive. The Dreamcast was good but just no good enough to save the company, they basically would have needed a console that completely dominate the market to recover, and to compete against Sony, Microsoft and Nintendo.

  • by mysterydip on 12/11/18, 11:41 AM

    Semi-related, there's a piece of hardware being made (some parts 3D printed even) called GDEmu that replaces the optical drive components with an SD card reader, allowing people to play (backups of legally owned games) on their original hardware without wearing out the drive mechanism.

  • by phusion on 12/11/18, 5:14 PM

    I loved doing this on my Dreamcast back in '99. It was the first console I ever managed to "mod" -- even though it's completely a software mod.

    At first we had to download loader discs, just a few hundred Kb on a disc, then pop in the 1:1 burned game. Eventually they managed to put the loader on the game ISOs and you could just burn a game and pop it in. Plenty of fun, lots of great games and it primed me to eventually crack open my Xbox for the 007 Nightfire exploit.

  • by londons_explore on 12/11/18, 11:20 AM

    The fact this was broken by stealing a developer's SDK is disappointing. Real hackers would have disassembled the machine to reverse engineer it, rather than using black market/social engineering tricks.

  • by masto on 12/11/18, 12:48 PM

    I remember those days. I was working at a small company, and a coworker and I had Dreamcasts. He also had small children and felt that the cost of games and their short attention span was a good excuse for piracy. He downloaded everything posted to a Usenet group for Dreamcast games and burned two copies. Every morning I’d come in to a pile of CDs on my desk. I only recently threw them out, several spindles full of them. Hundreds of games, many I never even tried playing. It was bizzarre.

  • by anjc on 12/11/18, 1:24 PM

    I don't think this contributed to the Dreamcast's downfall.

    Given the state/speed of CD Writers at the time, quality of CDs, difficulty of finding ISOs, download speeds, and the temperamental Dreamcast laser, it was far easier to just buy games imo. It was even easier to chip your Dreamcast to region unlock it and buy cheap, legitimate Jap/US games, rather than wasting CD after CD trying to burn them.

  • by RyanShook on 12/11/18, 3:54 PM

    Crazy that the entire OS used by the game was loaded from the disc. Also interesting that the backdoor needed to make pirate copies viable was built-in and known from the beginning. Seems like vulnerabilities usually come from the edge use cases that sound like features but are actually attack vectors.

  • by astrostl on 12/16/18, 6:27 PM

    This is easily the easiest piracy situation I've ever seen: if you had an unmodified Dreamcast, a CD burner, and broadband your only steps were to pirate DiscJuggler, then the games themselves. I knew many people with Dreamcasts in this era, who bought them around launch day without even a thought of pirating, then went on to buy zero (0) additional games because it was so easy.

    The conversation here seems to settle on the idea that piracy wasn't a primary cause of the system's failure, and I could hardly disagree more from what I widely observed (local + gigantic internet communities).

  • by ngcc_hk on 12/11/18, 11:38 AM

    Sad story. Steal. And bring down the shop.

  • by syspec on 12/11/18, 1:59 PM

    I remember downloading ISOs as rar file collections overnight off of IRC channels while in high school. I remember the magic of PAR files, being able to replace any particular file I was missing.

    One thing i also remember is how it taught me an upside of actually purchasing games. I ended up having so many DC games I barely played any, because I became more interested in simply collecting them.

    I would later decide against missing my consoles for that same reason. Although those Wii mods looked pretty sweet, with their home screen replacement and launchers

  • by baochan on 12/12/18, 9:35 PM

    Are there articles out there about how modern copy protection works? I'm interested in why there aren't Switch flash carts, or why there aren't shady companies with BD-ROM pressers making bootleg copies of PS4/XB1 discs.

  • by timwaagh on 12/11/18, 10:47 PM

    interesting. it seems a minor factor though. dreamcast had good gfx but a lineup kids did not like (i know, i was one of them).

  • by sergiotapia on 12/11/18, 4:04 PM

    So piracy literally killed my favorite console. What a shame!