| Software Cracking |
Article Index for Software |
Website Links For Software |
Information AboutSoftware Cracking |
| CATEGORIES ABOUT SOFTWARE CRACKING | |
| hacking hobbyist | |
| copyright infringement | |
| cracking | |
| software piracy | |
| warez | |
|
LEGALITY The distribution and use of cracked copies is illegal in almost every Developed country. There have been many Lawsuit s over cracking software, but most have been to do with the distribution of the duplicated product rather than the process of defeating the protection, due to the difficulty of constructing legally sound proof of individual guilt in the latter instance. In the United States , the passing of the Digital Millennium Copyright Act (DMCA) legislation made software cracking, as well as the distribution of information which enables software cracking, illegal. However, the law has hardly been tested in the U.S. Judiciary in cases of Reverse Engineering for personal use only. The European Union passed the European Union Copyright Directive in May 2001, making software copyright infringement illegal in member states once national legislation has been enacted pursuant to the directive. METHODS The most common software crack is the modification of an application's binary to cause or prevent a specific key branch in the program's execution. This is accomplished by Reverse Engineering the compiled program code using a Debugger such as SoftICE , OllyDbg , GDB , or MacsBug until the software cracker reaches the Subroutine that contains the primary method of protecting the software (or by Disassembling an executable file with a program such as IDA ). The binary is then modified using the Debugger or a Hex Editor in a manner that replaces a prior branching Opcode with its complement or a NOP Opcode so the key branch will either always execute a specific Subroutine or skip over it. Almost all common software cracks are a variation of this type. Proprietary Software developers are constantly developing techniques such as Code Obfuscation , Encryption , and Self-modifying Code to make this modification increasingly difficult. A specific example of this technique is a crack that removes the expiration period from a time-limited trial of an application. These cracks are usually programs that patch the program executable and sometimes the .dll Or .so linked to the application. Similar cracks are available for software that requires a hardware Dongle . A company can also break the copy preventions of programs that they have legally purchased but that are Licensed to particular hardware, so that there is no risk of downtime due to hardware failure (and, of course, no need to restrict oneself to running the software on bought hardware only). In other cases, it might be possible to Decompile a program in order to get access to the original Source Code or code on a Level Higher than Machine Code . This is often possible with Scripting Language s. An example is cracking (or debugging) on the .NET platform where one might consider manipulating CIL to achieve one's needs. There are a number of sites on the Internet that let users download cracks for popular games and applications (although at the danger of acquiring malicious software that is sometimes distributed via such sites) 1. Although these cracks are used by legal buyers of software they can also be used by people who have downloaded or otherwise obtained pirated software (often through P2P networks). EFFECTS The most visible and controversial effect of software cracking is the releasing of fully operable Proprietary software without any copy protection. Software companies represented by the Business Software Alliance estimate and claim losses due to Piracy . Cracking has also been a significant factor in the domination of companies such as Adobe Systems and Microsoft, all of whom have benefited from piracy since the 1980s. Vast numbers of college and high school students adopted readily available applications from these companies. Many of these students would then go on to use them in their professional lives, purchasing legitimate licenses for business use and introducing the software to others until the programs became Ubiquitous .2 HAZARDS Due to the potential legal repercussions, many individuals who release cracks to the public for commercially available software choose to remain anonymous. This can often create confusion as the available documentation is often sparse. It is beyond the ability of most to determine the exact operations the crack will execute. As an example, several spyware removal utilities have rules in place that regard certain cracks as having a malicious payload such as a hidden DDOS daemon. Some forms of software protection can include subtle countermeasures against cracking that do not prevent the cracked program from running, but can eventually lead to long-term damage of data created and used with the cracked program. An example of this could be an expensive engineering software that requires a dongle to operate. The program may be specifically designed to incorporate certain minor math errors and design flaws into all documents, but the dongle stores the particular dimensional metrics needed to cancel out these cumulative intentional data errors. Once cracked, the corrective metrics from the dongle are no longer available, and over time as documents are edited with the cracked software, object dimensions move and distort until the document is so corrupted that it is unusable. The company may provide a method to undo the damage, provided the customer pays a fee for the correction and obtains a properly licensed uncracked program. HISTORY The first software copy protection was on early Apple II and Commodore 64 software. Game publishers, in particular, carried on an arms race with software crackers. More recently, publishers have resorted to increasingly complex countermeasures to try to stop unauthorized copying of their software. Unlike modern computers that use standardized Drivers to manage device communications, the Apple II DOS directly controlled the step motor that moves the floppy drive head, and also directly interpreted the raw data (known as Nibbles ) read from each track to find the data sectors. This allowed complex disk-based software copy protection, by storing data on half tracks (0 1 2.5 3.5 5 6...), quarter tracks (0 1 2.25 3.75 5 6...), and any combination thereof. In addition tracks did not need to be perfect rings, but could be sectioned so that sectors could be staggered across overlapping offset tracks, the most extreme version being known as spiral tracking. It was also discovered that many floppy drives do not have a fixed upper limit to head movement, and it was sometimes possible to write an additional 36th track above the normal 35 tracks. The standard Apple II DOS copy programs could not read such protected floppy disks, since the standard DOS assumed all disks had a uniform 35 track, 13 or 16 sector layout. Special nibble-copy programs such as Locksmith and Copy II Plus could sometimes duplicate these disks by using a reference library of known protection methods, but when protected programs were cracked they would be completely stripped of the copy protection system, and transferred onto a standard DOS disk that any normal Apple II DOS copy program could read. One of the primary routes to hacking these early copy protections, was to run a program that simulates the normal CPU operation. The CPU simulator provides a number of extra features to the hacker, such as the ability to single-step through each processor instruction, and to examine the CPU registers and modified memory spaces as the simulation runs. The Apple II provided a built-in opcode disassembler, allowing raw memory to be decoded into CPU opcodes, and this would be utilized to examine what the copy-protection is about to do next. Generally there was little to no defense available to the copy protection system, since all its secrets are made visible through the simulation. But because the simulation itself must run on the original CPU, in addition to the software being hacked, the simulation would often run extremely slowly even at maximum speed. Most of the early software crackers were computer hobbyists who often formed groups that competed against each other in the cracking and spreading of software. Breaking a new copy protection scheme as quickly as possible was often regarded as an opportunity to demonstrate one's technical superiority rather than a possibility of money-making. The cracker groups of the 1980's started to advertise themselves and their skills by attaching animated screens known as Crack Intro s in the software programs they cracked and released. Once the technical competition had expanded from the challenges of cracking to the challenges of creating visually stunning intros, the foundations for a new subculture known as Demoscene were established. Demoscene started to separate itself from the illegal "warez scene" during the 1990's and is now regarded as a completely different subculture. Many software crackers have later grown into (extremely) capable software reverse engineers; The deep knowledge of assembly required in order to crack protections enables them - inter alia - to reverse engineer drivers in order to port them from binary-only drivers for Windows to drivers with source code for Linux and other Free operating systems. Software crackers have their secretive organizations on the Internet. Similar to other "gray area" Internet activities, there are also various detector, legal and other specialists on the subject. INDUSTRY RESPONSE Apple Computer has begun incorporating a Trusted Platform Module into their Apple Macintosh line of computers, and making use of it in such applications as Rosetta . Parts of the Operating System not fully X86 -native run through the Rosetta PowerPC Binary Translator , which in turn requires the Trusted Platform Module for proper operation. (This description applies to the developer preview version, but the mechanism differs in the release version.) Recently, the OSx86 project has been releasing patches to circumvent this mechanism. Microsoft is planning to reduce common Windows based software cracking with the release of the NGSCB initiative in future versions of their Operating System . REFERENCES |
|
|