Confessions of a burglar drives for Apple II: Secrets 4am

Interview with the infamous enthusiast, gather a collection of drives for Apple II, its objectives and motivation

Why did you decide to actively hack, archive and distribute software for Apple II?

There is a temptation to rewrite history and ascribe to oneself some noble purpose that motivated this hobby, but in this case the truth sounds better. My parents bought themselves an Apple // e [ they styled the Apple IIe / approx. trans. ] when I was 10 years old, and he quickly began to occupy all my free time. Piracy flourished, and I idealized crackers , whose names I saw as they swept across the screens of Cracow from those games that I was sharing with friends. I also admired people who described their methods in hacking tutorials, which were initially distributed as text files via BBS , and then were collected and distributed on disk. As a teenager, I spent many evenings picking at the PEEK, POKE and CALL teams, but for some reason I couldn’t manage to bring it all together.



At the end of 2013, I purchased a real Apple // e and several original discs on eBay - these were mostly arcade games that I had gotten dishonestly in childhood: Sneakers, Repton, Dino Eggs. To my surprise, there was more content in the original games than I remembered! The game was Sneakers boot animation. Repton had a multi-page introduction explaining the background to the game. Therefore, I decided to create “full” hacked versions that honestly reproduced the original content. I decided to write my efforts, because I like to write on the technical topics, and because I admired classical crackers, which did so. I decided to abandon the screens reporting on hacking, although in several of my early cracks there are “Easter eggs” on which you can see the inscription “4am”, if you know how to call them.



In one of the purchases with eBay was an educational game Ten Little Robots. After it was hacked, I could not find its copies on the Internet, which was strange. Surely they hacked everything you can? Maybe her name was entered incorrectly, or incorrectly saved? Then I found another disk, which, apparently, also turned out to be uniquely preserved. And one more. Finally, I began to realize that maybe not everything had been hacked.

')

I told this to Jason Scott [ apparently, an American activist, technology historian, director, and actor Jason Scott / trans. ], And he told me everything. The preservation of the collections depends on the pirates, driven by the ego, but they are constrained by the technical limitations of their era. In the 1980s it was storage volumes and the data rate. No one got recognition for hacking into the program “Irregular Spanish Verbs in Future Tense,” no BBS would spend space on a hard drive to store it, and none of the users would spend their phone line capacity to download it. Therefore, it is not preserved in any form.



But even those programs that were hacked are not fully preserved. The same technical limitations led to the emergence of a culture in which the smallest version of the game won. This meant the removal of animated downloads, the title screen, multi-page introduction, intermediate videos, everything that seemed to the pirates "optional." The holy grail was considered such a circumcision of the content, after which the game (or what was left of it) could be distributed in one file, which could be mixed with other, unrelated games on one diskette .



30 years later I saw exactly that: polusohranivshiesya arcade toys, a little studying on, and virtually nothing else. I realized that I can seriously influence the situation, while receiving both pleasure and intellectual burden. In the process I found that training programs are full of rich history, personality, humor and technical achievements. It was delicious.

Are you worried about copyright? Have you thought about the ethical side of how recovering lost software outweighs the owner’s right to limit its distribution?

All descriptions and software with protection removed are stored as disk images on archive.org . Site owners are always subordinate to the needs of the DMCA content removal. They have never received requests to delete anything from the 4am collection. On the contrary - several authors found their programs there and thanked me for their preservation. One of them even asked for forgiveness for copy protection. He understood that at that time she was a “necessary evil”, but he was very glad that someone had finally taken the time to turn it off. He said that he was very happy to meet the results of his work again, for the first time in several decades.

Since most of the functionality of a high-level drive Disk II is based on the loaded disc with the software, it gave plenty of opportunities to create different protection schemes. As far as it prevented the preservation of software for Apple II?

We have not yet managed to make perfect digital counterparts diskettes Apple II. Disks are analog, physical objects consisting of hundreds of thousands of magnetic flux changes. These changes are stored on the physical surface of the disk and read by physical drives, which have their own options and limitations. Disk II drives gave most of the functionality to the software, and the software used any possible borderline cases.



Where the copying software was losing bits, the protection schemes checked for the absence of bits. Where the programs had the wrong data on the tracks, the defense checked the consistency of the tracks. Your copy program cannot read data from a disk that are physically close to other data? Guess we will be posting information on the next drive! And so on. It was all a big cat and mouse game, an endless war, ending when everyone lost.



All these physical features are hard to display in a figure, and for decades no one has attempted to do this. In the 1990s, people have come up with ways to capture a certain proximity to the disk by processing different Nibble and bits. This was enough to digitize the cracked software, since the crackers had already normalized the original disks so that they could be distributed through the BBS.



In the modern world there is a special equipment that can digitize a floppy disk at the level of changes in magnetic fluxes. For various reasons, manufacturers of this equipment have concentrated on platforms other than the Apple II, and several unsolved technical problems prevented the collectors community from using this equipment. There are advances on this front, and I believe that collectors will soon be able to create digital copies of Apple II diskettes at the magnetic flux level, and users will be able to download original software in emulators.

What copy protection was the most common, and which was the most difficult, in your experience?

The most common protection schemes were those that were put on stream and sold to hundreds of publishers. This process is governed by factories for the production of discs, offers protection against copying, as an additional service in the appendage to the preparation of the master disc. Publishers received all the advantages of the newest and best copy protection systems, without the need to play cat and mouse on their own.



The most popular scheme was the E7 [E7 bitstream] bitstream, known as “generic bit slip protection]. It was a sequence of ones and zeros, specially made so that its first part was read “in phase”, and then the code specifically missed half a byte and read the second part “not in phase”. Bitwise copyists would have missed bits due to equipment limitations, and values ​​read out of phase, proved incorrect. It was brilliant.



E7 invented in 1983, and immediately started up in production. She defended the Moptown Parade in 1984, Rocky's Boots in 1985, and Prince of Persia in 1989. I found it on Addison-Wesley's discs, Advanced Ideas, DesignWare, Edu-Ware, Microcomputer Workshops, Mindscape, Scholastic, Scott Foresman and Company, The Learning Company, Unicorn Software, Broderbund, Data East, Epyx and Windham Classics.



The most complex defenses are those that are deeply integrated into the program itself, and not screwed on top of a third-party company. Some publishers decided to invest in copy protection themselves, and hired experts who worked within the company. So did the Gumball from Broderbund Software, in the development of which the author of the program worked together with the author of the defense. If you think that you have removed the copy protection, because you made the game load, a surprise is waiting for you on the third level, when the game deliberately starts to behave incorrectly.

What drives developers or manufacturers were the hardest to crack?

The hardest part is deferred protection in games. This differed Sierra On-Line. If you bypass the call to protect the self-decrypting the Threshold of the game, you can play, but your ship will move to the right only. If you change the security check so that it will always be successfully completed, the game will let you play the first level, but will fail on the second. A separate hacking check was built into it, which starts only after the first level!



Scott Adams’s Strange Odyssey doesn’t run a protection check until you start the game, go down the stairs, and take a shovel. The Count does not run a check until you have climbed into the kitchen elevator, after about 15 moves in the game. And these are easy cases, because they just reboot or just crash. The Transylvania game has a deferred security check that removes a vital location from the map, which makes it impossible to win the game. Prince of Persia neutralizes the effect of the drug, which must be drunk to complete the 7th level. Conflict in Vietnam has 13 separate checks to protect the integrity of that can cause a fatal error, even an hour after the start of the game!



The question “have I removed all copy protection” is equivalent to the “ stop problem ”. When we can prove that we have removed all protection from all disks, on this day the Universe will cease to exist.

You obviously prefer to do hacking software from scratch, but will have a place in history, cracked discs that have changed?

Everything has historical value. Pirates made their choice, guided by restrictions, which are practically nonexistent today. None of those born in this millennium experienced 99% of the file download broken due to the fact that another family member picked up the telephone in another room. Everyone does not care about the difference in the volume of files in 1 KB or 1.1 KB. I never had to advertise the phone number of my BBS. I can read and search through all issues of Hardcore Computist magazine on a supercomputer that I carry in my pocket. Classic pirates had to achieve more with less opportunities.

You remove the protection from the many training programs. Is this just for completeness of the collection, or is it because historical crackers ignored this genre, or do you think that this software may still be useful for learning?

I have no illusions about the fact that someone will use this software for what it was created for. At best, it can be a technological demonstration of the fact that "we have reached such heights, but 1 + 1 is still equal to 2". But his original goal was important! It was not just the bits on the disk. It was a training course. That is how we taught mathematics, exact sciences, grammar and history to a whole generation of children. I think it's worth it to preserve it.

You wrote a Passport utility that helps unprotect Apple II software so that other people can convert their disk collections into working emulator files. Can you explain in more detail what kind of tool and how it works?

In those days there were several hacking tools. Was the most versatile Advanced Demuffin. She used a protected disk against him, reading each sector with the code of the disk itself (RWTS), and then writing data to an unprotected copy. Two problems: first, it was necessary to intercept or isolate the RWTS. Secondly, it was necessary to patch the code of an unprotected copy so that it could read itself.



Much of the early break-ins I have held in three stages: capture the RWTS, run Advanced Demuffin, patch the copy. After 8 hacks, I wrote a program to automate the first step. After 152 hacks, I wrote a program to automate 3 steps. After 688 hacks I wrote Passport.



Passport - an automation program for checking and copying a disk. And saying “automatic”, I mean it. Unlike classic for bit copiers, it has no parameters, options, settings - except the target slot and the drive. It either works or not.



Also, unlike the classic copyists, it immediately gives a completely unprotected copy. It handles all the three steps mentioned process. No need to mess around with tracking downloads, editing sectors. Everything is built in. Passport - it squeeze out everything I learned about the hacking of all drives, all the options, all the edge cases.



Out of 688 of my hacks, 478 could be automated with Passport.



This program completely changed my hobby. Passport ensures consistent quality. I'm not worried about missing a patch or making a typo in hexadecimal. I do not spend time on the routine that computers can do for me. If I find two disks with the same protection system, I add a new module for Passport to automate the process. Defense was put on stream. If I found 2, there should be 20 of them. They exist somewhere, rotting on physical media.



Automation allows me to see bits of the big picture. I can spend more time writing deeper descriptions of protection schemes whose crawling cannot be automated. I can take screenshots and download videos to demonstrate great learning software. Copy protection is the least interesting part of these discs. It's just part of it, to give us to learn all the other parts.



The collection is stored at the following address:

archive.org/details/apple_ii_library_4am



Most programs run right in the browser thanks to an emulator from the Internet Archive.



Passport utility:

archive.org/details/Passport4am



As of February 2018, 4am removed protection from 1673 programs for the Apple II, and their number continues to grow.