Jump to content
Welcome to dEViATED Game Trainers and Gamehacking forum - Have a look around and see if you like a trainer from our vast collection for many new games and old alike.
nice read (Razor1911 interview from 1990's )
4 replies to this topic
Posted 25 June 2012 - 05:27 AM
---=[ 5. Interview - InsaneTTM - Razor 1911 Founder ]--------------------------
INQ: Okay, I'd like to welcome you to this Inquisition interview and would
like to thank you for taking the time. Very first question, what is your
full handle and where are you from?
TTM: Sure, no probs. As long as there are no emergency calls I hopefully can
answer all the questions. My handle is InsaneTTM, I come from Trondheim
Norway. TTM stands for The Tractor Maniac.
INQ: Could you briefly describe the founding of Razor 1911 and how the first
few years developed?
TTM: We were just kids. In 1985 the three founding members where at the
incredible age of 13, 14 and 14, so you can imagine that alot of games
were played. But, after a while we soon started to get interested in
demos. The specific date is not remebered but, during October 1985 three
guys, Myself, Secotr9 and Dr NO, decided to get a kewl name.
INQ: Who is "we," that is, who helped you found razor and what did each of you
TTM: After going through piles of bad ones we ended up with Razor 1911.
INQ: Where did the name come from? Why 1911?
TTM: Well in the beginning nobody had dedicated stuff to do; it was just
like - Hey guys lets start a group.
INQ: So Razor started as a demo group on what platform?
TTM: Well, a friend of ours called Hellmates came up with Razor and we
instantly felt that this one was great. The number was actually 2992 in
the very beginning but was later changed to 1911. The reason why we
wanna have a number is that every kewl group at the time being used
numbers - like Flash Cracking Group 1941, Section 8, Electronic Cracking
Association 1998, ABC 1999, Jedi 2001, 1103 and so on. The platform
Razor started to work on was Commodore 64. The number 1911 is $777 in
hexadecimal. Because at the time, a lot of kids used 666 and such
childish stuff; we just went the opposite way as 7 is the number of the
INQ: How did razor grow and when do you think were the best times for Razor?
TTM: Hmm.. We grew up from the Commodore 64, to the Amiga. On the amiga, our
very first releases came. It wasn't actually until 1989 our first
releases came. We had problems getting our hands on the originals, as
every new group with no structure had. But, then everything started to
roll. We got our first overseas member, Zodact, that had a board. So,
we went into the modem scene at the same time.
INQ: What was the competition like with INC? What about Fairlight or THG?
Who was the most competitive, and what was the competition for in the
early days? I mean, with the modem scene, and the distribution of
TTM: Now we did games on a regular basis for a while, and on the amiga until
91, we had some 50 releases. Then, the next step was to get into the PC
world. At the time we got into the PC, as you said INC and THg were the
leading forces, but after all the years in the business, we had a lot of
contacts everywhere and were able to get some real action together. We
were so fortunate that in our close neighborhood we had a young cracker
named Darwin. A lot of amusing stories about those days. He once had to
crack the game over the phone to some guy in the US before leaving for
school in the morning, didn't have the time to upload it!! And then went
home during his lurch to check that it finally was released. And from
there on everything grew and grew.
TTM: The best days for Razor must have been on PC during the spring of 93. We
had enough cards to have the rule the entire scene. We're talking about
the 1993 edition of Razor's European courier team consisting of
RazorBlade, Devil, Hoppermania, GrimLock, Insane TTM, Slain and Digital
Justice which made the every other courier teams in the world look like
INQ: Was this around the time Darwin was busted?
TTM: Nope, Darwin wans't busted. He actually was outta the scene in 93.
In fact as he was and still is a close friend of Razorblade. My most
memorable moment probably was the easter of 93. We had 5 huge releases
in 4 days. Trading round the clock; it was the most thrilling
experience. We just beat the crap out of everyone else on all 5
releases. I had almost no sleep for the days, should just go to bed.
When the phone rang and said "We got a release in a couple of hours, get
ready." The sadly in a forthnight, when were at the ultimate top. I was
busted, together with Baal and Gene here in Norway. S9 and DRno luckily
INQ: For cards?
TTM: After 10th of May 93, I have been out of the business. Just watching
what's happening with the group, and I am proud to see that WE still are
a major force. I was busted for CC, yeah.
INQ: How were the releases being distributed? To what boards? What baud rate
were these at?
TTM: At the end, we had 14.4 and 16.8 modems. As mentioned above, the courier
team from hell did the most of it during the golden age. We had one line
at our main board, and one line at every other major board around -
covering everything. Hanging in there downloading all the disks except
the first where the cracks usually are being placed - waiting for the
cracker to upload it and then, BOOM! We get it everywhere in just
minutes. Ahh, what a feeling.
INQ: What major boards were memorable for you?
TTM: Hmm... Major board. Digging in the back parts of my brain - Elusive
Dream and Pitts are our rival board. We have had like zillions of
boards during the time, but getting into the rivals boards is always a
great deal of fun.
INQ: How do you feel about subsequent leaders? What about TRC, Butcher, even
today with TSR and The GEcko?
TTM: On the issue of our leaders. The one I have had most contact with is
probably Butcher. He was a very kewl guy when you got to know him. He
was sadly busted too. Today's leaders I must say I don't know at all. I
won't get into the business again. As I have got a kewl job with full
INQ: What are you doing now? What do you think of the scene today? What
about BBS's? Are they better or worse than before?
TTM: I ususally hang around on the IRC all day to see when we release
something. Since I was busted 2 1/2 years ago, Internet has taken over
alot of the distribution, plus the trading scene is being shut down in
one country after another. So alot of sites are replacing boards as we
used to know them.
INQ: What do you think of the internet and the effect it has had on the scene?
Do you think the scene will survive?
TTM: As long as there is games/utils being developed there will always be a
INQ: Do you think that there needs to be some sort of "elite" for the scene to
function correctly? If so, what makes someone elite? Do you think that
the net has increased the lameness in the scene?
TTM: There will always be "elite" and there will always be wannabees. And for
the scene to function properly there will always be a need for elites to
be there. Elite could stand for somebody that can organize properly.
INQ: The CDRip/NET question.
TTM: Hmm.. CDRips. There are two kinds of CDRips.
1. The good ones by usually quality groups.
2. The lame/bad ones froim new groups trying to break into the scene.
The latter is like ripping everything that was suppose to be released.
Like 60 disk releases! If you are a SysOp and read this, nuke people
that upload such stuff x5 at least.
INQ: Do you think there will ever be a time when games are too big to pirate?
INQ: What would you say the disk limit for a rip should be?
TTM: Hmm.. Well I won't say anything because the quality of games vary, but
more than 30 disks is like meaningless to me. One of my flatmates came
home with a 29 disk game here one day. I don't understand why people
care about copying of all of the disks.
INQ: Well, thank you very much for your time, and it was very nice talking.
This interview was conducted on November 28, 1995 by Darwin/DWi.
Posted 04 July 2012 - 08:12 AM
/ flooding this thread just like on irc. hehehe
For the Inner Circle, cracking software is a challenge.
For the wannabe underground, collecting it is an
obsession. For the software industry, it's a billion-dollar
By David McCandless
Sunday morning, 7 a.m., somewhere in US Eastern Standard
Time: Mad Hatter gets up, has a glass of Seagram's Ginger
Ale and a cigarette, and checks his machine, which has been
running automated scripts all night. He looks for errors and
then reads his email. He has 30 messages from all over the
world: some fan mail, a couple of flames, a few snippets of
interesting information, three or four requests - some clear,
some PGP-encoded. After a quick espresso and another
cigarette, he surveys the contents of a few private FTP sites,
filters through a bunch of new files, and then reroutes the good
stuff to his newsreader. After breakfast with the family,
another wave of automated scripts kicks in. The ISDN
connection hums to life. A steady stream of bytes departs his
machine 128 Kbps and vanishes into the ether. By the end of
the day Mad Hatter, a ringleader of the software piracy group
called the Inner Circle, will have poured 300 Mbytes of illegal
"warez" onto the Internet.
Monday morning, 9 a.m., Greenwich Mean Time: Phil arrives
for work in Bracknell, England, in a suit and tie, just back from
a few days in Switzerland. Inside Novell UK's glossy five-story
headquarters, he lets himself into his office. It looks like a
mad, bad bedroom - shiny desktops and derelict ones,
disemboweled minitowers and battered servers, every last
expansion slot distended with DAT machines, CD-ROM
burners, extra hard drives. A metal shelf unit contains a rack
of monitors, some video equipment, spare keyboards.
Everything is wired insanely to a single ISDN line. After a
coffee, Phil boots up and skims his email. Twenty minutes
later he has ceased to be Phil. For the next week, he will
pretend to be a trader, a courier, a cracker, a newbie, a
lamer, a lurker, a leecher. He is an undercover Internet
detective, a "technical investigator." He spends his days
roving the Net, finding people like Mad Hatter - and busting
This is a story about a universe with two parallel, overlapping
worlds. One is the familiar, dull world of the software industry,
with its development costs, marketing teams, profit, and loss.
Phil's world, at least part of the day.
And then there is warez world, the Mad Hatter's world, a
strange place of IRC channels and Usenet groups, of thrills,
prestige, and fear. A world of expert crackers who strip the
protection from expensive new software and upload copies
onto the Net within days of its release. A world of wannabes
and collectors, whose hard drives are stuffed like stamp
albums, with programs they'll never use. And a world of profit
pirates, who do exactly what the software makers say: rip off
other people's stuff and sell it for their own benefit.
In Phil's world, software is a valuable tool that commands high
prices - programs like QuarkXPress, Windows NT, and
AutoCAD, costing thousands of dollars a shot. But in Mad
Hatter's world, those sticker prices means nothing - except
inasmuch as more expensive programs are harder to crack,
and that makes them the most desirable, spectacular trophies
In Phil's world, warez are a menace. In warez world, Phil is.
Phil's world is full of nasty numbers. Antipiracy organizations
like the Software Publishers Association and Business
Software Alliance estimate that more than US$5 million worth
of software is cracked and uploaded daily to the Net, where
anyone can download it free of charge. A running scoreboard
on the BSA Web site charts the industry's losses to piracy:
$482 a second, $28,900 a minute, $1.7 million an hour, $41.6
million a day, $291.5 million a week. A lot of that is
garden-variety unlicensed copying and Far East-style
counterfeiting. But an estimated one-third leaks out through
warez world, which can be anywhere there's a computer, a
phone, and a modem.
This is bad news for the business. Think of the lost revenue!
The lost customers! "It's a frightening scenario out there,"
says Martin Smith, Novell's product-licensing manager for
Europe, the Middle East, and Africa. "We are seeing a very,
very rapid development of crime on the Internet."
He's not being paranoid: look at the thousands of messages
that pour through alt.binaries.warez.ibm-pc and the other
Usenet sites that are the warez world's pulsing heart. In a
typical week, you'll see Microsoft Office Pro and Visual C++,
Autodesk 3D Studio MAX, SoftImage 3D, SoundForge,
Cakewalk Pro Audio, WordPerfect, Adobe Photoshop 4.0 -
virtually every high-end package in existence. All this plus
impossibly early betas and alphas. Add a smattering of
mundane Web tools, Net apps, registered shareware,
games, and utilities, and you have everything for the
forward-looking computer user.
Warez world's volumes are impressive, too - a good 65
Mbytes a day of freshly cracked, quality new releases,
chopped into disk-sized portions (to make it from one hop to
the next without clogging the servers), compressed, and
uploaded. Postings can vary from a few bytes (for a crack) to
hundreds of megabytes. The nine main warez sites alone
account for 30 to 40 percent of the traffic on Usenet, an
average of more than 500 Mbytes in downloads every 24
hours, according to OpNet.
Bad news indeed for Phil and his friends, gazing at those
endless dollar signs. But warez world's leading citizens say
that filthy lucre is beside the point - at least for them and the
hungry collectors they supply.
"No money ever exchanges hands in our forum," says
California Red, one of a half dozen of the Mad Hatter's Inner
Circle colleagues gathered for an IRC chat.
"We're on the nonprofit side of the warez feeding chain,"
insists another, TAG (The Analog Guy).
"It's a trade. You give what you have, get something you need.
No money needed," adds Clickety.
"We're not in it for the money. I would never sell something I
got from warez," California Red reiterates.
"Never made a dime," says Mad Hatter.
Even Phil admits these are not the people responsible - not
directly, anyhow - for the 500-Mbyte, $50 bundled software
CD-ROMs from Asia that are the industry's most prominent
nightmare. Warez crackers, traders, and collectors don't
pirate software to make a living: they pirate software because
they can. The more the manufacturers harden a product, with
tricky serial numbers and anticopy systems, the more fun it
becomes to break. Theft? No: it's a game, a pissing contest;
a bunch of dicks and a ruler. It's a hobby, an act of bloodless
terrorism. It's "Fuck you, Microsoft." It's about having
something the other guy doesn't. It's about telling him that you
have something he doesn't and forcing him to trade
something he has for something you don't.
In other words, it's an addiction. Listen to a typical dialog on
an IRC warez trading channel:
"What you got?"
"A music program."
"I got it. What else?"
"No, but it's Cubase three-oh-three - the latest bugfix."
"It's not a patch. It's another seven meg download."
"Don't care. I want it."
Warez traders scour the newsgroups every night, planting
requests, downloading file parts they don't need. Warezheads
feel unfulfilled unless they've swelled their coffers by at least
one application a day. They don't need this Java
Development Kit tool, or that Photoshop plug-in - the thrill is in
creating the new subdirectory and placing the tightly packed
and zipped file cleanly, reverently, into the collection. They
may even install it. Then toy absentmindedly with its toolbars
and palettes before tucking it away and never running it again.
Look at Michael, an 18-year-old warez junkie who's also into
weight lifting. In the evenings, while his friends pursue women,
he's either at the gym or home at his machine, combing the
planet for the latest dot releases of 3D Studio MAX. "I bought
a Zip drive so I could store it all. The SoftImage rip is 20
disks. It took me three months to get the entire set." A
directory called WAREZ on his D:/ drive has $50,000 worth of
cracked software, more than any one person could ever use,
ludicrous amounts of applications. The more high-end and
toolbar-tastic the app, the better. Without technical support or
manuals, he hasn't a clue how to use most of it. But it's there
and will stay there. "Warez give you a weird kind of feeling,"
he says. "You end up collecting programs you don't need and
never use. Just so you can say, 'I've got this or I've got that.' Or
'My version of Photoshop is higher than yours.'"
Mad Hatter knows the feeling. "It's an obsessive game. We
see it every day - people begging for something to 'finish their
collection.'" He's not much better himself. "When I was out of
work on disability, I was totally motivated by the thrill of
massive uploads, uploading at least 40 Mbytes a day for four
months straight." Fellow Inner Circle member Clickety used to
spend 12 hours a day online until college got "awful heavy."
Another, Abraxas, spends 6 to 10 hours online on weekdays,
12 to 16 on weekends. But Mad Hatter - who runs the
semi-tongue-in-cheek, semi-poker-faced discussion group
alt.support.warez.recovery - is making progress: he's down to
30 Mbytes a day. "My computer is online 24 hours a day," he
says. "A warez pirate is always online."
For Joe Warez Addict at the end of the cracked software food
chain, membership in a group like the Inner Circle is the
ultimate collectible. A way to legitimize their addiction, work
for the common good, and, of course, get a nice fresh supply
of warez. The drug addict becomes dealer. A sizable chunk of
Mad Hatter's daily mail is begging letters.
"I hope that if I ask this question, you will not be offended in
any way. But can I join the Inner Circle? I mean, I respect the
Inner Circle ... but never got a chance to join it. I was just
wondering, can I? Please mail me back ASAP."
Needless to say, this lone obsessive didn't get his chance.
Joining the Inner Circle is nigh on impossible. Reaching its
members, though, is easy enough. They keep a high profile,
both in posting files on Usenet and flaming lamers. When I
first tried to contact them I thought that they weren't so good at
answering email, but it turned out their provider had just been
taken offline for illegal spamming. They relocated en masse,
and my mail had been lost in transit. So I posted a message
to one of their newsgroups, made sure it was correctly
labeled, politely worded, and not crossposted (a cardinal sin
anywhere on Usenet). A reply arrived within eight hours. Mad
Hatter was more than happy to talk, but not on the phone, not
in person, and not on conventional IRC. "It has a bit of a habit
of advertising my IP address," he said. He and six other Inner
Circle members set up their own IRC server, configured a
secret channel, and arranged a mutually convenient time for a
live interview. We met and talked for nine hours, in the bizarre
overlapping conversational style of IRC. They were frank and
open, friendly and articulate - and, like any new start-up,
flattered by the attention.
A 17-strong force, the Inner Circle has its own iconography
and its own ideals. Its members are warez gods. They
preach, police, advise, flame. Their commandments? Good
manners, good use of bandwidth, and good warez. Give unto
others as you would have them give unto you. When the Inner
Circle is not sourcing warez from secret sites, its members
are hunting and gathering from more conventional sources.
Clickety borrows fresh stuff from his clients. A few have
attended Microsoft Solution seminars. "Some of us are actual
beta testers, too," says Mad Hatter. "That's got to be scary for
the developers." One way or another, they help maintain the
steady flow of warez onto Usenet. From there, various
wannabes, lamers, and aspirants copy their work to countless
BBSes, FTP sites, and Web pages.
These are not pimply teenagers devoid of social life and
graces, little ferrets who talk in bIFF text and make napalm out
of soap and lightbulbs; they're not downloading porn or being
careful not to wake their parents or spelling "cool" as "kewl."
According to the interviews I conducted, not one member is
younger than 20; Clickety-Clack is the youngest at 23. Most
are 30-plus. Champion uploader Digital has been happily
married for 22 of his 46 years. Most are well-adjusted white
males with day jobs and thoroughly nuclear families. Founding
member Abraxas has three kids, one over 18. Mad Hatter
runs a small business from home. Technical guru TAG is a
computer animator. Irrelevant maintains commercial real
estate. They're spread all over the United States. A few are
concentrated around Orlando, Florida. Two or three others
are California-based. For obvious reasons, that's as precise
as they like to get.
The Inner Circle was born of a sense of outrage that their
beloved pirate-wares newsgroups were going to pot. Warez
had been around for more than a decade, but the growth of
the Internet was bringing clueless newbies onto the boards.
Warez needed a code of ethics and a group of leaders to set
some examples. The leaders would be the best crackers -
some of whom became the Inner Circle.
"We took over alt.binaries.pictures.leek in early '96," explains
Abraxas, "and then leaked the first Nashville [Windows 97]
beta. The groups were being overrun by clueless people.
They needed help. They were wasting Internet resources.
Perhaps if we could encourage responsible use of the
available bandwidth, the whole Usenet warez 'scene' might
last a while longer. Warez was around before we were, and
will be after, but we wanted to help people and preserve
resources using common sense."
As enforcers of the warez code, the Inner Circle can be swift
and sure. In April 1996, a pirate gang called Nomad,
convinced that posts to warez groups were being
suppressed, decided to get themselves some unsupervised
elbow room. They selected an antiwork newsgroup -
alt.binaries.slack, relatively empty and off the beaten track -
where software could be slipped past news providers who
had firewalled the usual warez forums. Within 24 hours, the
forum was flooded with the latest releases. The slackers
bestirred themselves from their apathy and fought back,
posting files that told the pirates politely to push off. The warez
kept coming. Then the Inner Circle waded in on the slackers'
side and castigated the invaders for their poor manners. The
pirates left meekly - though as a parting gift, one of them
posted Microsoft NT, Beta 3, all 48 Mbytes of it, in 5,734
parts. The slackers' newsfeed was clogged for days.
A slightly disturbing revelation came out of the slacker
invasion. "After the first attempted takeover, we discovered
just how scary search engines like Deja News and AltaVista
were," explains TAG. "You could dig up real email addresses
pretty easy on about 75 percent of people posting warez." A
worried TAG hacked into the code of Forte Agent, an industry
standard newsreader already cracked to bypass the
shareware cripples, and stripped away the X-newsreader
header, giving posters far greater anonymity. As a side effect,
the patch also reduced email spams by two-thirds. "The hack
went over so well with even nonwarez people that Forte
eventually incorporated it into Agent as a feature," TAG says
proudly, "although I don't think they'll be giving us credit."
By mid-'96, Mad Hatter decided that police work was getting
to be too much of a chore. The newsfeed was being clogged
by lamers, requesters, and partials posters with
"room-temperature IQs." Those genuinely into warez were
seeing less and less complete software uploaded; in its place
were hundreds of stray disks and clammy begging posts. In a
rare fit of pique, Mad Hatter took his revenge.
"If I continue to see the 'here's what I have' threads," he wrote,
"I will stop uploading here. I will not help and will laugh my ass
off that everyone is suffering. If for some reason you doubt that
I make a difference, it's your loss, as I personally have
uploaded 85 percent of all the shit that's getting posted now
when it was zero day or still fresh. Keep fighting over stale shit
- I like to watch; keep posting partials, and I'll stop upping my
100 to 300 Mbytes a week. In fact, I think I'll stop now."
And stop the Inner Circle did. "We became burnt out on
educating the masses," Mad Hatter says. Instead, a range of
guaranteed lamer-free encrypted newsgroups was created
for posting PGP-encoded warez, for Inner Circle-approved
members only. Those on the select interested-parties list are
given the codes to unlock the software, and anyone can apply
to join. Requirement: a reasonable knowledge of PGP.
"Hopefully this is a sign you won't be totally incompetent if you
choose to post," says TAG. At the last count, the IPL had 500
subscribers, happily trading warez under the protection of the
latest in antilamer technology.
Warez on Usenet are basically gifts - testimony to the power
and stature of the giver. Files are posted for all to download,
free. Just fire up your newsreader, point it at an appropriate
forum, and a list like a home-shopping catalog of the latest
software spills down your screen. There is no pressure, but if
you download and you like the vibe, you are expected to join
the community and contribute uploads whenever possible.
On the freewheeling IRC chat forums, warez are no longer
gifts - they're trade goods. The rewards are greater, but
you've got to work for them. The IRC channels are 24-hour
stock exchanges cum street markets: FreeWarez, Warez96,
Warez4Free, WarezSitez, WarezAppz, and WarezGamez.
There are private channels, hidden areas, and invite-only
piracy parties. And there are no free lunches - every piece of
software has to be paid for, in software. The more recent the
application, the higher its value. The ultimate bartering tools
are zero-day warez - software released by a commercial
house in the last 24 hours, cracked if necessary and
uploaded. The prizes for good zero-day warez vary; you may
get instant download status on a particular server, logins and
passwords for exclusive FTP sites, or admission to the ranks
of a powerful cartel like the Inner Circle.
"Zero-day sites are very élite stuff," explains paid-up élitist
TAG. "People can get access only if they can move a few
hundred Mbytes a day. Most are invite only. The average IRC
warez trader doesn't get that kind of access unless he puts a
lot of effort into it." Zero-day warez trading is a fraught
business; competition between groups often leads to
malpractice. "You get a lot of first releases with bad cracks,"
says TAG, "just so someone can say they released first. Then
two days later, you get a working crack. We get most of our
freshest stuff from private FTP and courier drop sites."
If your software collection is more mundane, you can trade
one piece directly for another. But with so many unpoliced
egos in one place, this can be risky. People will often welsh
on deals, allowing you to pass them a file and then
disappearing into the ether. Cunning traders will barter with
"trojans" - zipped-up files of gunk, realistic enough to carry out
half the transaction. In extreme cases, someone may feed you
A step down from zero-day warez are drop sites, where fresh
cracks can be found for the cost of a download. Some drop
sites run on the trader's own machine; others piggyback on
government or corporate mainframes, shareware mirrors, and
university networks. Often they're only in existence for 24
hours, or on weekends when the sysops are at home.
Wherever you end up, you'll be struck by the extreme
politesse and measured courtesy, united by a common
language. "Greets m8. Have appz, gamez and crackz on
220.127.116.11. Looking for Pshop 4.0 beta. L8ter." "Have 1.5
gigs of warez on anonymous T1. Upload for leech access. /
me for more info. No lamers."
Back in Phil's world, they can't quite cope with the idea of this
ferocious brag-driven barter economy cloaked in courtesy.
The SPA and the BSA just don't believe it. "Considering the
amount of time they dedicate, they must be making a return to
justify it," says Phil.
Casual observers of the BSA's Web site may well be
convinced, if only because they're stunned by the money that's
involved - or seems to be. Fifteen point five billion dollars a
year! But those figures are based on the assumption that if
piracy were stopped, someone would be willing to pay for
every pirated copy in circulation.
"Billions of dollars?" scoffs East London BBS operator Time
Bandit. "I know guys who have thousands and thousands of
pounds worth of software, but the values are meaningless.
Win95 may cost, like, £75 in the shops, but in warez, it's
worthless. It's just another file that you might swap for another
program, which might cost four grand. How much it costs in
real money is meaningless."
How do you ram home sales figures and quarterly losses to a
bunch of teenagers who see warez trading as their passport
to acceptance on the scurrilous side of a brave new world?
How do you convince middle-aged men who see
incandescently expensive software as monopoly money in a
vast, global boardgame that what they're doing is "harmful"?
In the software industry's latest campaign, you scare them - or
try. The BSA's mandate used to be "not to capture pirates,
but to eradicate piracy." Now exemplary punishment is the big
To do that, the BSA and the SPA are willing to push the law to
its limits. Prosecuting clear offenders - warez-vending BBS
operators and FTP-site pirates, for instance - is one thing;
suing ISPs for carrying Web pages containing pirate links and
cracks is another. A typical case was against C2Net, a
Buffalo, New York-based ISP that the SPA sued for doing just
that. In what smacked of a token prosecution - or, in the words
of C2Net's president, Sameer Parekh, "legal terrorism" - the
action by Adobe, Claris, and Traveling Software, under the
aegis of the SPA, held the provider responsible as
"publishers" for the contents of its server, and for the activities
of individual account holders. The SPA eventually backed off
but threatens to revive the suit if C2Net and other ISPs don't
agree to monitor their users for copyright infringement. C2Net
says it will not give in to litigious "bullying."
And then there are straightforward busts. On January 12,
1996, Microsoft and Novell jointly announced a settlement
with Scott W. Morris, who was "doing business as the
Assassin's Guild BBS ... billed ... as the worldwide
headquarters for two large pirate groups, Pirates With
Attitude (PWA) and Razor 1911." According to the statement,
"marshals seized 13 computers, 11 modems, a satellite dish,
9 gigabytes of online data, and over 40 gigabytes of offline
data storage dating back to 1992.... Mr. Morris agrees to
assist Microsoft and Novell in their continuing BBS
Phil, our undercover Internet detective, wasn't responsible for
that particular drama, but he's been integral to others. His
latest victory was in Zürich - "a landmark case against
individuals and organizations distributing unlicensed software
on the Internet," he calls it. A 27-year-old computer technician
who helpfully called himself "The Pirate" was running an FTP
site filled to the brim with warez, including US$60,000 worth
of unlicensed Novell software. Phil, impersonating a trader,
infiltrated the site (admittedly no great feat), collected
evidence, then handed it over to the Swiss police. He
accompanied them on the raid to ensure no evidence was
damaged. "He was one of a new breed who advertise on the
Internet," says Phil. "He made his files available via email
requests and telnet." Swiss police also raided the home of a
BBS called M-E-M-O, run by "The Shadow," a friend of The
Pirate. Unfortunately, The Shadow was on holiday with his
parents. The family returned two weeks later to find their front
door broken down; the son was arrested. If convicted, the
young pirates face up to three years in jail and possible
The Pirate's mistake - aside from his suicidal choice of
nickname - was to plant himself geographically. Phil, a former
corporate network manager, was able to trace him through
his FTP site's IP address. Phil knows his networks; this
makes him the perfect undercover agent - and one of Novell
UK's most envied employees. "I play on the Net all day," he
says, "and get paid for it."
There's a bit more to it than that. Phil and his counterparts in
Asia and the US are deployed to infiltrate pirate groups; to
study IRC; to get under the skin of the lamers, the dabblers,
and the professionals; to chat, seduce, charm, and interact
with the denizens of this bizarre over-underworld. Phil talks to
traders in their own language, understands the tricks and
traps. After busting The Pirate, he says, "we were talking and
he was moaning about the sluggishness of his network. I
pointed out that, aside from using LANtastic, he was using a
75-ohm terminator on the back of his file server, slowing the
whole thing down."
Now that he's back from Zürich, Phil will be getting some new
toys: the spoils of war. In many jurisdictions, any hardware
deemed to be part of an illegal setup can be taken by
investigators and - if part of a civil prosecution - can be
worked in as part of the settlement. Once sucked dry of
evidence and incriminating data, the cannibalized machines
are moved to Bracknell and hooked up to the network.
But despite the resources at his disposal and his status as a
network ninja, Phil doesn't always get his man. "If there's a
person out there who has a decent level of technological
awareness of the ways he can be located, it's quite true to say
he could successfully hide himself, or use a system where it
would be impossible to track him. It's technically possible for
them to bounce their messages all around the world and have
us running around like blue-arsed flies." It's a reluctant
admission, but then Phil is one person pitted against
Successful prosecutions aren't always that easy either. Take
David LaMacchia, an MIT engineering student who turned two
of the school's servers into drop sites and downloaded an
estimated $1 million worth of pirated software. LaMacchia
was arrested in 1995, only to have the case thrown out by a
judge who ruled that no "commercial motive" was involved.
Prosecutors tried charging him with wire fraud, but this was
ruled an unacceptable stretching of the law. LaMacchia
walked free. "Bringing Internet cases through the judicial
system is a nightmare," says Novell's Martin Smith. "Try
talking to a judge about 'dynamically allocated IP addresses.'
We don't have a chance."
Tell that to the former warez traders of America Online, which
had a meteoric history as a pirate mecca. For years,
instructions on how to crack AOL's security and obtain free
accounts were a Usenet staple. Online, "freewarez" chat
rooms were packed with traders, 24 hours a day. Megabytes
of warez were kept in permanent circulation.
Then came the crackdown of 1996, a dark period in warez
history. Goaded by software-industry watchdogs, AOL
introduced countermeasures to disinfect its system;
alt.binaries.warez was removed from the Internet newsfeed.
CATwatch automated sentinels were placed on AOL's warez
chat channels, logging off anyone who entered. "Free"
accounts were traced and nuked. Michael, the weight-lifting
trader and also an AOL veteran, says everyone thought that
"the FBI had infiltrated the warez groups, and we were all
going to get busted." On the cusp of the big time - a top pirate
outfit named Hybrid had a position open - Michael had been
hoping to prove himself by doing a CD rip of the soccer game
Euro 96. "I was halfway through removing the FMV and CD
audio. I reckon I could've got it down from 58 disks to 9. But
then everything went haywire."
Profit-driven crackers are actually the easiest to catch: they
have links to the real world, starting with the money trail from
credit cards. And the easiest prey of all are BBSes, with their
telltale telephone connections. In January, FBI agents led by
the bureau's San Francisco-based International Computer
Crime Squad raided homes and businesses in California and
half a dozen other states. They seized computers, hard
drives, and modems, though no arrests were made. Along
with Adobe, Autodesk, and other BSA stalwarts, the list of
software companies involved included Sega and Sony - a hint
that the targets included gold-disk dupers who counterfeit
Mad Hatter was not impressed. "Wow, I'm in hiding," he
cracked the day after the raids. But "Cyber Strike" was, as
BSA vice president Bob Kruger said later in a statement,
"the most ambitious law enforcement action to date against
Internet piracy" - specifically, the first US case in which the
FBI, rather than local police, took the lead. And that can't help
but augment the BSA's number-one antipiracy tactic for 1997:
creating the "perception of threat." And even warez gods
don't necessarily want the FBI on their case.
But bluster aside, people like Mad Hatter are intrinsically -
and deliberately - much harder to catch. The most prestigious
pirate groups - Razor 1911, DOD, Pirates With Attitude, the
Inner Circle - are tightly knit clubs whose members have
known each other for years and call each other "good friends"
- though they rarely, if ever, meet. Joining is no easy task.
Positions become vacant only when members quit or are
busted, or a vote is taken to expand operations. Kudos and
reputation are everything. Unofficial homepages can be found
here and there, constructed by acolytes who celebrate the
groups' best releases and victories. These are often padded
out with cryptic biographies and obituaries for those busted
by the cops ("We feel for ya!"). Despite the boasting, and the
draping of their releases with corporate motifs - logos, front
ends, graphics, even signature tunes and Java applets -
crackers' true identities typically remain secret, even to one
The anonymity, however, works both ways. Cloaked in his
own secret identity, Phil says he has managed to get deep
within several major groups in the past 18 months and is
skimming the surface of several others. He can convincingly
portray himself as a caring, sharing warez god. "You make
some good friends," he says with a smile. And, it seems, you
can end up pretty impressed. "Some of these people are
incredibly talented. The logic and programming behind their
setups are just amazing." Or maybe he's just bluffing?
Warez and whyfores
In Phil's world, warez dealers are thieves. In warez world, the
software companies are the criminals.
"Most products you buy from a store can be returned if you
are unsatisfied," reads the beautifully crafted Warez FAQ, on
the Inner Circle's Web site. "Software cannot." The Inner
Circle thus can claim to have a practical motivation -
providing "a place to find something you might want to
evaluate before purchasing." All right. "I personally have
bought progs that I demo'd first from warez," declares
Clickety. "I have more warez than I could ever hope to install
on my poor drives. Tested a lot of crap also that I was glad I
didn't pay for - deleted it right off the bat. I have recommended
software to clients based upon using a pirate version at
"Software developers have families, and should be able to
support them," reads the Warez FAQ. "We do advocate
buying your own software if you really like it and use it
heavily," adds Mad Hatter.
As Phil and his friends are well aware, the line between piracy
and ownership is very blurred. For example, it's
commonplace for 3-D animators and modelers to use
pirated, cracked, or at least unlicensed copies of their office
software at home, for overtime or experimentation. In some
minds, it's even a "necessary evil," a slightly arcane
marketing strategy, a rather reckless approach to branding -
look at Netscape. Indeed, many software executives privately
acknowledge that piracy - especially the attention it brings to
new releases - can be a valuable way to develop markets.
Novell's Martin Smith might disagree. He spends "99.9
percent" of his time fighting piracy, and he worries that the
next generation of browsers will seamlessly marry the Web
with Usenet. "The newsgroups will be a lot more accessible,"
he says, with something close to resignation, "which is going
to make the whole thing a lot more widespread and give
these guys a much bigger market. There's not much we can
do, other than encourage ISPs not to take them."
The difficulty is that, once it's up, a Usenet post can generally
be canceled only by the author or a sysop from the post's
point of origin, "server zero." Even if a cancel is issued, it
takes time to ripple across the network. A warez regular
would be able to grab the file before it was vaped. Some
servers refuse on principle to honor cancels. "Even the most
diehard warez hater in news.admin.hierarchy would defend
your right to be safe from cancels," claims TAG. Many
commercial ISPs have taken the industry's encouragement
and dropped the warez groups, but lots of free servers are
carrying on. And things aren't helped by the lack of a clear
legal framework. Imagine the scenario: a program that
belongs to a UScompany is uploaded via a router in
Canada to a server in South Africa, where it is downloaded
by a Norwegian operating out of Germany using a US-based
anonymous remailer, then burnt onto a CD in the UK and sold
in Bulgaria. "How would you prosecute that mess?" asks
Smith. "It's a jurisdictional nightmare."
And the profit pirates are getting more creative. Smith cites
the Web page of one warez guru, offering a premium-line
phone number: for $3 a minute, you can listen to details about
the best warez FTP sites, their addresses, and their login
passwords. "Updated every three days for your convenience,"
it declares. It also makes provisions for those dialing from
outside the US. The selling of information that leads to illegal
use of information - a difficult case to prosecute.
"Our strategy is to bring a critical mass of prosecutions," says
Smith. "We'll take out some people who're downloading this
material - the gnats - and then we'll take out some of the
larger, more organized guys. The people who are packaging
it up and zipping it onto CD-ROMs." Which might work in a
world where software was always bought on CD-ROM. But in
pushing ever deeper into electronic commerce, where more
and more real commercial software (browsers, little applets)
is being given out for free, where the Internet is the ultimate
distribution network, this looks a little ropey. Friction-free
markets and friction-free piracy run in tandem. The Inner
Circle already has its PGP-encoded giveaway mall in place.
Smith knows all this. There's just not much he can do about it.
"All it needs is one server in one country where there are no
laws to counter copyright theft, and there are plenty who will -
the likes of Libya, Bulgaria, and Iran. One country with a
decent enough telephone infrastructure is enough to undo a
hundred busts in the West." Even if laws are constitutional or
enforced, larger biases come into play. "Try asking a Saudi
policeman to arrest a Saudi software pirate on behalf of an
American company. Forget it."
Dingle my dongle
The alternative to policing is burglar-proofing: making things
harder to crack. In principle, you might think that the
gazillion-dollar software industry would be able to produce
uncrackable software. In practice, it can't, although it certainly
Take the dongle, for example. It is the summit of copy
protection, an explicit melding of software and hardware.
Without the right hardware key - the dongle - plugged into the
machine's parallel port, the software won't run. And without the
right software, the dongle is a mindless doorstop. Calls to the
dongle are woven into the code at the lowest level. "The
program may call the dongle every 150 mouseclicks, or every
time you print, or every time you select flesh tones as your
desktop color scheme," says one dongle expert. If the
response to the call is false or not forthcoming, the program
shuts down. All communications between the two are
encrypted by uncrackable algorithms. Internal security fuses
ensure that any attempt to hack the dongle mechanically will
cause it to self-destruct. "Nothing short of an electron
microscope," says the expert, "could extract the algorithm
from that mess."
The biggest player in the dongle market is Rainbow
Technologies, whose Sentinel hardware keys are used by 55
percent of all protected software. There are 8 million Sentinel
keys attached to 8 million printer ports the world over. The
company calls it "the world's most effective way to stop
piracy" - a clarion call to crackers if ever there was.
The logical approach to cracking a hardware key is to create
a "pseudodongle" - a chunk of code that sits in memory,
giving the correct answers to any query. To do this, a cracker
would have to monitor and trap traffic to-ing and fro-ing
across the parallel port, then use this information to build an
infallible query/ table. Unfortunately, if the query is, say, six
characters long, it can have more than 280 trillion responses
(281,474,976,710,700 to be exact). With the speed of
modern machines, this would take approximately 44,627
years to collate. With the SentinelSuperPro dongle ("the most
secure and flexible protection available") the query length can
be 56 characters - requiring a mere 10 125 years (in theory)
for a complete table. However, the dongle in
SentinelSuperPro for Autodesk 3D Studio MAX was cracked
in just under seven days of its retail release - substantially less
than the 44 millennia emblazoned on the sales brochures.
Other expensive high-end applications that use Sentinel -
including NewTek's LightWave 5 and Microsoft's SoftImage -
have ended up the same way: cracked, repackaged, and
redistributed to every corner of the Internet within weeks of
their release. How? Instead of attempting to simulate the
dongle, expert crackers simply remove its tendrils from the
program code, unraveling the relationship skein by skein,
function by function, call by call, until the application ceases to
need the dongle to function. Then it's ready for anyone and
everyone to use - or, more likely, gawk at.
Nobody says this is easy. There may be only three or four
crackers in the world who could manage such an opus. But
with the Internet to transmit the result, only one needs to
With the latest wave of dongles, warez world looked to Russia
to get the job done - and a shadowy group called DOD "won"
the contract. The self-styled "Warez Bearz of Russia and
Beyond," DOD appears to have arms throughout Europe,
Asia, and the US. It undid Microsoft SoftImage's dongle
protection in two weeks, which wasn't easy. The crew
riotously celebrated in their "NFO" file: "Totally awesome
work of glorious DOD cracker - Replicator after five other
crackers gave up! We decided not a do a crack patch 'coz it
will take too much time to code it ... you ask why? 'Coz there
are only 72 (!!!) EXEs patched. All options now work 100%!"
NFO files do more than brag or supply installation
instructions; they testify that the ware is a bona fide release,
guaranteed to work. And this is more than just posturing; a
group's reputation is paramount. Each release is
painstakingly beta-tested. These are their products now, their
labors of love. Nobody wants to find a "bad crack" in his
hands after a seven-hour download. Nobody wants to be
accused of being "unprofessional." Nobody wants the
ignominy of anything like the bad crack for Autodesk's 3D
Studio that made the rounds in 1992. For all intents and
purposes it ran correctly, all features seemed 100 percent
functional. Except that the dedongled program slowly and
subtly corrupted any 3-D model built with it. After a few hours
of use, a mesh would become a crumpled mass of broken
triangles, irrevocably damaged. Cleverly, Autodesk had used
the dongle to create a dynamic vector table within the
program. Without the table, the program struggled to create
mathematically accurate geometry - and eventually failed.
Many a dodgy CAD house saw its cost-cutting measures end
in ruin. Autodesk support forums and newsgroups were
flooded with strangely unregistered users moaning about the
"bug in their version of 3D Studio." A rectified "100 percent
cracked" version appeared soon after, but the damage was
done. The Myth of the Bad Crack was born, and the pirate
groups' reputations tarnished.
But the pirates bounced back. They always do. And there's no
reason to think that there's any way to stop them. Software
security people are at an intrinsic disadvantage. Compare
their job to that of securing something in the real world that's
valuable and under threat - a bank, say. Typically, only one set
of armed robbers will hold up a bank at a time, and they'll get
only one crack at it. Imagine an army of robbers, all in different
parts of the world, all attacking the same bank at the same
time. And in the comfort of their own homes. Not just once, but
over and over again. Imagine that each set of robbers is
competing against every other, racing to be first in. Imagine,
too, that some of the robbers are so technically adept that
they could have built the alarms, the safe, and even the jewels
themselves. And that they have cracked more than 30 banks
with the same protection system. And that they're learning
from all their failures, because they're never caught. No
security could realistically resist such an onslaught. It may be
that the only way to avoid having your software cracked is to
put no protection whatsoever on it. No challenge, no crack.
Popularity only feeds the frenzy. Doom is a good example. In
1993, id Software distributed the original shareware version
of its nasty-guns-in-nasty-dungeons masterpiece on bulletin
boards, CompuServe, and a then-little-known system called
the Internet. Downloaded by more than 6 million people
worldwide, Doom was a trailblazer in the world of modem
marketing. The shareware gave you a third of the game: if you
liked it, you had to buy the rest on disks. Millions did.
Doom and its makers became a dream target. Weeks before
Doom II's release, the sequel was available on the Internet -
not as shareware, but warez. And not just as a teaser, but the
whole damn thing. "Yeah, that was leaked," says Mike Wilson,
id's then-vice president of marketing, now CEO at Ion Storm.
"Can't tell you how much that hurt." The leaked copy was
rapidly traced - rumors abounded that the version was a
review copy fingerprinted to a British PC games magazine -
but too late. It was already on Usenet, doing the rounds on
IRC, filling up FTP sites. The pirates were in ecstasy and id
was left with recoding the final retail release, to ensure future
patches and upgrades would not work on the pirated version.
Then they shut the stable door. No more external beta testing;
no more prelaunch reviews. "We assured ourselves it would
never happen again," says Wilson. "No copy of our games
would leave the building."
Nice try. Quake, Doom's much-anticipated follow-up, turned
up on an FTP server in Finland three days before the
shareware come-on was due to be released. The pirate
version was a final beta of the full game - complete with eerily
empty unfinished levels and bare, unartworked walls. Within
hours, it had been funneled to sites all over the globe. IRC
was swamped with traders and couriers desperate to
"Somebody actually broke into our then poorly secured
network and started to download it right before our eyes,"
Wilson recalls. "We managed to stop the transfer before he
got all of it. We traced the call, got his name and address. He
was pretty scared, but, of course, it was some kid. We didn't
pursue that one. It hurt, but not enough to put some little kid in
When the legitimate Quake hit the stores last year, it was
initially in the form of an encrypted CD, which let you play a
shareware version for free but would only unlock the rest on
receipt of a password, available for purchase by phone. The
encryption scheme, an industry standard called TestDrive,
was eventually cracked by a lone European pirate called
Agony. And id's crown jewel was now available, courtesy a
29K program. "In order to unlock the full version, you are
supposed to call 1-800-IDGAMES," Agony gloated in a
"We knew it was going to be hacked," says Wilson. "We of all
people knew. But we thought it was safe enough, certainly
safer than Doom II." And, truth to tell, it didn't matter too much.
The gap between the game's release and the warez version
becoming widespread was enough for id to sell the copies
they expected. "Copy-protection schemes are just speed
bumps," laments Wilson.
Nobody really knows how much actual damage cracking does
to the software companies. But as the industry rolls
apprehensively toward the uncertain future of an ever-more
frictionless electronic marketplace, almost everyone thinks
piracy will increase. "The level of activity out there is
overwhelming. We know that we have to take action to take
control of it. We will continue to bring a critical mass of
prosecutions," says Novell UK's Smith. He doesn't sound all
Somewhere back on the US East Coast, Mad Hatter has a
final swig of ginger ale and settles down to bed with his wife,
White Rabbit. She thinks his obsession is a wasted resource,
but didn't complain when he installed the latest version of
Quicken on her computer - a cracked copy, of course. "We
are all family men, married with children, day jobs, dedicated
accounts, and multiple phone lines," Mad Hatter says. "Our
kids have been looking over our shoulders for years. They will
be the next couriers, the next warez gods."
David McCandless ([email protected]), a
London-based writer, musician, and film editor, is still bitter
about being dethroned as UK Doom champion.
/ next up :
-*-*-*-*-*-* FUCK OFF, TDT *-*-*-*-*-*-
In this textfile, I will rag on TDT and the whole bunch of lamers
associated with them. Also, I will explain WHY I'm doing this. The
reason is the recent release of Might & Magic IV by FairLight, TDT
and of course RAZOR. First off, the Razor version was the only one
that has been put out COMPLETELY CRACKED AND WORKING unlike the
Flt and TDT versions. Now, two days later TDT puts out a "crackfix"
which is supposed to be 100% and that "you can use on the Razor and
FLT versions". Of course I was very suspicious about TDT's late
fix and so I downloaded this shit and looked at it since they
claimed that there was more than ONE doc check in the game. Here's
what I found....
³TDT - how stupid they REALLY are....³
OK, let's start. I will explain a _little_ of tech background to
you so that you're able to understand what I'm talking about.
The actual protection routine in Might & Magic IV is located in
a file called XEEN.DAT. This file is not a data file, but a renamed
EXE file. Also, New World Computing used PKLite to compress it and
make it harder to change stuff in it, however, we all know how to
get rid of PKlite, don't we ?
OK, well, after I got rid of PKLite I ran a filecompare between my
version and the one TDT put out. Here's the result:
Comparing files XEEN.DAT and MYXEEN.DAT
0001DD2A: 8E 38 <ÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄ¿
00026C9D: 90 9A <ÄÄÄÄ¿ ³
00026C9E: 90 00 <ÄÄÄÄ´ ³
00026C9F: 90 00 <ÄÄÄÄ´ ³
00026CA0: 90 CC <ÄÄÄÄ´ this is the only
00026CA1: 90 15 <ÄÄÄÄ´ byte required to
³ crack the game.
these are the bytes TDT
changed to "crack" the game.
Now, here's a litte explanantion of the bytes and what they mean.
If you don't know alot of assembly, don't worry if you don't
understand it. Actually the whole point of all this is that the
TDT version IS NOT WORKING ! Hahaha... Yes, you got me right.
TDT FUCKED UP THEIR CRACK, if you try to bypass the protection,
THE GAME WON'T LET YOU CONTINUE PLAYING.
Let me just explain what I did to crack the game:
The first byte you see at 1DD2A is an offset for a JMP instruction.
The original value in an uncracked version of MMIV is 8E and to
crack the game I changed it to 38. The reason is that the JMP
originally leads to the protection routine that asks you to enter
a certain word from a certain page in the manual. What I did is
to bypass the protection check in a way that the routine assumes
that you've already entered the correct word. That's why in my
version the protection doesn't even show up anymore. Also, that
way I don't have to worry HOW MANY protection checks there are in
the game. No matter how many times the protection routine is called,
it will ALWAYS return the correct result and let you go on playing.
Now, in the TDT version SOMEONE thought he has to be a REAL smartass
motherfucker. Here is what the dumbass did:
Translated to assembly, the five bytes starting at 26C9D will come
out as a FAR call instruction
This CALL will lead to the protection and ask you for a word
from the manual.
TDT's lame-o cracker changed this CALL-instruction to something
Well, what the dick was trying to do is to bypass the protection
simply by not even CALLING the protection routine. So, what's
wrong you may ask, if the protection is not even called, what is
Onyx moaning about !? Well, let me explain.
First of all there might be more than ONE call to the protection in
the game. The way I cracked it, the protection may be called 100reds
of times and each time it will come out fine, but in the TDT version
you can't be sure that there's not another CALL to the protection
somewhere else in the game. So, how do you fuckers in TDT even DARE
to tell people that "there's more than ONE check in the game", eh ?
DON'T YOU LAMERS UNDERSTAND THAT EVEN IF THERE IS MORE THAN ONE
CHECK, YOUR GODDAMN VERSION WILL NOT WORK UNDER ANY CIRCUMSTANCES
BECAUSE YOU ONLY REMOVED *ONE* OF THEM ? Fuck you lamers, you should
go back to cracking school and LEARN how to do things correctly.
³TDT - my grandma can do better cracks ³
Now here's what's even WORSE about TDT's crack:
Due to the fact that the file XEEN.DAT is an EXE file, it contains
lots of addresses that have to be relocated when the file is loaded
to memory. This is refered to as the relocation table. I will not
go into a too much detailed explanation of the EXE file structure
here, but it all comes down to the fact that Sir Platinum doesn't
seem to know a shit about DOS and EXE files.
Each entry in the relocation table points to an instruction of
the program that needs to be altered to make the program work.
Something called a SEGMENT-OFFSET has to be added to some instructions
to make them work correctly. In this case, the CALL instruction that
TDT changed needed to be relocated. To make it a little bit more
understandable for you, here's an example:
un-relocated instruction: bytes in memory:
CALL 15CC:0000 9A 00 00 CC 15
Now, let's assume the program has been loaded to segment offset 1234
the whole thing would look like this AFTER the relocation:
relocated instruction: bytes in memory:
CALL 2800:0000 9A 00 00 00 28
The segment offset of 1234 has been ADDED to the original offset
of 15CC. The result is 2800. This is how it SHOULD look like.
Now how did TDT fuck up ? Here's how....
Since DOS does an automatic relocation of all entries in the
relocation table, it will not check if the relocation it just made
was VALID. To cut a long explanation short, here's what it looks
like with the TDT version:
un-relocated instruction(s): bytes in memory:
After the relocation process....
relocated instruction(s): bytes in memory:
LES SP,[BP+SI+0509] C4 A2 ....
The offset 1234 has been added to the 9090 bytes that represtented
the NOP instructions.
Due to the fact that Sir Platinum changed the original JMP
instruction to NOP instructions, the relocation will create
a new, UNPREDICTABLE instruction instead of the NOPs. As a
result THE GAME MIGHT EVEN CRASH ! YES, YOU GOT IT RIGHT, THE
WAY TDT CRACKED THIS MIGHT CRASH THE GAME ! Fuck you kids...
You apparently don't know a flying fuck about what you're doing.
Don't you fuckers know that according to what is added to your
NOP instuctions the actual CODE changes every time ? The instruc-
tions created might be total NONSENSE and lock up the game.
Goddamnit.... you lamers are so fucken stupid, you shouldn't be
allowed to touch games like Might & Magic IV since all you do is
to FUCK THEM UP.
OK, Sir Lametinum, here's what you COULD have done even tho it
STILL wouldn't get rid of ALL the doc checks in the game, just
this particular one:
9A 00 00 CC 15 CALL 15CC:0000
could have been changed to
EB 02 JMP IP+02 <Ä¿jumps OVER the relocation
CC 15 XXXX ³offset.
Obviously you're not a proffessional cracker, just a little dumb-o
wannbe that still has alot to learn to play in the MAJOR LEAGUE
together with the BIG BOYS....
Also, to all of you out there, take this as a WARNING and think twice
before you decide to download a TDT release in the future. Who knows,
the "change" they make to a program might accidently format your hard
GO FOR QUALITY - GO FOR RAZOR RELEASES ! WE KNOW OUR BUSINESS !
- ONYX [RAZOR 1911]