I ask this because it's relevant to running ROMs on the 3DS.
How do games detect whether they're running on flashcards?
How do games detect whether they're running on flashcards?
- Joined
- Feb 15, 2011
- Messages
- 2,850
- Trophies
- 1
- Location
- Home
- Website
- www.youtube.com
- XP
- 1,192
- Country
...This isn't relevant to running ROMs on the 3DS. Not yet, anyway. You first have to hack the 3DS and figure out how to manipulate 3DS mode. But before that, we still need to hack the DSi!
And so far, flash cards can only run in DS Mode, unless you're using some powerhouse card like the Supercard DSTwo.
And so far, flash cards can only run in DS Mode, unless you're using some powerhouse card like the Supercard DSTwo.
Actually, I'm asking this because I am planning on doing my own experimentation with loading ROMs using hardware solutions. So it is relevant.
And I'm asking about DS games specifically, as the same AP methods should carry over.
And I'm asking about DS games specifically, as the same AP methods should carry over.
- Joined
- Feb 15, 2011
- Messages
- 2,850
- Trophies
- 1
- Location
- Home
- Website
- www.youtube.com
- XP
- 1,192
- Country
Oh. Interesting.
Well, I've looked it up and I don't really understand it, but....
Basically, anti-piracy is meant to block unauthorized reading of the ROM. This unauthorized reading is usually due whatever you're using the ROM with (either a flash card, an emulator, or a bootlegged cartridge) not reading it exactly like the legitimate cartridge would. Anti-piracy detects this change and automatically enables a kill message (i.e. 'the save file cannot be read' error, 'game could not be initialized' error, etc), stops the ROM entirely (i.e. black/white screens, freezing, etc), or causes unwanted things to happen during gameplay (i.e. Earthbound's difficulty spike and file deletion near end-game, Michael Jackson: The Experience's vuvuzelas).
TL;DR Reading a ROM differently than the legitimate cart would in any way
...that's about all I understand. Sorry if it doesn't help.
- Joined
- Dec 4, 2009
- Messages
- 1,378
- Trophies
- 0
- Age
- 29
- Location
- Place
- Website
- Visit site
- XP
- 496
- Country
- Joined
- Feb 15, 2011
- Messages
- 2,850
- Trophies
- 1
- Location
- Home
- Website
- www.youtube.com
- XP
- 1,192
- Country
....Ummm.....google, actually. I googled it. There wasn't a lot of info so I pieced together what I thought was relevant.
I know, but I meant PROPERLY.
My Google searches are not turning up anything. Unusual...
(btw I'm referring to the specific methods that DS games use to detect piracy)
(btw I'm referring to the specific methods that DS games use to detect piracy)
- Joined
- Feb 15, 2011
- Messages
- 2,850
- Trophies
- 1
- Location
- Home
- Website
- www.youtube.com
- XP
- 1,192
- Country
I couldn't find anything about that.
Just in general.
And it had to be pieced together from multiple sites.
- Joined
- Sep 8, 2009
- Messages
- 8,079
- Trophies
- 2
- Location
- One's inner self
- Website
- 3dsdb.com
- XP
- 2,440
- Country
DS games piracy is used on how the code moves around the data
its all about the offset because cetain data cannot be moved the certain areas so the anti piracy checks in teh games try and copy data to this area so if succesfull its knows your using a Flashcard
where on a legitimate card the data cannot be copied and is moved to the correct area
when a DS rom patch is made all it is doing is sending the data to the correct place rarther than moving it to the error area and causing the AP to kick in
its all about the offset because cetain data cannot be moved the certain areas so the anti piracy checks in teh games try and copy data to this area so if succesfull its knows your using a Flashcard
where on a legitimate card the data cannot be copied and is moved to the correct area
when a DS rom patch is made all it is doing is sending the data to the correct place rarther than moving it to the error area and causing the AP to kick in
So if a copy succeeds to some ordinarily protected part of memory, then the check fails?
But then what part of memory is protected?
There's still a lot missing
But then what part of memory is protected?
There's still a lot missing
I blathered on about it in the past http://gbatemp.net/t...78#entry1799578
Short version there are two questions you are asking
1) How do DS carts on the dsi and 3ds (those are related)
http://hackmii.com/2...oming-in-3-2-1/ takes it pretty well.
2) How does game level AP work for which there are three methods at present but only two are really used. Sora de Eclaune already took the rough overview- if your cart does not behave exactly as an original then you can be pinged because of that.
In practice this means
i) Below 8000 reads- http://nocash.emubas...rtridgeprotocol (see B7aaaaaaaa000000h (200h) - Get Data)
Older DS flash cards would quite happily return the actual data/not what is actually done.
ii) Binary (or portion thereof) checksums/hashes- as you probably know the binaries (ARM9, arm9 overlays and ARM7- arm7 overlays do not exist in commercial games) are loaded into ram and so as not to save on EEPROM (or whatever the game originally used) carts will patch them to save on whatever they are rocking save type for. A handful of carts like the original EZ5 that had a savelist (it was not that bad to maintain but the R4 was easier so most dropped such things) and actually emulated the memory type in hardware meaning they were usually far more compatible (and maintained such abilities well into the AP era where the thought of using a 2 year out of date kernel on a R4-a-like would have got you laughed at). Clean mode, special mode, ghost mode or whatever your cart wants to call it aim to have an ultra light touch on the rom to avoid setting off these at the cost of not having soft reset, cheats, in game menus and such.
Both these methods existed for a while and at first they were simple enough that general fixes could happen but later on it turned to hundreds of checks (and with it the end of "cheat" patches) even to the point where they slowed the game down (yep even on the DS the maybe not so legit way often ended up superior if you have a cart that patches these out properly*). Obfuscation also happened so where at first you could reasonably scan a rom with an automated tool (there still exists ones for below 8000 checks) or quickly by eye and catch most of them not to mention games triggering them later in the game (was it C.O.P. - The Recruit that had some later stage trouble with the initial patches?) and not having immediately obvious failure conditions (phantasy star changing drop rates for instance) as a result of games hiding them in overlays not used until late in the game, hiding things in THUMB mode as opposed to ARM (the GBA and DS ARM processors have a 32 bit mode known as ARM and a 16 bit mode (kind of- see GBAtek/arm docs) known as THUMB you switch between and I believe there were a couple that did not do the immediately obvious check and fail but send flags and whatnot for later on.
*most carts owe more than a passing nod to the wood/AKAIO teams so they tend to be properly removed rather than change the result of the if statement (the proper way to bypass is to prevent the check from happening but the quick and easy way is to scan the rom for the checks and change the if result is good carry on but if not then trigger AP failure mode to if it is good then great, if it is bad then also great).
The third has only been seen on a handful of roms ( Houkago Shounen being the best example) was to time the save process and fail it for being too short (flash carts are nothing if not efficient here)
I am not counting new save types and things like pokemon utilising the "save" architecture to also do the IR port and castlevania POR being badly coded and crashing due to something resembling a race condition where flash carts had a bit less speed/more latency.
There are probably a handful of other methods that could be (could have been?) tried based on the idea of a flash cart behaving differently in some small but predictable/detectable manner to original carts but I will leave it to you to cook up ideas here (have a read of GBAtek).
Short version there are two questions you are asking
1) How do DS carts on the dsi and 3ds (those are related)
http://hackmii.com/2...oming-in-3-2-1/ takes it pretty well.
2) How does game level AP work for which there are three methods at present but only two are really used. Sora de Eclaune already took the rough overview- if your cart does not behave exactly as an original then you can be pinged because of that.
In practice this means
i) Below 8000 reads- http://nocash.emubas...rtridgeprotocol (see B7aaaaaaaa000000h (200h) - Get Data)
Older DS flash cards would quite happily return the actual data/not what is actually done.
ii) Binary (or portion thereof) checksums/hashes- as you probably know the binaries (ARM9, arm9 overlays and ARM7- arm7 overlays do not exist in commercial games) are loaded into ram and so as not to save on EEPROM (or whatever the game originally used) carts will patch them to save on whatever they are rocking save type for. A handful of carts like the original EZ5 that had a savelist (it was not that bad to maintain but the R4 was easier so most dropped such things) and actually emulated the memory type in hardware meaning they were usually far more compatible (and maintained such abilities well into the AP era where the thought of using a 2 year out of date kernel on a R4-a-like would have got you laughed at). Clean mode, special mode, ghost mode or whatever your cart wants to call it aim to have an ultra light touch on the rom to avoid setting off these at the cost of not having soft reset, cheats, in game menus and such.
Both these methods existed for a while and at first they were simple enough that general fixes could happen but later on it turned to hundreds of checks (and with it the end of "cheat" patches) even to the point where they slowed the game down (yep even on the DS the maybe not so legit way often ended up superior if you have a cart that patches these out properly*). Obfuscation also happened so where at first you could reasonably scan a rom with an automated tool (there still exists ones for below 8000 checks) or quickly by eye and catch most of them not to mention games triggering them later in the game (was it C.O.P. - The Recruit that had some later stage trouble with the initial patches?) and not having immediately obvious failure conditions (phantasy star changing drop rates for instance) as a result of games hiding them in overlays not used until late in the game, hiding things in THUMB mode as opposed to ARM (the GBA and DS ARM processors have a 32 bit mode known as ARM and a 16 bit mode (kind of- see GBAtek/arm docs) known as THUMB you switch between and I believe there were a couple that did not do the immediately obvious check and fail but send flags and whatnot for later on.
*most carts owe more than a passing nod to the wood/AKAIO teams so they tend to be properly removed rather than change the result of the if statement (the proper way to bypass is to prevent the check from happening but the quick and easy way is to scan the rom for the checks and change the if result is good carry on but if not then trigger AP failure mode to if it is good then great, if it is bad then also great).
The third has only been seen on a handful of roms ( Houkago Shounen being the best example) was to time the save process and fail it for being too short (flash carts are nothing if not efficient here)
I am not counting new save types and things like pokemon utilising the "save" architecture to also do the IR port and castlevania POR being badly coded and crashing due to something resembling a race condition where flash carts had a bit less speed/more latency.
There are probably a handful of other methods that could be (could have been?) tried based on the idea of a flash cart behaving differently in some small but predictable/detectable manner to original carts but I will leave it to you to cook up ideas here (have a read of GBAtek).
Ahhhhh thanks that was what I was looking for. Perfect.
So my initial guesses were correct in regards to the first two anti piracy checks, and the third can be worked around with a delay mechanism. Thank you very much.
So my initial guesses were correct in regards to the first two anti piracy checks, and the third can be worked around with a delay mechanism. Thank you very much.
I forgot to mention I think it was Daigasso band brothers (certainly one of the Japanese music game sequels) wrote a serial of sorts into the save memory to allow downloads based on a server side check but the BDX format ultimately got pulled apart, thoroughly documented and had tools made for it.
http://dshack.wikia.com/wiki/Daigasso!_Band_Bros._series
Strictly speaking I am not sure where it falls but it is a potential annoyance for flash cart owners so I figure I will mention it.
http://dshack.wikia.com/wiki/Daigasso!_Band_Bros._series
Strictly speaking I am not sure where it falls but it is a potential annoyance for flash cart owners so I figure I will mention it.
Similar threads
-
-
@
Psionic Roshambo:
I have 16GBs of DDR4 that I have been using forever lol 3200 with extremely low latency -
-
-
-
-
-
-
-
-
-
-
-
-
-
@
Psionic Roshambo:
32GBs is the baseline for 4K video editing these days and lots of recommendations for 64GBs but for games 16,GBs is honestly plenty for a long time.
-
-
-
-
-
-
-
-
-
like a 250 dollar kit back when DDR4 was Intel only