From Wikipedia, the free encyclopedia
Software cracking is the modification of software to remove protection methods: copy prevention, trial/demo version, serial number, hardware key, CD check or software annoyances like nag screens and adware.
The distribution and use of cracked copies is illegal in almost every developed country. There have been many lawsuits over cracking software, but most have been to do with the distribution of the duplicated product rather than the process of defeating the protection, due to the difficulty of constructing legally sound proof of individual guilt in the latter instance. In the United States, the passing of the Digital Millennium Copyright Act (DMCA) legislation made software cracking, as well as the distribution of information which enables software cracking, illegal. However, the law has hardly been tested in the U.S. judiciary in cases of reverse engineering for personal use only. The European Union passed the European Union Copyright Directive in May 2001, making software copyright infringement illegal in member states once national legislation has been enacted pursuant to the directive.
The most common software crack is the modification of an application's binary to cause or prevent a specific key branch in the program's execution. This is accomplished by reverse engineering the compiled program code using a debugger such as SoftICE, OllyDbg, GDB, or MacsBug until the software cracker reaches the subroutine that contains the primary method of protecting the software (or by disassembling an executable file with a program such as IDA). The binary is then modified using the debugger or a hex editor in a manner that replaces a prior branching opcode with its complement or a NOP opcode so the key branch will either always execute a specific subroutine or skip over it. Almost all common software cracks are a variation of this type. Software developers are constantly developing techniques such as code obfuscation, encryption, and self-modifying code to make this modification increasingly difficult.
A specific example of this technique is a crack that removes the expiration period from a time-limited trial of an application. These cracks are usually programs that patch the program executable and sometimes the .dll or .so linked to the application. Similar cracks are available for software that requires a hardware dongle. A company can also break the copy preventions of programs that they have legally purchased but that are licensed to particular hardware, so that there is no risk of downtime due to hardware failure (and, of course, no need to restrict oneself to running the software on bought hardware only).
In other cases, it might be possible to decompile a program in order to get access to the original source code or code on a level higher than machine code. This is often possible with scripting languages. An example is cracking (or debugging) on the .NET platform where one might consider manipulating CIL to achieve one's needs.
There are a number of sites on the Internet that let users download cracks for popular games and applications (although at the danger of acquiring malicious software that is sometimes distributed via such sites). Although these cracks are used by legal buyers of software they can also be used by people who have downloaded or otherwise obtained pirated software (often through P2P networks).
The most visible and controversial effect of software cracking is the releasing of fully operable proprietary software without any copy protection. Software companies represented by the Business Software Alliance estimate and claim losses due to piracy.
Software cracking has also had positive effects for the industry, as well as general consumers. For example, the "warez" groups have helped increase the popularity of file formats such as Xvid and MP3.
Due to the potential legal repercussions, many individuals who release cracks to the public for commercially available software choose to remain anonymous. This can often create confusion as the available documentation is often sparse. It is beyond the ability of most to determine the exact operations the crack will execute.
As an example, several spyware removal utilities have rules in place that regard certain cracks as having a malicious payload such as a hidden DDOS daemon.
The first software copy protection was on early Apple II and Commodore 64 software. Game publishers, in particular, carried on an arms race with software crackers. Lately (in the 21st century), publishers have resorted to increasingly complex countermeasures, such as StarForce, to stop pirates from cracking and distributing their software.
Most of the early software crackers were computer hobbyists who often formed groups that competed against each other in the cracking and spreading of software. Breaking a new copy protection scheme as quickly as possible was often regarded as an opportunity to demonstrate one's technical superiority rather than a possibility of money-making. The cracker groups of the 1980's started to advertise themselves and their skills by attaching animated screens known as crack intros in the software programs they cracked and released. Once the technical competition had expanded from the challenges of cracking to the challenges of creating visually stunning intros, the foundations for a new subculture known as demoscene were established. Demoscene started to separate itself from the illegal "warez scene" during the 1990's and is now regarded as a completely different subculture. Many software crackers have later grown into (extremely) capable software reverse engineers: the deep knowledge of assembly required in order to crack protections enables them -inter alia- to reverse engineer drivers in order to port them from windows to gnu-linux.
Software crackers have their secretive organizations on the Internet. Similar to other "gray area" Internet activities, there are also various detector, legal and other specialists on the subject.
Apple Computer has begun incorporating a Trusted Platform Module into their Apple Macintosh line of computers, and making use of it in such applications as Rosetta. Parts of the operating system not fully x86-native run through the Rosetta PowerPC emulator, which in turn requires the Trusted Platform Module for proper operation. (This description applies to the developer preview version, but the mechanism differs in the release version.) Recently, the OSx86 project has been releasing patches to circumvent this mechanism.
Microsoft is planning to reduce common Windows based software cracking with the release of the NGSCB initiative in future versions of their operating system.