Thanks for signing up for Copy Protection Facts! You will now receive fun daily facts about COPY PROTECTION! >o<
"Math Blaster" and "Ultima IV" share the same copy protection.
"Elite" and "Ernie's Quiz" share the same copy protection.
"Prince of Persia" has three separate E7 checks, but they all check the same bitstream in track 0 and can be defeated with a 12-byte patch.
Later Davidson & Associates disks can be identified by a single corrupted sector on track $22 whose data checksum is $3F instead of 0.
Once a floppy drive's motor is off, it always returns the same invalid value. Lady Tut polls it while off and reboots if the value changes!
If "Transylvania" fails its protection check, it deletes a vital location from the map and the game is unwinnable.
Activision games derive a magic value from the protection check and use it to calculate disk read parameters. The magic value is always $55.
To protect against memory capture cards, "Burgertime" checksums all peripherals during boot, then again in-game, and reboots on a mismatch.
"Spell It!" and "Autoduel" share the same copy protection.
"Impossible Mission II" has an encrypted bootloader. The 64-bit decryption key is part of the uncopyable E7 bitstream on track 0.
ProDOS-based Sunburst disks cycle through 4 RWTS variants on boot until one works. Each variant requires a different pattern of timing bits.
"Wavy Navy" tries to determine if ROM is writeable, to out-fake hardware modifications that lie about whether ROM or RAM is active at $F800.
"Spy's Demise" uses the disk volume number to initialize an unrelated (but critical) index variable in its disk read (POSTNIBBLE) routine.
"County Fair" RWTS ignores the RWTS parameter table, loads one sector that overwrites the caller in memory, and returns to a new bootloader.
The disk format of "Karateka" is so complicated that Copy II Plus added Karateka-only code to parse it.
Karateka's disk read routine intentionally crosses a page boundary, thus requiring every 256th nibble on disk to have an extra bit after it!
Karateka for iOS ships with an Apple II emulator and a cracked copy of the original disk because no emulator can handle the copy protection.
If "Tycoon" fails its protection check, it will overwrite the boot sector with garbage, rendering the disk unbootable.
After a game ends, "Beer Run" does a pointless JSR $0578 (part of the text screen) to an "RTS" instruction left in memory by the bootloader.
Sector 0 of "Mr. Do" contains a message from the protection developer, Jim Ratcliff: DON'T WASTE YOUR TIME, ORIGINALS ARE INEXPENSIVE.JCR
Sector 0 of my "Mr. Do" crack contains a response: TIME SPENT IN THE SERVICE OF HISTORY IS NEVER WASTED.4AM
"Match It!" DOS redefines INIT as a no-op, then calls it on launch. Booting from another disk and launching the game will format your disk.
"Deathsword" and "Audubon Grizzly Bears: Wildlife Adventures" share the same copy protection.
If "Computer Discovery" fails its protection check, it prints "ERROR CODE 593 -- CALL SRA FOR ASSISTANCE". Pro-tip: do not actually do that.
"Microzine 1" used a 34-bit address prologue -- 4 nibbles and 2 unusually placed timing bits -- that made it impervious to bit copiers.
Up'N Down sector 1: HELLO THERE THIS IS THE CREATOR OF U&D. THIS SECTOR ON THE DISK IS OF NO VALUE AND THERE IS NO SENSE EVEN LOOKING AT IT.
"Classifying Animals with Backbones" DOS decrypts BASIC programs on the fly. Booting another disk and LOADing them will lock up your Apple.
"Spanish Grammar Review" contains a track specifically designed to trigger a bad code path in the timing bit detection routine of Copy II+.
"The Observatory" has 6 wildly different disk read routines. One of them reads one sector each from 32 consecutive half tracks (not a typo).
If "Weather Forecasting" fails its protection check, it says "You are experiencing operating difficulty" in a nice hi-res graphical font.
"Gulp and Frenzy" pre-checks if its copy protection would fail on an original, says THE DRIVE YOU ARE USING IS OPERATING AT AN UNSAFE SPEED
"Video Title Shop" and "Tomahawk" share the same copy protection.
If you modify the self-decrypting protection check in "BC's Quest For Tires," a separate tamper check freezes the game at the title screen.
In "Sammy Lightfoot," if you disable the tamper check for the self-decrypting protection check, the game starts but level 1 is unwinnable.
Marauder's second tamper check checksums every even byte, to defeat a well known two-byte patch that fooled the first tamper check.
Over half of the "Bandits" disk (20 tracks out of 35) is devoted to the copy protection. One wrong bit and it reboots!
Dragon's Keep JSRs its protection check on every 8th file access. A separate tamper check ensures the JSR instruction hasn't been modified.
Boulder Dash's self-modifying tamper check calculates the game entry point by checksumming its protection routine (written in EA bytecode).
Scott Adams' Strange Odyssey doesn't run its protection check until you've started the game, climbed down the stairs, and taken the shovel.
If "Print Shop Companion" detects its protection routine (or its caller) was modified, it subtly tweaks your printer setup to print garbage.
Ankh's protection finishes by lying about what track the head is on. The bootloader then depends on this lie to find the game code on disk.
"Kingdom of Facts" has subtle bugs that make starting a game impossible. The bugs are patched in memory after the protection check succeeds.
If you bypass the self-decrypting protection check in "Threshold," it lets you play the game but you can only move your ship to the right.
If you change Threshold's self-decrypting protection check so it always succeeds, it lets you play level 1 but glitches out on level 2.
"Ulysses and the Golden Fleece" counts nibbles and compares them to a table stored separately. The code is encrypted and protected by an anti-tamper check, but the table is not.
Rescue Raiders presents as a standard disk, but copies enter an endless demo mode with the on-screen message "BAD DRIVE SPEED"
If you bypass the protection check in "King's Quest," the anti-tamper check ensures you can never make it off the first screen. Instead, you wrap around the edge, reappear on the other side of the same screen, and the game crashes.
If you bypass the copy protection check AND disable the anti-tamper check in "King's Quest," a second anti-tamper check checks that the first anti-tamper check hasn't been tampered with, finds that it has, and the game crashes when you open the castle door.
If you only disable the first encrypted protection check in "Crimson Crown," the game appears to work but soon drops you into a locked underground annex from which there is no escape. Eventually it says "there appears to have been a problem with the disk."
"Oo-Topos" doesn't run its second encrypted protection check until you escape from the prison cell, turn off the alarm, open the panel, take the laser, and shoot an alien. A few moves later, if the check failed, the aliens are guaranteed to catch up to you and imprison you again.
MECC Teacher Options lets you set options on other MECC disks, which means it must know how to bypass all forms of MECC's own copy protection. It supports both DOS 3.3 and ProDOS, but it fails on cracked disks because it analyzes the protection itself to distinguish between them.
If "Queen of Phobos" detects that it's running on a disk with a volume number that isn't 000, it melts your flesh off.
The Goonies has one obvious protection check on boot and another one that is loaded from disk but is not run until after level 2. If you disable the delayed protection check on disk, a separate anti-tamper check notices and reboots after the initial title screen.
If "Congo Bongo" fails its first protection check, it issues opcode $02. On early (6502) Apple IIs, this halts the machine, but on later (65c02) models the opcode does nothing, so execution continues and the protection subroutine always returns that the disk is original.
"Tass Times in Tonetown" (by @burgerbecky) subtracts #$0B from the slot/drive index, then hits softswitches like "LDA $C094,X" and "LDA $C097,X" in its protection check – presumably to frustrate lazy pirates searching for known hex sequences.
"Sabotage" calls its protection check by copying the address directly into the stack page and manipulating the stack pointer. The check has side effects, so you can't skip it, and it's encrypted with a 20-byte key, so you can't read it. The key is "(C)1981ONLINESYSTEMS"
"Seafox" loads from 38 consecutive half tracks. This was virtually impossible to copy; the drive head in a standard floppy drive was wide enough that data written to one track would "cross-contaminate" the adjacent quarter and half tracks. Bit copiers tried to fake it by copying quarter tracks, relying on that cross-contamination both to scoop up all the data from the adjacent whole and half tracks on the original disk, and to write the data back out to those adjacent tracks on the copy. It rarely worked. This led to a faction of people back in the day who firmly and vocally believed that quarter tracks didn't exist, i.e. it was impossible to store actual data on quarter tracks, that they were just a figment invented by bit copiers to hide their shortcomings. (They were wrong.)
"Mabel's Mansion" tries to write #$00 to slot ROM to check for memory capture cards and other hacker-friendly peripherals. Unfortunately, this also "detects" a Mockingboard (a popular sound card) and reboots. Worse, it activates a Z80 card and disables the Apple II CPU entirely.