Selecting CD-ROM Copy Protection

By: John Stevens, VP Business Development, HexaLock, Ltd.

Safeguarding digital content, data and software has become a mandatory part of today's software publishing process, but it is a difficult task to do well. Effective copy protection implementation requires the close cooperation of the publisher, replicator and copy protection software provider.

Publisher Considerations

Content owners are looking for cost-efficient solutions that provide effective protection while not inconveniencing their users. They have to consider factors like data security, software performance, ease of use and integration into their products. Ideally, sometime before beta-code release, copy protection solutions have been evaluated and integrated into the product.

Since beta-code is often very similar to final code, protection of only final code may prove ineffective if unprotected copies of beta releases are available. In fact, since many beta release copies are duplicated and distributed on CD-R, the first order of business for a publisher may be to evaluate the CD-R copy protection solutions available from prospective vendors. Since CD-R duplication software and equipment can be quite varied, it is even more difficult for a vendor to copy protect CD-R effectively.

The publisher will want to conduct a careful evaluation of the vendor's CD-ROM data security effectiveness. He should review the copy protection vendor's test reports and obtain his own data by testing demo CDs. He then must evaluate the product with his executable code to ensure effective performance. Protection against "cloning software" types needs to be evaluated, since these packages are available to the more sophisticated, and determined, potential software pirate. In addition to single copy, one-off protection, the publisher needs to be concerned with the possibility of a generic crack being developed for his title.

The publisher needs to confirm the anti-hacking/ anti-cracking capabilities of the copy protection software: Is the product specifically designed to make the creation of a generic crack exceptionally difficult? For large production runs of the same title, does the software allow multiple, uniquely protected, masters to be made? This ensures that a generic crack of one master would not impact CD-ROM replicates made from another master. Finally, a publisher needs to confirm that the protection product can effectively detect and combat CD emulators and virtual CD software.

Additional considerations for the publisher's decision are the product's compatibility, flexibility and ease of use within his programming environment. Is the authentication process fast enough? Does the vendor offer products that work with multiple programming languages? What happens when an unauthorized copy is encountered? Finally, ever-larger graphic and program files are making disc capacity an issue. Some copy protection products require as much as 20 MB of disc space. The publisher needs to confirm that an application can accommodate the copy protection software's required disc capacity.

Replicator Considerations

CD-ROM replicators offer copy protection products to their customers as a value-added service. Publishers and replicators must work in concert so that CD-R gold masters processed by the publisher can be encrypted in the replicator's mastering suite.

Ideally, the copy protection technology selected by the replicator can be added to his mastering suite without the need for any special equipment or hardware modifications. The product should automatically detect a Processed Gold Master and convert it into a copy protected Glass Master/Stamper for subsequent replication. The product should follow the regular manufacturing process for CD-ROM with little or no need to change QC test equipment or procedures.

In early 2002, HexaLock copy protection was added to the mastering suite at L&M Optical Disc, Brooklyn, NY. "The plug-in automatically detects a HexaLock Processed Gold Master and converts it into a copy protected Glass Master/Stamper for subsequent replication," said Guy Marely, COO. "Once converted, the product follows our regular manufacturing process for CD-ROM with little or no need to change QC test equipment or procedures."

Hexalock offers two approaches to copy protection software implementation. The AutoLock Utility is designed for publishers who use high-level development environments. The publisher selects the program files to be protected from a dropdown menu. The Utility contains the tools to create a HexaLock Process Gold Master CD-R to send to and authorized replication facility. Released patches on the Internet can easily be protected as well.

The HexaLock MultiLock SDK is designed for use with specific programming languages. Using the SDK, the developer can implement an unlimited number of authentication tests at any stage of the application. Each "lock" acts as an independent and interdependent entity. This makes hacking and cracking the program and the development of a generic crack exceedingly difficult. The SDK also contains flow control functions which can be used to create demo applications and/or redirections to the publisher's Web site in case the CD is not an original.

The performance advances and general availability of copy protection technology have made the decision to copy protect most CD-ROM applications and gaming programs fairly common. It is clear, however, that an effective implementation of copy protection technology requires the close cooperation of the publisher, replicator and copy protection software provider. Not only is this cooperation required initially, but it will also be required going forward as evolving formats such as DVD-ROM become more popular and the techniques of the hacker/cracker community become ever more sophisticated.

For more information, contact Hexalock at Email: John@Hexalock.com, Web: http://ww.hexalock.com/