Jump to content
IGNORED

Risky Rick in Dangerous Traps (June 25th)


Recommended Posts

Thank you, Kevin, for seperating the wheat from the chaff! One might say "You've been Pwned!" to Richy and others who continue to post misinformation about the type of protection (yes, copy protection) that Risky Rick used. As you said on your blog, this was a "one-off" protection scheme, so it's all rather academic now. The cat's out of the bag, thanks to you and your genuine and appreciated effort to crack this puzzle. I understand protecting one's IP, but the method used here doesn't bode well in this small community; it's incongrous and disingenious, it might end up alienating some people. Once bitten, twice shy. But, on the other hand, who am I to critize or discourage active software development in the CV community?

 

Since all copies have been sold, I sadly won't get the chance to play this excellent game, even on emulation, as the decision to not make a .ROM available has been stated. That's a sad state of affairs.

  • Like 2
  • Sad 1
Link to comment
Share on other sites

19 minutes ago, zyzzle said:

Thank you, Kevin, for seperating the wheat from the chaff! One might say "You've been Pwned!" to Richy and others who continue to post misinformation about the type of protection (yes, copy protection) that Risky Rick used. As you said on your blog, this was a "one-off" protection scheme, so it's all rather academic now. The cat's out of the bag, thanks to you and your genuine and appreciated effort to crack this puzzle. I understand protecting one's IP, but the method used here doesn't bode well in this small community; it's incongrous and disingenious, it might end up alienating some people. Once bitten, twice shy. But, on the other hand, who am I to critize or discourage active software development in the CV community?

 

Since all copies have been sold, I sadly won't get the chance to play this excellent game, even on emulation, as the decision to not make a .ROM available has been stated. That's a sad state of affairs.

I'm not sure why people can't find the one's on eBay, I just bought one a few minutes ago on eBay after trashing the case of my previous one to find out what the pcb was like and see if cart edge penetration was an issue.

Link to comment
Share on other sites

10 hours ago, Shawn said:

EDIT: So if your lies only effect a few people it's ok? Not in my world.

That is not at all what I said.  I just wanted to gather as much information as I could on the subject before I formulate an opinion.  Something that I'm not sure many others have been doing before blasting the publisher of the game.

 

6 hours ago, kevtris said:

I didn't write that blog post to drum up drama or anything, it was to document what I found and I found and to educate people on how protections like this are discovered, how they are reverse engineered, and to describe how they work in detail. I figured others would like to read up on it.  To be clear: the ROM was never, ever available on that page or elsewhere on my website and never will be.

I for one found the blog post very interesting and greatly appreciated all the discovery!

 

I'm not sure I agree that this kind of copy protection was needed for a homebrew game as it seems to go to an extreme to make sure a homebrew wasn't copied, especially when i don't think that homebrew piracy was that big of a concern in this community.

 

That being said, I would most certainly hope that the publisher would give a refund to anyone who has a copy that didn't work on their machine, or at least supply an unprotected ROM so they could play the game using other methods.  I had thought a ROM version would be available to those who purchased the game.  Did that ever happen? I honestly do not remember.

 

I personally think the game is great and they did a wonderful job with the game, the packaging, etc, it's just a shame they chose to be so heavy handed with the code. But there most certainly are ways to resolve that issue and I hope it eventually gets resolved so everyone can play.

  • Like 2
Link to comment
Share on other sites

1 hour ago, TPR said:

I personally think the game is great and they did a wonderful job with the game, the packaging, etc, it's just a shame they chose to be so heavy handed with the code. But there most certainly are ways to resolve that issue and I hope it eventually gets resolved so everyone can play.

The other issue here is that the DRM is focused on the console, not on the software itself.  Once the pin 13 issue is discovered and a good ROM dump made, you can go ahead and build counterfeits all day, and have the game work as well on real consoles as the original game did, only without a shielding problem.  On the other hand, if they used something like a microcontroller that the game communicated with for nontrivial data manipulation, and assuming that program was protected from read-back on the chip, then you have a game that won't work without the "key" chip, on any console, until extensive code analysis and descrambling is completed.

 

Of course that still means it won't work on mega-carts, which will make people unhappy.  But at least the DRM would be 100% compatible with all consoles, modded or not.

Link to comment
Share on other sites

55 minutes ago, ChildOfCv said:

The other issue here is that the DRM is focused on the console, not on the software itself.  Once the pin 13 issue is discovered and a good ROM dump made, you can go ahead and build counterfeits all day, and have the game work as well on real consoles as the original game did, only without a shielding problem.  On the other hand, if they used something like a microcontroller that the game communicated with for nontrivial data manipulation, and assuming that program was protected from read-back on the chip, then you have a game that won't work without the "key" chip, on any console, until extensive code analysis and descrambling is completed.

 

Of course that still means it won't work on mega-carts, which will make people unhappy.  But at least the DRM would be 100% compatible with all consoles, modded or not.

This isn't very difficult to defeat using an FPGA, where you can monitor the address/data bus in real time and just siphon the data as it comes over.   It's kind of like having a debugger that works on actual hardware.   A better method would be to do some of the game logic inside the microcontroller, then it wouldn't be possible to reproduce without dumping the microcontroller.  If it is protected, this would be fairly difficult and impossible to dump.  You'd have to break out the nitric acid to expose the bare silicon then deprotect the micro and dump.  This is well beyond most hobbyists and professionals.  (no, this is beyond my capabilities too.  at least at that point in time.  this could change in the future)

  • Like 1
Link to comment
Share on other sites

8 hours ago, kevtris said:

There's a 1/1024 chance that the RAM will have 8 consecutive bytes in a row in the ASCII range.

With my respect, I guest that you have to rework your math probabilities. By the way, we have good reasons to do those checks (very few bytes left) as we have encountered bugs during the development with emulators and AtariMax around strange yellows sprites and no sound when the game is not used from its own cartridge. We took 3 months to test the game on real hardwares from its cartridge to be really fun to play and provide a good replay value. Definitively, we was not able to guarrantee the other usages as we can't test them and we known that bugs exist (in this case) and the 32K ROM is already full to try to fit a workaround code. (just for information, the 50Hz and 60Hz versions are two different 32K ROM to allow the game to fit too)

 

8 hours ago, kevtris said:

My theory on what happened is people with the RAM mod didn't reinstall the metal shielding, which left pin 13 floating on the cartridge slot, since it's only grounded through the shield and nowhere else.  No other cartridges use pin 13, so there was no issue until this game came out.

Reinstall the metal shielding is a part of the requirement as explain into the ColecoVision Service Manual. Since one year ago, we said to peoples to properly ground their system and to test the continuity on pin13. It is absolutly not new (pictures was publised). Take a look on a previous pages, a guy said he was happy to see at less one other game no more have random crash since. So, you can't point the fault on a game because the console is not properly assembled like they must. The good questions to ask us was: "why those checks", "why the pin13" ... Not: "I will hack the cartridge because someone asked and I think that is not a problem". We are not Activision or Electronic Arts.

 

By the way, all the other peoples answers turn around things that is not into the scope of usage. It is a really minority of users getting this problem compared to all the post on this atari-age topic. Swamy and -^Cro§Bow^- are two guys contacting us because the game only run on one of their Coleco... Never a feedback about how good to play Risky Rick with the working system from this forum.

Link to comment
Share on other sites

8 hours ago, Swami said:

 

Here’s the pcb if anyone is interested. 

 

by the look of that, it is my beleif that the rom chip which is can hold 128k (for a 32k game) actually hold multiple game rom images, and the pin 13 issue and eur / usa selection pins are wired to address lines, so whatevr is selected +5 or 0 volts it configures the eprom to make available to the console a specific region of romspace which contains the relivant rom image depending on selected criteria.  this makes perfect sence to me now by being asked  what region i would like the game when purchasing.

 

that being said, i am only assuming by what i see in the cartridge pictures.

 

may i ask where this image came from,  there appears to be cropped text around the picture that might be useful / interesting to see.

Link to comment
Share on other sites

10 minutes ago, omf said:

by the look of that, it is my beleif that the rom chip which is can hold 128k (for a 32k game) actually hold multiple game rom images, and the pin 13 issue and eur / usa selection pins are wired to address lines, so whatevr is selected +5 or 0 volts it configures the eprom to make available to the console a specific region of romspace which contains the relivant rom image depending on selected criteria.  this makes perfect sence to me now by being asked  what region i would like the game when purchasing.

 

that being said, i am only assuming by what i see in the cartridge pictures.

 

may i ask where this image came from,  there appears to be cropped text around the picture that might be useful / interesting to see.

It came from my cartridge, in the USA. You can see the complete chip, nothing is cropped. The background is my laptop keyboard. 

Link to comment
Share on other sites

1 hour ago, Ritchy said:

I was able to provide the PCB picture without the need to open a cartridge... I have already done that on an other forum. ^^

Do you want a new sticker to be able to assemble it again???

I took the chip out to check how it was making contact with the cart port, since the insertion felt different than other carts. I just decided to take the pictures while I had the chip out. This did not solve the the crashing on boot up issue, though. Thanks for the offer, though. 

Link to comment
Share on other sites

4 hours ago, Ritchy said:

By the way, all the other peoples answers turn around things that is not into the scope of usage. It is a really minority of users getting this problem compared to all the post on this atari-age topic. Swamy and -^Cro§Bow^- are two guys contacting us because the game only run on one of their Coleco... Never a feedback about how good to play Risky Rick with the working system from this forum.

I'm not turning anything around. And the reason I haven't said anything more about this or the game is because the game only runs properly on my other CV that I don't like to use because it has other issues and has had more repairs than the one I do use. The game does work on my AV modded CV after I attached a ground wire to pin13. However, the game will only boot up about once every 8 - 10 power cycles. Other times it just gives me a black screen, or colored stripes similar to how a 2600 looks when powered on without a game inserted. This game...this game is the ONLY game I own (Including other homebrews...) that does this. When it does finally boot up it plays fine but it is such a pain to get it to come up initially. Because of this the game sits in the box with all the plastic wraps it came in in the original bubble envelope it shipped in stashed away. But I'd rather play it as it was meant to be played and not have to jump through hoops switching out systems for one game.

 

** I meant to add that before pin13 was grounded, the game booted up each and every time without issue. But, only the demo 32k bank was getting loaded up and not the 32k that contains the full game in the cart. 

 

Not sure if this helps at all, but after grounding pin13, it now reads +5 volts on that pin when Risky Rick is inserted and the system is powered on. Kevtris has that information as I measured that when he first asked me to check some things.

 

Edited by -^Cro§Bow^-
  • Like 2
Link to comment
Share on other sites

On a related note it's been brought to my attention that (allegedly) one of the developers of this game has moderator power on some retro forums (not AA) and has been using that power to stifle any discussion of the DRM in the game. C'mon man. This is the Barbara Streisand effect all over again. The whole fact that somebody was trying to squash this discussion was the reason this game ever came on my radar to begin with. I had never heard of Risky Rick nor read about it before I found out that Crossbow and Kevtris had been sleuthing the DRM and then got censored. The more they try to keep people from finding out about it the bigger a magnifying glass they shine on the whole thing.

Link to comment
Share on other sites

38 minutes ago, MegaManFan said:

On a related note it's been brought to my attention that (allegedly) one of the developers of this game has moderator power on some retro forums (not AA) and has been using that power to stifle any discussion of the DRM in the game. C'mon man. This is the Barbara Streisand effect all over again. The whole fact that somebody was trying to squash this discussion was the reason this game ever came on my radar to begin with. I had never heard of Risky Rick nor read about it before I found out that Crossbow and Kevtris had been sleuthing the DRM and then got censored. The more they try to keep people from finding out about it the bigger a magnifying glass they shine on the whole thing.

Just want to mention that aside from a few voltage measurements and rom testing, it was really @kevtris and @Ikrananka that did most of the sleuthing on this one. I just happen to be at hand with the game within reach and my CV opened up at the time to check these things out.

 

Either way, I don't know how many people are affected and I suppose it is possible that it is really only @Swami and I that continue to have issues with the game? But I find that unlikely given that I have two CVs at my disposal and the game works fine in one and works sometimes on the other so that is about a 50/50 success rate, while Swami can only get his copy to work in 1 out of 3 CVs that he owns. What are the odds? Unless we both have buggered up carts? But then while refunds might have been offered to some, I know that Swami and I were told from the devs that they didn't feel anything was wrong with our carts of the game since we could get them to work other CV consoles we had on hand. Instead, we were simply told there was something wrong with our CVs that caused the game to not work or have problems. We were told the game was very advanced for a CV game and really required a fully 100% stock system to be sure it plays correctly. Understood, but then why does a patched ROM that removes these RAM checks work 100% in this same CV that the actual cart has trouble operating on? While I've not managed to beat the game yet, I've made it to level 3 at least and the patched ROM has never given me any issues during game play. 

 

So I guess we need a show of hands for those that are still having difficulties in getting this game to load up on their consoles because if it isn't DRM and is some sort of required memory checks to be sure things are in a stable state for the game to play, then these checks also seem to cause issues for those with legitimate CV consoles. I mentioned this before, but the +5 RAM video upgrade isn't really an optional mod when the original video RAM goes belly up. It is pretty much the only way to repair that RAM without sacrificing the chips from other CV consoles or arcade boards. It isn't a modded console, it is a repaired console done with the most available and safe components we can use today.

 

**Edited for my crappy spelling and I still likely missed some places... 

Edited by -^Cro§Bow^-
  • Like 2
Link to comment
Share on other sites

1 hour ago, -^Cro§Bow^- said:

So I guess we need a show of hands for those that are still having difficulties in getting this game to load up on their consoles

I would most certainly encourage anyone who is having issues with their cartridge to contact ArcadeVision directly so they can get it resolved.  AtariAge is not really the forum to be their complaints department and I would hope those who cannot get the game to work will be able to come to some agreement with the publisher to either get the game work or get a refund.

Link to comment
Share on other sites

1 hour ago, TPR said:

I would most certainly encourage anyone who is having issues with their cartridge to contact ArcadeVision directly so they can get it resolved.  AtariAge is not really the forum to be their complaints department and I would hope those who cannot get the game to work will be able to come to some agreement with the publisher to either get the game work or get a refund.

I wouldn't normally disagree with this, but in this case the Devs are stating that it is only 2 of us having this issue? I can't see Kevtris investing the time he did to look into this if only 2 of us were actually having any issues with the game. So I was only asking if others are having issues and to state as much so we have a better idea on how many are affected. If it is only the two of us, then that is great and we are just unlucky in this regard. If not, then perhaps it warrants discussion and further investigation to find out why some CVs seem to have an issue and most do not.

 

Link to comment
Share on other sites

9 minutes ago, -^Cro§Bow^- said:

I wouldn't normally disagree with this, but in this case the Devs are stating that it is only 2 of us having this issue? I can't see Kevtris investing the time he did to look into this if only 2 of us were actually having any issues with the game. So I was only asking if others are having issues and to state as much so we have a better idea on how many are affected. If it is only the two of us, then that is great and we are just unlucky in this regard. If not, then perhaps it warrants discussion and further investigation to find out why some CVs seem to have an issue and most do not.

 

I honestly don’t know how many it is but for those of you who have bought the cart, please take it up with ArcadeVision to sort out a refund or a solution. 

 

If you have brought it up with them and they refuse to work it out, please report back. 

 

Personally I think they just need to release a working ROM to everyone who has bought the game. 

 

I think that that would be a good faith effort and fixes all of this. 

Link to comment
Share on other sites

10 hours ago, Ritchy said:

With my respect, I guest that you have to rework your math probabilities. By the way, we have good reasons to do those checks (very few bytes left) as we have encountered bugs during the development with emulators and AtariMax around strange yellows sprites and no sound when the game is not used from its own cartridge. We took 3 months to test the game on real hardwares from its cartridge to be really fun to play and provide a good replay value. Definitively, we was not able to guarrantee the other usages as we can't test them and we known that bugs exist (in this case) and the 32K ROM is already full to try to fit a workaround code. (just for information, the 50Hz and 60Hz versions are two different 32K ROM to allow the game to fit too)

 

Reinstall the metal shielding is a part of the requirement as explain into the ColecoVision Service Manual. Since one year ago, we said to peoples to properly ground their system and to test the continuity on pin13. It is absolutly not new (pictures was publised). Take a look on a previous pages, a guy said he was happy to see at less one other game no more have random crash since. So, you can't point the fault on a game because the console is not properly assembled like they must. The good questions to ask us was: "why those checks", "why the pin13" ... Not: "I will hack the cartridge because someone asked and I think that is not a problem". We are not Activision or Electronic Arts.

 

By the way, all the other peoples answers turn around things that is not into the scope of usage. It is a really minority of users getting this problem compared to all the post on this atari-age topic. Swamy and -^Cro§Bow^- are two guys contacting us because the game only run on one of their Coleco... Never a feedback about how good to play Risky Rick with the working system from this forum.

 

Come on, I wasn't born yesterday ?  I have been poking and reverse engineering games for a long time now since I have to implement hardware that runs said games.  When things go wrong, I have to break out the disassembler and debug tools to find out why.  

 

I never saw the game fail in any way on emulators or my own FPGA Coleco hardware, other than not being able to progress past level 1 (on the demo) or before adding RAM data pattern initialization (on the full version).  The game isn't doing anything tricky at all, and isn't stressing cycle accuracy or timing.  Having two ROMs for PAL/NTSC makes perfect sense and is a good way to go when it comes to localization.

 

The shielding is only there to keep the FCC happy and serves little to no electrical purpose outside of this.  It is not required for operation and just keeps radiation from the digital logic from ripping up your neighbour's TV.  (though honestly their TV would have to be pretty darn close.  Maybe in an apartment?  If so, I feel bad for my neighbors of years past for all the electronic stuff I ran without shielding!)  The digital trash might leak into the RF if you're using RF to connect your Coleco to the TV.  This was a problem on the 2600, but I ran my Coleco for years without the shielding on RF without an issue. 

 

(interesting and related ramble follows)

 

One good thing is this highlights how important it is in emulators and FPGA systems to initialize RAM to a state similar to how uninitialized RAM manifests to get around these tests.  As a bonus, at least on Coleco, it fixes two games that rely on randomness in RAM.   These games are Fraction Fever (if RAM is zeroed before running, the game will continuously use 1/1 as the fraction).  The other is Yolk's on You, which will appear to freeze when the game screen appears.  This is because the "random" number generator is an LFSR, and since it's loaded with 0's, it will continue to generate 0.

 

The game checks the random number for 0;  if so it re-rolls but it keeps coming up 0.  This makes the game hang, because the "random" number never deviates from 0.  The fix in all cases is to load RAM with data that simulates the power-on state of a RAM chip.

  • Like 8
  • Thanks 1
Link to comment
Share on other sites

On 8/4/2019 at 6:07 PM, orange808 said:

Fair enough. 

 

One question:  Why the take down request?

Still haven't seen a good answer to this one, and I'm still inclined to believe it's DRM since (like Kevtris said) I wasn't born yesterday. If it's not DRM why censor links to his blog? If what Kevtris says isn't true then you've got no leg to stand on for a takedown, and if what Kevtris says IS true your takedown request proves it. Quod erat demonstrandum.

Edited by MegaManFan
fix a grammatical error
  • Like 2
Link to comment
Share on other sites

IMO Kevin does reverse engineering for so long he doesn't have anything to proove to him or to us and why would he gain to lie to us he fixes things what i don't like is that if a DRM has been implented and DENIED i have much more of a problem with that trusting the developpers

put a DRM in your games if you want but don't lie to us if you do please

Edited by harlock76
  • Like 2
Link to comment
Share on other sites

3 hours ago, kevtris said:

The shielding is only there to keep the FCC happy and serves little to no electrical purpose outside of this.  It is not required for operation and just keeps radiation from the digital logic from ripping up your neighbour's TV.  (though honestly their TV would have to be pretty darn close.  Maybe in an apartment?  If so, I feel bad for my neighbors of years past for all the electronic stuff I ran without shielding!)  The digital trash might leak into the RF if you're using RF to connect your Coleco to the TV.  This was a problem on the 2600, but I ran my Coleco for years without the shielding on RF without an issue. 

As far as I know RF shielding no longer serves any purpose and won't affect your neighbors TV unless they're still rocking some old tube set from days gone by.  If I can find the info from Ken Lill (kenzre) on exactly why it doesn't interfere anymore (solid state vs tubes I think) I'll post it. 

Link to comment
Share on other sites

13 minutes ago, 128Kgames said:

Elaborate please?

http://retrogamingmagazine.com/2018/06/16/rick-dangerous-homage-risky-rick-sees-colecovision-release-looming/

"Easter Egg had to work around copyright and trademarks, so some things are not quite the same as Core Design’s original. "

"As you can see from the screen shots above, the similarities are quite strong."

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...