Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
Lvangundy

What was the story with the id multigame CD?

Recommended Posts

I remember there was some kind of controversy with an id release, which I think was Quake. It contained encrypted(?) versions of every iD game, and there was a simple keygen crack that basically unlocked everything. I want to say that it was actually on the disc IIRC.

The problem/controversy was that iD knew about this problem and released it anyway.

Does anyone know the behind the scenes story of what happened? Was it someone internal that did the crack and released it while the CD was in the mass production process?

BTW I'm not condoning/promoting the use of this thing. You can buy every iD game in a pack on Steam for $5 (on sale) so don't even think about it!

Share this post


Link to post

I remember the original shareware version of Quake contained the four episodes in their entirety that could be unlocked when purchased through GT Interactive. Of course people immediately found ways around that.

Share this post


Link to post

Maybe that was the release, but it had Doom and other games on it too.

I do remember some huzzah online about it because there was more to the story.

Share this post


Link to post

The Master Levels CD has something like this too, though I hadn't heard about the crack part or id knowing about it. Dusting off the disc to check, it appears that the games it has are The Ultimate Doom, Doom 2, and Heretic.

Edit: Checking my Quake CD, and it does appear to have a similar digital distro section with more games. It has Ultimate Doom, Doom 2, The Master Levels, Heretic, Hexen, Deathkings of the Dark Citadel, and Wolfenstein 3D.

Here are some screens:
1 2 3

Share this post


Link to post

Yeah that's it. Now, I also want to say some gaming news site wrote an article about it, maybe Bluesnews?

Share this post


Link to post

The id STUFF store was based on a generic software demo suite called Test-Drive, which uses an apparently phenomenally weak form of symmetric key cryptography. It gives you a code which you call into the company that licensed the shell in order to register the product, tje operator gives you the unlock code corresponding to the code on your screen, and then it decrypts the on-disc file using that.

Some clever dude reverse engineered it enough to figure out a keygen, which was called qcrack. IIRC, Jay Wilbur and John Romero went fucking nuts and were posting curse-filled messages on Usenet, though I'm unable to find any of them now.

As a result, the original Quake shareware CD has become a relatively rare item, considering how it could be used to basically acquire the entirety of id's library from Doom to Quake for the low-low MSRP of $9.99.

Share this post


Link to post

Yeah, I had the Quake shareware CD.

No comment on whether I qcrack'd myself a helping of id games for free.

Quasar said:

IIRC, Jay Wilbur and John Romero went fucking nuts and were posting curse-filled messages on Usenet, though I'm unable to find any of them now.

It would have been interesting if Romero did so, considering he left id Software before the crack came out.

Share this post


Link to post

I have a Quake shareware CD which came with the Creative 3D Blaster video card. It indeed contains, encrypted, the full Quake, along with Doom, Doom 2, Heretic, Hexen and maybe others. It was official: the CD autorun UI has a submenu where you can "Unlock Quake" and other games for prices such as $25 and $40. I never tried that because back then I didn't have a card.

Share this post


Link to post

It always amazed me that id actually went through with it apparently not thinking it was a bad idea until after the crack was released.

Share this post


Link to post
chungy said:

It always amazed me that id actually went through with it apparently not thinking it was a bad idea until after the crack was released.

It wasn't a bad idea per se - AFAIK each copy was individually encrypted, so it wasn't like a single key would unlock the files for every disc or anything. They just happened to go with a middleware crypto solution that sucked hard.

I mean, essentially every modern PC game is encrypted on its disc - otherwise what would product keys be for?

Share this post


Link to post

I have the CD. Marketing wise, it seemed cool to have a disc loaded with demos, and then all you need to do is call and pay for a code to unlock the full game. Problem is the full games are on the CD, and it was fairly short-sighted not to realize it'd become the next big hack. But hey, I bet all those kids who just paid for a shareware CD are happy they got a shitload of games for, what, five bucks was it?

Share this post


Link to post
Linguica said:

It wasn't a bad idea per se - AFAIK each copy was individually encrypted, so it wasn't like a single key would unlock the files for every disc or anything.

That makes more sense then. Theoretically if every disc is different then it's possible to do a scheme like this securely. I'm a bit surprised that it is/was possible to manufacture CDs en masse with different data on them though.

I guess the lesson to be learned is that bad crypto is a universal constant.

Share this post


Link to post

Yeah there's a misconception going on here about how the Test-Drive system works. The encryption is somehow session-dependent. Once you generate a challenge (the code that is presented when you start to unlock the product, for you to give by calling into 1-800-IDGAMES), a unique code is generated for which there is only one corresponding correct response - the code the operator will give you. Once you drop out of the session (closing the "order this game" window), a different code will be generated which requires a different response.

The problem is there's some algorithm you can use, given one, to calculate the other. I don't know if the cracker determined it through reverse engineering, or by comparing known good responses to their challenges (having people who unlocked games legit write down both, for example).

I can tell you I undertook an academic experiment w/IDA Pro to try to repeat this, just to test my "hacker" chops, and was totally defeated. Code's too complex. I found the decryption loop with about 90% confidence, but couldn't figure out how it works. I *can* tell you that if you just hack the EXE to skip past the key check, that doesn't work at all. It will then take any code you put in, and actually spit out an appropriately named output file, but - the resulting "decrypted" file is corrupt garbage. Highly patterned corrupt garbage :>

Share this post


Link to post

I wonder if it was someone internal who later released it or leaked the general idea of how to crack it.

I also wonder if Carmack was like "oh well, everything should be open source and free anyway" and OK'd the release (knowing of the crack).

Share this post


Link to post

Really unlikely. Test-Drive was third party software. There are all kinds of functions in it that the id STUFF store doesn't even make use of, such as the ability to temporarily unlock applications for a time-based trial. It was an off-the-shelf solution.

Share this post


Link to post

Pages 211 & 226. It seems id wasn't happy with GTI (who held the retail publishing rights), so Mike Wilson's grand plan was to self-publish Quake as CD-based shareware. They wound up kicking an own goal.

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×