So here's the code I'm talking about, the macro SCRAMBLE It looks annoyingly complicated but it's not, really. It's taking an 8-bit number and shifting around some of the bits.pic.twitter.com/tvpUKnnkfq
U tweetove putem weba ili aplikacija drugih proizvođača možete dodati podatke o lokaciji, kao što su grad ili točna lokacija. Povijest lokacija tweetova uvijek možete izbrisati. Saznajte više
So here's the code I'm talking about, the macro SCRAMBLE It looks annoyingly complicated but it's not, really. It's taking an 8-bit number and shifting around some of the bits.pic.twitter.com/tvpUKnnkfq
If you diagram out what's happening, it makes slightly (BUT ONLY SLIGHTLY) more sense. It kinda looks like they started with a a "reverse the order of these bits" function but then switched it so the 4 and 32 don't get switched, they just go straight through.pic.twitter.com/Hm4ccodOqv
So, how is this code used? Well, in m_cheat.c, it's used to build a lookup table which has all the values pre-encrypted, so it can quickly look them up later. Then, when you press a key, it translates it through this table:pic.twitter.com/4GVsVOIOXK
This code mainly takes care of checking what you've typed while playing Doom, to see if it matches one of the cheat codes, like IDKFA or IDDQD. If what you typed matches one, it returns a true value to the calling code, and the game can turn on (or off) that cheat.
But the interesting part is how those cheat codes are defined in the source code (and therefore the executable). Here's one of them, the classic IDKFA:pic.twitter.com/u5EDu7YEZ4
the // idkfa part is just a comment to the programmers reading and writing the code, the only part the compiler cares about is the "0xb2,0x26,..." part. But why is it written out as 0xb2, 0x26? is this scancodes or something? NOPE!
when they wrote the cheats into the source code, they pre-encrypted them with this SCRAMBLE function. Then, when the m_cheat.c code is checking your keypresses, it also SCRAMBLEs them and checks if they match.
since it's comparing scrambled values against scrambled values, it doesn't need a descrambler of any sort. it just checks that they both scramble the same way. But why do they do it this way?
it turns out the pre-scrambling is the entire point. They didn't want "IDKFA" and the other cheats to be written out in plain text in the source code. Now, the source code wasn't released until 6 years later, so why did they care?
because things like strings are incorporated into the binary file of the program directly. They're not compiled like the C instructions are. So anyone could have pulled out a hex editor and started scrolling through DOOM.EXE until they found some text, like "IDKFA"
which, because it's in the source right next to all the other cheats, would immediately tell them that the other cheats are idmus, idchoppers, iddqd, idkfa, idfa, idspispopd, idclip, idbehold*, idclev, and idmypos.pic.twitter.com/sKbRnL9UEN
which'd obviously immediately get put into every cheats ... I almost said "website" there but there weren't very many websites in 1993. every cheats bulletin board file and usenet FAQ.
so by pre-encrypting them in the source they made it so you couldn't quickly find the cheats by searching the EXE for cheat-like phrases.
I dunno how much this actually slowed them down. It'd be interesting to go look through the archives of the usenet groups and see how long it took for various cheats to get mentioned.
but hackers are crafty. You'd need a debugger (and for a game running in 32bit mode on DOS those were not going to be easy to come by) but you could set breakpoints on keypress and you'd probably find the cheat-checking code pretty quick, and then figure out how they're encoded
I checked usenet. And the first result in comp.sys .ibm.pc .games.action (where most Doom discussion was happening) for "idkfa", was at 8am on December 15th, 1993. Elias 'CaveMan' Papavassilopoulos posted this list of cheats:pic.twitter.com/Wy6Qk3apF8
That thread, titled "idNews: sorry- not tonight" by David Taylor, seems to be the first time any Doom cheats were mentioned on usenet.https://groups.google.com/d/msg/comp.sys.ibm.pc.games.action/ArY43Es_1bw/uZilNsl8EwkJ …
Doom's shareware episode was released at midnight on December 10, 1993. So the answer for "how much did this slow down hackers?" seems to be "at most, 5 days"
it's possible they were mentioned elsewhere on usenet prior to that post, I wasn't able to really search. That seems to have been the main usenet group for Doom stuff at the time, so it would have been quickly cross-posted had it shown up elsewhere first.
There was later a whole set of Doom-related newsgroups for Doom, but they didn't start getting created until January, 1994. https://doomwiki.org/wiki/Usenet_groups …pic.twitter.com/jbrduYRngb
BTW, it's amusing to see that the THE VERY SAME PLACE that excitedly talked about this new game, "Doom", back in 1993, is now talking about Outer Worlds. This post is like 30 minutes old. Usenet never died, it just slowed down.pic.twitter.com/NxOEFqjYAR
BTW, 3 hours after Elias 'CaveMan' Papavassilopoulos posted their list of cheats, Jim Mcnicholas posted their own... in a suspiciously similar order and phrasing. J'ACCUSE, JIM MCNICOLAS!pic.twitter.com/CGKycBufjW
you totally ripped off Elias's list and then didn't credit them. ADMIT IT
David Taylor (of id Software) would confirm the cheats (and add on to, since hackers hadn't found iddt cheat yet) later that day, around 5pmpic.twitter.com/lsftTiA69v
that was supposed to have a link:https://groups.google.com/d/msg/comp.sys.ibm.pc.games.action/QL8WehGZhps/7GRT3t0N514J …
An interesting thing about finding the cheats: As early as the 11th, someone (Eugen Wolwod) had spotted the activation messages for the cheats in the executable, but couldn't find how to activate them yet. https://groups.google.com/d/msg/comp.sys.ibm.pc.games.action/hDUPzSnmT1Q/Waj4S9D1viwJ …pic.twitter.com/Ei1ElT6CH0
and on the 12th, people were hacking their save game files to get all weapons, even though they didn't have any cheat codes yet: https://groups.google.com/d/msg/comp.sys.ibm.pc.games.action/hDUPzSnmT1Q/0y3Qiv8bhHUJ …pic.twitter.com/WZ6trjQLHv
The fact that they found longer ones like choppers & spispopd makes me think that the cheats were finally figured out by someone debugging the EXE (rather than just typing key combinations until they found something that worked), and they missed iddt because it's elsewhere
all the other cheats are in st_stuff.c, but iddt is in am_map.c https://github.com/id-Software/DOOM/blob/77735c3ff0772609e9c8d29e3ce2ab42ff54d20b/linuxdoom-1.10/am_map.c#L287 …pic.twitter.com/Uvz8YnZxYt
and compilers being what they are, that's likely going to end up somewhere else in the executable. (They would have found it if they did a search on what code calls cht_CheckCheat, and checked each of the arguments)
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.