Copy Protection Used on Apple Computers
The first protection of floppy disks consisted of changing the address marks, bit slip marks, data marks, or end of data marks for each sector. For example, Apple standard sector markings were:
D5 AA 96 for the address mark. That was followed by track, sector, and checksum.
DE AA EB concluded the address header with what are known as bit slip marks.
D5 AA AD was used for the data mark and the end of data mark was another DE AA EB.
Changing any of these marks required fairly minimal changes to the software routines in Apple DOS which read and wrote the floppy disk, but produced a disk that could not be copied by any of the standard copiers, such as Apple's COPYA program. Some protection schemes used more complicated systems that changed the marks by track or even within a track.
By 1980, the first nibble copier, Locksmith, was introduced. These copiers reproduced copy protected floppy disks an entire track at a time, ignoring how the sectors were marked. This was harder to do than it sounds for two reasons: firstly, Apple disks did not use the index hole to mark the start of a track; their drives could not even detect the index hole. Tracks could thus start anywhere, but the copied track had to have this "write splice", which always caused some bits to be lost or duplicated due to speed variations, roughly in the same (unused for payload data) place as the original, or it would not work. Secondly, Apple used special "self-sync" bytes to achieve agreement between drive controller and computer about where any byte ended and the next one started on the disk. These bytes were written as normal data bytes followed by a slightly longer than normal pause, which was notoriously unreliable to detect on read-back; still, you had to get the self-sync bytes roughly right as without them being present in the right places, the copy would not work, and with them present in too many places, the track would not fit on the destination disk. Locksmith copied Apple II disks by taking advantage of the fact that these sync fields between sectors almost always consisted of a long string of FF (hex) bytes. It found the longest string of FFs, which usually occurred between the last and first sectors on each track, and began writing the track in the middle of that; also it assumed that any long string of FF bytes was a sync sequence and introduced the necessary short pauses after writing each of them to the copy. Ironically, Locksmith would not copy itself. The first Locksmith measured the distance between sector 1 of each track. Copy protection engineers quickly figured out what Locksmith was doing and began to use the same technique to defeat it. Locksmith countered by introducing the ability to reproduce track alignment and prevented itself from being copied by embedding a special sequence of nibbles, that if found, would stop the copy process. Henry Roberts (CTO of Nalpeiron), a graduate student in computer science at the University of South Carolina, reverse engineered Locksmith, found the sequence and distributed the information to some of the 7 or 8 people producing copy protection at the time.
For some time, Locksmith continued to defeat virtually all of the copy protection systems in existence. The next advance came from Henry Roberts' thesis on software copy protection, which devised a way of replacing Apple's sync field of FFs with random appearing patterns of bytes. Because the graduate student had frequent copy protection discussions with Apple's copy protection engineer, Apple developed a copy protection system which made use of this technique. Henry Roberts then wrote a competitive program to Locksmith, Back It UP. He devised several methods for defeating that, and ultimately a method was devised for reading self sync fields directly, regardless of what nibbles they contained. The back and forth struggle between copy protection engineers and nibble copiers continued until the Apple II became obsolete and was replaced by the IBM PC and its clones.