28 Jan
2009
28 Jan
'09
2:07 p.m.
Tim McNerney wrote:
I'd like to get Apple II VisiCalc running in
emulation.
Right now this isn't possible because of the copy protection.
So are you trying to reverse-engineer the entire application, or just the
copy-protection?
What are your goals here?
Remove the protection?
Reverse-engineer the protection to the point where you can modify an
emulator to emulate the protection ("bad" GCR, timing hacks and whatnot)?
Tear the app apart, documenting absolutely everything?
I have three versions of the Apple II software. I
know one of them
still boots (1983?)
and have some confidence that the other two versions (1979 and 1981)
work too.
My first step would be to use some form of disc imaging apparatus (Catweasel?)
to make a magnetic transition level image of the discs, then write some
software to decode that into actual bytes and words.
I'm not sure how Apple discs work so you'll have to bear with me here. (I do
have a decent amount of 6502 knowledge, though...)
I'd start by reverse engineering the boot sector, startup code or whatever. On
a BBC Micro disc I'd look at the boot flags, then start tearing the !Boot
program/CLI script apart. Move on from there as and when necessary.
The theory here is that the disc must be readable in some way -- either it's a
"pure" AppleDOS (or whatever) disc, or it's got an AppleDOS boot track and
the
rest of the disc is some custom format or other.
Much as I hate using PCs as an example for anything.. as long as track 0 on a
PC disc meets one of the standard formats (e.g. 360K, 720K, 1.4MB), and sector
0:0:1 (cyl 0, head 0, sector 1) contains a valid PC/DOS boot sector (defined
as "the checksum is valid and the 0x55AA signature is present") then the BIOS
will boot the disc (by loading CHS 0:0:1 into memory at 0x7C00 and jumping to
0x7C00). The BIOS really doesn't care about the filesystem, that's the
operating system's job...
But like I said above, the amount of work involved is going to depend on what
you want. Just reversing the copy protection to the point where you can
emulate the protected tracks shouldn't be too difficult. Reverse engineering
the entire application to the point where you can specify in great detail how
the application works, and all its internal data structures... that's going to
be difficult.
--
Phil.
classiccmp at philpem.me.uk
http://www.philpem.me.uk/