
SoftICE - peter_d_sherman
https://en.wikipedia.org/wiki/SoftICE
======
pridkett
Ancient? Ughh. I remember using SoftICE to cheat in games back in the 1990’s.
Wonderful software, I wish I would’ve been knowledgeable to do something more
useful than making myself invincible in Mortal Kombat or giving my characters
super powers in UFO: Enemy Unknown (aka: X-Com outside North America).

This was a great learning tool to understand how programs actually allocate
and use memory. Long before I had taken an architecture class and understood
big endian and little endian, I had learned all about it by searching for
values in memory. From there you could basically deconstruct the C structs
used to handle the memory and then write a pretty simple TSR to cheat the heck
out of DOS games. If I recall correctly, at least some of the time I was even
able to use it to cheat at APCIDoom - which was a specialized launcher for
Doom that let you play four player deathmatches through your local multi-line
BBS.

~~~
visualphoenix
Yup! Discovering SoftICE was a game changer. Various advanced SoftICE diablo 1
and diablo 2 multiplayer “enhancements” circulated back in the day... ones
like bypassing the maximum level cap, making your user not render in
multiplayer so you couldn’t be clicked on during pvp, among others.

+orc and fravia +hcu stuff ate up loads of my free time in the late 90s and
definitely helped later on once I got a formal computer science and
engineering degree.

Thanks for the memories SoftICE!

~~~
aricz
Did anyone find out who +ORC really was? I rememember there were puzzles to
solve to find his real identity.

~~~
yread
I think it was just +Fravia's alternate ego for doing more legally
questionable stuff

------
twhitmore
I used SoftICE to debug a multitasking IVR application I'd written in C/C++
with a stack-switching kernel on top of MS-DOS :) Great project, but it would
crash once or twice a day on both the test machines we had. Couldn't figure
out why. Went through the code with a fine-tooth comb, still at a total loss.

Enter Soft-ICE. Within a week I found that Soft ICE wouldn't interrupt in the
hung state. That started making us suspicious that it might not be just our
code.

What do you know -- both test machines (though otherwise completely different)
had the same cheap $5 ripoff network card. These were causing the crashes.

Replaced those and the software worked perfectly -- ran 24/7 for 3 years
without a hitch. The one time it did stop, was the NetWare stack crashing
underneath.

So that's my SoftICE story :)

------
thomasdullien
For those that like the history of the Cracking scene - there was a set of
binary-patching SoftICE extensions called "nticedump" and "icedump". They were
pretty nuts, too - one reverse engineer got annoyed by his music playback
stopping when he was in SoftICE, so he hacked an MP3 player into the SoftICE
driver.

[http://n8on.free.fr/hackzines/bhz/7/crackingbeginner3.txt](http://n8on.free.fr/hackzines/bhz/7/crackingbeginner3.txt)

There was also in-SoftICE tetris.

I used SoftICE extensively from 96-00'-ish ... to the extent that as a
teenager I had single-step dreams and dreams where I tried to hit CTRL-D.

~~~
rgrau
"I used SoftICE extensively from 96-00'-ish ... to the extent that as a
teenager I had single-step dreams and dreams where I tried to hit CTRL-D.".

That.

wrt everything stopping while using SICE, I remember looking at the windows
clock and seeing 02:00AM , and thinking "I'm still on schedule", turning my
head and seeing the sunrise from my window. Look at my watch: 06:20AM. Woops!

------
xvilka
There is a similar approach for a modern age - use the hypervisor for the
debugger agent. The application called HDBG[1]. It was never production-ready
though, so not so famous. Another similar application is PulseDBG[2]. It's not
exactly like SoftICE, but allows you to observe the execution process
locally[3], which is sometimes enough.

[1]
[http://fdbg.x86asm.net/hdbg/hdbg.html](http://fdbg.x86asm.net/hdbg/hdbg.html)

[2]
[https://github.com/honorarybot/PulseDbg](https://github.com/honorarybot/PulseDbg)

[3] [https://github.com/honorarybot/PulseDbg/wiki/8.-Local-
debugg...](https://github.com/honorarybot/PulseDbg/wiki/8.-Local-debugging)

~~~
viraptor
If you're running your guest using qemu, you can also attach the gdb to that
VM. It's essentially the same idea.

------
StavrosK
Oh man, SoftICE was the shit. It was a bit inconvenient to have to reboot with
it enabled, but it allowed you to debug things no other debugger did.

I was equally impressed with OllyDBG later on, it was more convenient (if less
powerful but always seemed like amazing software for just one author.

~~~
xvilka
OllyDbg is dead too though, I recommend to use x32dbg/x64dbg[1]. It's open
source and actively developed by a team of maintenances. And it's extendable
with plugins and scripting.

[1] [https://x64dbg.com/](https://x64dbg.com/)

~~~
PeCaN
OllyDbg is technically dead but it still works as well as ever (for 32-bit
software). I still break it out sometimes. I find it much smoother to use than
x64dbg (maybe just due to using it more, but I do think OllyDbg nailed the
debugger experience really well).

------
Jerry2
This part of the explanation of what happened to it is extremely unsatisfying:

> _As of April 3, 2006 the DriverStudio product family has been discontinued
> because of "a variety of technical and business issues as well as general
> market conditions". Maintenance support was offered until March 31, 2007._

From reading about SoftICE, it seems to have been doing what other debuggers
could not. So how could they not find enough customers to keep it going? Does
anyone know what actually happened?

~~~
shin_lao
Former kernel developer here.

SoftIce was one of those "magical software" that made things possible. Before,
you would need two computers connected via a serial port to do actual kernel
debugging.

When VMWare arrived, SoftIce was becoming less useful, because a virtual
machine offers better isolation and you can quickly revert to a previous
state. When doing, for example, file system development, trashing a computer
would not be rare.

By then, I know my setup was VMWare machines + MSFT WinDbg. Also, I could stop
my VM and inspect the VM with a hex editor. Potent combo.

In parallel, during that time, I suspect the cost of developing SoftIce
exploded: more updates from MSFT, a lot of security features that would
prevent SoftIce from working, new features from the CPU like hardware
protection of the RAM, etc.

Last, the most significant user base of SoftIce was broke hackers who would
use it to crack protections. Unsurprisingly, those guys didn't have a license.

Awesome product, but makes sense it faded out.

------
maxfromua
I recall those lessons for script-kiddies “Crack [software name here] with
SoftICE” in early 2000s.

~~~
coretx
Ha! I used to be one of those 90's skiddies. Nights of struggle with SoftICE
eventually allowed me to crack some stuff "real time", although i failed to
write functioning cracks using it. It was along this journey however that i
arrived at the point where I started to understand how a PC & OS really
functions. Unknowingly, SoftICE came to co-direct my life for the better.

~~~
StavrosK
I remember hanging out in #cracking4newbies on EFnet a lot. It was pretty
toxic if you weren't part of the in-group, but I learnt a lot.

~~~
travbrack
Ah efnet. That place was the wild west since they never adopted services. I
remember channel takeovers and recoveries with extreme tactics like forcing
netsplits with DOS attacks on the servers. Having to run an eggdrop bot to re-
op people when they join a channel. Running your own bot to keep your nick
from being stolen. Good times.

~~~
coretx
Your argument is invalid. Not the absence of services but rather the fact that
back then you could crash a box by means of simply sending a single well
crafted TCP packet to your adversary. It was adventure among the kids, and the
"elders" did not really care plus no one in their right mind dared assaulting
their source of knowledge. ( And shell accounts :P )

~~~
travbrack
Wow more memories. Yes it was too easy to exploit the system for personal gain
which was exactly the point of services. If someone managed to take over a
channel, chanserv would immediately and automatically restore ownership. It's
impossible to use someone else's handle when nickserv requires auth.

------
djmips
It was the Hercules monitor support that had those amber fossils still sitting
on the desks of every video card driver authors desks (and games programmers
too) into the late nineties. VxD dot commands allowed you to extend and use a
plethora of debug commands beyond the built in. Once Windows had working
multimonitor support, that crucial aspect of Softice's utility was no longer
unique.

~~~
Tepix
Right, I remember getting a cheap green Hercules monitor and graphics card
just for SoftICE.

------
emersonrsantos
I used this, and you had that kind of power over the machine only in the low-
end architectures, Z80, 6502 and on the enterprise, on IBM mainframes, to
breakpoint and stop and look at what the processors was doing. Of course, you
still can do the same thing on mainframes, but we are forgetting that in the
end, on our X64 machines, that we are all running machine code.

------
ohadpr
Oh my I remember friends debugging Windows device drivers with SoftICE, that
was hardcore.

~~~
SlowRobotAhead
I did it on my first debugging project where I had to teach myself assembly.
Had no idea it was a special task! Just knew it had to get done, got “some
program called soft ice” to do it, got to work.

------
iconjack
Who else had a monochrome monitor to display Soft-ICE info while debugging
video-intensive programs? Text at B000:0000 instead of B800:0000.

~~~
sedatk
I had always wondered about that feature. I reckon Turbo Debugger supported it
too but MDA adapters were hard to find when I started my debugging adventures.

~~~
mcgoo
I didn't realize until now that a Herc was an upgrade over a plain MDA card.
I'd forgotten how many discrete chips there were and the size of the board!
[https://en.wikipedia.org/wiki/Hercules_Graphics_Card](https://en.wikipedia.org/wiki/Hercules_Graphics_Card)

edit: The herc being the MDA compatible card that I had to debug on.

------
LorenPechtel
I used it for only one task but it was worth the price anyway--I needed
support for both VGA and monochrome on the same machine. As the years went by
there were fewer and fewer monochrome cards and the cards became worse and
worse at playing nice together. It eventually reached the point where we
couldn't find any that would behave--I ended up stepping through the
initialization code for the monochrome (which was in ROM, no breakpoints
otherwise) and noting exactly what it told the card and reproducing that in my
code. (By then 100% of my screen writing was in my code, the lack of that
capability didn't matter.)

------
cryogenic_soul
btw, there was also a Syser debugger, developed as a replacement for SoftICE,
I never used it, except playing with it a little, few years ago, it was nice
experience.

Although I heard they stopped the development, a little google -ing found a
page with fresh release and win10 support claim, but I have no idea, how the
legitimate is it [https://qpdownload.com/syser-
debugger/](https://qpdownload.com/syser-debugger/)

also there is rewriting project on github, with last commit from 5th June,
2019 [https://github.com/marakew/syser](https://github.com/marakew/syser)

Would appreciate to hear any info about current status of Syser

UPDATE: Just FYI, after lurking a bit over the github repo and associated
links, found that gihub repo maintainer seems to be a pretty qualified reverse
engineer, for example, he made his own independent skype protocol
reconstruction ([https://marakew.github.io](https://marakew.github.io)) and
the README.md in gihub repo say, that Syser sources were lost due to the
corrupt flash drive, so I guess he was one of the (author?) developers of
Syser.

Still would be happy to hear more, if somebody know the full story.

------
molticrystal
Nothing like a kernel mode mp3 player to listen to music while you step
through assembly and see some very colorful symbol names of windows internals.

------
self_awareness
If SoftICE, then not without its awesome addon IceExt -
[https://sourceforge.net/projects/iceext/](https://sourceforge.net/projects/iceext/)

It had a kernel-mode mp3 player so that you could shred software protections
while listening to your favorite music (among other cool features of course)

------
danmg
What modern debuggers/tool can do what SoftICE did? How do you debug services
and device drivers modern Windows?

~~~
emily-c
You use WinDbg and do kernel debugging. The newer WinDbgX UI is quite nice
lately. However, there's no replacement for live debugging on the same machine
the way that SoftICE did it.

------
alias_neo
SoftICE being called ancient really amuses me. I recall my childhood in the
90s/00s learning how software and game activation codes work, and how to
bypass them using SoftICE, it was really quite sad that it didn't go beyond
XP.

------
lsllc
Periscope represent!!!

[https://corexor.wordpress.com/2016/03/01/periscope-
manuals/](https://corexor.wordpress.com/2016/03/01/periscope-manuals/)

------
pritovido
Probably the best software I had ever used.

As a debugger you could automate everything and catch any error in existence.
It made myself hundreds of times more productive.

I maintained a Windows partition just for using it. I used Linux and mac but I
usually debuged my programs on SoftIce under Windows. I had to port all my
programs to use it. It was that good.

I learned how to use it from a cracking group. It took a long time to be
proficient at it, but even to this day lldb or gdb or anything in Windows
can't come close of what SoftIce could do.

------
dblohm7
Mucking around with SoftICE was essential to my understanding of reverse
engineering and low-level programming. It was an amazing piece of software, as
was all the other NuMega products!

------
sunnyque
That feeling when you are pressing SoftIce popup hotkey and guessing will
application survive or not. then your computer just freeze :D just old good
times

------
ryandrake
Learned SoftICE at my first job out of university, writing Windows device
drivers. I also object to the “ancient” designation!

------
nuclx
Seriously the coolest tool to tinker with in my youth. Gave you so much
control. It felt like magic to halt execution of a DOS program to inspect
exactly what it's doing instruction by instruction, patching code or injecting
chunks of self-modifying code.

------
mobilio
That was long time ago when NuMEGA was make really great software!

------
csense
This is a piece of computer history. They should release it as open source.
Get some free publicity for whatever their actual revenue-generating products
are.

------
pantulis
Not strictly related to SoftICE but those days make me reminisce about another
useful tool, “Sourcer” from V Communications, anyone remember that?

------
edem
I still remember those times when I forgot to switch SoftICE off and whenever
Windows fucked up I ended up in SoftICE's debugger.

------
mrsaint
The good old days. SoftICE for me was essentially the OS, and Windows was just
a GUI around it. Windows without SoftICE felt... empty

------
kabdib
A really nice tool for debugging Windows drivers. God knows you needed all the
help you could get :-)

------
Zardoz84
I remember using it on the 90's to crack Space Empires III

------
snvzz
On the Amiga, hrtmon.

------
dboreham
Hmm...I remember a time before "realICE".

------
jrumbut
Ancient? I'm feeling a little old now.

I've always felt like I have neglected debuggers to my own detriment. Print
debugging is just very convenient and once you get in that habit it's hard to
stop. On rare occasions where I didn't know where in the code or in the system
to start they've always shined.

------
onetom
Ancient!? shiiiit, im old ;-D how about AFD/SFD then?
[https://vulms.vu.edu.pk/Courses/CS401/Downloads/AFD_Tutorial...](https://vulms.vu.edu.pk/Courses/CS401/Downloads/AFD_Tutorial.pdf)

