The CIC chip was used first at the SNES, and was the base for most authentication. It ran proprietary software that would be seeded with random numbers, and it aborts the game in case that some calculations did come to a bad result.
Bypassing it was done with one of three methods:
- modifying the console and disabling the chip, which is legal.
- use a specialized chip that...
- answers to the CIC with the authentic answers.
- just freezes the CIC chip by giving it a Zap.
Faking Authentification
There's basically two ways to fake authentication: either you use a copy of the actual chip's proprietary code, or mimicking the proper output. And here the legal trouble starts:
Wholesale copying the code or even the significant portions is copyright infringement and illegal.
Tricking the US copyright office to get a hold of the trade secret copyrighted code, like Atari did? Highly illegal. Copying portions of that illegally obtained code? Copyright infringement and illegal, and the court even denied Atari many defenses because they had fooled the copyright office to get the code. You can read the verdict here, but I want to quote this paragraph (emphasis mine):
In this case, the source code obtained from the Copyright Office facilitated Atari's intermediate copying of the 10NES program. To invoke the fair use exception, an individual must possess an authorized copy of a literary work. See Harper & Row, 471 U.S. at 562-63, 105 S.Ct. at 2232 (Knowing exploitation of purloined manuscript not compatible with "good faith" and "fair dealings" underpinnings of fair use doctrine.). Because Atari was not in authorized possession of the Copyright Office copy of 10NES, any copying or derivative copying of 10NES source code from the Copyright Office does not qualify as a fair use.
But reconstructing a workaround chip? That actually is legal, as the very case determined in the very next paragraph:
Reverse engineering, untainted by the purloined copy of the 10NES program and necessary to understand 10NES, is a fair use. [Explanation of the process used before Atari resorted to tricking the Copyright office] This "reverse engineering" process, to the extent untainted by the 10NES copy purloined from the Copyright Office, qualified as a fair use.
And deconstructing the chip to show the results? That's actually legal. Even the court in the Atari-case said so, and had Atari succeeded in their tries, they would have not had to result to illegal methods to get a hold of the code.
Zapping the chip
While Atari's "Rabbit" chip was ill-gotten gains, other companies made different legal workarounds: Interrupt the function of the chip by shocking the CIC? That's legal.
The GameBoy used a variant system. It did not rely on code secrecy but worked with the Trademark - offering a different venue to strike at infringers. The GB BootROM relied on loading and then checking if the game was offering the Nintendo logo. If the logo wasn't readable, it would not boot. To make a game run, the most simple way would be to include the Nintendo Logo. There is a more complex solution that first displays the maker's logo and then offers the Nintendo Logo for verification in the second step.
The simple solution: just display Nintendo-TM
If the game simply offered the official, registered Nindendo logo, it would offer to be endorsed or made by Nintendo. This would be a violation of the Nintendo trademarks, and illegal.
Tricking the chip
By displaying the own logo on the step 1 but offering the Nintendo-TM Logo in the 2nd step, the solution is very akin to the Lexmark Cases. As the courts in the 2004 case held, it is allowable to bypass an authentication chip. You are also allowed to reverse engineer code to trick it. But you are not allowed to just copy the Nintendo code "10NES" on the CIC chip.
