It would've indeed been super funny. However, the rootkit is made so that processes starting with $sys$ can see all files and processes that begin with $sys$... Try it with task manager, command prompt, or even explorer.exe (just kill the already running instance first)
Something else let me rip the track the first time, so the DRM system probably bugs. Every other time I tried, that trick didn't work. I'll know more when I've finished analyzing the rootkit, but it's taking time...
The $sys$ prefixing thing was apparently wrong :(
on
Sony Rootkit Phones Home
·
· Score: 5, Informative
Just my luck, when I make it to slashdot it's something I've analyzed wrong. I tested to rename my ripping software to begin with $sys$ and it ripped it fine, but apparently something else was the deciding factor. I can't reproduce that effect!
There's definitely something fishy going on, however, with two magic lists in the DRM system (one in installer, one in $sys$DRMServer.exe), and the drmserver scans running processes and open windows, testing them against those lists. So far I haven't figured what it does when it finds a match. The code is written in C++ and although I've found the function call, it's virtual and I need to figure which vtable is being used and it's bitchy without a debugger. I'm not going to run this crap on my development systems, and my test machine doesn't even have net access, too much work to setup debuggers on it just yet:(
I thought I was ahead of time, when I implemented a rootkit DRM just a few days ago. My rootkit is a part of my project, trying to show how malware and DRM systems can get really close to each others, and both get protected by law. Under EU Copyright Directive, it's going to be illegal to remove this rootkit.
And what about people who wouldn't want to obey such instructions? Would they be thieves? I'm having a bad feeling about this... One day, that idea of yours might become a reality, so be careful what you wish for as it might just happen. What would it really mean?
Generally, such file would be considered a "terms of service", and the server could choose to block everyone who didn't read the file. Only people who had browser to read the "machine readable website viewing license" or whatever would be able to request any files off the server. And after this, if your browser would ignore that, and would choose to not display ads, it would be violation of the terms of service. Writing ad-blocker could be seen as completely illegal thing to do. Far fetched? Think DMCA.
Is this what you want? How about we got a bit further? How about this...
Servers could implement a new protocol for serving information about what services are available, and with what conditions. This service would be assumed to exist on every server, and if it didn't exist, you wouldn't be allowed to do anything. Once browsers would begin to enforce this, all servers that wanted to be visible would implement a rule serving protocol for sure. If the rulefile said there is only a http service available and it requires viewing ads, trying to probe for ftps or anything else would be illegal. Such protocol would make it easier for search engines to process data (they'd know what is public and what private), it'd make it easy to sue spammers that are using smtpd's that aren't marked public, it'd make it easy to sue for the guys port scanning and the kids who sent you icmp_echo in the morning without checking for the server rules first...
Eventually, ISPs would be forced to comply with this also, preventing rogue users from doing stuff. Transparent proxys would enforce the remote server rules, so that you couldn't request pages without fully receiving the ads first.
Such a great idea, isn't it? Rules are bleh without enforcement, and when MONEY is involved, as it is with ads, there's need for enforcement. Have a nice day.
usually when idle, operating systems tell the cpu to sleep. in x86, this is called HLT. when it sleeps, it uses less electricity, it heats up less, etc... (does not apply to windows 95/98, they dont HLT at idle. if you're using either of those systems, there are third party programs to HLT at idle time, though, to cool down the cpu.)
and it even has adult categories by default! the porn video search engine? and i can type in "metallica" to the audio/mp3 search, ooh aah! oh the joy:)
Mmmh... having only openssh running on a box sure makes it very secure! History has shown this to be true, too, with not many ssh vulnerabilities out there, not many implementation flaws!!
> So can you explain to me why Blizzard wouldn't just do a key check in the game client against a blizzard-owned key database, independant of server-finding mechanism?
Because the key is needed to authenticate the SESSION, not the client. If the client does the check, which party terminates the session if the key is bad? Are you suggesting a clientside check which goes "naanaa, not allowed to play" in case keyserver doesn't like the user? Ever heard of the so called trusted client issue and cracks? Whatever you suggest, if the game server where the playing happens doesn't do the check, it can merely be removed from the client code.
mmh... you wont tell the root password? but you give out image where there is the DES-kinda hash of the password in it?
root:WZ1XNLQ0U7XFE:0:0:root:/root:/bin/bash
looks like it's fake, though, since it's all caps, but couldn't know, didn't look at it so much. and uuh, what are those ip addresses there, in 216.27.xx.xx network?
makes me think the name "jailbait" is actually a hint! it's a bait, he's trying to make evil wannabe-hax0rs crack that password with something like jtr, and then logging in his system as "root"!
the password isn't crackable with my 250M theargon wordlist, and doesn't seem to be too short one either (yea, ofcourse i gave it a run). however, if that password is important to you, dude, change it now. it wont take many weeks till someone has it cracked even as it's somewhat strong. the DES derived hash is not good for passwords
-- The point is, X works, but you could have something so much better if "the community" just tried. But it won't. --
Now where have I heard that before... could it have been... s/X/windows/;... oh yes, that's it.
note to people who want to flame me: I'm a windows user and proud of it. I usually get uptime of up to two weeks (at least unless my ip leaks to some 'l33t linux-people). The very reason I'm using windows and not linux is that windows has what I need, it's stable enough for me. I suppose people use what works and does the stuff for them and what they have used to use, instead of seeking for "something better".
Re:how large is the chess tree?
on
Solving Chess?
·
· Score: 1
So, only 2*10E43 possible positions? Nice. How long does it take until we have storage mediums large enough?:)
Seriously, we wouldnt need to store them all in the beginning to start the work. Now I wonder what would be required to prove there is no perfect game? If we start to build such a net, what kind of construct would imply that we have a chaotic situation somewhere? So, actually we would only be interested in finding the nodes that are chaotic, and where you cant reach your goal (win for 100% sure). So, the follow-up question is, how many of the legal positions are chaotic? any way to find *any* (nonzero) minimum value for legal chaotic positions? Can someone prove that chaotic positions exist?
Re:how large is the chess tree? infinite!
on
Solving Chess?
·
· Score: 1
Ofcourse it would be infinite, but that wasn't the point at all. the point was not to computate tree of 'all possible moves', but 'all possible situations', and then see which would be optimal move from a situation. There is limited number of possible situations, and the optimal links could be nice to calculate.:)
how large is the chess tree?
on
Solving Chess?
·
· Score: 1
For all you bored mathematicans and such, how large is the chess tree? or actually it's a net and not exactly a tree, but how many possible combinations there are for the board?
If it's possible to create the full tree, we could make it, and have each node have three links to other possibilities. one being 'win', one 'lose', and one 'draw'. Now we could start doing bruteforce for the tree, finding out the single moves that end into win, lose or draw, and mark these into the net. Then do it again, because now if we from a node can get into situation where the 'win' link is existant, we know that this node we have is a 'win' node, too, and we can make the path.
If someone has too much free time and could start a project like this one day when the hdspace is large enough to keep the whole tree, it might be interesting to see where it ends.
also, btw, does anyone have any better algorithm suggestion for finding out if there exists a perfect game? this brute-force approach is pretty heavy:D
Slashdot Mirror
It would've indeed been super funny. However, the rootkit is made so that processes starting with $sys$ can see all files and processes that begin with $sys$ ... Try it with task manager, command prompt, or even explorer.exe (just kill the already running instance first)
Something else let me rip the track the first time, so the DRM system probably bugs. Every other time I tried, that trick didn't work. I'll know more when I've finished analyzing the rootkit, but it's taking time...
Just my luck, when I make it to slashdot it's something I've analyzed wrong. I tested to rename my ripping software to begin with $sys$ and it ripped it fine, but apparently something else was the deciding factor. I can't reproduce that effect!
There's definitely something fishy going on, however, with two magic lists in the DRM system (one in installer, one in $sys$DRMServer.exe), and the drmserver scans running processes and open windows, testing them against those lists. So far I haven't figured what it does when it finds a match. The code is written in C++ and although I've found the function call, it's virtual and I need to figure which vtable is being used and it's bitchy without a debugger. I'm not going to run this crap on my development systems, and my test machine doesn't even have net access, too much work to setup debuggers on it just yet :(
Anyway, the lists for everyone to see:
http://hack.fi/~muzzy/sony-drm-magic-list.txt
http://hack.fi/~muzzy/sony-drm-magic-list-2.txt
The first one is from installer, the second from drmserver
I thought I was ahead of time, when I implemented a rootkit DRM just a few days ago. My rootkit is a part of my project, trying to show how malware and DRM systems can get really close to each others, and both get protected by law. Under EU Copyright Directive, it's going to be illegal to remove this rootkit.
You can read about my copyright projects here:
http://muzzy.net/files/copyright_projects_en.txt
And what about people who wouldn't want to obey such instructions? Would they be thieves? I'm having a bad feeling about this... One day, that idea of yours might become a reality, so be careful what you wish for as it might just happen. What would it really mean?
Generally, such file would be considered a "terms of service", and the server could choose to block everyone who didn't read the file. Only people who had browser to read the "machine readable website viewing license" or whatever would be able to request any files off the server. And after this, if your browser would ignore that, and would choose to not display ads, it would be violation of the terms of service. Writing ad-blocker could be seen as completely illegal thing to do. Far fetched? Think DMCA.
Is this what you want? How about we got a bit further? How about this...
Servers could implement a new protocol for serving information about what services are available, and with what conditions. This service would be assumed to exist on every server, and if it didn't exist, you wouldn't be allowed to do anything. Once browsers would begin to enforce this, all servers that wanted to be visible would implement a rule serving protocol for sure. If the rulefile said there is only a http service available and it requires viewing ads, trying to probe for ftps or anything else would be illegal. Such protocol would make it easier for search engines to process data (they'd know what is public and what private), it'd make it easy to sue spammers that are using smtpd's that aren't marked public, it'd make it easy to sue for the guys port scanning and the kids who sent you icmp_echo in the morning without checking for the server rules first...
Eventually, ISPs would be forced to comply with this also, preventing rogue users from doing stuff. Transparent proxys would enforce the remote server rules, so that you couldn't request pages without fully receiving the ads first.
Such a great idea, isn't it? Rules are bleh without enforcement, and when MONEY is involved, as it is with ads, there's need for enforcement. Have a nice day.
usually when idle, operating systems tell the cpu to sleep. in x86, this is called HLT. when it sleeps, it uses less electricity, it heats up less, etc...
(does not apply to windows 95/98, they dont HLT at idle. if you're using either of those systems, there are third party programs to HLT at idle time, though, to cool down the cpu.)
and it even has adult categories by default! the porn video search engine? and i can type in "metallica" to the audio/mp3 search, ooh aah! oh the joy :)
is this what you want?
foreach $x (1,2,8,13,19)
{ foo.bar.yukims.glock($a,$x); }
something like this would work in perl, pure functional programming languages (CL!) also have much of this stuff.
you can take sid out of c64 without breaking it, so the c64 will still be usable, just without sounds.
Turn off all services except ssh
Mmmh... having only openssh running on a box sure makes it very secure! History has shown this to be true, too, with not many ssh vulnerabilities out there, not many implementation flaws!!
> So can you explain to me why Blizzard wouldn't just do a key check in the game client against a blizzard-owned key database, independant of server-finding mechanism?
Because the key is needed to authenticate the SESSION, not the client. If the client does the check, which party terminates the session if the key is bad? Are you suggesting a clientside check which goes "naanaa, not allowed to play" in case keyserver doesn't like the user? Ever heard of the so called trusted client issue and cracks? Whatever you suggest, if the game server where the playing happens doesn't do the check, it can merely be removed from the client code.
mmh... you wont tell the root password? but you give out image where there is the DES-kinda hash of the password in it?
looks like it's fake, though, since it's all caps, but couldn't know, didn't look at it so much. and uuh, what are those ip addresses there, in 216.27.xx.xx network?
makes me think the name "jailbait" is actually a hint! it's a bait, he's trying to make evil wannabe-hax0rs crack that password with something like jtr, and then logging in his system as "root"!
the password isn't crackable with my 250M theargon wordlist, and doesn't seem to be too short one either (yea, ofcourse i gave it a run). however, if that password is important to you, dude, change it now. it wont take many weeks till someone has it cracked even as it's somewhat strong. the DES derived hash is not good for passwords
-- The point is, X works, but you could have something so much better if "the community" just tried. But it won't. --
Now where have I heard that before... could it have been... s/X/windows/; ... oh yes, that's it.
note to people who want to flame me: I'm a windows user and proud of it. I usually get uptime of up to two weeks (at least unless my ip leaks to some 'l33t linux-people). The very reason I'm using windows and not linux is that windows has what I need, it's stable enough for me. I suppose people use what works and does the stuff for them and what they have used to use, instead of seeking for "something better".
So, only 2*10E43 possible positions? Nice. How long does it take until we have storage mediums large enough? :)
Seriously, we wouldnt need to store them all in the beginning to start the work. Now I wonder what would be required to prove there is no perfect game? If we start to build such a net, what kind of construct would imply that we have a chaotic situation somewhere? So, actually we would only be interested in finding the nodes that are chaotic, and where you cant reach your goal (win for 100% sure). So, the follow-up question is, how many of the legal positions are chaotic? any way to find *any* (nonzero) minimum value for legal chaotic positions? Can someone prove that chaotic positions exist?
Ofcourse it would be infinite, but that wasn't the point at all. the point was not to computate tree of 'all possible moves', but 'all possible situations', and then see which would be optimal move from a situation. There is limited number of possible situations, and the optimal links could be nice to calculate. :)
For all you bored mathematicans and such, how large is the chess tree? or actually it's a net and not exactly a tree, but how many possible combinations there are for the board?
If it's possible to create the full tree, we could make it, and have each node have three links to other possibilities. one being 'win', one 'lose', and one 'draw'. Now we could start doing bruteforce for the tree, finding out the single moves that end into win, lose or draw, and mark these into the net. Then do it again, because now if we from a node can get into situation where the 'win' link is existant, we know that this node we have is a 'win' node, too, and we can make the path.
If someone has too much free time and could start a project like this one day when the hdspace is large enough to keep the whole tree, it might be interesting to see where it ends.
also, btw, does anyone have any better algorithm suggestion for finding out if there exists a perfect game? this brute-force approach is pretty heavy :D
I don't think 5 years is really "instant-on", this story is contradicting itself.