No matter what Microsoft puts on game disks from now on, *something* has to load and execute it. That something is now out of Microsoft control.
No, that something is the BIOS, and this hack does nothing to change that. A new game disc put in a hacked X-box will boot through the BIOS and start running code before the dashboard hack ever gets loaded; so the dashboard hack can't redirect anything and can't stop the game disc from doing whatever it wants, including installing a new dashboard that does not have this vulnerability.
You can do nearly everything with it and this includes redirecting reads
I read it. But while you might be able to pull off some redirection tricks, the posted boot loader does not. So until someone actually does built a "fix" which locks out all of the potential ways to correct this, it is still very likely that M$ will be able to fix it.
But even more importantly, even though you managed to cut and paste something from the original posting and put a rude RTFA in your heading, perhaps you should read what I posted and try to think for a moment. The exploit loads by using the "dsahboard". But the dashboard is not loaded if a game is booted. So a booted game would face no code that would be redirecting anything, and would be quite able to replace the current dashboard or other parts of the system to stop this exploit from even happening again. I posted that M$ could simply put the fixes in all games that are produced from this day forward (even new slip-stream releases of existing games) and the game would correct the "problem" when it was first run on any machine. I still stand behind that statement. GYHOUYA
So you are saying that MS doesnt have the expertise that these people have
That's exactly what I'm saying. This is a company that has a long and broad history of writing code that constantly exposes itself to such problems, both when there are innocent but prevalent bugs from their own coders and also when there are deliberate attempts to exploit Microsoft's weaknesses. I doubt that they will even fix it the proper way - they will likely just add fonts to the list of checked files, but it would be much better and cleaner to simply make sure that the "underflow" and following load of a large block of memory does not happen. Microsoft has either repeatedly proven that it is incapable of good system security, or it should be held criminally responsible for the many flaws that expose people's privacy and property to information theft that I guess you think they could easily fix but elect not to.
Here was a group of people asking to help and be involved in the fix. Personally, I think they were fools, but not because I think games should be pirated. I think they were fools because they have not yet learned that Microsoft screws everyone that do business with, from small telco start-ups and CD envelope makers to major players like I.B.M. (remember OS/2 and the lies Microsoft told about their internal development strategy?) These guys did not black mail M$, that did ask for stuff but made it clear that they would cooperate even if the requests were not met. But they thought they could deal with the devil without getting dirty or harmed in doing so. Can't be done.
what a "habibi exploit"?...and why was the 007 team 'stupid'?
Microsoft called the 007 team stupid because they did something in their software that could be exploited. We all know how good and secure and trustworthy Microsoft's own software is.
But 007 isn't the only software that the programmer's were "stupid" on. Apparently Mech assault is by Microsoft's own programmers and has the same problem, when they should have known better. Just think of this as Microsoft calling itself stupid. I don't know the game Mech assault, but I'm guessing the term habibi comes from something in it.
Not demanding? Why would Microsoft politely offer any of those things?>/I>
Because they were foolishly offering Microsoft a lot - hard core expertise that Microsoft obviously does not have themselves that could allow Microsoft to much better secure the X-box against what they claim they are trying to prevent, software piracy. We're talking about a whole team of dedicated hard core experts here that offered to provide free labor and expertise to Microsoft to help secure their system, and Microsoft didn't even respond with a simple "We want the information, but are not willing to sign a Linux loader" response.
How these guys could know so much about the X-box but understand so little about what happens to anyone who trys to make a deal with Microsoft is what is really amazing.
They could force a fix a number of ways, including if you ever "go live" and connect to them on the internet, but they could also make all future games include a dashboard "update" that would install itself whenever the game is run. So as long as you only run Linux (and they don't sneak anything in through Linux software with a trojan), you might be safe, but if you or anyone else ever plays a game on the x-box that was manufacturered after this date, they could get you.
laptop computers accounted for 54 percent of of 500 Million in retail computer sales last year
But if you look at the statement, they only say that laptops accounted for 54% of $ of retail sales. Given that laptops are generally more expensive, desktops still outsold laptops in numbers. Add to that the average guy can build his own desktop, which is not counted in these numbers, but cannot build his own laptop or notebook, and the actual number of desktops as well as dollars spent on desktops far exceeded laptops.
So they can twist sales numbers to say what they want, even if it isn't accurate. What else is new? And who really cares?
It's bad enough that the blind get all the good parking spaces, but now we can't even fight spam because some blind guy doesn't like the tools used? Time to strike down the Americans with Disabilities Law as the flawed law it is. Perhaps someone needs to admit that a disability is just that, a disability, and however unfortunate the rest of the entire world should not be disabled to accomodate the person with a disability.
Do you think..that Corbis got permission from the Wall Street Journal to scan and redistribute it's copy as a pdf?
Corbis is Microsoft. They steal IP whenever they want, they just don't like when to happens to them. But if it's someone else's work it's fair game.
While asking questions, do you think they give the actors in question a royality when they sell their likeness, or that they will compensate them when they collect on these "damages"?
If he's so smart, then why can't he make a profit on anything besides his illegal monopolies?
This is +5 insightful??! Microsoft started in a college dorm room......
If you want to talk about the start of Microsoft, tell the full story. Bill started it, not in his dorm room, but by using an emulator for an 8080 at Harvard. He didn't even have an 8080 when they did the first basic interperator, it ran on an emulator on a Harvard school computer. Bill was caught doing this, and called to task for it. Seems it was illegal for him to be using the school computer for this private, business project! He was reportedly given the choice of stopping this improper use of Harvard's computer or leaving school, he elected to leave school.
So Microsoft was started with an illegal act and has continued the tradition to this day. Lots of other good parts to the story too, like basic being released only on hardware memory boards that never did work. But if you're going to call Bill a businessman, be sure to add a phrase like "just like the Columbian drug lords or Al Capone".
The problem isn't one of piracy - you can't pirate GNU / Linux
Wake up and smell the bullshit. IT's got nothing to do with any piracy concerns. Microsoft got the duplicator to agree not to make Linux CDs. They want microsoft business a lot more than that want a tiny 500 CD order, so they are glad to play along. They admitted as much, but when it became clear that this would make public a bad and likely illegal business deal they started hiding behind claims that the MS deal was confidential and grabbed the SCO claim (likely at Microsoft's suggestion) as a reason they would not make the CD's. It's only an excuse, not a reason.
I had this show up in my e-mail today, but strangely it was an e-mail address I only give to friends, never publish on the web or in news groups, and don't give to groups like/.
I've received the last four or five major variants of this virus to this exact same address, but no other spam!
The e-mail I got was not marked as coming from Yahoo, rather it supposedly came from 253CuHQEtzyCDHA.1604@TK2MSFTNGP10.phx.gbl.
What idiot virus writer expects anyone to open that? My e-mail service thinks the message came from: Received: from ACELERAOPS not authenticated [66.50.186.250]. Anyone have any insight on why and how I seem to keep geeting these virus mailings to my private e-mail address?
(By the way, 66.50.186.250 does not seem to trace to anyone I know or have had any contact with).
To set things straight, this has nothing to do with Linux games. This is about running MAME under Linux from a completely bootable CD, and just happens to run under Linux (you can't run Windows right from CD, or so Microsoft wants you to believe, and even if you know you can, you cannot freely distribute the Microsoft code to do so). MAME is an arcahe game emulation project. Running MAME (regardless of the OS choice) lets you pop in a CD and run any number of clasic arcade games, pretty much exactly as you saw or see them in the arcade (not limited brain dead home computer versions of arcade games, the actual code of the actual arcade game running on your PC). The down side is simply that that copyrighted game ROM code can't be distributed with MAME, so you either have to own one of the games already and make a copy of the ROM you own, or do something illegal to get a copy of the ROM (I believe there were some exceptions where the code was actually released, but since none of that code is on the MAME CD ISO I could very well be wrong). The problem of getting the extra ROM code onto the MAME ISO and thus the MAME CD is apparently also left to the user, which makes this all of somewhat limited use. But the observation about Linux games (which I disagree with, there are some nice Linux games that I've never seen available on the PC) is far from insightful, it shows that the poster has no idea what he is posting about!
So Microsoft is sueing spammers. Interesting that they verify the legitimacy of lawsuits against spammers. Now where do I go to sue Microsoft, as the bastards have spammed me over and over again.
If you are without the software tools or know-how to edit or add files to a.ISO, you can always just put all your roms on a second CD-ROM
in a second drive.
I too would like to be able to edit the ISO. The second CD drive isn't much of a solution, as I want to do it on a system with only 1 CD that is only ever going to have 1 CD drive - a notebook. And I would much rather make one or more mame CDRs than fill the little remaining hard disk space the notebook has. Obviously the author believes this can be done and apparently has done it, would it be too much trouble to at least give us who are not linux experts a simple paragraph to get us started, like telling us what tools we have to track down to do this, if they are not already on the CD (where they should be). Why make everyone reinvent the wheel? I'm not saying he has to provide hand holding, but a point in the right direction wouldn't be unreasonable.
Microsoft can and does do anything they damn well please. Much of it is illegal, some the courts have even convicted them of, but they simply reject any punishment that they don't like and instead get punishments like "we will not do it again, wink" or "How about if we have to donate to the next generation of potential customers millions of dollars worth of software that actually costs us nothing to donate, and a few refurb old computers, and take the donation as a big tax write-off, that would be a punishment we would accept".
Please don't mod this as funny, it's not at all funny. It's the damn truth.
oput the floppy image as a boot image on a USB keychain...
Sounds good to me; but please tell me how I make my keychain flash memory USB gizmo bootable. My BIOS claims to support it, but just what does it take to install a boot image on the thing?
QNX is a great operating system, but it's a much different market. It's not made for PCs,
As others have already pointed out, it is made for a variety of platforms including PCs and does support PC hardware such as USB quite well. It doesn't have a Borg mentality behind it, which might explain why it's not on every office desktop, but it's been actively sought out by those who need an OS that doesn't crash regularlly. I know of some mission critical process control applications that are still put up on Win 3.1 or DOS because the programmer made sure the application was rock stable, enough to run 24 hours a day 365 days a year without rebooting, and no newer Microsoft OS will stay up running it. Maybe someday industry will realize how many lost man-centuries are spent just retyping things because Microsoft decided things were good enough for it's customers and left some bugs in (or added some if there were not enough) just to be sure there would be customer demand for the next release to cure the current release's bugs. There is certainly no reason that QNX could not be a viable desktop network, except the monopoly wielding power of the company that has already been convicted of abusing that monopoly in federal court.
Interesting how Roswell and the entire UFO cover-up can be brushed off by some with the simple expident of calling those who want the facts conspiracy theorists. Even though the gouvernment openly spent many millions investigating UFO's, both before they officially canceled Project Blue Book and after, there must be nothing to it because the gouvernment denies it.
And the assination of Kennedy and the shooting of Martin Luthor King Jr., anyone who questions if the government was involved must be a nutcase. So what if Kennedy's brain was removed before the casket got to DC, even though it was well reported in the media; that must be the conspiracy nuts talking.
And Vince Foster, found covered in carpet fibers with the gun that he used to blow his brains out still in his hand neatly at his side and no blood around was well investigated by Park Rangers, you would have to be a conspracy nut to think his death, or that of Ron Brown (who was about to receive a sopena on the Clinton's activities when he dies in a plane crash, even though x-rays showed bullets in his skull) or anyone else on the Clinton body count was anything else than just a random event, right?
Any you would have to be a conspiracy nut to think that our own government did secret radiation experiments on many of it's own soldies and citizens without their knowledge, right? Oh wait, they finally admitted that, after lots of pressure from the conspiracy nuts.
How about being a conspiracy nut if you think they kept us in Vietnam when the political leaders had already decided we could (or would not) not win that war? Or that the supposed attack on the US ship that got us into it never really happened? Opps, they finally admitted both of those things too.
But conspiracy is just such a great word to throw around when you want to dismiss someone who has something to say that you don't want heard. At least we can remember how the supposedly smartest woman in the world called all those people who wrongly accused her husband of having sex with the fat broad "the vast right-wing conspiracy" while Bill told us he did not have sex with that woman. Anyone who said he did was a conspiracy nut in the vast right-wing conspiracy
Slashdot Mirror
Damn this is interesting! I must know more about it! More! More! And for some strange reason I want some twinkies.
No, that something is the BIOS, and this hack does nothing to change that. A new game disc put in a hacked X-box will boot through the BIOS and start running code before the dashboard hack ever gets loaded; so the dashboard hack can't redirect anything and can't stop the game disc from doing whatever it wants, including installing a new dashboard that does not have this vulnerability.
I read it. But while you might be able to pull off some redirection tricks, the posted boot loader does not. So until someone actually does built a "fix" which locks out all of the potential ways to correct this, it is still very likely that M$ will be able to fix it.
But even more importantly, even though you managed to cut and paste something from the original posting and put a rude RTFA in your heading, perhaps you should read what I posted and try to think for a moment. The exploit loads by using the "dsahboard". But the dashboard is not loaded if a game is booted. So a booted game would face no code that would be redirecting anything, and would be quite able to replace the current dashboard or other parts of the system to stop this exploit from even happening again. I posted that M$ could simply put the fixes in all games that are produced from this day forward (even new slip-stream releases of existing games) and the game would correct the "problem" when it was first run on any machine. I still stand behind that statement. GYHOUYA
That's exactly what I'm saying. This is a company that has a long and broad history of writing code that constantly exposes itself to such problems, both when there are innocent but prevalent bugs from their own coders and also when there are deliberate attempts to exploit Microsoft's weaknesses. I doubt that they will even fix it the proper way - they will likely just add fonts to the list of checked files, but it would be much better and cleaner to simply make sure that the "underflow" and following load of a large block of memory does not happen. Microsoft has either repeatedly proven that it is incapable of good system security, or it should be held criminally responsible for the many flaws that expose people's privacy and property to information theft that I guess you think they could easily fix but elect not to.
Here was a group of people asking to help and be involved in the fix. Personally, I think they were fools, but not because I think games should be pirated. I think they were fools because they have not yet learned that Microsoft screws everyone that do business with, from small telco start-ups and CD envelope makers to major players like I.B.M. (remember OS/2 and the lies Microsoft told about their internal development strategy?) These guys did not black mail M$, that did ask for stuff but made it clear that they would cooperate even if the requests were not met. But they thought they could deal with the devil without getting dirty or harmed in doing so. Can't be done.
Microsoft called the 007 team stupid because they did something in their software that could be exploited. We all know how good and secure and trustworthy Microsoft's own software is.
But 007 isn't the only software that the programmer's were "stupid" on. Apparently Mech assault is by Microsoft's own programmers and has the same problem, when they should have known better. Just think of this as Microsoft calling itself stupid. I don't know the game Mech assault, but I'm guessing the term habibi comes from something in it.
Because they were foolishly offering Microsoft a lot - hard core expertise that Microsoft obviously does not have themselves that could allow Microsoft to much better secure the X-box against what they claim they are trying to prevent, software piracy. We're talking about a whole team of dedicated hard core experts here that offered to provide free labor and expertise to Microsoft to help secure their system, and Microsoft didn't even respond with a simple "We want the information, but are not willing to sign a Linux loader" response.
How these guys could know so much about the X-box but understand so little about what happens to anyone who trys to make a deal with Microsoft is what is really amazing.
They could force a fix a number of ways, including if you ever "go live" and connect to them on the internet, but they could also make all future games include a dashboard "update" that would install itself whenever the game is run. So as long as you only run Linux (and they don't sneak anything in through Linux software with a trojan), you might be safe, but if you or anyone else ever plays a game on the x-box that was manufacturered after this date, they could get you.
But if you look at the statement, they only say that laptops accounted for 54% of $ of retail sales. Given that laptops are generally more expensive, desktops still outsold laptops in numbers. Add to that the average guy can build his own desktop, which is not counted in these numbers, but cannot build his own laptop or notebook, and the actual number of desktops as well as dollars spent on desktops far exceeded laptops.
So they can twist sales numbers to say what they want, even if it isn't accurate. What else is new? And who really cares?
It's bad enough that the blind get all the good parking spaces, but now we can't even fight spam because some blind guy doesn't like the tools used? Time to strike down the Americans with Disabilities Law as the flawed law it is. Perhaps someone needs to admit that a disability is just that, a disability, and however unfortunate the rest of the entire world should not be disabled to accomodate the person with a disability.
Corbis is Microsoft. They steal IP whenever they want, they just don't like when to happens to them. But if it's someone else's work it's fair game.
While asking questions, do you think they give the actors in question a royality when they sell their likeness, or that they will compensate them when they collect on these "damages"?
This is +5 insightful??! Microsoft started in a college dorm room......
If you want to talk about the start of Microsoft, tell the full story. Bill started it, not in his dorm room, but by using an emulator for an 8080 at Harvard. He didn't even have an 8080 when they did the first basic interperator, it ran on an emulator on a Harvard school computer. Bill was caught doing this, and called to task for it. Seems it was illegal for him to be using the school computer for this private, business project! He was reportedly given the choice of stopping this improper use of Harvard's computer or leaving school, he elected to leave school.
So Microsoft was started with an illegal act and has continued the tradition to this day. Lots of other good parts to the story too, like basic being released only on hardware memory boards that never did work. But if you're going to call Bill a businessman, be sure to add a phrase like "just like the Columbian drug lords or Al Capone".
Wake up and smell the bullshit. IT's got nothing to do with any piracy concerns. Microsoft got the duplicator to agree not to make Linux CDs. They want microsoft business a lot more than that want a tiny 500 CD order, so they are glad to play along. They admitted as much, but when it became clear that this would make public a bad and likely illegal business deal they started hiding behind claims that the MS deal was confidential and grabbed the SCO claim (likely at Microsoft's suggestion) as a reason they would not make the CD's. It's only an excuse, not a reason.
I've received the last four or five major variants of this virus to this exact same address, but no other spam!
The e-mail I got was not marked as coming from Yahoo, rather it supposedly came from 253CuHQEtzyCDHA.1604@TK2MSFTNGP10.phx.gbl. What idiot virus writer expects anyone to open that? My e-mail service thinks the message came from: Received: from ACELERAOPS not authenticated [66.50.186.250]. Anyone have any insight on why and how I seem to keep geeting these virus mailings to my private e-mail address? (By the way, 66.50.186.250 does not seem to trace to anyone I know or have had any contact with).
and people in hell want ice cream.
sheesh, what moron moderated this as insightful?
To set things straight, this has nothing to do with Linux games. This is about running MAME under Linux from a completely bootable CD, and just happens to run under Linux (you can't run Windows right from CD, or so Microsoft wants you to believe, and even if you know you can, you cannot freely distribute the Microsoft code to do so). MAME is an arcahe game emulation project. Running MAME (regardless of the OS choice) lets you pop in a CD and run any number of clasic arcade games, pretty much exactly as you saw or see them in the arcade (not limited brain dead home computer versions of arcade games, the actual code of the actual arcade game running on your PC). The down side is simply that that copyrighted game ROM code can't be distributed with MAME, so you either have to own one of the games already and make a copy of the ROM you own, or do something illegal to get a copy of the ROM (I believe there were some exceptions where the code was actually released, but since none of that code is on the MAME CD ISO I could very well be wrong). The problem of getting the extra ROM code onto the MAME ISO and thus the MAME CD is apparently also left to the user, which makes this all of somewhat limited use. But the observation about Linux games (which I disagree with, there are some nice Linux games that I've never seen available on the PC) is far from insightful, it shows that the poster has no idea what he is posting about!
So Microsoft is sueing spammers. Interesting that they verify the legitimacy of lawsuits against spammers. Now where do I go to sue Microsoft, as the bastards have spammed me over and over again.
I too would like to be able to edit the ISO. The second CD drive isn't much of a solution, as I want to do it on a system with only 1 CD that is only ever going to have 1 CD drive - a notebook. And I would much rather make one or more mame CDRs than fill the little remaining hard disk space the notebook has. Obviously the author believes this can be done and apparently has done it, would it be too much trouble to at least give us who are not linux experts a simple paragraph to get us started, like telling us what tools we have to track down to do this, if they are not already on the CD (where they should be). Why make everyone reinvent the wheel? I'm not saying he has to provide hand holding, but a point in the right direction wouldn't be unreasonable.
So her point is that she wants to make it clear that she is decended from the ones who were both criminal and stupid enough to be caught?
According to Microsoft sworn testimony, the OS has the browser so tightly intigrated into it that it can't be removed. That's hardly a microkernel.
Microsoft can and does do anything they damn well please. Much of it is illegal, some the courts have even convicted them of, but they simply reject any punishment that they don't like and instead get punishments like "we will not do it again, wink" or "How about if we have to donate to the next generation of potential customers millions of dollars worth of software that actually costs us nothing to donate, and a few refurb old computers, and take the donation as a big tax write-off, that would be a punishment we would accept". Please don't mod this as funny, it's not at all funny. It's the damn truth.
Sounds good to me; but please tell me how I make my keychain flash memory USB gizmo bootable. My BIOS claims to support it, but just what does it take to install a boot image on the thing?
As others have already pointed out, it is made for a variety of platforms including PCs and does support PC hardware such as USB quite well. It doesn't have a Borg mentality behind it, which might explain why it's not on every office desktop, but it's been actively sought out by those who need an OS that doesn't crash regularlly. I know of some mission critical process control applications that are still put up on Win 3.1 or DOS because the programmer made sure the application was rock stable, enough to run 24 hours a day 365 days a year without rebooting, and no newer Microsoft OS will stay up running it. Maybe someday industry will realize how many lost man-centuries are spent just retyping things because Microsoft decided things were good enough for it's customers and left some bugs in (or added some if there were not enough) just to be sure there would be customer demand for the next release to cure the current release's bugs. There is certainly no reason that QNX could not be a viable desktop network, except the monopoly wielding power of the company that has already been convicted of abusing that monopoly in federal court.
And the assination of Kennedy and the shooting of Martin Luthor King Jr., anyone who questions if the government was involved must be a nutcase. So what if Kennedy's brain was removed before the casket got to DC, even though it was well reported in the media; that must be the conspiracy nuts talking.
And Vince Foster, found covered in carpet fibers with the gun that he used to blow his brains out still in his hand neatly at his side and no blood around was well investigated by Park Rangers, you would have to be a conspracy nut to think his death, or that of Ron Brown (who was about to receive a sopena on the Clinton's activities when he dies in a plane crash, even though x-rays showed bullets in his skull) or anyone else on the Clinton body count was anything else than just a random event, right?
Any you would have to be a conspiracy nut to think that our own government did secret radiation experiments on many of it's own soldies and citizens without their knowledge, right? Oh wait, they finally admitted that, after lots of pressure from the conspiracy nuts.
How about being a conspiracy nut if you think they kept us in Vietnam when the political leaders had already decided we could (or would not) not win that war? Or that the supposed attack on the US ship that got us into it never really happened? Opps, they finally admitted both of those things too.
But conspiracy is just such a great word to throw around when you want to dismiss someone who has something to say that you don't want heard. At least we can remember how the supposedly smartest woman in the world called all those people who wrongly accused her husband of having sex with the fat broad "the vast right-wing conspiracy" while Bill told us he did not have sex with that woman. Anyone who said he did was a conspiracy nut in the vast right-wing conspiracy
Of course it can't be disproved. Mostly because they have.
gee, 13 bucks, no matter how many CDs I bought. And they obviously just keep on price fixing.