I don't remember playing this on the computer - I'm probably not old enough. My first real exposure was the gameboy, and later the arcade machine which was inside on of our university buildings.
The arcade machine rocked! It had a nice two player mode, lovely music, and some fiendishly difficult variations on the original game.
I played that machine so much that I used to dream of falling shapes!!
do you think the script kiddies have any idea what OS the server they're "attacking" is running?!
They clearly don't - I get many automated IIS exploits against my public facing box.
If it were me doing the cracking I'd first fingerprint the machine so I could narrow down attacks that were sensible and only apply those. (eg. Unix -> ssh exploit, Solaris rpc.statd exploit, windows IIS/SQL exploit).
Clearly either the script kiddies are clueless - or, worse, are actually exploiting so many machines clandestinely that they don't need to worry about wasted failed attempts..
That could well be true - but you have to think about people installing Linux with the old CD's they've got lying around and never updating the systems.
Even people running Debian who can update with minimal effort might not - due to apathy, lack of understanding, or connection speed issues..
Lucas doesn't either. In fact, SW stories flourish on sites like theforce.net.
Some authors are very quick to stomp upon aspiring fan-fic authors though.
A prime example would be Anne Rice who won't allow any fan-fiction based upon her Vampire series. (A series which she describes as not containing any homo-erotic content.. go figure that out;).
I remember one night being all alone in a strange town with no idea what time it was. (Usually the first thing I do after getting up is stick my watch on.
Anyhow I had no watch, my mobiles batteries had died and there were no clocks visible. So, I used my visa card to extract some cash from a cash machine and got the time from the receipt: huzzah!
OT: IMHO Cash machines should have clocks on their displays..
Whoah that's scary. I can just about imagine that many PC's.
I find the though of 1 billion computers sufficiently unreal that I have a hard time imagining it.
Just think of the sheer volume they'd contain - I know that I can fit maybe 50 mini-towers PC's in a server room, imagine the space you'd need for 1 billion...
If you read the post above you'll see that isn't what I'm describing
The interpretter actually includes the calculation of data which makes it onto the screen - if you just 'goto A' you'll end up with a blank display.
The application is a spreadsheet. The core of the function intepretation is in z80 assembly. You can't jump over it. What I'm trying to say is that by embedding the protectin within this emulated code/intepretted VM it's harder to break than the simple schemes that are common - like that you describe.
(This is why the instructions that are vm'd are z80 - it's close to x86 and hence doesn't slow down the main application).
The whole point was that the registration routine wasn't in x86 assembler and couldn't be jumped around with. It was in the middle of essential code.
As it was written in the z80 `bytecode`, setting bpx GetWindowText, et al wouldn't have helped terribly much - they'd have landed inside the bytecode intepretter.
Basicaly it'd be like trying to crack visual basic programs with a disassembler - yes it can be done if everything standard and you "cheat" by bpx hmemcpy but otherwise it's hard. (In my case there's not bytecode disassembler available; so you couldn't resort to disassembly like you could for a pure VB program).
I'd not stupid or arrogant enough to think it couldn't have been cracked - but I'm sure it would have been reasonably complex. (Speaking as a reader of +Fravia, and having done a lot of 'study' of different protections myself;)
I'd like to nominate some software I wrote for the most random use of a virtual machine.
I was asked to code a registration routine for a piece of software - after getting the username + serial number from the user I would have typically done some magic to calculate a checksum from the name and see if it matched the given key.
Instead I wrote a small virtual machine which executed z80 machine code. The protection routine litererally started the VM - where all the magic happened. Each opcode was fetched decoded and executed. I think it would have been a real pain to decode;)
(I guess the clever cracker could have disassembled my windows binary with a z80 disassembler and gotten lucky; but it would have been hard to see what was being executed - unless they could do clever things like disassemble z80 in their head...)
Switching to psst won't help you really - it's giving a false sense of security at best.
Because rather than running openssh which has been scrutinized by lots of people you'll be running something not nearly so well examined.
(Fair enough if psst really is perfect then you'll have nothing to worry about - but that's not really likely;)
Had it not been for the openness of this code in the first place you'd never have known about the problem - and as it is there is a 'fix' available now that the problem is known. (It's not a real fix by any means but it will prevent the evil bad people from 0wning you - so it's not like you're in the Windows world of waiting months for a patch or anything..)
Don't get me wrong: Diversity is good - but you must think it though, and not just jump from on broken version of one server to the next version of something else, ad infinitum.
Those are interesting ideas.. something that I've not missed, but I can certainly see the use for it.
There's only one feature in XMMS which I'm lacking - the ability to seek within audio streams. I keep thinking of diving in and looking over the code.. but I never quite get round to it.
Ironically the whole greenback thing came about because you used to have multicoloured notes.
Way back in the past, (from what I understand of it - in my capacity as an ignorant foreigner who was incredibly confused about your mono-coloured + sized currency) you used to have different types + designes of notes in different states - the introduction of a common currency was done explicitly to cut down on counterfeits.
(Mostly because people could print almost anything and say it was money from far_away_statetm;)
Of course if your stuff is any good then you're also paid in terms of fame, admiration, and recognition - which can be worth a lot when you're looking for a job...
From what I've seen, the AV companies tend to come out with fixes fairly quickly. Having people available to do that type of work on short notice takes some money.
And this is the precise problem I have with AV companies. They're reactive.
Every day a new virus will come out and slip through the AV nets until a new definition is released. It should be the case that the virus software could recognise a virus before it's known.
In the olden days a lot of heuristic engines were developed to do this; but they tended to be poor because they couldn't deal with highly polymorphic assembly language very well.
Whilst I accept that recognising a code is equivilent to the halting problem it should be reasonably trivial to recognise one of these modern day 'mail viruses'. After all it should be just a case of looking for applications which contain their own SMTP server.
Perhaps you could cobble together a quick n dirty (tm;) AV program just by adding some rules to one of the freeware firewall applications which are common under windows. Remove the GUI and just recognise a virus as something which does nslookups + port 25 connections...
Slashdot Mirror
I don't remember playing this on the computer - I'm probably not old enough. My first real exposure was the gameboy, and later the arcade machine which was inside on of our university buildings.
The arcade machine rocked! It had a nice two player mode, lovely music, and some fiendishly difficult variations on the original game.
I played that machine so much that I used to dream of falling shapes!!
They clearly don't - I get many automated IIS exploits against my public facing box.
If it were me doing the cracking I'd first fingerprint the machine so I could narrow down attacks that were sensible and only apply those. (eg. Unix -> ssh exploit, Solaris rpc.statd exploit, windows IIS/SQL exploit).
Clearly either the script kiddies are clueless - or, worse, are actually exploiting so many machines clandestinely that they don't need to worry about wasted failed attempts..
That could well be true - but you have to think about people installing Linux with the old CD's they've got lying around and never updating the systems.
Even people running Debian who can update with minimal effort might not - due to apathy, lack of understanding, or connection speed issues..
I like the Slashdot X-Header tags, I'm not sure they count as real easter eggs - but I was amused when I first spotted them.
If you have netcat installed you can view them like this:
(Use /bin/echo so that the \r\n are expanded correctly - I don't think that most shell builtin versions of echo do this).
That section was the most interesting part of the article as far as I was concerned.
It was like a lightbulb going on in my head and me saying "D'oh!". I've now filtered out all the unrealistic attacks from my snort config.
(I'm only a recent snort user - and I'm still in the slightly-overwhelmed, but very impressed, phase of using it...)
Some authors are very quick to stomp upon aspiring fan-fic authors though.
A prime example would be Anne Rice who won't allow any fan-fiction based upon her Vampire series. (A series which she describes as not containing any homo-erotic content .. go figure that out;).
This is completely different because it's a parody - but it amused me:
The first chapter is available online - and is hugely funny..
Internet Junkbuster amongst others.
Junkbuster is a lovely proxy server that can be used to block cookies, referrers, and adverts from different sites.
It compiles and runs under Windows and Unix - all in all very nice.
I remember one night being all alone in a strange town with no idea what time it was. (Usually the first thing I do after getting up is stick my watch on.
Anyhow I had no watch, my mobiles batteries had died and there were no clocks visible. So, I used my visa card to extract some cash from a cash machine and got the time from the receipt: huzzah!
OT: IMHO Cash machines should have clocks on their displays ..
Whoah that's scary. I can just about imagine that many PC's.
I find the though of 1 billion computers sufficiently unreal that I have a hard time imagining it.
Just think of the sheer volume they'd contain - I know that I can fit maybe 50 mini-towers PC's in a server room, imagine the space you'd need for 1 billion ...
If you read the post above you'll see that isn't what I'm describing
The interpretter actually includes the calculation of data which makes it onto the screen - if you just 'goto A' you'll end up with a blank display.
The application is a spreadsheet. The core of the function intepretation is in z80 assembly. You can't jump over it. What I'm trying to say is that by embedding the protectin within this emulated code/intepretted VM it's harder to break than the simple schemes that are common - like that you describe.
(This is why the instructions that are vm'd are z80 - it's close to x86 and hence doesn't slow down the main application).
Oh. and moron to you to.
The whole point was that the registration routine wasn't in x86 assembler and couldn't be jumped around with. It was in the middle of essential code.
As it was written in the z80 `bytecode`, setting bpx GetWindowText, et al wouldn't have helped terribly much - they'd have landed inside the bytecode intepretter.
Basicaly it'd be like trying to crack visual basic programs with a disassembler - yes it can be done if everything standard and you "cheat" by bpx hmemcpy but otherwise it's hard. (In my case there's not bytecode disassembler available; so you couldn't resort to disassembly like you could for a pure VB program).
I'd not stupid or arrogant enough to think it couldn't have been cracked - but I'm sure it would have been reasonably complex. (Speaking as a reader of +Fravia, and having done a lot of 'study' of different protections myself ;)
I'd like to nominate some software I wrote for the most random use of a virtual machine.
I was asked to code a registration routine for a piece of software - after getting the username + serial number from the user I would have typically done some magic to calculate a checksum from the name and see if it matched the given key.
Instead I wrote a small virtual machine which executed z80 machine code. The protection routine litererally started the VM - where all the magic happened. Each opcode was fetched decoded and executed. I think it would have been a real pain to decode ;)
(I guess the clever cracker could have disassembled my windows binary with a z80 disassembler and gotten lucky; but it would have been hard to see what was being executed - unless they could do clever things like disassemble z80 in their head...)
Switching to psst won't help you really - it's giving a false sense of security at best.
Because rather than running openssh which has been scrutinized by lots of people you'll be running something not nearly so well examined.
(Fair enough if psst really is perfect then you'll have nothing to worry about - but that's not really likely ;)
Had it not been for the openness of this code in the first place you'd never have known about the problem - and as it is there is a 'fix' available now that the problem is known. (It's not a real fix by any means but it will prevent the evil bad people from 0wning you - so it's not like you're in the Windows world of waiting months for a patch or anything..)
Don't get me wrong: Diversity is good - but you must think it though, and not just jump from on broken version of one server to the next version of something else, ad infinitum.
Those are interesting ideas .. something that I've not missed, but I can certainly see the use for it.
There's only one feature in XMMS which I'm lacking - the ability to seek within audio streams. I keep thinking of diving in and looking over the code .. but I never quite get round to it.
A fantastic series .. I'm just waiting for the release of season two.
(I particularly liked the Hebrew episode)
Ironically the whole greenback thing came about because you used to have multicoloured notes.
Way back in the past, (from what I understand of it - in my capacity as an ignorant foreigner who was incredibly confused about your mono-coloured + sized currency) you used to have different types + designes of notes in different states - the introduction of a common currency was done explicitly to cut down on counterfeits.
(Mostly because people could print almost anything and say it was money from far_away_statetm ;)
I find it interesting that within one week we had vulnerabilities made public about both IIS and Apache .. both in the same area: Chunking
I wonder if the discovery of the IIS hole prompted the investigation? If so that's a good thing - and a good reason for sensible disclosure.
Of course if your stuff is any good then you're also paid in terms of fame, admiration, and recognition - which can be worth a lot when you're looking for a job...
Yay my name is top on both AlltheWeb, and Google - does that mean I'm a slut? ;)
Fun stuff.. bored now
And this is the precise problem I have with AV companies. They're reactive.
Every day a new virus will come out and slip through the AV nets until a new definition is released. It should be the case that the virus software could recognise a virus before it's known.
In the olden days a lot of heuristic engines were developed to do this; but they tended to be poor because they couldn't deal with highly polymorphic assembly language very well.
Whilst I accept that recognising a code is equivilent to the halting problem it should be reasonably trivial to recognise one of these modern day 'mail viruses'. After all it should be just a case of looking for applications which contain their own SMTP server.
Perhaps you could cobble together a quick n dirty (tm;) AV program just by adding some rules to one of the freeware firewall applications which are common under windows. Remove the GUI and just recognise a virus as something which does nslookups + port 25 connections ...
Me too .. though I have to say I was a little disappointed with both the 'Faith of the Fallen', and 'Pillars Of Creation'.
Still they're a fantastic collection.
Because I'm a geek who likes his stories to have a little bite I'd suggest 'Stranger In A Strange Land' above Starship Troopers.
I'd also add 'Wizards First Rule' + sequels by Terry Goodkind.
Or even a Trojan'd compiler - which would be pretty hard to spot..