Archive for January, 2006

Infected by Starforce DRM

January 30, 2006

And I was wondering why my Windows system was so unstable lately. I managed to avoid the Sony debacle just to get hit by the Starforce mallware. What is it? It is yet another retarded copy protection tool that is installed on your system without your knowledge – but it is not bundled with music, but with commercial games.

What does it do?

one of the common problems brought by Starforce: under Windows XP, if packets are lost during the reading or writing of a disk, XP interprets this as an error and steps the IDE speed down. Eventually it will revert to 16bit compatibility mode rendering a CD/DVD writer virtually unusable. In some circumstances certain drives cannot cope with this mode and it results in physical hardware failure (Most commonly in multiformat CD/DVD writer drives). A sure sign of this step down occurring is that the burn speeds will get slower and slower (no matter what speed you select to burn at). Starforce, on a regular basis, triggers this silent step down. Until it reaches the latter stages most people do not even realise it is happening.

Moreover, the Starforce drivers, installed on your system, grant ring 0 (system level) privileges to any code under the ring 3 (user level) privileges. Thus, any virus or trojan can get OS privileges and totally control your system. Since Windows 2000, the Windows line security and stability got enhanced by separating those privileges, but with the Starforce drivers, the old system holes and instabilities are back and any program (or virus) can reach the core of your system by using the Starforce drivers as a backdoor.

Emphasis mine. And yes, I had allot of issues with my burner lately, and allot of stability issues. McAfee did not detect anything so far, but it is very possible that I have been rooted. I’m preparing to move some of my data around to other partitions and drives and do a clean install sometime soon. Sigh…

How do you know if you have Starforce? Go to device manager, then enable the “show hidden devices” in the view menu, and look under Non-plug and play. If you see anything named Starforce there you are infected. I recommend downloading the removal tool as soon as possible. This tool worked for me.

Of course, you have to stop playing the game that infected you. Starforce usually reinstalls itself whenever you launch the application it protects.

Following games are known to be carriers of this nasty mallware. I am hiding the list save space on the front page. Please click on the link to expand the list below.

# 7 Sins
# Anstoss 4
# Area 51
# Bandits: Phoenix Rising
# Bet on Soldier
# Beyond Divinity
# Black Mirror
# Blitzkrieg 2
# Blitzkrieg: Rolling Thunder
# Breed
# Broken Sword 3: The Sleeping Dragon
# Brothers in Arms: Earned in Blood
# Chaos League
# Chaos League: Sudden Death
# Codename: Outbreak
# Codename: Panzers – Phase One
# Codename: Panzers – Phase Two
# Cold War
# Colin McRae Rally 2005
# Cossacks II: Napoleonic Wars
# Cross Racing Championship 2005
# Curse: The Eye of Isis
# Cycling Manager 3
# Cycling Manager 3
# Cycling Manager 4
# D-Day
# Dead to Rights
# Demonic Speedway
# Desert Rats vs Afrika Korps
# Domination
# Emergency Fire Response
# Enigma: Rising Tide
# Etherlords II
# Fire Chief
# Fire Department
# Freedom Force vs The Third Reich
# Gangland
# Garfield
# Gooka: The Mystery of Janatris
# GT Legends
# GTR: FIA GT Racing Game
# Heroes of Might and Magic V
# Horse Race Manager
# Icewind Dale: Heart of Winter
# Keepsake
# Kicker Manager 2004
# Kill Switch
# King Kong
# Knights of the Temple 2
# Korea: Forgotten Conflict
# LMA Professional Manager 2005
# Lock On: Flaming Cliffs
# Medieval Lords
# Namco Museum 50th Anniversary
# Neuro Hunter
# Obscure
# Pariah
# Pax Romana
# Pferdehof – Pferd und Pony
# Pop Star Academy
# Postal 2: Apocalypse Weekend
# Prince of Persia: The Two Thrones
# Pro Rugby Manager
# Psi-Ops
# Pure Pinball
# Rally Championship Xtreme
# Restaurant Empire
# Restricted Area
# Revolution
# Runaway: A Road Adventure
# Scrapland
# Second Sight
# Silent Hunter 3
# Silent Storm
# Silkolene Honda Motocross GP
# Singles 2: Triple Trouble
# Singles: Flirt Up Your Life
# Sniper Elite
# Soldiers Heroes of World War 2
# Sommerspiele 2004
# Space Rangers 2
# Splinter Cell 3: Chaos Theory
# Star Wolves
# Steel Saviour
# Still Life
# Street Racing Syndicate
# Sudeki
# SuperPower 2
# Syberia II
# The Fall: Last Days of Gaia
# The Moment of Silence
# The Suffering: Ties That Bind
# The Westerner
# TOCA 2
# TrackMania
# TrackMania Nations
# TrackMania Sunrise
# Traitors Gate 2: Cypher
# UFO: Aftershock
# V8 Supercars 2
# Virtual Skipper 3
# Virtual Skipper 4
# Vivisector
# Wildlife Park
# World War II: Frontline Command
# Worms 4: Mayhem
# X2: The Threat
# X3: Reunion
# Xpand Rally
# Xuan-Yuan Sword 4

If you installed any of the games on the list, you might be infected! Please check your device manager and throw that game out.

Update Wed, February 01 2006, 01:01 AM

It seems that Starforce creators are abusive and litigious bunch. They apparently threatened Cory Doctorow with a lawsuit for expressing his views on their shady software. Heh… Of course this is pure BS. I personally don’t think they have any legal grounds to do anything – but then again IANAL.

Doctorow on the other hand, worked for EFF so he probably has a pretty good idea of how silly that email is.


Talking to Users

January 30, 2006

Hehe… This is so true:

I was working on a little online app for my company once, and I asked them if they want to have give users different permission and access levels. They said no. I added some rudimentary access control in anyway, but left it disabled by default.

2 minutes into the demo, they decide that they need 3 permission levels – for standard users, reviewers and administrators. It took me maybe 5 minutes to enable my access controls, and lock out some areas. If I coded it to their spec, I would have to spend hours re-designing my app.

Rule of thumb: the spec should be 40% of what users want, and 60% of what you think that users need. In most cases at least half of your guesses will be right-on-target. So your app has a chance of being be at least 75% of what users really need rather than measly 40%.

You can sell them the rest of the features as “fluff” or “enhancements” – in most cases they will not mind this stuff unless you make them pay out of their arse for it. In worst case, use modularity so you can remove crap that they do not want.

Applying Music Industry Logic to Other Enterprises

January 29, 2006

Tarmle from Autumnal City has posted this little comparison. What if we applied the Music Industry business logic to another business? For example, grass cutting:

I would alter the current grass cutting technology to limit the degree to which it is useful by, for example, raising the cutting device so that the grass is left long, or blunting it so that it cuts unevenly. This will leave the market for grass cutting open to me to provide consumers more effective grass cutting services.

People might try to alter their now limited grass cutting technology to make it as effective as my own. This, of course, cannot be permitted so I must persuade the government to make it illegal to supply consumers with grass cutting technology that may be used or altered to cut grass effectively. In fact, lets make it illegal for people to cut anyone else’s grass at all!

Thus my business is secure. I can now justify its existence by actively protecting the grass cutting rights of my thousands of professional grass cutters – you wouldn’t want to take away their livelihoods would you? I can further justify imposing these limitations by pointing out that the grass cutting industry already existed and that the availability of new technology threatened it by allowing anyone to cut grass.

But now I have to deal with the issue of people allowing their grass-eating pets to wander through other people’s gardens, keeping their grass neat without paying the licensing fees. These Neighbour-to-Neighbour herbivore networks must be stamped out!

Hehe. I think we could continue and extend this a little bit more. For example, why stop at Neighbor-to-Neighbor networks. After all, it’s the herbivores themselves that threaten your business. You should aim to make it illegal in US to allow herbivores to graze on any kind of grass.

Agricultural technology should also be legislated. After all, farmers may want to use their farming equipment to cut grass. Therefore you should lobby for all farming equipment to have optical sensors which would detect what type of foliage they are cutting and lock the blades in place whenever they detect grass.

You should also pre-emptively lobby against genetic engineering. What if scientists one day produce a breed of grass that does not grow beyond certain length and thus requires no trimming? It should be prohibited to do any kind of genetic research on any kind of grass like flora.

Thus you completely mess up not only the grass cutting business but also agriculture and scientific sectors. Just like entertainment industry proposed legislation will mess up technology, electronics and computer science.

Who is running exploits on my server?

January 28, 2006

My system has been crashing lately. I think 3 times this week I found it unresponsive or completely locked when coming back from work or trying to log in in the morning. I figured it was my RSS reader crashing and taking down half of the system with it. But when I looked through my apache logs, and I’m not that sure anymore.

I’d say that maybe 20% of the hits I got were my own, or one of the 2-3 people who actually know about that server. I’m not running a website there or anything that I would want to advertise. I have a small wiki that me and my friends used for some project at one point, and not much else. Mostly I keep sshd running so that I can access the machine when I’m not home. Thus, I do not expect to see much traffic on that server…

So I was slightly worried when I saw all these hits. Most of it were usual IIS exploits, and several of those long ass Code Red buffer overflow attempts. I also saw people trying to “double dot” back to my root directory. As far as I know I should be mostly immune to this crap. But you never know – I’m running windows on that box after all.

The sshd crashed twice last week according to the event viewer. Of course that might mean nothing as I’m running it under cygwin and it is not a very stable solution anyway. For the same reason though, it might be exploitable…

So to be safe I just shut down both apache and sshd daemon. I’m closing both of the ports, and removing port forwarding on my router. I need this machine to stay alive so I can do some work. I might need to bring over another box and set up a linux server on it for my casual use.

Sigh… Sometimes the internet pisses me off…

Screen Scraping for RSS

January 27, 2006

I like to read online comics. Unfortunately some of them do not publish RSS feeds which is retarded. I ranted about this on Monday. But hey, if they don’t make one, I will do it for them.

I wrote a nice little perl script that screen scrapes a page for an image, and then generates an RSS feed. It requires WWW::Mechanize and XML::RSS modules that can be downloaded from CPAN or some other repository.

How does it work? You simply call it with:

perl url pattern

Where url is the url of your web comic, and pattern is some string that is unique to the URL of the actual comic image. For example, extralife is easy because the front page image is always current.gif (you can use this as a pattern). DorkTower on the other uses variable image names, but all the pictures are stored in /comics/dorktower/images/comics/ directory. Furthermore, none of the advertisement, or background images are stored in a dir called comics – so I picked “comics” as a pattern.

Essentially, you have to look closely at the code of the page you are scraping once, and pick a good pattern attribute. The feed is created in the same directory as the script. To generate the file name I drop the http:// part from the url, remove all the slashes and append .xml at the end. I could add another optional attribute to specify the feed name, but I don’t really care about it. Feel free to do it yourself.

Just a side note, if you plan running this on windows with ActiveState perl and you use ppm for your module management make sure you get WWW::Mechanize 1.4 or higher. The 0.72 package that can be downloaded from the ActiveState repository does not support the find_image function I’m using.

You might want to add to the ppm repository list. You can download a more recent version from there.

Dr. Deremer’s Programming Languages Class

January 25, 2006

Holy poopsicle! This class will be allot of work. I just scanned over this weeks homework, and its slightly on a nutty side. And this is day one. The syllabus said she will require ~6 hours of out of class work. When am I going to write thesis? Crap! I officially don’t have any life from now on 😦

Note to everyone who is taking this class with me. Do yourself a favor, and learn vi. Pico is halfway retarded on a good day. I also suggest compiling vim on freddie. It has few nice advantages, such as better incremental search (with highlighting), auto completion and etc. If you are a total newb, this is what you do:

  1. First grab the source code from Best way to do this is by using wget:
  2. wget

  3. This is a bz2 package so you will need to do this in two steps. The tar on freddie is archaic so it does not handle gz or bz2 files at all
  4. bunzip2 -d vim-6.4.tar.bz2
    tar -xf vim-6.4.tar

  5. Now, remember that you do not have root privs on freddie, so you need to install the app locally. To do that specify the prefix attribute when running the configure file.
  6. ./configure --prefiz=/home/students/username/
    make install

Note that username here is your pegasus username. That’s it. Just make sure that you add ~/bin/ to your path and you should be able to use vim normally. It worked for me 🙂

Another note – if you are using linux, gnu has a fortran compiler you can use. On debian based systems just do:

apt-get install gfortran-4.0

This should be sufficient to do assignment 1 without ever logging into freddie 🙂

Some links for the homework assignment:

Sigh… I’m seriously thinking about designating Sunday as my official Thesis day and hide from everyone to actually get some work done. I kinda want to walk in May so I can’t afford to procrastinate anymore.

What if the bad guys win?

January 24, 2006

Ever wondered how would world be like if RIAA and MPAA had their way? Tarmle has posted a scary dystopian vision of the future, in which the world is controlled by the big content providers.

Since the ISPs were made responsible for the content they deliver their filtering has become neurotic. Anti-terror, piracy, plagiarism and libel filters search every request and response for signs of illegal activity, always erring on the side of caution. Wikipedia’s index has been decimated. Popular blogs like Boing Boing now have more lawyers involved than contributors (the one’s that have survived that is). Even if you managed to get something illegal through the filters your operating system’s regularly updated self-check mechanisms would eventually root it out, or report you to the authorities, usually both.

Next time some jackass wants to legislate the internet think about this little paragraph. The day when ISP’s become responsible for the content they host, is the last day freedom of speech exists online.

And let’s not forget the looming shadow of tcpa, palladium, trusted computing or whatever they want to call it this week. And the analog hole bill… And plethora of other things I don’t even want to mention here.

I’m seriously thinking about showing this text to my 109 class. Someone has to tell these poor souls abut this stuff. This seems like a great way to start the discussion of DRM, copyright issues.

First rule of VEIL – you do not talk about VEIL

January 24, 2006

Ed Felten has posted a great entry on the proposed analog hole legislation at Freedom to Tinker. Apparently the specs for the VEIL technology that is to be used for watermarking content is doubleplus super trade secret:

[T]he company helpfully explained that I could get the spec, if I first signed their license agreement. The agreement requires me (a) to pay them $10,000, and (b) to promise not to talk to anybody about what is in the spec. In other words, I can know the contents of the bill Congress is debating, but only if I pay $10k to a private party, and only if I promise not to tell anybody what is in the bill or engage in public debate about it.

Amazing, isn’t it? VEIL is on the fast track to become a national standard and yet private citizens are not allowed to know anything about it’s inner workings. I don’t know about you, but if something is to be legally mandated and enforced by the state, I want to know all about it.

VEIL might need to be implemented in every single electronic device on the market – thus in one way or another it will affect the day to day life of every single American. If we can’t have an open public debate on the inner workings of VEIL then it should not be legally enforced.

It is more than likely that VEIL is a piece of garbage which will only inconvenience the honest, law abiding consumer, and it has zero chances of stopping any kind of large scale sharing or exchange of content. Perhaps any kind of expert analysis of the spec would reveal gaping holes. Koplar Interactive Systems International can expect to make insane amounts of money on VEIL licensing if the analog hole bill passes. This it is in their best interest to keep low a profile.

So the good news is that the analog hole provisions may turn out to be trivial to break and circumvent. So illegal file sharing and bootlegging will go on as usual. The sad part is that the bill will screw electronics companies, increase hardware prices, and impede innovation.

The biggest winner will be KISI. The second biggest winner will be MPAA and RIAA – they will finally put a tap on that pesky Fair. Who is going to lose the most here? You and me – the consumers. Once again, the average Joe gets fucked while the rich assholes are getting richer 😛

Open Letter To Web Comic Publishers

January 23, 2006

If you publish an online comic, please for the love of God use RSS. Please note that some of your readers do not have time to visit your site every day waiting for updates. Most of your readers probably don’t even remember when you usually update your site. RSS is the perfect medium for publishing your artwork because it allows your fans to read your work at their leisure.

Let me paint you a picture here. I currently read the following comics on a regular basis: user friendly, vg cats, phd, mac hall, dillbert, penny arcade, pvp, extra life and dork tower. I also like to get my news from digg, boinboing, slashdot, arstechnica and reddit. I also read dozen of blogs belonging to some of my friends, or people that write interesting stuff. If I would go to each of these sites every morning, I would never get any work done.

I use RSS aggregators to slurp the content for me while I’m busy doing other stuff, and when I have some free time I check up on my feeds. I instantly know which sites have updated, who has a new comic out, and who has been blogging like a madman. If my agreagator can’t catch you I usually don’t bother reading you. Sure, every once in a while when I’m bored I might pop over and check your work out but I will not be a regular. I just don’t have time for this.

If you live off your site and you think that RSS will rob you of precious “clicks” – be my guest and put ads in your feed. I don’t mind. Hell, just put links to the comic in the feed – so that I still need to visit your site to view them. Just please – publish the feed so that I know when you update.

No, I really don’t want to receive your bullshit newsletter, or email notification. My email is barraged by spam already and I do not need another thing wasting my bandwidth and storage. Do it the way nature intended it and publish the freakin RSS. I can guarantee you that you will see a spike in daily hits when you do this.

I’m planning to write a small screen scraper in perl that will generate RSS feeds for some of the comics that I like but which do not use feeds. I will probably release the code here. I’ll don’t think I will publish the links to the custom feeds because of bandwidth issues – unless I can host them somewhere that will not get me in trouble.

This is a drastic measure but hey – if you don’t want me to do that, just publish the damn feed!

The Truth!

January 22, 2006

This is priceless! My reaction to this cartoon was: ROFLCOPTER! 😛

Shamelessly stolen from the good folks at User Friendly.