Rootkits

Chris did a great job of mentioning a new CD-protection scheme in his journal the other day and I’d like to take it a step further and elaborate on it a bit. Let me give you the basic behind this first. Sony, the most evil of the music companies, has made use of a new copy-protection scheme for their CDs. This protection involves not only DRM technology but something called a RootKit to HIDE that technology. Basically, they use a DRM scheme to limit how many times you can use that CD in a computer, if you can/can not copy it, make MP3s out of it, etc. That DRM software isn’t noticable by the end user because it’s hidden from Windows by the Rootkit. A Rootkit is basically cloaking technology that hides files, registry entries, running processes, etc. The thinking is if the end user can’t find it, they can’t shut it off. I won’t get into how much I think this is complete and total bullshit, but you can probably already guess my displeasure.

The main problem here is that this RootKit doesn’t exist ON the CD, no no, that would make sense, no, this baby is INSTALLED AND HIDDEN on your computer. Meaning, if you buy a Sony copy-protected CD, this Rootkit is being installed, activated and hidden without your knowledge. You can read more about the specific hiding/revealing, software aspects of this over at Mark’s SysInternals Blog (thanks to Chris for the original link).

Ok, so copy-protected music is evil, right, everyone with me? Good, cause here comes the next leap. The software makes very slight changes to the things it wants to hide. Basically, after you’ve listened to Madona for a few minutes and this thing is up and running on your system, all you (or anyone) would have to do to USE IT, would be to add “$sys$” to the front of a file. Windows will NEVER see it. So, viruses, trojans, hacks, etc, can be completely and totally hidden from EVERYTHING by adding a few characters to the front of the filename. Now, this would only work for those of use who have put a Sony CD in our computers, but still, the implications are frightening. Anti-Virus programs couldn’t find’em, system scans, etc. No running processes to be detected. Totally stealthy.

So, now we have a) a program that hides things completely from windows and everything else for that matter and b) a way to hide things OURSELVES.

Yup, that’s right kids. WE could hide things. Think about it this way… if you’re a hardcore cheater in online games, what’s the one thing you fear? Your cheat being detected right? How is that cheat detected? The most common checks are for file size/date/origin/manipulation and for running processes. Now, cheaters have gotten smart over the past few years. Now they’re way beyond simply editing a DLL or hacking the registry. Now the newest trend is creating “code caves”, essentially making a bubble in the code while it’s running, injecting their cheat, using it, they collapsing the bubble so it’s undetectable. The process works because the code is inserted into memory randomly and so quickly that most active scanners won’t detect it. What if you could have that process running 24/7/365 and it would NEVER be detected? That’s what Sony just gave to cheaters everywhere. A simply way to hide a running process from even Windows itself. If it’s hidden it can’t be seen as running and if it isn’t running it can’t be detected and if it can’t be detected, cheating just got easy.

Now, I play BF2. I enjoy it. But it’s anti-cheat system is Punk Buster, a mediocre at best system for scanning active processes/drivers and information sent to and from game servers. All I would have to do to cheat is to go buy the latest Santana CD, add “$sys$” to my hack and fire up the game. How fucking sick is that?

Way to go Sony. I hope you realize exactly what you’ve done. You’re not only evil for using a method like this to rob honest paying customers of their right to use the music they bought, but you’ve also given millions of people a relatively easy way to rob the rest of us out of good clean video gaming fun.

Is this all theoretical, is Matt worried over nothing, could this really happen? Yeah, it could, and has: World of Warcraft hackers using Sony BMG rootkit.

Way to go guys. Fucktards.

FYI

I’ve transfered my domain back to NetSol because it was expiring next month and because NS had a sweet special this month ($19 for 2 years on a transfer). So, the page might disappear while it’s being transfered. Just a heads up.

Pass the tequila please

So it’s been a little while. I’ve been about as busy as one person can be. Most of it good, some of it annoying. Work is steady and likeable for the most part so long as you ignore the pageant people and focus on the work itself. It’s actually pageant season if there could be such a thing. It’s this time of year that all the local pageant pick who will be going to state. Everyone is required to have photos and everyones deadlines are sometime within the next month. I’m doing a lot of retouching and output lately, with some basic headshots thrown in for good measure. I also have a wedding this coming Saturday that I’m excited about. It’ll be at the natural science mueseum here in town, so it’ll be qwirky and different.

Been trying to relax a bit more lately. I was feeling overworked and under appreciated before, but at the pase things are going there really wasn’t much time for that, so I let it go.

Home life is great as always. Lauren and I went out last night with a couple of her friends and I got pleasently mellow off a few margarittas. It probably didn’t help that they were the top-shelf variety and that typically means quantity and not quality when you’re at a bar. For once I’d like a top-notch drink to have something like El Tesoro Paradiso in it instead of Cuervo 1800 or some crap. Note to all drinkers: If you ask for a drink and don’t specify whats in it, you’re drinking crap. Why do you think everyone drinks Smirnoff? It’s not because of the quality, thats for damn sure. No, people drink that swill because that’s what they’ve been served over and over again.

My friends, let me educate you in the finer things in life. Vodka, Wiskey and Burbon and mens drinks. Tequila, Rum and most liquiors are for when you want little umbrellas in your drinks. I’m not knocking them, I was even in the mood for an umbrella drink last night, it’s just that they’re not as refined.

For vodka, there’s 3 brands to drink and 3 to run screaming from. For the best vodka on the planet you’re going to need to find some Gray Goose (the triple distilled black label, not the blue one), Monopolowa and a certain Russian brand that comes in a metal flask-like bottle and is completely unpronouncable. You won’t find it in the states, but it’s define. On the flip side, you’re going to want to throw a drink back at a bartender if they serve you Smirnoff, Absolut and anything that you can buy at a corner store for under $10, most of those have Smirnoff looking red and black labels and the bottles will probably have handels. Of course you can find perfectly drinkable things in between without breaking the bank. Level Vodka, Sky, Ikon and a little Texas label called Tito’s are all perfectly acceptable.

Stay tuned for next weeks exciting adventure, “how to buy a good cigar”.

Matt out.

Anyone else following this?

Anyone else keeping up with the “rel=nofollow” tag news? Seems like an interesting idea. I kinda wonder when/if it’s going to get implemented.

For those of you outside the loop, Google, MSN, Yahoo!, Manilla, Six Apart, WordPress, Flickr, Blogger, Livejournal, Buzznet, Blojsom, Blosxom announced their support for a new html tag. By adding the tag to link tags, search engines would ignore it when they index a page.

The idea behind comment spam is that the links spammers post are indexed and count towards their page rank. This would negate that effect.

In my opinion it would help with fighting the page rank but do absolutely nothing for the amount of comment spam. The spam would be pointless, but that’s not going to stop anyone from posting it. Why change the way they post spam when they can just post more and hope it works. Fuckers.

If anything, this will increase the amount of spam that doesn’t work. That, and break html standards… unless it gets adopted there too.

The Story

I know, I know

Ok, so its been a little while since I last wrote. Well, actually, it’s been more than a little. But that’s ok. Better to be too busy to write than not I suppose. Actually, there’s been quite a lot going on. I’ve shot 2 weddings, gone to a hockey game, ordered new computer parts and been involved with my team taking the number one and number two ranks on SquadGames and TeamWarefare respectively.

The weddings were fine for the most part. One was with a really good group of people who just didn’t have anything go their way that night (cake was wrong, band sucked, etc) but it was good for us since we did a little problem solving here and there, they really appreciated our extra effort and they had a positive outlook about the whole thing. The other wedding was pretty run of the mill. Nothing to complicated or involved. I’ve also got another wedding coming up in mid-February that’ll be pretty cool. It’ll be at the Houston Museum of Science in the “Gem” wing. I’ve got to remember to go over and take a look at the location so I can get an idea about how to shoot it. I’ve been told it’s a bit of a “cave” in terms of light and that photos won’t be easy. You know me, nothing comes easy.

The hockey game was fun. The tickets were a belated birthday present from Laurens mom. She let me pick out the game and she bought the tickets and I wanted to wait one of the New England teams to be in town. We caught the Houston Aeros vs. the Worcester IceCats last weekend. Good game. Worcester spanked the crap out of them, not like that’s a huge surprise or anything.

In gaming news, after a long screaming battle over some cheating allegations and false positives from PunkBuster, we were dropped to 15 on the TWL ladder. We had a clan member (newly admitted the week prior) get kicked from a warm-up round before a match. He didn’t even play in the match in question. After we won the other team accused us all of cheating and brought up the matter to the game ladder admins. They responded without even talking to us by banning our new player and dropping our rank. We got the following a few days later directly from Even Balance (makers of PunkBuster):

“We have confirmed that several gamehack violations (#81001-81014) triggered since the prior PB Server update on 12.11.2004 in BF1942 could have been caused by files or memory that were corrupted by non-cheat programs such as virii, adware, no-cd programs, etc. We encourage PB Admins to give players the benefit of the doubt for these violations.”

We of course, did NOT get the “benefit of the doubt” and we’re actually quite mad about it. The TWL admins have their heads quite far up places dark and moist. Regardless, and with huge amount of anger, we marched on. We fought back from #15 all the way to #2 after a victory last night over the team that raised the stink in the first place. Man, that felt good. I’ll say this once and only once. The Texas Combat Crew does not, has never and will never cheat. We do not need to. We’re nationally ranked #1 and #2 and there’s a reason for that. We’re fucking good. If you can’t deal with that and get beat down by us, don’t accuse us of cheating, it’s un-sportsman like.

We defend our number two position this week and challenge up for number one next week. Should be good matches.

Lastly, the new computer is on it’s way! That’s right, Matt finally got enough cash to upgrade the old rig. I waited until HL2 came out to see if it was playable and it was, though only barely. I’ve been told that Battlefield 2, being released late Feb/early March, will be quite the system hog. I just had to up the power. Come the end of this week (because New-Egg ships faster then imaginable), we’ll be rocking with a new Athlon 64 3400+. I paired that with a Ultra XConnect 500W PSU, a MSI K8T Neo-FIS2R mobo, 1G of Cosair, a shiny new Zalman cooler and topped it all off with a MSI Geforce 6600GT. I chose the 6600GT mainly because I didn’t have the extra $300 and because its the highest rated 6600 AGP card and it’s from the same manufacturer as my motherboard, making for maximum compatibility. That and they were one of 2 companies to go above and beyond with the 6600 line and put a non-stock fan/heatsink on it. The other was Gainward and they’re having supply problems and the cards have been sold out for months. I’ll plan on upgrading the card to a 6800GT or Ultra after this summer. I figure I’ll have some serious overtime hours after pageant season.

I’ll be using the rest of my old parts for now but a DVD burner and a 250G hard drive are defiantly on my sale watch list. Oh, and speaking of, Chris, that camera you wanted, it’s on a one-day sale at New-Egg today. Just a heads up.

Lastly, and I know I’ve said this before, I do have a new page design almost ready. I’ve scrapped the one I didn’t put up from last year FYI. If anyone wants it, it’s theirs. I just haven’t had the time lately and things like that get pushed to my already crowded back burner.

Anyway, hope everyone if doing great in the new year. I’m looking forward to turning comments back on. I think Jason set up mysql for me and I’m just waiting on a user name/pswd from him. After that I’ll give wordpress a shot. Chris seems to like it and that’s good enough for me. That’ll be when the new design will go up. Should make life a little easier for everyone and it won’t be…. well… brown.

Matt out.

Program stuffage

First off, comments are turned off. Unless you’re a TypeKey account holder. In which case you can comment till you’re blue in the face, provided you can find the login box… which doesn’t exist. I didn’t do this because I’m in favor of their system. I’m not. I think it’s retarded. I think I should be able to make my own database of people who are allowed to comment and not rely on theirs. No, this was more of a last ditch effort to say myself from the insanity that has exploded on my comments over the past two days. Maybe, in some bizarre world, turning off comments for a few days will help. I’ve gotten, over 2 days, over 2000 comment spams. Luckily, I turned on comment moderation when I rebuilt the journal last week, so you, the reader, never actually got to see any of them. That I’m thankful for.

I won’t go into a long diatribe about how I need to change my journal system and how I’d like to do this or that, change this, have a feature that does something, etc. It’s pointless. No authoring system is 100% perfect, customizable and secure at the same time.

Instead, lets focus on other thing.

In gaming news, WE’RE NUMBER 1!!!!!!!!

That’s right. The Texas Combat Crew is back on top baby. After a long hard night of fighting, TCC beat =VoD= and reclaimed our number one spot on the CTF ladder. We’re also currently #2 in Conquest and #2 in CTF in a whole other tournament system. We’re challenging for number one in both this week.

Also, just a quick thought. Since I’m not a programmer, I can’t make useful things. Heaven knows I’d like to. Maybe you guys can help. You’re good at this sort of thing. I have four ideas for programs, three of which are easy. The forth is probably not possible but it would be nice. I won’t bore you with three of the four because they’re Battlefield related and no one gives a crap about that except me. I will mention this one though:

Idea: A small program that emails you every time a specified file is updated. It could be used for logs of some sort. The program would check the file for updates/changes. If it’s a text file, it’s contents could be emailed to you, if it’s not a text file, then a notification that its been changed could be emailed instead.

Anyone want to take on the challenge?

Oh, almost forgot, Chris and I are going to try and work on a Win amp skin. Cool huh? I’ll let you know more later as it gets closer.

Matt out.

I hate you XFX.

Top 10 things that piss me off. Shitty tech support is number 2. Directly behind shitty drivers. I think it might have just become number 1.

This is just a warning/rant. To all of you who are thinking about getting a new graphics card, avoid the XFX 6600GT (AGP) like the black plague.

Two weeks ago I ordered one from NewEgg. During installation it became clear that there was something wrong with the card. The first time the computer booted with the new hardware it seemed fine. Windows found the hardware and I installed the latest drivers from Nvidia. I rebooted and things got weird. I was seeing “artifacts” on the screen. Little discolored left-over pixels. I had seen that before and figured it was driver issue. I upgraded DirectX to 9.0c as well as my Detonator drivers to the newer beta drivers that allegedly support the 6600 series better. This time I rebooted and nothing came back up. Once Windows started to load I got nothing, just a blank screen. I rebooted in safe mode, which thankfully worked, and uninstalled the drivers. Now I was back to “working” but incorrectly. I fired up Half-Life 2 to test the card out. Crash. The system hung hard when the game was starting it’s graphics engine. Reboot, this time again to a blank screen. After about 3 more hours of fooling with it I give up. I had double and triple checked everything from start to finish, the hardware itself, everything. That’s when I noticed that the heatsink/fan on the video card wasn’t actually attached to the chip on the card. It was attached to the board by 4 plastic locking screws and nothing else. The thermal pad/paste underneath was also not making contact. At this point I figured it was a factory defect and sent it back.

At least, that’s what I thought until last night. Last night I received the replacement card from NewEgg. I made sure to follow the horribly written, mangled English instructions step-by-step to make sure it wasn’t something I was doing. It was almost deja-vu. First boot was fine, drivers installed without a problem. I go to fire up a game and the system crashes. Reboot and I get nothing.

This time I’m angry. I called XFX tech support. I get walked through the first round of “moron questions”. “Did you install the card correctly?”, “Did you connect the power connector?”, “Did you install the drivers?”. I answer YES to everything and eventually get tired of the run around.

“Listen, just tell me if there’s any known issues with the card and my particular motherboard or power supply, I’m not a retard, I’ve done this sort of thing before.”

“Sir, I’m merely trying to determine if the problem is our card or your computer”

“Let me save you some time… it’s not me. My system is rock solid and has been since the day I built it. Your card is rated for a minimum 300W power supply. I have a 500W Antec TruePower. The power to the card is on its own separate power line and I’ve disconnected everything non-essential that could be drawing power.”

“Well, how old is the power supply?”

“Listen, it’s not the newest in the world, but up until 15 minutes ago it was running fine, and since you don’t have your tech support phone number in any of this brilliant documentation, I reinstalled my old video card so I could online and get the number to call you. Trust me, it’s not the power supply.”

“Do you have another power supply you could use to test?”

This went on for another twenty minutes, ending up with this…

“You know what, you’ve been the most unhelpful tech support person I’ve ever called, I’d like to speak to a manger”

*Gives me mangers extension but says he’s gone for the night* “Well, I’m sorry your upset, but I’m not sales, what would you like me to do? I can only have you return the card and we can test it here and send you a replacement”

“You know what, I just don’t care any more. I’m returning the card for a refund and I’m not going to buy anything from you again. I’m going to tell everyone I know to stay as far away from your products as possible. This is the SECOND card to fail. You realize that? This isn’t the first time your card has failed. TWO of them are complete crap. I’m willing to bet the rest of your product line also has problems.”

“I’m not sales, you’re not hurting me by getting a refund.”

“You’re right, not by getting a refund… but I will be calling your manager tomorrow.”

*Click*

So, there you have it folks. Rude tech support from hell and shitty product to match. I wanted to believe that a 6600GT AGP would be the perfect card for me. It was at a decent price point, it’s AGP and not PCI-Express, and it’s not the power/resource hog of it’s bigger 6800 brothers. I was wrong. Shame on me for going “mid-range”. It’ll never happen again. I bought a 4600 for $400 when they were brand new and I’m going to do the same with the $6800. I’m going to wait for a deal on one, buy it, and upgrade the whole system. I done with messing around with sketchy companies just to save a few bucks. Screw you XFX, and the horse you rode in on.

Been busy

Sorry about the lack of updates there guys. Been sorta busy around here. There was Thanksgiving, then the pageant, then Christmas shopping, etc. You the idea. When I’m not super busy there’s obviously a game or two that’s been soaking up my free time. Our Battlefield clan is on a roll. We’re number 2 on the SquadGame ladder and we just took number 2 on the Team Warefare ladder. We’re going to challenge for number 1 on both ladders this week.

I’ve also decided to join the TCC Tank Division and give a little 2 on 2 tank action a try. Oh, btw, we’re only #3 on that ladder.

And as if Battlefield wasn’t enough, killing people with toilets in HL2DM is probably the most fun I’ve had in a long time. Seriously, you guys have got to try this.

My biggest (and only) complaint about HL2DM is that there’s only two official maps. How can you “release” a game with only two maps? Not to mention that after releasing the SDK this week, the first thing everyone did was convert all the old maps. That goes for CS as well. No, I’m sorry, playing cs_rats all over again is NOT acceptable. What part of “new engine” don’t you map makers get? You can set things on fire, have things float in water, make movable objects, have realistic glass and metal. Playing dm_iceworld or cs_assault with all the old textures simply isn’t going to fly any more fellas. I beg the map community to make just a handful of good maps again.

I would, but I fired up “Hammer”, the level editor, and it looked like a scary combination of 3DStudio Max and Auto-CAD. I’ll see if my wife can make sense of any of it, I know I sure as hell can’t.

Other than that there’s not a lot going on. Lauren and I are going to be doing the holiday decoration thing tonight and I’m going to try and finish up my Christmas shopping on Monday. I’m also considering a new CPU and mobo with the left-over from my bonus this year. If I can get all my shopping done for under $250, I’ll be golden. I haven’t done anything nice for myself in a while.

Changing gears, I’d also like to send a big fat “screw you” to the city of Houston, it’s crappy roads and it’s even crappier drivers. In the space of 2 days, I now have THREE new holes, cracks and/or chips in my windshield. It’s ridiculous. I can’t drive anywhere without some sort of debris hitting my car. I’m either behind a dump truck without a cover on it, a beat up old pickup truck that have lawn and landscaping debris in the back of it, or someone coming back from shopping somewhere with so much stuff in their pickup bed that they of course forgot to tie down.

Lastly, I’m working on a few icons for Chris. I’ve gotten the sketches done, now I’ve just got to find time to scan them into Adobe Illustrator and color them. They’re gonna look slick.

I’m out.

Just my luck

3 guesses at what doesn’t work.

And all three of them are “graphics card”

Yeah. Oh… I’m pleased as punch. Because sending back a dead card and waiting another week to get another one is just what I wanted.

As I went to install it, I noticed the fan and heatsink were a little “wiggly”. I didn’t think anything of it, most things have a little give in them. So, the card installs fine, the drivers load up, everything is cool. I fire up Battlefield… blank screen with music running before the system hangs. Reboot. It gets to the windows logon on screen. I logon and *bam*, black screen. Ok, must be a driver problem. I boot in safe mode, reinstall old drivers. Nothing. I do this five or six times. Nothing. Then I start thinking it’s lack of power. I have a 400W (it only needs 350W) but I start unplugging everything else. Nothing. Then I take the card out and look at it…. the heatsink and fan AREN’T ATTACHED to the GPU! They’re just kind of hanging there. I’m surprised there wasn’t smoke. They’re loose, floppy, unattached. The sticky part of the thermal pad had obviously become unsticky and wasn’t holding the heatsink/fan on, and when you turned it upside down, gravity was pulling the fan away from the chip.

I considered squirting some Arctic Silver in there, but you know what, this really isn’t something I should have to waste good paste on. That and they’d think I modded it or something if I didn’t work and I tried to return it.

So, on Monday, back it goes. And I’ll be waiting for a replacement.

*sigh*

What horse shit!

No one EVER order anything from Buy.com. Screw’em. If they treat their customers like this they deserve to be beaten into submission by stronger more customer oriented businesses like NewEgg.

I ordered my new graphics card yesterday at about 8am. The order was accepted, processed and my card was charged by about noon. I paid extra to have it shipped “next morning” because I knew I wasn’t going to be able to get it over the holiday weekend. So, I check my tracking this morning and it says “sent to warehouse”. I found that a bit odd and not finding a satisfactory answer on their website I decided to call them. First off, the guy spoke NO english whatsoever, which while I’m not holding it against him, would have certainly made the process a bit smoother. Apparently “sent to warehouse” is secret asshat code lingo for “out of stock”. I said that their website said it was in stock when I ordered it. The reply I received was something along the lines of “Da website, it diz upgraded once daily to be updated. Sold out before updated it might have been…”

*blink*

Who the fuck is this guy? Yoda? That’s horse shit. At this day in age, you’re telling me that they can’t have an up to date inventory system? Bullshit they can’t. They’re fucking lazy more likely.

So, of course my options were to wait for it to be restocked or to cancel my order. 3 guesses what I chose…

So, I’ll be wait the 10 DAYS (!!!) for my refund so that I can order it from NewEgg. That, again, is horse shit. What sort of banking system do these morons use? 10 Days? Shit, personal checks clear in less. Seriously. I could write a personal check, mail it to someone, have them deposit it and SPEND it in 10 days.

They said the order cancellation itself could take 1-2 business days… which means NEXT MONDAY before the 10 days start.

I’m livid (in case you couldn’t tell).

I’m NEVER ordering from those fucks again. It’s NewEgg all the way baby. Not only do they have a normal inventory system, but 99% of my orders from them shipped out the same day AND got to me early.

The ONLY reason I didn’t order it from NewEgg is because they were out of stock. So… the single reason I chose Buy.com is because they said it was in fact in stock.

Oh, the irony.