Follow Slashdot stories on Twitter


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:What's the process? (Score 1) 187

by Harik (#48307145) Attached to: Denuvo DRM Challenges Game Crackers

One of the most intrusive DRM schemes I've ever seen was in the 90s with one of the 3d modeling programs. I don't think autocad but I the name isn't popping to mind. Anyway, it had a dongle protection and there were innumerable 'propers' of the crack because of how interwoven into the code the protection was, in the most devious possible way: subtle errors in math. For 3d modeling, that meant it would look fine at first but after enough time you'd start to notice vertex drift, and it slowly cascaded into complete model corruption.

Comment: Re:Makes you wonder... (Score 1) 187

by Harik (#48307043) Attached to: Denuvo DRM Challenges Game Crackers

Not really. In fact, most DRM-enabled games are cracked before their official release date - meaning you can pirate and play before it's possible to buy. It's only when a brand new scheme is devised (like this, apparently) that you get any sort of gap between release and piracy. It's an economically unviable situation - as soon as you've released your DRM into the wild it's going to be cracked, and the second time you use it it will be cracked faster. So you have to spend more time developing and testing a DRM scheme than it takes the pirates to break it, and that's money that (should) be going into development of the title you want to protect.

Comment: Re:landline? (Score 1) 497

Bug in their autodialer code and his number sorts early in their loop?

Either way, while CLID is worthless garbage, the call setup IS recorded and tracked, and if you're getting harassing calls from a spoofed number you can call your phone company to get them to trace the real number.

The other possibility is that they're not buying or spoofing, but that they're hacking VoIP systems. All the VoIP systems I run see continual attempts at password guessing (until fail2ban says 'fuck you' to the IP, untill it hops to another host... the forever war).

Comment: Nobody mentioned the exploit? (Score 4, Interesting) 583

by Harik (#44473179) Attached to: Half of Tor Sites Compromised, Including TORMail

There's a pretty good unwrapping of the payload here, and it's a pretty creative exploit of the javascript interpreter to execute shellcode. Just from a glance at the shellcode, I see a hand-crafted HTTP header so at minimum they're using the OS network stack directly to give the tor-level UUID a public IP coorelation. Beyond that, they could be doing anything since they're already through the sandbox.

Comment: Re:Misses the point (Score 1) 419

by Harik (#44086891) Attached to: Android Fragmentation Isn't Hurting Its Adoption

I disagree with your first statement - it's different to argue ease of compatibility between versions vs the benefits of sticking with ancient releases. I don't think anyone is happy about the continued market share of android 2.3, but from a developer perspective it's not world-ending to use some support libraries instead of natives for it. (It bloats the hell out of your base app size, though).

The unfortunate reality is that phone manufacturers see software updates as a 'feature' to sell newer phones - I don't think this will change barring a radical relicencing of android from Google. One thing that may give them impetus to move along would be forcing unlocked bootloaders - if they don't supply the upgrade, third parties will, and then all their tie-in bloatware goes away.

Comment: Re:Misses the point (Score 1) 419

by Harik (#44086815) Attached to: Android Fragmentation Isn't Hurting Its Adoption

Except most of the new features you get on a new google release come with back-support libraries (Google or third party) that let you target older platforms. Writing an app for 2.3+ with modern features using HoloEverywhere was nearly as trivial as changing imports from to org.holoeverywhere.

If you're doing CPU intensive work, you're going to target 4.0+ anyway, simply because no device that runs 2.3 stock has a modern processor in it.

Comment: Re:So... (Score 1) 467

by Harik (#44056247) Attached to: Altering Text In eBooks To Track Pirates

They could rewrite the entire book, keeping only some of the sections with deliberate watermark errors, and it'd still be tracked down to them.

You miss out on the fact that they're not looking for errors - they're looking for specific errors in specific places. Think back to old detective novels with a piece of cardboard with little squares cut in it. Put it over the right page of what looks like a love letter and "we bust out of the back exercize yard at midnight" pops out.

With sufficient redundancy in their data (Come on, people, QR codes, PAR2? ECC? How does a group of computer people not instantly comprehend the idea of redundancy?) you couldn't be sure that random selection of bit flips would be enough to obscure your trail.

Comment: Re:So... (Score 1) 467

by Harik (#44056165) Attached to: Altering Text In eBooks To Track Pirates

And finally, _if_ the publisher finds a copy with watermark removed, then I would think the copier has gone straight into criminal territory, so while the risk of getting caught is lower, the possible damage to you is much higher.

Right, it's finding the watermark removed that's the big red flag, not that they found it on a filesharing service. Do people think about what they type before prognosticating on /.?

Nobody's gonna believe that computers are intelligent until they start coming in late and lying about it.