Saturday, September 24, 2005

Virtual worlds

Here's a question. If you found a virtual world in a video game, would you think much of what you did in it? What if you found a computer in the virtual world? What if that computer ran like an actual computer and you were able to get X up and run OpenOffice.org?

I wonder, really I do, about the implications of a computer game that would spawn computers inside it using, say, a hypervisor on a cluster utulizing special virtual CDs found in the game world that were really scripts to install the basic system to the virtual machine. Really I do.

Obviously whoever has access to the machine can monitor you, track your progress, keep tabs on the state of secure handshakes using modified software made to leak, and compromise any security you can conceive; you don't want to rely on a public server to secure your stuff because you have encrypted disk and connection. But what about private applications, or testing? What could you conceivably do, really, with this?

Let's say the game engine is smart enough to have Xen balance out its individual computers across a flexible cluster that can be grown and shrunk without down time, by adding and removing nodes (i.e. physical computers). Existing nodes being removed evacuate to the network; they can then be massively upgraded and plugged back in, at which point the network makes them a supporting node and adds the added hardware to its own. This is relatively normal for a cluster; but the control by a game engine isn't.

So let's say the cluster, controlled by the "game," is pretending to be a network now. You can configure networking in the game by walking up to a computer and looking at an X screen exported out to the game, or a console supplied by Xen and filtered through the game. Hit the console, configure the network. The back-end work to make the computer act physically connected is handled by the game engine; if you run physical cables, the game tells Xen to pretend these computers are bridged.

You now have a "game" in which you can pretend to build a network; set up servers; and run cabling. The only thing you can't do is simulate hardware failure; and tweaking it to use a few real machines that you obviously have to hack up in the real world will fix that. Using a mixed environment, you can have multiple clusters of PPC, x86-64, and IA-32 architecture, each acting as a cluster with all the others of its architecture, with the three clusters acting as individual from one another instead of doing something stupid like trying to share processes across eachother.

Taking this a step further, a kernel with Xen in it can run on any of these machines. The game understands when they reboot, and tells Xen to restart them. You can mess with them and patch them and upgrade them and throw security enhancements like GrSecurity on them if you can make Xen not barf with them. You can set up secure nodes and run them and test them, quite literally, in a sort of "half-simulated" environment.

At the end of the day, of course, you could shoot your boss in the forehead on the way out of the "office;" he'll just respawn with the BFG.

Monday, September 12, 2005

Revisiting copy protection...

I e-mailed the MPAA today on their Report Piracy Hotline about copy protection. Pretty much, I'm annoyed by it, and it's useless. Now we all should know that any copy protection can be broken; and track records for breaking it typically range from several months before a copy protection method is deployed in a product to a few weeks after something on the market uses it. Millions of dollars go into dismally ineffective ideas, and here we go.

What copy protection does do is get in the way of the end user and prevent them from performing some completely legitimate tasks. As for breaking the law, somebody will do it and share the results with everyone else who can't do it themselves, so no problems there. No such luck for the end user; solutions to obscure problems don't get shared freely in a downright illegal transfer of data.

This happened to me. To be brief, I mailed the MPAA with the friendly message below.

I have just legally purchased "The Incredibles" from a Best Buy retailer. This was the 2-disc set "Special Edition" for $19.99.

I would just like to say that the copy protection works extremely well at PISSING ME OFF and assuredly PREVENTS ME FROM VIEWING THE MOVIE PROPERLY AND COMFORTABLY ON MY EQUIPMENT. Whoever designed this NEEDS TO DIE.

Let me begin with details of my setup. I have a Playstation 2 as a DVD player hooked up to a VCR which accepts audio/video, and a surround sound system which accepts audio/stereo. The VCR uses an RG6 terminated coaxial cable to connect to the TV, typical of standard cable hook-ups. This is done because the TV does not have ports for audio/video direct connections.

The apparent problem is that the copy protection on the DVD distorts the picture if a VCR is in-line. This was noticed earlier when my friend had the same problem, but jacked the PS2 directly into his TV and "fixed" it. I have no such luck; therefor, my picture flicks on and off in alternation, each state holding for a few seconds.

There are several solutions to this problem:

1. Copy the DVD using a decode/recode process
- This will definitely work; the copy protection is a useless annoyance to playback only, not actual DVD copying
- Software is easy to get, probably already installed
- The quality will go down slightly
- Costs me a DVD+R
- Fair use clause of US copyright law explicitly allows this
- BetaMax decision sets courtroom precidence allowing this
- DMCA bans this

2. Utilize my computer
- This will definitely work
- Play on a smaller screen
- Can't be productive at the same time

3. Download from bittorrent and burn
- This would also probably work
- The quality would suck
- Finding a bittorrent would be annoying
- (1) is a better solution anyway

4. Buy a new TV
- This would also work
- I'd have a better TV
- I'd be inable to pay my car insurance and fault financially
- This is not a real solution; it's a treatment of symptoms

Perhaps you need a simple reminder. . .

IF YOU SPEND MILLIONS OF DOLLARS DEVELOPING A COPY PROTECTION METHOD, IT WILL BE BROKEN VERY, VERY FAST BY SOMEBODY, AND THEN SUBSIQUENTLY IGNORED BY ANYONE TRYING TO DO ILLEGAL THINGS. LEGITIMATE USERS WILL BE QUITE ANNOYED BY YOUR IGNORANCE AND REPETED FAILED ATTEMPTS AT ADDRESSING THE PROBLEM.

Let's take a few situations here.

1. Customer can legitimately decode in his own isolated system
- It can be done here
- Reverse engineer the system OR
- Just sniff the decoded data

2. Customer needs to validate with an external site
- Not all customers have a connection to you
- Massive privacy violation you'll try to write away in a license
- Just stick a modified recording hardware in-line to beat this
- Or better, sniff the network data and RE the protocol, then start sharing the collected key(s)

Now go fuck yourselves and try to learn from repeated failure.

To add insult to injury, the response I got was rather terse.

This message was created automatically by mail delivery software. Message violates a policy rule set up by the domain administrator Delivery failed for the following recipient(s): hotline@mpaa.org

Needless to say, I'm working on getting around whatever rule set they have in place. In the mean time, let's all stand and clap for an unexpected consequence of a system which failed to meet its original intent anyway.

Sunday, September 04, 2005

Mozilla and Firefox dumping SSL2.0

Well, it looks like Mozilla is dumping SSL2.0, and with that comes the loss of SSL2.0 in Firefox as well. This means supporting code will be gone, and a very few sites will break; but fortunately, most sites support SSL3.0.

I say good riddance to bad rubbish, and may it rot in Hell forever. Some info about SSL2.0, it can be attacked a lot easier than SSL3.0. A man-in-the-middle attack can be used to force 40-bit weak encryption; and message authentication hashes use 40-bits even for 128-bit ciphers. There's a couple other weaknesses that more or less are considered immaterial or minimally useful, but being able to break the cipher invisibly and snoop the traffic is a major, major downer.

A little history lesson, The Data Encryption Standard, with 56-bit keys, was broken by a $250,000 device in a little over 2 days; ironically, 56 hours counts as "a little over 2 days," but this is just coincidental. Today's computers can do a 40-bit symmetric key in under a couple weeks, if not days. Credit card sniffing is useful in minor incriments; you can pick up a dozen credit cards in a month and have a good $50,000 limit right there. More powerful computers can be done in around $1000 to do it in much less time.

I say everyone makes sure SSL2.0 is disabled in Firefox as soon as possible. They're dropping it; get used to it. Complain to the webmasters if your stuff stops working; enable it only if it's needed for your business or job to function.

SSL3.0 has a compatibility feature which allows fallback to SSL2.0 if the client or server can't support SSL3.0. Having SSL2.0 available means that SSL3.0 connections can be man-in-the-middled to fall back to SSL2.0, as the flaws in SSL2.0 are perfectly possible until the last phase of the SSL3.0 hello. From there, the connection can be man-in-the-middled to use a 40-bit key, as it's now SSL2.0. The attacker now only needs a few hours on a newer system to break the key.