Archive for the 'Computers' Category

Removing Adobe DRM from Books

Sunday, May 10th, 2020

Digital Restrictions Management is an abomination. I try to avoid it, but ever so often you stumble upon something, and you need it in readable, unrestricted form. Turns out, the mechanisms for removing DRM are just as an unholy mess of outdated software and scripts for proprietary systems as the DRM systems themselves.

The first thing you get when stumbling upon Adobe DRM is an .acsm (Adobe Content Server Message) file. It’s an XML that tells Adobe Digital Editions (and Apps that implement it) where to download the data.

Apparently, there’s several versions of Adobe DRM, and you can enforce an earlier one with a downgrade attack, by using Adobe Digital Editions 2.01 for Windows, apparently still available from Adobe, as it’s the last version to run on Windows Vista and Windows 7.

And yes, you need to create an account at Adobe to use these.

I actually tried ot the newest one (4.5.11) as well. Installation is straightforward:

WINEPREFIX=~/.wine.ade4 winetricks corefonts dotnet40; \
WINEPREFIX=~/.wine.ade4 wine ADE_4.5_Installer.exe

According to winehq.org this should work, but upon trying to download anything with it, it returned E_ADEPT_DOCUMENT_TOO_SHORT.

ADE 2.01 is a bit trickier, it needs a 32bit wine prefix, and dotnet 3.5, servicepack 1. As 4.5.11 it needs corefonts too.

WINEARCH=win32 WINEPREFIX=~/.wine.ade2 winetricks corefonts dotnet35sp1; \
WINEPREFIX=~/.wine.ade2 wine ADE_2.0_Installer.exe

Again according to winehq.org this should work as well, but also returned E_ADEPT_DOCUMENT_TOO_SHORT, which might point to some network-problem, winbind-error, crypto-library too new or somesuch. In any case, you can’t find anything useful by searching for the error.

So I’ve been looking for other apps, some open source on github or somesuch, that could use .acsm files for download. And I found at least one: Aldiko, on Android. It’s apparently also abandoned, but it still can be found on Google Play. I got myself Aldiko Classic 3.1.3.

Upon loading a .acsm File in Aldiko (from anywhere, basically, I copied some I downloaded with the Browser on my Workstation into /sdcard/Download), you get prompted to enter your Adobe acocunt; after that it downloads the books to /sdcard/eBooks. And you can copy over these to any device that has the keys for your adobe account. Like your wine-prefix.

I initially tried to get DeDRM working standalone or with my Calibre on Linux, but it turned out this thing is a collection of dozens of scripts, which all demand python 2.7. Which is EOL, and which no sane person should use aynmore. As you can see from the pull-requests and issues, there’s some efforts of making these work on contemporary python, but these went nowhere so far (“Python tests (2.7) failed” — duh!).

Also, as it turned out, after I fixed one of the scripts to run with python 3, these things rely on the existence of ADE on your system; and you either need to somehow convert registry-entries or get files from MacOS to get the device key and the licence key. Which then are pumped through some assembler(!) to get a useful .der file. All in all, too complicated,

What I did instead was to install python-2.7.msi, pycrypto-2.6.win32-py2.7.exe and calibre-3.48.0.msi into the wine-prefix and run from there:

WINEPREFIX=~/.wine.ade2 wine msiexec /i python-2.7.msi; \
WINEPREFIX=~/.wine.ade2 wine pycrypto-2.6.win32-py2.7.exe; \
WINEPREFIX=~/.wine.ade2 wine msiexec /i calibre-3.48.0.msi

Within calibre, finally, in “preferences -> Plug-ins -> Load Plugin from file” I installed DeDRM_Plugin.zip from DeDRM_tools_6.7.0.zip.

The books downloaded with Aldiko on Android and copied over can now be added to the collection in calibre, and have their DRM removed automatically.

Making xpdf usable on HiDPI with .Xresources

Friday, May 1st, 2020

I now have a 4K-screen, and immediately some programs became unusable. Everything KDE just worked. URxvt and XTerm just needed an OpenType font specified instead of the old “fixed” one.

Like this:

xterm*faceName: Monospace
xterm*faceSize: 10

and this

URxvt.font:     xft:bitstream vera sans mono:size=14:antialias=true
URxvt.boldFont: xft:bitstream vera sans mono:bold:size=14:antialias=true

But some were more elusive, most notably, because they’re badly documented on the net, and information is difficult to find because the motif-toolkit is very ancient. One of them is xpdf. Whose UI sported tiny fonts.

But I managed to produce a somewhat decent .Xresources (either put them into .Xdefaults; or put them into .Xresources and merge in via xrdb -merge .Xresouces).

The font really needs to be specified in the old fontList way, and I couldn’t find out how to make it use a modern OpenType font.

The rest is mostly to turn off superfluous borders and heavy shadows.

Xpdf*fontList: -*-lucida-medium-r-*-*-20-*-*-*-*-*-*-*
Xpdf*XmText.background: #ffffff
Xpdf*XmTextField.background: #ffffff
Xpdf*XmList.background: #ffffff
Xpdf*GraphEdit.background: #ffffff
Xpdf*shadowThickness: 1
Xpdf*borderThickness: 0
Xpdf*?*arg*shadowThickness: 1
Xpdf*?*arg*borderThickness: 0
Xpdf*?*buttons*shadowThickness: 1
Xpdf*?*buttons*borderThickness: 0
Xpdf*XmToggleButton*shadowThickness: 0
Xpdf*XmToggleButton*borderThickness: 0
Xpdf*menubar.shadowThickness: 0
Xpdf*menubar.borderThickness: 0
Xpdf*XmMenuShell*XmTearOffButton*ShadowThickness: 2
Xpdf*main_window.?.borderThickness: 0
Xpdf*main_window.shadowThickness: 0
Xpdf*cutCopyPasteBindings: KDE
Xpdf*selectAllBindings: KDE
Xpdf*buttonColorKey: c
Xpdf*FlatButtons: on

And you especially want it to start in a decent size. You can set this in .pdfrc, but this replaces it:

Xpdf*initialZoom: 200

A Minecraft Modpack: A-Roving

Sunday, January 19th, 2020

With the advent of Minecraft 1.15.1, there came modpacks. And face it, playing Minecraft without automapping (and probably veinminer/ore excavation) feels rather weird. So I started looking at them, and soon found out, there are even now a lot more mods for 1.15.1 than are included in modpacks. So I made my own:

It’s available at https://www.curseforge.com/minecraft/modpacks/a-roving.

A-Roving is focused on roving, wandering, exploration, spelunking and dungeoneering. It still features some tech and basically is a kitchen-sink pack, but the focus is on stuff that either makes exploration interesting like ruins and generated structures, or that supports it, like backpacks and diving gear.

The one thing it’s not focused on, is building. While some mods add to the block palette, I explicitly left out things like Structurize or MrCrayfish’s Furniture mod, as they add mostly a lot of blocks. But there are some things in there that add light options (including the MegaTorch, which allows you to use low light levels without having to fear spawning) and redstone controlled contraptions.

Also left out are things that change gameplay completely, like “Lycanites mobs” (which looks ugly, by the way, and wrong).

As of now it’s one of the bigger modpack for 1.15.1 with 150 mods, but there are still a lot of mods missing that are not yet on 1.15.1 or have no replacement. Some tasks like mob farms will require combinations of vanilla and modded ingenuity.

It’s also configuration-light, meaning most of the mods behave as the mod-makers intended, I intend to change the configs as I go and find “undesirable” behavior, like lootbags containing creative power sources (which should be fixed in version 1.0.0 already).

Bad Minecraft Mods

Wednesday, October 10th, 2018

There are some mods for minecraft out there, that are just plain bad, not because of code quality or because they contain bugs and are badly maintained, but because they’re subscribing to some kind of philosophy that’s actually hostile towards the player. In most cases, nobody would use them, but sometimes these mods get entrenched into modpacks where they become a nuisance to a lot of players. I likely did forget some things, and maybe people will tell me that this-and-this feature(!) has been fixed, but on the whole I gather I’m right, and these mods are not going to change what I’m criticising. Since I don’t want to post a worst-of-list, but detail where they fail, they’re sorted alphabetically.

Avaritia

Avaritia offers some extremely powerful weapons and armour, which it tries to counterbalance with two things:

  • Idling to wait for enough stuff to build up in some strange machine whose main purpose is to be slow (you need thus a lot of those) or for stuff to build up in you system (like hundred-thousands of blocks of something), to move into some other machine, very slowly, to convert into something. To add to the insult, if you break the machines, you loose all content; like tens of thousands of iron blocks.
  • Clicking various stuff into place in an oversized crafting table that can hold much more different ingredients than your inventory, thus making any effort of automatic filling in of the recipe useless. And if the recipe is simpler than 36 ingredients , you’re sure to need something like 58 stacks.

Sounds familiar?

Buildcraft

Buildcraft is intended to goad players into overloading servers by having things that will behave badly and produce lag, unless the player knows exactly what he’s doing.

  • Hose’d It’s not a pipe, it’s a hose, and the player needs to throttle the feed, or it will spill and kill the server. But maybe it will anyway, since it runs on random ticks and likes to spill on chunk boundaries. And you need to power pipes, and these engines produce, you guessed it, lag.
  • Not Invented Here Needs its own incompatible power system, which is basically the same, but incompatible. Oh wait, replaced the compatible one with an incompatible one.

Factory Tech

Factory Tech is for making replacement parts that constantly break for Factory Tech machines that constantly break.

  • Russian Dolls Sorry, but to craft the thing you need, you need to craft 5 more machines. Actually, a complete production line for all these machines, because you need to supply them with parts that constantly break.
  • Micro Stacks So you can’t stack up on parts and need to set up a production line. Really.

This might be an interesting mod if you really wanted to decide on it, like for a mdopack that does not have RF or its equivalents at all; but if you run into it in any other context, it’s an exercise in frustration.

Forestry

It’s about beekeeping. It doesn’t care whether you only wanted to grow trees, now you’ll do beekeeping.

  • Wrong Path The main problem is, in order to pollinate trees, you need to breed bees, and you basically need to go into a rabbit-hole of bee breeding, just to get the right kind of bees.
  • Mutations There’s a huge tree of species; actually two trees, one for bees and the other for trees to mutate around. If you’re lucky. In fact, you’ll be so unlucky, there’s a mod called Gendustry out there that allows you to tone down the randomness and with some effort get the species you want.
  • Weird machines You need several machines that are basically useless for everything else. Some also need electronic parts, which are also useless everywhere else, and are made by other weird machines.

There’s actually a lot of interesting stuff in Forestry, but the mechanisms force you to do microcrafting and follow paths — for a long time — you didn’t actually intend.

Hats

Because novelty is only funny once.

  • Not Hats. Putting weird shit on your head doesn’t make it hats. Believe me, I’m the guy who has a collection of more than 100 actual hats, caps and helmets.
  • Visual Mis-cue Sometimes probably intended, you see something and think there might be something special, but it’s only some stupid tĥing on the head of a mob.

IndustrialCraft 2

The use of IndustrialCraft is to craft and power IndustrialCraft machines.

  • Hostile to other mods. It actively tries to do it’s own thing, to the point of sabotaging interoperability-efforts of other mods. For instance other power-systems than its own, but also stuff that tries to pick up its blocks, or stuff that feeds to/from IndustrialCraft machines.
  • Things fail Machines will explode if they get too much power. And they always used to break if somebody tried to pick them up with a pickaxe, and even sometimes if done with the proper wrench. Which is just a nightmare for new players to figure out how this mod is supposed to work.
  • Not documented Lots of weird and inexplicable behaviour, not documented. And even the textures are nondescript, which adds to the general impression of hundreds of (machine?-)blocks with no purpose (apparently it’s only 98).
  • Microcrafting You will need a lot of these machines, just to get the parts done for other machines. And then you need to craft things from things to craft things to craft things.
  • Highly Illogical It’s got a power system on it’s own. Not one that’s more realistic, but one that’s totally absurd; like needing a transformer at the plant for every thing that uses power. And did I mention everything explodes if it gets too much power?

Lordcraft

The real clicker game. It’s even worse than Avaritia.

  • Clicker It has its own crafting bench, which needs to get some kind of power from another block, where you need to feed in crystals; but the really bad thing about this crafting bench is that you need to click for every item that is being crafted. Wait a few seconds until its crafted, click again. Of course it ignores redstone clocks.

Magneticraft

The evil twin of Immersive Engineering

  • Powerless Magneticraft feels somehow like the modern cousin to Immersive Engineering, the logical extension to it. But it does not accept power from it. Magneticraft does have a real-world electrical system itself, but there is no reason not to just convert RF to Joules and RF per ticks to Watts. The voltage could be ignored or converted to LV/MV/HV where available. But no.
  • Interface unclear Especially for the multipart machines, it’s entirely unclear where the in- and outputs are, and why the machine doesn’t get power and so on.

Tech Reborn

It’s important to frustrate anyone trying to use the mod for the first time.

  • Break it Whenever somebody misplaced a machine, indicate it’s “harvestable by pickaxe” and then revert it to the lone machine frame it was based on, destroying everything else that made up the machine. Seriously, you really want don’t want anyone start using your mod?
  • Microcrafting Everything needs complicated things, preferably made by other machines. Even the machine frame needs “refined iron”, which is simply twice smelted iron..

Dateinamen sind Schall & Rauch

Tuesday, August 28th, 2018

Vortrag zur CoSin 2018 in dem erklärt wird weshalb Dateinamen Ephemeral sind und wichtige Informationen in der Datei selber gespeichert werden sollen.

Minecraft: Zeppelin for Skyblock Worlds

Wednesday, February 28th, 2018

Apart from floating Islands, the other big theme that makes itself obvious for modded Minecraft Skyblock worlds, is airships.

Planetminecraft is full of these Airships; most follow some steampunk theme and feature a huge ship hanging from a ridiculously small bag. A few are actual zeppelins or blimps, but the most beautiful of them are usually replica of historical ones, like LZ127 (236m long, 30m diameter) or LZ129 Hindenburg (245m long, 41m diameter).

What I needed was a zeppelin that would look like a zeppelin regarding the dimensions, but smaller. If it’s about loaded chunks, you don’t want to get all out.

So basically the requirements where these:

  • It may have the maximum diameter of a chunk, that means 16
  • Diameter must be an odd number, so 15 it is
  • It should have a fitting length to get decent proportions relative to the diameter, something like a ratio of 1:6 (LZ129 has exactly that one; LZ127 has one of 1:7.5)
  • Easy to build with skyblock resources. But not requiring any modded blocks.
  • schematic for the use with the schematica-mod

In the end, I made two versions, one out of cobblestone, for building early in the game, but which could be a liability if your modpack doesn’t have something like a swapping wand; and a mid-game version in grey wool, completely lightened out and carpeted.

In all honesty, I didn’t try out the cobblestone-version, as I managed to get a lot of string very fast in different modpacks. Also, the models feature a very bare-bone gondola, which I never built in survival. Instead I built good-looking ones, out of aluminium. There are no motor-gondolas either.

Schematics

And here how it looks on the inside:
View from the front doorView towards the back
This is all without any modifications, straight from the schematic. It features 3 walkways, two hatches on top, a hatch to the gondola on the bottom, and a door at the front. Also, a room, lit by toggleable redstone lamps, which is something like 24 blocks from the gondola away, in other words, pre-made and suited for a small mob-farm, with still the whole bow to spare as workplace.

When I used this within “Modern Skyblock 3 Departed“, I put some windmills in place where the motor gondolas would reside, and put a decent gondola into place:

These didn’t provide enough energy, so I put some solar panels on top, behind glass:

Because the interior takes a lot of power:

Especially the cloches from “Immersive Engineering” I installed, which basically produce every resource imaginable via “Mystic Agriculture”. You can see the watermills from “Extra Utilities 2” producing GP as well.

Block usage of the woolen version, in order of importance:

  • 3089 Light Gray Wool
  • 1838 Light Gray Carpets
  • 415 Gray Wool
  • 62 Glowstone
  • 20 Redstone
  • 8 Redstone Lamps
  • 4 Levers
  • 2 Iron Doors
  • 33 Oak Wood Planks
  • 308 Stone Slab
  • 18 Ladders
  • 3 Wooden Trapdoors
  • 15 Oak Fences
  • 20 Oak Wood Slabs

In total, 4728 wool, 1644 ink and 3081 bonemeal.

Vive Linux

Monday, December 5th, 2016

I’ve got a HTC Vive, and I managed to get it to work, and – more importantly – to get several applications to work with it.

Kernel

The Vive comes with a link box that connects to USB and HDMI, so you need to have some drivers compiled in. The following might be somewhat nonstandard, or at least I haven’t had to use them before I got the Vive.
CONFIG_USB_HIDDEV=y
CONFIG_SND_USB=y
CONFIG_SND_USB_AUDIO=m
CONFIG_SND_HDA_CODEC_HDMI=y

Also, you need to give your user some permissions on these devices via udev-rules. The debian-package steam-devices will actually install one, but apparently this is not enough, thus:
ACTION=="add", KERNEL=="hidraw*", ATTRS{idVendor}=="0bb4", ATTRS{idProduct}=="2c87", TAG+="uaccess"
ACTION=="add", KERNEL=="hidraw*", ATTRS{idVendor}=="28de", ATTRS{idProduct}=="2000|2101", TAG+="uaccess"

Or something thereabouts. Using TAG+="uaccess" is the modern version you should use instead of MODE="0666" or somesuch.

X11

I actually wasn’t able to tell my system it should use the DisplayPort first, if a HDMI device was plugged in. So I need to boot first, and only then plug in the HDMI cable to the link box. This also has the effect that my X11 usually has no idea about the Vive, and it needs to be activated to work. You can set the Vive display as active in nvidia-settings (for nvidia, GPUs obviously). This looks like this then:
$ xrandr --listmonitors
Monitors: 2
0: +DP-0 1920/477x1080/268+0+0 DP-0
1: +HDMI-0 2160/122x1200/68+1920+0 HDMI-0

Building Vrui

The first thing I read about anything working with the Vive on Linux, was this post: I Am Using VR on Linux with My Vive and Vrui. I actually had tried an earlier version of Vrui before, but failed. But 4.2-006 actually works. However, there are no debian-packages, it’s not even available to clone from some RCS, there seems to be only a tar-ball, and along with it even a bash-script to build it.

Since I think bash-scripts and wget to build software is 1980ies I only followed it somewhat. First, get dependencies:
apt-get install build-essential g++ libudev-dev libdbus-1-dev libusb-1.0-0-dev zlib1g-dev libpng-dev libjpeg-dev libtiff5-dev libasound2-dev libspeex-dev libopenal-dev libv4l-dev libdc1394-22-dev libtheora-dev libbluetooth-dev libxi-dev libxrandr-dev mesa-common-dev libgl1-mesa-dev libglu1-mesa-dev libxine2-dev
Note the libxine2-dev which the script doesn’t install.

I then edited the makefile, where I changed a load of hard-coded variables around, and also set known paths like STEAMVRDIR to where I knew it would find it, because it would otherwise do find over my home-directory.

As it turned out, my build environment was also too new, it bombed on the C++ 11 ABI. I had to put
CFLAGS += -D_GLIBCXX_USE_CXX11_ABI=0 into the makefile. And since we’re on it, put it into ExamplePrograms/makefile as well, but take care that it goes below the include-statements.

After compiling and installing, it’s ready to run. If you haven’t installed the udev-rules yet, Vrui comes with some decent ones. And you can also change directory to ExamplePrograms, and build and install these as well. And copy over the Share/RunViveTracker.sh to where its useful.

Running Vrui

First off, start RunViveTracker.sh and keep it running.

Now you first want to run EyeCalibrator -rootSection Vive, which will display a window within the Vive, that will show you to how many millimetres you set the interpupillary distance with the knob on the right of the Vive. Read Technology Transfer for more information.

The next thing is RoomSetup Vive. Note that you don’t want to set a rootSection here, as you want it to display on the desktop. Vive la Vrui! will basically walk you through this. The room setup will define the area for the Screen Protection (that is the green wireframe) which will pop up if you move too near to the room borders.

After that, you’re ready to go, to use something like ClusterJello -rootSection Vive. See I Am Using VR on Linux with My Vive and Vrui for more.

VruiXine

If libxine2-dev was already available while building the Vrui examples, VruiXine should already have been compiled. As usual, it’s started with VruiXine -rootSection Vive, if you want it to use a different audio output than pulseaudio, you can set that with -ao alsa or something like that.

For me, VruiXine always starts with the window at an angle about three metres to the left. Upon clicking on “theatre”-mode in the menu, this gets fixed and the window is in front of me. Or I can start it with -vo theater (careful: American spelling: “theater”). Also menus appear in five metres distance initially, but pulling them up again will subsequently display them near me and readable. The “Save”-button in the DVD menu, will save the streaming settings and display mode (window/theatre), but not the window size and position, and it will save it into the folder the movie is in, with the name of the movie and .cfg added. So all the settings are movie-specific.

Also, unless you’re sitting in the middle of your VR space, you might need to disable the Screen Protector lest you constantly have green wire frame in your movie. Apparently you can do this in the menu “Vrui System”->”Devices”, but I just set screenProtectorDevices ( ) in ~/.config/Vrui-4.2/Vrui.cfg.

You can see which config-files are used by starting it with the -vruiVerbose flag.

See also the “Watching Movies” section on Vrui on Oculus Rift DK2

CaveQuake

CaveQuake is a Quake3 map viewer that sets up on Vrui. See Quake III Arena Maps in VR, under Linux, with Vive+Vrui on how to set this up.

One important thing to note is that here as well, I had problems with the C++ 11 ABI. In the installed share/Vrui-4.2/make/BasicMakefile I put in EXTRACSYSFLAGS += -D_GLIBCXX_USE_CXX11_ABI=0 So everything compiled against Vrui in the future would get this flag set. For CaveQuake itself, I also did set export EXTRACSYSFLAGS += -fPIC temporarily to compile.

The controls you get with “Walk” are this green thing on the floor, which is meant to be leaned on/off to move you. Which is really made for use in a Cave, and not in a Couch. Sadly, I have not yet found any option to control movement via keyboard, or even via those Vive controllers.

Apparently, most menu items in the Vrui control menus are really not menu items, but tool bindings, things you can bind to your controllers, save with “Vrui System”->”Devices”->”Save Input Graph” and load with -loadInputGraph on the commandline. Still, I don’t quite understand how this works.

Vivecraft

Vivecraft on Linux

Vivecraft on Linux

There is a Minecraft mod for using the Vive, called Vivecraft. You can get it from https://github.com/jrbudda/Vivecraft_110 but I haven’t been able to build it myself yet. So I used this: vivecraft-1.10.2-Vivecraft-jrbudda-6r4-installer.jar.zip
There are some other versions flying around, but they may lack the native Linux libraries. Also, you need Minecraft of course.

Now, in order to get this working, I needed the 64bit versions of the SteamVR libraries driver_lighthouse.so and libaitcamlib.so. The main problem were dependencies, since my system does not usually have such outdated libraries as libudev.so.0. The first attempt was to use the Steam-environment, but that includes dozens of outdated libraries, which in turn resulted in java not working. So I symlinked only the necessary libraries to where they were needed:
cd ~/.steam/SteamApps/common/SteamVR/bin/linux64
ln -sf ~/.steam/ubuntu12_32/steam-runtime/amd64/lib/x86_64-linux-gnu/libudev.so.0.13.0 libudev.so.0

And wrote a little startup-script:

#!/bin/sh
DRIVERDIR=~/.steam/SteamApps/common/SteamVR/drivers/lighthouse/bin/linux64
COMMONDIR=~/.steam/SteamApps/common/SteamVR/bin/linux64

export MESA_GL_VERSION_OVERRIDE=4.1
export MESA_GLSL_VERSION_OVERRIDE=410
export __GL_SYNC_DISPLAY_DEVICE=DFP-5

export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$DRIVERDIR:$COMMONDIR
cd ~/.minecraft
/usr/lib/jvm/java-8-openjdk-amd64/bin/java -Xms2048M -Xmx2048M -jar Minecraft.jar

You might need to change that DFP-5 there, that’s the HDMI port your Vive sits on.

With that, it starts, and as long as the Vive can not see the base stations it displays the main menu. However, when I put it on, the menu is only visible up to the far right. There’s a “Reset Origin” menu item, and if you place your mouse on that before putting on the Vive, and click on it afterwards, Vivecraft kinda works. You can walk around, destroy and place blocks and so on. All with you mouse and keyboard. What’s not working for me is the menus and inventories, as I suspect they pop up somewhere where I can’t see them.

See also the issue on github.

The Biggest Threat to Cyber-Security is Surveillance

Thursday, September 8th, 2016

The biggest threat to cyber-security is surveillance. Or rather the will, ability and legal status of organisations who prioritise surveillance and active attack abilities above defence and security.

The point is, that surveillance does not mean passive wire-tapping. It means attacking infrastructure where the data you want is available unencrypted, or infrastructure through which the message or data travels. Infrastructure which might not be under control of the entity trying to gain these surveillance-capabilities. For instance it might target the sender or the recipient of an encrypted e-mail or instant-messenger message. Or an intermediary, in order to know who communicates with who in the first place. All these actions are not comparable with passive wire-tapping, in fact, these attacks are indistinguishable from hacker-attacks aimed towards any other goal, like the enactment of botnets; and they also enable the attacker not just to eavesdrop, but to do whatever else he pleases, from launching man-in-the-middle attacks to denial-of-service, ransomware, attacking somebody else and so on. So surveillance is an attack as any other.

The problem now stems from the fact, that in order to attack somebody, you need knowledge of insecure systems, vulnerabilities, on their part. Typically, what you use are exploits, and if they’re not published yet, they’re called zero-day-exploits. Now, as long as you don’t tell anyone, these vulnerabilities don’t get fixed. They might be found by somebody else, and published or not. As soon as they get published, they loose their value for attack. Now, during that period when you have a zero-day-exploit on your hands, you might mitigate that vulnerability on your systems. But you actually can’t mitigate them on all systems of your allies, because then the secret would go out. So you don’t. Which leads to one outfit having knowledge of vulnerabilities leaving every other outfit at risk.

In a practical example, 2013 a server was hacked, that was used by the NSA as staging system for attacks. The Shadow Brokers hack was made public only in 2016, and it turned out, the NSA had stashed a load of zero-day-exploits there, some of which were still zero-days in 2016, but the majority of them had already been made public. Now, not only illustrates this that independent researches will find these “secret” vulnerabilities eventually, but also something much more sinister: The NSA had actually put every other US-agency, including FBI and DOD, the government, critical infrastructure (including power plants, water supply and hospitals) and finally all its own citizens at risk.

With all the secret services world-wide, and often also police-units (For instance, the Zürich Police bought surveillance software from Hacking Team containing three zero-day-exploits) involved in ramping up their cyber-attack-capabilities, most often with the goal of surveillance, we can see an extreme effect on creating a market for zero-day-exploits. Where fifteen years ago no noticeable market existed at all, we now have one whose prices start at USD 40’000 and go up to USD 500’000 per exploit, as evidenced by the price-list published by Zerodium In other words, secret services and police are actively undermining the security of everyone on this planet, friend and foe alike.

The trouble is, highly technological societies are much more vulnerable to this. For guerillas, insurgents and terrorists the benefits of being able to exploit vulnerabilities is much greater, and they don’t really have to defend any friends from such attacks. So the ones that suffer the most, are the people and governments of exactly the same nations and states whose secret services and police are actively undermining their security. This is a grave situation, as most governments have not even realised what it is they have their secret services and police doing, and are actively trying to destroy their own security with initiatives that call for weakening of crypto or for government back doors. Or at least, trying to explicitly legalise these practices as seen with Switzerlands NDG, which of course will have a very much adverse effect of security.

The solution is surprisingly simple, the only impediment is, as usual, the widespread incomprehension of the problem itself. Since every vulnerability that is made public eliminates the exploitation of it for everyone, the only solution is to make every vulnerability public as soon as possible. The usual, and in fact “best practice” of the computer industry, is called “responsible disclosure”, where the manufacturer of a software or product is informed a few days or maximum weeks in advance, so he can fix the vulnerability, before the issue is made public. And in the end, it’s the only solution that will really make us more secure.

Minecraft: Item Sorting System

Sunday, May 22nd, 2016

This is not a new concept, instead it is just an implementation of a massive item sorting system in Minecraft. I already posted this on planetminecraft, but I thought it would be sensible to post it here as well.

  • Can sort up to 432 stackable items
  • Sorts out non-stackables into separate chests
  • Sorts out potions into separate chests
  • Overflow-protection, sadly, somewhat noisy
  • Filters are already pre-configured, but chests are (mostly) empty
  • The load/framedrop comes from the item frames, not the hoppers or the
    pistons
  • two manual inputs, one for items to smelt/cook, one for the rest
  • two input hoppers to connect farms
  • incorporates workspaces, brewing stands and enchanting area, and has
    some little space left for more
  • footprint 56x56x10, the schematic is a bit bigger to accomodate for
    the floor and the inputs from farms
Item Sorting System - Overview

Item Sorting System – Overview

Item Sorting System - View From The Entrance

Item Sorting System – View From The Entrance

Item Sorting System - Upper Maintenance Floor

Item Sorting System – Upper Maintenance Floor

Item Sorting System - Brewing Stands

Item Sorting System – Brewing Stands

Item Sorting System - Enchanting Area

Item Sorting System – Enchanting Area

Of course here’s

The license is CC-by-sa.

Minecraft: Silent Dropper Item Elevator

Sunday, May 22nd, 2016

This is an older design of a silent dropper item elevator. It’s not initially by me, but it could be that I modified it. Still, I think it’s one of the best designs, because:

  • silent
  • items can be inserted at any level
  • Either has a footprint of 2×9 or can be arranged in an L-shape.
Silent Dropper Item Elevators, Front

Silent Dropper Item Elevators, Front

Silent Dropper Item Elevators, Back

Silent Dropper Item Elevators, Back

It does have a problem, and that is that sometimes the dropper(s) that get fed with items can get filled up and stuck.

Anyway, here’s the schematic: