Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36
| sureanem |
Posted on 19-05-10, 18:48 in Board feature requests/suggestions
|
|
Stirrer of Shit
Post: #261 of 717 Since: 01-26-19 Last post: 1763 days Last view: 1761 days |
Posted by Kawa Are the database schemata entirely identical, then? Also, what's up with the version numbers? If I refresh the main page, the version number changes! There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
| sureanem |
Posted on 19-05-10, 19:59 in Board feature requests/suggestions
|
|
Stirrer of Shit
Post: #262 of 717 Since: 01-26-19 Last post: 1763 days Last view: 1761 days |
 Maybe you could open up the query profiler or whatever they call it and see what's going on inside. But it seems to have stopped now. So no reason to do anything, really. There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
| sureanem |
Posted on 19-05-10, 20:21 in Anticipating near future [politics]
|
|
Stirrer of Shit
Post: #263 of 717 Since: 01-26-19 Last post: 1763 days Last view: 1761 days |
Leaving the issue of countries aside for a moment, it holds true for parties. There are very few left-authoritarian parties post-Cold War, and very few right-liberal (for Americans: right-libertarian) parties since I don't know when, 19th century? So really, that's just one dimension masquerading as two. If you go to one of the leading purveyors of this claim, like politicalcompass.org, you can see this graph: https://politicalcompass.org/uk2017 It's just a straight line, and the only significant deviance is from regional parties. Russia funds both sides and doesn't have any ideological goals in doing so (anymore), just the destabilization of NATO and friends. There are also some historical reasons for it. After the fall of the Soviet Union, their handlers kept on working for the same agency, and they didn't see any reason to stop shelling out a few roubles in exchange for a quite significant influence. But I don't think you can analyze them from an ideological POV because it's fundamentally not about ideology. There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
| sureanem |
Posted on 19-05-10, 20:23 in Board feature requests/suggestions
|
|
Stirrer of Shit
Post: #264 of 717 Since: 01-26-19 Last post: 1763 days Last view: 1761 days |
Page rendered in 1.025 seconds with 27 MySQL queries. Or maybe not. There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
| sureanem |
Posted on 19-05-10, 20:29 in Anticipating near future [politics]
|
|
Stirrer of Shit
Post: #265 of 717 Since: 01-26-19 Last post: 1763 days Last view: 1761 days |
Russia is right-authoritarian, anyway. Low taxes, low spending. And the authoritarian part is hardly controversial. But their funding of parties has little to do with this. There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
| sureanem |
Posted on 19-05-10, 20:30 in Games You Played Today REVENGEANCE
|
|
Stirrer of Shit
Post: #266 of 717 Since: 01-26-19 Last post: 1763 days Last view: 1761 days |
Posted by Vladiskovwashere You can download such games from torrent websites, so I imagine our #1 modern preservation enthusiasts have got that problem solved. There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
| sureanem |
Posted on 19-05-11, 01:27 in Games You Played Today REVENGEANCE (revision 1)
|
|
Stirrer of Shit
Post: #267 of 717 Since: 01-26-19 Last post: 1763 days Last view: 1761 days |
Posted by tomman They still seem to be preserved. Then there is the issue that, just like BREW, J2ME games were mostly phone-specific. Does that hurt preservation? It seems like complaining that you have all the SNES ROMs but no emulator. You're in no hurry to perfect that adapter, as long as you have what else it takes. Gameloft's Block Breaker Deluxe 2, Glu/Sony LocoRoco Hi Those were easy to find. I'm not sure I can post links, but a quick google search for "locoroco hi" download gives you appropriate results. There's also (poorly seeded) torrents with lots of games and no organization. Try btdig, torrentz2, and rutracker/tparse. I suppose it's free to chuck a few dozen info hashes into the client and wait to see if anyone starts to download. Also, for archaic stuff, you can try archaic file sharing networks. I was able to find an user sharing just shy of 4000 .jar files, of which most (all?) seemed to be mobile games. As for the Japanese games, have you tried their file-sharing networks? They work like the old ones ("share entire downloads dir") and not like torrents ("pls seed"), right? If you wished to create such a project, you have a golden opportunity with your unique regulatory situation and all. But it seems like it's all there, if not very well organized. On the other hand, file-sharing networks fade fast, so it might be a good idea to obsessively download everything and dump it somewhere, like the Internet Archive. EDIT: As for i-mode, I found this: https://assemblergames.com/threads/project-i-mode-ezweb-to-preserve-the-dying-unpreservable.56933/ There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
| sureanem |
Posted on 19-05-11, 18:28 in Board feature requests/suggestions
|
|
Stirrer of Shit
Post: #268 of 717 Since: 01-26-19 Last post: 1763 days Last view: 1761 days |
Odd, it's not just the threads doing it. Tried to delete some PMs. First one was instant (0.006 s), second one? Page rendered in 10.985 seconds with 19 MySQL queries. Well, it remains a mystery. There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
| sureanem |
Posted on 19-05-11, 22:53 in Board feature requests/suggestions
|
|
Stirrer of Shit
Post: #269 of 717 Since: 01-26-19 Last post: 1763 days Last view: 1761 days |
How come the forum software isn't open-source? I don't mean to demand that you open it up or anything, but it'd be easier to make and accept contributions if one knew what the code looked like and could send in patches proper, than to have to bug someone else (e.g. Kawa) to implement it. It could still be copyrighted and everything, like shared-source software. There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
| sureanem |
Posted on 19-05-12, 01:03 in Games You Played Today REVENGEANCE
|
|
Stirrer of Shit
Post: #270 of 717 Since: 01-26-19 Last post: 1763 days Last view: 1761 days |
Oh, you live in Venezuela too? My condolences. But it's definitely interesting that 3.3% of the members here are Venezuelan. Yeah, probably it would be best to administer it from VE and use a Venezuelan domain, but host at least the bulk of the content elsewhere (torrent, Internet Archive). Then you could use international fiat currency (not going to suggest crypto) without having to do black market exchange, which apparently is very difficult. There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
| sureanem |
Posted on 19-05-12, 01:14 in Anticipating near future [politics]
|
|
Stirrer of Shit
Post: #271 of 717 Since: 01-26-19 Last post: 1763 days Last view: 1761 days |
I don't think it's a joke that he funds them. In his case, the reasons are a bit complicated and probably best not to discuss in polite conversation. But the goal is the same, to destabilize the host nations. Trump has given up, which was the price he had to pay for the Russia investigation people going easy on him. He did a few policy 180°'s just days before being exonerated, that couldn't possibly have been a coincidence. He'll probably try to do something closer to "generic Republican" for 2020, talking about socialism etc, and presumably lose. His only hope is China trade war, or possibly war with Iran - for the latter, he can get almost 100% backing of the political establishment, but presumably they'll want to get rid of him when they're done using him. Iran has been a geopolitical actor for long, funding Hezbollah and stuff. Russia and china going to keep their ways, paying people and showing themselves as great nations against imperialism, whilst basically doing soft imperialism/70's backyard diplomacy around the third world Yeah, I agree. In some cases they don't even bother hiding it (see: China colonizing Africa). Israel has an (almost) infinitely large source of funds, so they're not getting ruined any time soon. For them it's ostensibly self-defense, though. Somewhere between that and Manifest Destiny. There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
| sureanem |
Posted on 19-05-12, 01:20 in Board feature requests/suggestions
|
|
Stirrer of Shit
Post: #272 of 717 Since: 01-26-19 Last post: 1763 days Last view: 1761 days |
Yeah, but you said you did lots of internal changes and stuff. What about symlinking some other folder (e.g. /abxdsrc) to /bboard, then set it to not execute PHP and enable file listings? Or would that spoil secret tokens/salts? There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
| sureanem |
Posted on 19-05-12, 13:09 in Games You Played Today REVENGEANCE
|
|
Stirrer of Shit
Post: #273 of 717 Since: 01-26-19 Last post: 1763 days Last view: 1761 days |
Posted by tomman What does this mean? According to the Wikipedia page, they just include some digital signature, so an emulator could ignore this without having to crack any actual DRM. Also, didn't knew i-mode games could stop working if your phone didn't had an active service (I already expected DRM/crypto, but this is completely nuts). I DO know that Softbank locks out pretty much every cool feature on their phones (except for making calls) if they don't have an active Softbank SIM card - this is better known as "multimedia lock", ensuring that your phone only works as a PHONE (and nothing else) if you're not chained to an active phone service. Gross. I don't think this is a big issue. Data was expensive back in the day, right? So there's no need to waste it getting a key each time you want to play. So probably, what they did was just to check if the phone reported a connection, and then it would be up to the provider to lock up the phone if they wanted to. Likewise, there shouldn't be too much encryption. These were real puny CPUs, US crypto had export restrictions, and AES was only standardized in late 2001. I strongly doubt cellphone manufacturers were using what was then bleeding-edge military-grade crypto without hardware acceleration. If anything, maybe DES (56-bit), RC4 (40-bit), or something weaker (40-bit, presumably). Perhaps even home-rolled. So the only issue ought to be preserving the .jars, the rest can come later. Also, far from all of them did this: Some games needed a Web connection but most were stored on the phone or SD card and could work just fine without any network. The problem with Japanese phones of that time is while they were years ahead of the West they became nothing more than a paper weight once the phone contract had ended. They just lock up. You can't even use the camera, TV or radio on them. The only thing that works is the clock and alarm. (emphasis added) According to the thread, there's commercial emulation of some of the games ("Appli Archives") for PSM and PS Vita. So you can just get those through the, uh, conventional channels. And you can back up encrypted versions of the phone storage ".sb1" files. You have Perfect Dark, right? Try searching for .sb1 and see if you find anything but porn. Otherwise you could ask on 5ch for someone to share a backup if you speak Japanese. See https://www.nttdocomo.co.jp/english/binary/pdf/support/trouble/manual/download/sh06a/SH-06A_E_16.pdf for more information about folder structure. (pg. 27/345) http://midorigame-ferret.cocolog-nifty.com/blog/2018/03/docomo-f0b7.html - some notes http://fj800511.la.coocan.jp/docomo/index.htm - this guy tried to reverse engineer it, I think maybe contact him at  , if you're luckyThere was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
| sureanem |
Posted on 19-05-12, 13:35 in Games You Played Today REVENGEANCE
|
|
Stirrer of Shit
Post: #274 of 717 Since: 01-26-19 Last post: 1763 days Last view: 1761 days |
http://www.4centity.com/document.aspx?doc=a6d3ab2d-fe8b-41e3-bb30-02101ca53276 - this might be what they use for DRM - filenames ("SD_BIND") match, but some other details of their filesystem don't. They seem to use some magic SD card stuff though, which matches up with the details in the threadThe encryption algorithm is C2_ECBC (the C2 cipher algorithm in C-CBC mode) The decryption algorithm is C2_DCBC (the C2 cipher algorithm in C-CBC mode) https://en.wikipedia.org/wiki/Cryptomeria_cipher It uses 56-bit keys, but mystery meat S-boxes. Can be cracked, anyway. So the important thing would be to secure the backups. There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
| sureanem |
Posted on 19-05-12, 14:03 in Games You Played Today REVENGEANCE
|
|
Stirrer of Shit
Post: #275 of 717 Since: 01-26-19 Last post: 1763 days Last view: 1761 days |
https://www11.atwiki.jp/gundamwar/pages/749.html Here you can find some .sb1 files. There's a short header, then zeroes, then the encrypted content starts at offset 0x1000 (4096). Ent says it's random, so I'm pretty sure it's encrypted and not, say, compressed. Not sure about what's going on at the end. Because the header always starts at the same offset, but the size of the encrypted chunk isn't an integer number of blocks. There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
| sureanem |
Posted on 19-05-12, 15:21 in Cellphone software preservation
|
|
Stirrer of Shit
Post: #276 of 717 Since: 01-26-19 Last post: 1763 days Last view: 1761 days |
-If the encryption block is 8 bytes or more, the encryption block is encrypted using C-CBC mode. The last residual block, if it is less than 8 bytes, is not encrypted Well, that settles that. I'm not sure if they're using 64-bit blocks (most likely) or 64-byte blocks (512-bit blocks), which seems completely absurd but is what the standard explicitly says: The size X of each encryption block other than last encryption block is calculated by the following formula referring to the Encryption Block Size Factor E. The specification is poorly written, but what I think they're using is "Encrypted object file (with unencrypted header) with residual data block (N=X*n+m+q, m<X, m=8*p, q<8)" (Table 3-7). I can't find anything about the header format, though. Maybe that's for the underlying application to decide. I think so, based on the following passage: * If the header part exists, the Unencrypted Header Size Factor H of the optional unencrypted header shall be specified in the corresponding Title Key & Usage Rule Entry of the encrypted object file and shall be used to decrypt the encrypted SD-Binding object file. The size Y of the optional unencrypted header is calculated by the following formula: In other words, the Japanese encrypted cell phone backups might be completely different. But it should still be C2, so you could bruteforce it with a modern computer. That's the only way, unless you find some other flaw (e.g. how to read the protected area on an SD card) There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
| sureanem |
Posted on 19-05-12, 16:03 in Cellphone software preservation
|
|
Stirrer of Shit
Post: #277 of 717 Since: 01-26-19 Last post: 1763 days Last view: 1761 days |
Posted by tomman The crypto in itself should be relatively easy to crack (in theory, just implementation work), but the format is otherwise undocumented. Also, .sb1 files aren't self-contained. They store the actual keys in the "protected area" of the SD card, which in turn requires some special sauce to access. Essentially, you can issue the read and write commands freely, but: Posted by http://read.pudn.com/downloads188/ebook/881633/SD%203.0/Part_3_Security_Specification_Ver3.00_Final_090612.pdf
There is no 3.2.1. There is however a 3.4.1. There, it says that you pass a challenge from the card and the "Media Unique Key" into something called C2_G to pass the SD card's authentication. How do you get the Media Unique Key? Easy, you pass the Media Key and the Media ID into C2_G. What is the Media ID? Not sure, but you can get it from the SD card. I don't think it's supposed to be secret. And what is the Media Key? Easy, you just process the MKB (Media Key Block, public) with the Device Key. How do you process it? You pass the applicable Device Key and MKB into Process_MKB, which is defined in Chapter 3 of "Content Protection for Prerecorded Media Specification: Introduction and Common Cryptographic Elements". And that's just C2 decryption and some parsing. Since C2 decryption is broken, you should be able to get the applicable Device Key (number 11), and then make quick work of the SD card dumping. You'd distribute a pre-packaged application that decrypts any SD card with backups on it you insert. On Linux, you can send raw commands, no idea about Windows but I'd think so. But it seems much easier to just brute force the ultimate encryption key whenever you want to decrypt a backup than to re-implement some half-baked Japanese DRM scheme. It also makes it easier to dump ('copy this file and upload', vs 'download this program, run it, insert SD, upload the file it saves'), which should be a priority given the lack of enthusiasm they have for preservation. There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
| sureanem |
Posted on 19-05-12, 17:13 in Cellphone software preservation (revision 4)
|
|
Stirrer of Shit
Post: #278 of 717 Since: 01-26-19 Last post: 1763 days Last view: 1761 days |
Here's all the specifications: http://www.4centity.com/specification.aspx The 2008 paper needs arbitrary keys to work, so not applicable. The 2009 paper's third attack (Key and S-box recovery with chosen ciphertext attack) is what I'm talking about. But it'd be a lot of implementation work, that's for sure. EDIT: No, you need to need to get it to decrypt a specific encrypted blob. There's no checksum or anything, so that should be easy, but you need to dump it out of the phone somehow too. Which requires exploits, I presume. Or maybe you can sideload arbitrary J2ME apps onto it as well that can read e.g. camera videos? EDIT 2: I don't see anything about rate limiting in the SD card spec, so maybe you could brute force the MUK, and then work your way backwards to EDIT 3: If it's not rate-limited, you could brute force K_mu by first accepting the SD card's challenge, then trying to verify a constant/random value. If it succeeds, you know that C2_G(K_mu, chall) == your guess. Then you can brute force K_mu offline. But we can't actually do anything just by knowing K_mu, because we don't have the S-box. And we can't brute-force this, because the S-box is 2048 bits. If we could encrypt with an arbitrary key, we could recover the S-box that way, but just known key doesn't really seem to be useful. There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
| sureanem |
Posted on 19-05-12, 20:35 in Cellphone software preservation
|
|
Stirrer of Shit
Post: #279 of 717 Since: 01-26-19 Last post: 1763 days Last view: 1761 days |
It's even worse than I thought:
So that, too, requires the S-box. And apparently, the flowchart is lying. Because the SD card wants you to go first, only then will it authenticate itself to you. So you can't use that to make it compute C2_G(arbitrary, K_mu) for you without you yourself being able to already do that. Maybe you could craft a fake SD card that tries to bait the accessing device into doing it or do MITM, but that's just theoretical. Also, it doesn't actually return C2_D of anything, it returns C2_G. So you don't have a decryption oracle either. If you had either an encryption or decryption oracle, you could recover the S-box which makes everything else more or less trivial. Also, yay, more contradictions:
However, elsewhere in the standard it says the Media Key is derived from the MKB. That sounds more reasonable, though. Looking on the bright side, there is one thing: The reference implementation (see "C2 Block Cipher Specification, Revision 1.0, January 1, 2003") is written in C, so most likely it's stored in software/NAND and not burned into a chip. In other words, it's at least theoretically possible to extract it without decap. At any rate, one would need to reverse engineer Japanese phones. Is it possible to download firmware updates from somewhere other than OTA? There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
| sureanem |
Posted on 19-05-12, 23:54 in Cellphone software preservation (revision 1)
|
|
Stirrer of Shit
Post: #280 of 717 Since: 01-26-19 Last post: 1763 days Last view: 1761 days |
It's not for playing games. That is, unless it's hidden in a TPM, or on a lower level than the firmware update can encompass, or in whatever microcontroller interacts with the SD card, or the firmware is encrypted with yet another key, etc. S-box inside SD microcontroller seems likely, but I would think that the OS needs it too, since the backups seem to be done with awareness of individual apps and so. EDIT: Whoops, my reading comprehension isn't the best. But yeah, it's definitely worth a shot, so please upload them somewhere. There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this. |
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36
