Create an Account
username: password:
  MemeStreams Logo

Creative Destruction


Picture of Abaddon
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Abaddon's topics
  Tech Industry
  Telecom Industry
Current Events
  War on Terrorism
  Nano Tech
  Politics and Law
   Civil Liberties
    Internet Civil Liberties
   Intellectual Property
   Computer Security
   Computer Networking
   Software Development
  High Tech Developments

support us

Get MemeStreams Stuff!

Current Topic: Computers

YouTube - Don't Copy That Floppy (HIGH QUALITY version!)
Topic: Computers 4:18 pm EDT, Apr  3, 2007

Its ashame piracy ended the Gaming Industry in the 80's. It makes me wonder what could have been.
PS. I think public service style rap might be the worst music ever made.

[ Stunning. I never saw the whole thing before. Sooo bad.

By the way, did you hear the guy say it could take AS MANY AS 20 or 30 people to make a game! 20 or 30! What is it these days, 20 times that? I love old tech references. -k]

that was great, you catch the never winter nights guys?

also that sounded a bit like the amen break there for a bit, anyone wanna bet they didnt pay royalties to The Winstons for that one?

YouTube - Don't Copy That Floppy (HIGH QUALITY version!)

Advanced binary analysis of CherryOS: proof of theft
Topic: Computers 7:39 pm EST, Mar 30, 2005

just incase anyone didn't believe them already here goes the analysis (I do this sort of thing for a living) first off CherryOS.exe is what we call in the security industry "packed", that means that they have taken a compiled binary and run it through an obfuscator to make it hard to reverse engineer (or at least with hard if all you're doing is strings)...this is common for virus writers, worm writers, 31337 bot net kiddies, and on the legitimate side, game developers do this a lot...its not very common among the commercial (or free) legitimate software market (mostly because it doesn't work and doesn't do any good) so, the easiest way to defeat the packing is simply to let it start up (this one has several annoying checks for debuggers so its easiest to just attach after its loaded)...

the eula for this thing says its a violation to reverse engineer it, but if you do disassemble it you find they never had the rights to license it in the first place, so I don't feel worried to put this here...

if you want to follow along I downloaded a trial copy of CherryOS this morning and I got the latest version of pearpc as of this morning off of sourceforge (not from cvs, just the tarball), I am using windows XP with Interactive Disassembler (IDA)... goes:

so the first thing we want to do is find some strings which are common to both, they will not in and of themselves give you the answer you're looking for but they will give us a good starting point, we will then use these to get a context on the code that uses these strings, we will then compare the functions (or in this case class methods) to see if they are similar (or in this case identical)

so, example number one lets look at something in the cpu emulation code (because that is the heart of the code)

direct your editor to cpu/cpu_jitc_x86/ line 465 you will see the following small function

extern "C" void FASTCALL jitc_error_program(uint32 a, uint32 b) {
if (a != 0x00020000) { // Filter out trap exceptions, no need to report them
ht_printf("JITC Warning: program exception: %08x %08x\n", a, b);

first lets see if we can find the format string "JITC Warning: program exception: %08x %08x\n" somewhere in the core memory image of CherryOS

now if you're using IDA attach to an already running CherryOs.exe (not to be confused with mainCherryOs.exe) and regenerate strings or do a direct string search, and search for this exact string...

you will find it in the text segment located at the fact that it exists alone is almost enough to pass summary judgment, but lets keep going so its painfully obvious...

in cherryos.exe at .text:0040E8C0 you will see a reference to the format string from pearpc the disassembled function at this address looks like this (don't worry details will be explained in a bit)

.text:0040E8C0 sub esp, 0Ch
.text:0040E8C3 cmp ... [ Read More (1.6k in body) ]

The Aggregate
Topic: Computers 11:11 am EST, Feb 24, 2004

] The Aggregate refers to a collection of researchers and
] the technologies that they use to make the components of
] a parallel computer work better together. Since before
] our first Linux PC work in the PAPERS project, we have
] been considering all aspects of Compilers, Hardware
] Architectures, and Operating Systems (KAOS) together,
] optimizing system performance rather than performance of
] the individual parts. The only aspect of our computer
] system designs that is set in stone is our name.

looks pretty cool...


The Aggregate

Mac OS X 10.3 — the definitive Panther review
Topic: Computers 5:43 pm EST, Nov 10, 2003

It's strange to have gone from years of uncertainty and vaporware to a steady annual supply of major new operating system releases from Apple. But some important questions quickly follow. Do I really want to pay $129 every year for the next version of Mac OS X? Worse, do I really want to deal with the inevitable upgrade hassles and 10.x.0 release bugs every single year? Just as the 10.2.x code base was finally settling down (the botched 10.2.8 release notwithstanding), the Mac community is asked to start all over again with 10.3.0.

Mac OS X 10.3 — the definitive Panther review

Powered By Industrial Memetics