bmbaker.net

You Are Here >> bmbaker.net

Sick All Weekend

Sunday, 24 January 2010 13:14 | Written by Blaine |

Hey folks,

No big useful article this week. I'm still sick and when I'm not eating or sleeping I'm trying to fix work-related problems remotely. However, I will make mention of this game you should try out called VVVVVV (aka "the letter V six times", but I just say veeveeveeveeveevee). It's awesome and you should play it. I think it's better than Portal, personally. Here is a gameplay video:

If you find some spare time, you should try it out and let me know what you think.

Add new comment

Anti-Virus 101 - The 7 Rules

Sunday, 17 January 2010 19:36 | Written by Blaine |

The Quick and Dirty Guide to Anti-Virus

People ask me from time to time about computer viruses, usually after they get infected or someone they know gets infected. If you're reading this, you may even suspect this article is about you, but I get this a lot so I figure I should put this out there in plain terms. First, I will cast my net a bit wider and collectively refer to viruses, trojans, adware, malware, and worms as simply "threats". From an information security perspective, and to keep things simple, I will not delve into the nitty gritty differences between the individual threats, and we will proceed assuming that no threat is tolerable and they should all be stopped.

Most of the time, people are very concerned with the hows and whats of a threat and how to protect against it, but it is very important to understand why threats exist. Often times people see TV shows or movies that feature threats and think that someone they know is out to find all their embarrassing pictures they keep in My Documents and post them online. That might be something you have to worry about with Geek Squad, but usually not threats, and the reason is because there is no money in it. Here is a picture to illustrate the concept:

Writing and distributing a properly-functioning threat is risky, difficult and time-consuming, and like any other kind of hard work a person expects a decent payoff for his efforts. As such, most threats are after money - yours or someone else's, and in order to get yours it has to either trick you into giving your money away, find existing banking passwords or credit card numbers you may have saved in a file, or sit quietly and wait for you to type your passwords to banking accounts, merchant accounts, PayPal et cetera. You may be asking yourself at this point how a threat on your computer could be after someone else's money. You may also have wondered at some point how spammers manage to send out millions of marketing e-mails a day without their internet providers batting an eyelash. The answer to both questions is the same - spammers either create or rent out botnets - networks of thousands of remotely controllable computers that have been infected by a threat which "zombifies" the system, which apart from being used as a spam factory behaves entirely normally and the owner is none the wiser. In fact, it was estimated in 2007 that up to 25% of all personal computers are members of a botnet. I personally think that number is a bit high even by 2010 standards, but the point is that it's a serious consideration.

Now that you understand a bit more clearly why someone would be interested in infecting your computer with a threat, I will discuss the first line of defense - you, the user. Programs that prevent and defeat threats are helpful, and keeping them updated helps prevent against recent threats, but the best defense system in your possession is the one between your ears. Without it, your index finger will betray you.

Step 1: Do not abuse Administrative permissions

About 90% of you are breaking this rule right now. UNIX, Linux, and Mac OSX (to a lesser extent) mercilessly enforce this rule. Windows doesn't force this on you, and Windows Vista and 7, like Mac OSX, half-heartedly attempts it with a feature called User Account Control, but this is something you need to put effort in yourself. When you use a user account with admin rights, any program you run (including threats) has full access to do whatever it wants to your computer, whether or not you meant to open it in the first place. Here is what you need to do:

a. Click the Start Button, then click Control Panel (in XP, Settings -> Control Panel).

b. Open the User Accounts control panel.

c. Click Manage Another Account (in XP, skip this step).

d. Click Create a new account

e. Type a name you would like for your new administrative account. It is safest to leave "admin" out of the name (in XP, click Next).

f. Click the "Administrator" radio button.

g. Click Create Account.

h. Click the new account you just created.

i. Click create a password.

j. Create a strong password for your admin account (in XP, click "Change another account" after doing this).

k. Click on your own user account.

l. Click Change the account type.

m. Click the "Standard user" (in XP, "Limited user") radio button and click Change Account Type.

n. Restart your PC.

Whenever you want to install a program (which shouldn't happen that often), log off your normal user and log in as your administrator account. Once in a while this will be inconvenient, but not nearly as inconvenient as having to back up all of your data, reformat your PC, and start everything from scratch because you were careless.

Step 2: Do not let your software get outdated

Vulnerabilities are often found in popular software such as Windows, Internet Explorer, Microsoft Office, and Adobe Acrobat. Most programs also have automatic update features. These features are annoying and you may be tempted to disable them. Make sure you go and check every application you install for an automatic update feature, and turn it on.

Step 3: Do not browse irresponsibly

It is possible, though unlikely if you are keeping your browsers up-to-date, that a site will exploit a weakness in your web browser in order to install something without your consent. Following Step 1 will prevent you from installing something you can't get rid of. Following Step 2 will reduce the possibility of your browser being exploited in the first place. However, you should take care about where you're browsing to and how you're doing it. The seedier places on the web frequently house the most effective and well-written threats, and take advantage of your impatience and your need to find free whatever-it-is-you're-looking-for to infect you (fake video codecs or programs are one such trick). If you are going to browse to unfamiliar or possibly dangerous websites, use an application to create a sandbox for your web browser. Sandboxie in particular makes this very easy to do. Anything you run inside the sandbox cannot affect anything outside the sandbox. This can also be used to test new programs or websites you don't trust.

Step 4: Do not fail to recognize fake windows

When web browsing, often you will see advertisements that are either designed to look like windows from Windows, or a JavaScript error prompt that pretends to be a warning from Windows that you've contracted X,Y, and Z problems and you absolutely have to download SUPER WIN DEFENDER or some such nonsense to resolve the situation, which will subsequently infect you and extort you for money to "update" or "activate" the program. Very often these alerts will use alarming language and scare tactics to try to get you to install something without thinking it through. Perform a visual "sanity check" on the message, looking for grammatical and spelling errors or the names of software not made by Microsoft. Check the coloring, border and buttons on the window to see if they are consistent with your other open windows, and look for the telltale sign of two X buttons near one another. Full-fledged windows (with task panels, drives and features) do not simply just pop up in Windows. When in doubt, press the ESC key to cancel out of alert windows, and if that does not close them then hold ALT on your keyboard and press F4 to close any windows without clicking on the "X" (which could actually just be part of the picture intended to trick you). With ALT+F4, there are no mistakes in closing windows.

Step 5: Do not open e-mail attachments

If you've heard any advice about threats, it has probably been this step. Do not download attachments from e-mail. If someone you know personally sends you an attachment, evaluate it this way:

* Did I ask for this person to send me an attachment?

* Does the body of the e-mail mention the attachment at all?

* Does this e-mail look like it was written by the person who sent it?

If the answer to all of the questions is Yes, then chances are it's safe. If the answer to ANY of the questions is no, it would be safest to ask the person through a different means (phone call, instant messaging, but not e-mail) if they really sent it. If you do not know the person who sent the e-mail, do not open the attachment. Easy!

Step 6: Protect yourself

Install a very limited set of applications to protect yourself, for the sake of simplicity and keeping your computer running fast. You should only ever have *ONE* anti-virus program installed, as multiple anti-virus programs will conflict with one another. I recommend Symantec business products such as Symantec Endpoint Protection, but I would shy away from the Norton-branded applications due to their excessive resource consumption. I also recommending only having *ONE* firewall application, as multiple firewalls are unnecessary and confusing to figure out which one is blocking something you don't want blocked. Windows Firewall is free, perfectly capable and well-supported, so if you aren't using Symantec Endpoint Protection. If you have followed the previous steps, additional protection should not be needed, but if you're paranoid then I would recommend using MalwareBytes' Anti-Malware to check yourself out once in a while, and if you suspect you might have something nasty you will want to use HiJack This to prepare a log of what you did to yourself and visit the help forums at BleepingComputer http://www.bleepingcomputer.com/forums/forum22.html. If it were me, though, I'd reformat and start from scratch unless it was something *VERY* minor. These things have a way of coming back after they've been "removed".

Step 7: Re-educate yourself

Computers and the Internet change very fast. So, too, do threats and countermeasures. It is a good idea to subscribe to a security blog, follow @symantec on Twitter, or once in a while look for articles on new trends in threats. Keeping up to date on how and why people are exploiting weaknesses in systems will prevent you from having to deal with the consequences, whether they be minor inconvenience or identity theft.

And who knows, yomight just save the world.

The Club

Writing and distributing a properly-functioning threat is risky, difficult and time-consuming, and like any other kind of hard work a person expects a decent payoff for his efforts. As such, most threats are after money - yours or someone else's, and in order to get yours it has to either trick you into giving your money away, find existing banking passwords or credit card numbers you may have saved in a file, or sit quietly and wait for you to type your passwords to banking accounts, merchant accounts, PayPal et cetera. You may be asking yourself at this point how a threat on your computer could be after someone else's money. You may also have wondered at some point how spammers manage to send out millions of marketing e-mails a day without their internet providers batting an eyelash. The answer to both questions is the same - spammers either create or rent out botnets, which are groups of thousands of regular computers that have been silently taken control of by a threat. The computers go on to act as an assembly line of sorts to send out spam, flood targeted websites with requests to take them down, or a number of possible Bad Guy things, while otherwise the computers behave entirely normally and their owners are none the wiser. In fact, it was estimated in 2007 that up to 25% of all personal computers are members of a botnet. I personally think that number is a bit high even by 2010 standards, but the point is that it's a serious consideration.

Retro Show & Tell - Daggerfall

Tuesday, 12 January 2010 01:33 | Written by Blaine |

The Elder Scrolls is a video game series spanning generations of PC and gaming consoles.

Beginning with The Elder Scrolls: Arena in 1994, several games have been created for the series,

some notable and others not so much. Personally, I have put probably 100-150 hours in the

numbered games of the series, excepting Arena itself. The Elder Scrolls II: Daggerfall, released

in 1996, to me represents the peak of the series, and in many ways the peak of immersive RPG

gaming. I just picked up the game again recently and decided to write a bit about it for those

who may be unfamiliar with the series or only took notice when it hit the consoles.

--readmore--

The basic idea of the game is that you start, D&D style, creating your player character from a

variety of playable races. You answer questions that determine your experiences as a youth, which

in turn decide what type of skills and strengths you have. You also choose a birthsign that

provides its own unique bonuses and drawbacks. For those who are familiar with games in the

series or RPG games in general, it is also possible to manually pick and choose skills and roll

for stat points. You begin the game in a notoriously difficult starter dungeon, and once you are

finally out you are no longer playing the same game as anyone else - the immense open world is

yours to explore any way you want, whichever way best suits your character.

Daggerfall is simply massive, with over 62,000 square miles of territory - compared to TES3:

Morrowind's 10 square miles and TES4: Oblivion's 16 square miles. It takes many hours to cross

from one side of the world to the other. The scope of the game is only possible due to random

generation of dungeons and locations, which can cause problems with nonsensical dungeons once in

a while. I find this to simply be a sign of the game being ahead of its time and lacking the

resources necessary to make the world the developers set out to create. There are over 20

factions your character can join and perform quests for, and each has political interconnectivity

with the others (some quests might pit members of one guild against another, and if you are a

member of both your reputation will raise/lower accordingly if you've wronged your allies). There

is just a ridiculous amount of depth in this game, including advanced crafting systems,

spellmaking, a full calendar with holidays, law and order, a banking system, religion, and tons

of secrets. To further steep the player in the lore of the world, there are many places one can

go to read books in-game about the places and history of the world, including "fictional" tales

and legends - all of which are *very* well-written. The Imperial Library is a website that

provides the in-game written materials throughout The Elder Scrolls series as well as synopses of

the games' plots, so even if you are only interested in the new games (because maybe you're a

wuss) that site provides some excellent reading material to soak up the game experience without

having to put 100 hours into your Daggerfall guy (again, wuss).

If you've heard of Daggerfall at all, you are probably familiar with some of its shortcomings.

The game's graphics are dated and not pretty to look at, although they were revolutionary and

totally awesome when they came out. With the latest (213) patch applied, the game can be very

buggy. Back when the game came out, many people used all kinds of various boot disks and

utilities to squeeze out extra memory for DOS games and programs, and Daggerfall tended to hate

all of this. Fortunately, these days it is possible and recommended to use a DOS emulator for

Windows called DosBox. With DosBox I am able to play Daggerfall as it is intended in its native

environment, except on a 46" HDTV with a PS3 Logitech Mediaboard Pro (which is now my preferred

way to play it). As a matter of fact, Daggerfall runs far better on an emulator than it did on -

eXu-'s Pentium 75 because it is not required to perform a lot of the hacking about that was

required in those old days. However, it is still buggy and it WILL crash on you. If you decide to

pick up Daggerfall, save a LOT, especially before starting quests. Before you quit the game,

save, then move outside or to a different location and save there also. Once in a while you

should back up the savegame folders in case one or more of them corrupts, which can happen from

time to time. Here is a guide on the care and feeding of Daggerfall and how to avoid these

issues.

Chances are if you're still reading the article I have sold you on how great Daggerfall is.

Luckily, the game is totally legitimately free, and available for download here. Read

Installation / First Time Config

1. Download DosBox from here http://prdownloads.sourceforge.net/dosbox/DOSBox0.73-win32-

installer.exe?download and install it.

2. Create a folder for your DOS filesystem. I usually make it something like "C:\Program Files

\Games\DosBox".

3. Inside your DOS filesystem folder, create a folder called DAGGER. Following my example, it

would be "C:\Program Files\Games\DosBox\DAGGER".

4. Inside the DAGGER folder, create folders called SAVE0, SAVE1, SAVE2, SAVE3, SAVE4, and SAVE5.

5. Download Daggerfall from http://www.elderscrolls.com/downloads/download-legal-daggerfall.php .

6. Extract DFInstall.zip. You will have two folders - one called DAGGER and the other called

DFCD.

7. Inside the DAGGER folder is a single file, DAG213.EXE. Copy this file to the DAGGER folder you

created in step 3.

8. Inside the DFCD folder is another folder called DAGGER. Open the DFCD\DAGGER folder and copy

everything inside it to the DAGGER folder you created in step 3.

9. Inside the DFCD folder is a folder called DATA. Open the DFCD\DATA folder and copy everything

inside it to the DAGGER folder you created in step 3.

10. Inside the DFCD folder are three INSTALL files - INSTALL.EXE, INSTALL.SCR, and INSTALL.PIF

(in Windows it just says INSTALL and has a shortcut arrow on the icon). Copy these files to the

DAGGER folder you created in step 3.

10. Download DAGFIXES.ZIP from me.

11. Extract DAGFIXES.ZIP. There will be three files inside.

12. Copy Z.CFG to the DAGGER folder you created in step 3. The other two files, you will copy to

the ARENA2 folder which is inside the DAGGER folder you created in step 3.

13. Open DosBox.

14. Type in this command and then press the ENTER key: quotebox mount c "C:\Program Files\Games

\DosBox" (or whichever folder you chose). If you typed the path correctly, you will be informed

that the drive has been mounted.

15. Type c: and hit ENTER, then type cd DAGGER and hit ENTER. Type setup and hit ENTER.

16. Press the down arrow to choose "Select Digital" and hit ENTER. Arrow down to Sound Blaster

16/AWE32 and hit ENTER. Hit ENTER four more times to accept the defaults and test the setting.

Press the right arrow to OK and hit ENTER.

17. Press the down arrow to choose "Select MIDI" and hit ENTER. Arrow down to MPU-401 (in my

opinion sounds better than the Sound Blaster 16 setting) and hit ENTER twice (or three times if

you want to hear the sample). Arrow down to OK and hit ENTER.

18. Arrow down to OK and hit ENTER, then hit ENTER again to save the settings.

19. Type DAG213.EXE and hit ENTER. When prompted to update, press Y. You will be prompted again

to press Y to patch a different problem. Press Y.

20. Type c:\dagger\fall.exe z.cfg and hit ENTER to load the game. If you type DAGGER, as the

patcher tells you to, it will ask for the game CD to be inserted and won't work properly.

21. Press and hold the ALT key and then press the ENTER key to make the game full-screen. This is

necessary for the mouse input to work properly.

Playing the Game

1. Open DosBox.

2. Type in this command and then press the ENTER key: quotebox mount c "C:\Program Files\Games

\DosBox" (or whichever folder you chose). If you typed the path correctly, you will be informed

that the drive has been mounted.

3. Type c: and hit ENTER, then type cd DAGGER and hit ENTER. Type fall.exe z.cfg and hit ENTER.

4. Press and hold the ALT key and then press the ENTER key to make the game full-screen. This is

necessary for the mouse input to work properly.

Welcome to Retro Show & Tell, the feature where I pick out an old game and opine about it and its impact on me. The first RS&T will be a positive take on one of the most amazing PC games ever created, The Elder Scrolls II: Daggerfall.

The Elder Scrolls is a video game series spanning generations of PC and gaming consoles. Beginning with The Elder Scrolls: Arena in 1994, several games have been created for the series, some notable and others not so much. Personally, I have put probably 100-150 hours in each of the numbered games of the series, excepting Arena itself. The Elder Scrolls II: Daggerfall, released in 1996, to me represents the peak of the series, and in many ways the peak of immersive RPG gaming. I just picked up the game again recently and decided to write a bit about it for those who may be unfamiliar with the series or only took notice when it hit the consoles.

Hope For The Future?

Thursday, 07 January 2010 18:18 | Written by Blaine |

One of the things that I had set out to do during my new year's weekend off was to complete Demon's Souls, a PS3 exclusive for which I have been singing praises to anyone who will listen. I accomplished that goal, and because it's the kind of game it is, I found myself playing an hour or so into New Game+, the much harder "second quest" playthrough that Demon's Souls dumps you into after you're done (think The Legend of Zelda for NES).

Fast-forward to the present. In the process for getting my blog back up and running, I went to Gamespot to show Jaana what I was thinking about for my site header to replace my placeholder. If you haven't seen it, it's the Flash-based frontpage that runs a brief slideshow based on recent/featured articles. The content management system that is the framework for my site is very extensible and I was pretty sure I could find something to accomplish this goal.

GameSpot Game of the Year 2009 Before I closed my Gamespot tab, I saw something that caught my eye. The Game of the Year banner for 2009 featured a lot of the characters from various games one might have expected to see - The Joker (from Batman: Arkham Asylum), Ezio (from Assassin's Creed II), Nathan Drake (Uncharted 2: Among Thieves), and some others. To my surprise, I also saw a standard set of fluted armor there and thought "Wow, Demon's Souls was in the running for game of the year? That's nice of Gamespot to throw them a bone like that when surely one of those other AAA games with massive marketing coverage won."

I watched their GOTY announcement video and was floored.

My Touch Pro 2 Custom ROM Experience

Friday, 08 January 2010 07:53 | Written by Blaine |

For a few months now, I've been using the HTC Rhodium (aka Touch Pro 2, Tilt 2) on the Sprint CDMA network. It is a few generations more current than my previous device, the HTC Titan (aka Mogul), and has already been surpassed by the HTC Leo (aka HD2). My Sprint-branded model has a 528Mhz CPU and pretends to have 512MB memory, although only ~184 of that is actually used for applications and the rest is storage, which is pretty useless on a device with a microSD card reader. The stock Sprint ROM (software configuration) is Windows Mobile 6.1 coupled with HTC's TouchFlo 3D (aka Manila 2.1) interface. I've never been one to leave well enough alone, so I was eagerly awaiting the HardSPL Unlocker for Rhodium_W (the CDMA model for carriers like Verizon and Sprint). It finally came out and I was able to start looking for new ROMs to try on it.