On DRM And The Future of PC Games

Much has been made in the last couple of days of the fact that warez scene group Skidrow have “cracked” Ubisoft’s Assassin’s Creed 2, however, this isn’t really a crack of the DRM at all, it simply internalises the server emulation that non-scene groups had already put together so it’s not as much hassle to play.

That said, ultimately you can’t crack Ubisoft’s new DRM any more than you can “crack” World of Warcraft; they are serving parts of the game from their servers and unless you either obtain a copy of that data and emulate the server (which isn’t really a crack) you can’t get around it. It’s not as simple as just bypassing a CD check or setting a function to always return true, they’re actually shipping a partial game and as long as their customers will bear it (although given their awful server uptime they’re not helping themselves out) they’ll keep doing it and probably push it even further.

Once games move into the SAAS realm you can say goodbye to owning *any* part of a game you “buy” as all you’ll have is the MMO-esque client application and everything else will be delivered over the wire, doubtless with “Premium” subscriptions available if you want priority access to the game servers to minimize lag & waiting time before you can play.

I think we can all agree that this is a really bad place for PC games to be headed.

Get failed sshd logons from Windows Eventlog Part 2

In answer to my question about a more efficient means of filtering by timestamp with FilterXPath, I’ve worked out how to do it “properly”; it’s not as fast as I was hoping, but it’s still taken the execution time down from 20 to 2 minutes so I can’t complain too much. I’ve also modded the script to deal with cases where Password Authentication is disabled and so you don’t get “Failed Password” events logged, just “Invalid User” or “No supported authentication methods available” instead.

The time value for comparison is in milliseconds, so 604800000 for 7 days, 86400000 for 24 hours, etc.

#sshd failed logon attempt finder
#Adam Beardwood 12/02/2010
#v1.0 - Initial Release
#v1.1 - Dramatically improved event gathering speed and added handling for non-password authentication failures
 
#Get all SSH events from the last 7 days from the Application eventlog (this may take some time)
$events = Get-WinEvent -LogName Application -FilterXPath "*[System[Provider[@Name='sshd'] and TimeCreated[timediff(@SystemTime) <= 604800000]]]"
 
#Create array to store IPs
$ips = @()
 
foreach($event in $events){
	#Convert the event data to XML so we can access the EventData (Otherwise there's no way to access the event message contents with "unregistered" eventids)
	$event = [xml]$event.ToXml()
	#Thin the herd a little and only process useful messages
	if($event.Event.EventData.Data.Contains("Invalid user") -or $event.Event.EventData.Data.Contains("Failed Password") -or $event.Event.EventData.Data.Contains("No supported authentication methods available")){
 
	#Do regex search of the message data for IP addresses and if found, add them to the $ips array
	$ip = $event.Event.EventData.Data
	$regex = [regex]"\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}"
	$ip = $($($regex.matches($ip)).Captures).Value
	$ips = $ips + $ip
	}
}
 
$date = get-date -Format yyyy-MM-dd
$file = new-item -type file "SSHLog-$date.txt" -force
 
add-content $file $($ips | select -uniq)

Just Cause 2 – Mini Review

Just Cause 2
A Quiet Day On Panau

You know a game is doing something right when it has you giggling with glee like a small child: The very first mission of Just Cause 2 sees you fleeing a horde of soldiers in Jeeps across a bridge while standing atop a speeding car. Now, you could just shoot at them, or you could use your New And Improved™ grappling hook to attach them to the bridge’s support struts, pinging them acrobatically over the edge and into the sea below.

The game is all about Chaos, specifically causing as much of it as you can in order to destabilise the government of Panau, a south pacific island cluster with an improbable number of airports and military installations. You achieve this largely by shooting at things, blowing things up, shooting at things to blow them up or crashing things into other things to blow them up. There are over 100 unique vehicles in the game and a decent number of different weapons to get you started and you can call on additional weapon & vehicle drops from the mysteriously well armed Sloth Demon at any time.

Players of the first Just Cause will be familiar with the grappling hook and parachute combo, which allow you to pull off the ludicrous stunts that make the game so enjoyable, and the sequel has made a number of improvements; firstly there’s the aforementioned double-grapple which allows you to tether any two objects to each other (man and car, man and gas canister, man and helicopter, man and other man, etc), then there’s the ability to use the grapple & parachute together as a form of (rather slow) transportation, latching onto nearby scenery to pull yourself along.

There is a main storyline to follow, but with only 7 missions from start to finish it’s not exactly an epic; that said, there are literally hundreds of side missions, races, collections, explorations and the like, not to mention the Steam Achievements and as with the first game, the fun really comes from the massive sandbox that you have to play with. Who needs a story when you can sneak into a military base, blow up a 100ft broadcast antenna with high explosives then, when a gunship turns up, attach your grapple to the underside, swing into the cockpit, knock out the pilot, fly halfway across the map and then bail out and start making parachuted strafing runs on an airfield with a pair of SMGs while the carcass of your now abandoned helicopter crashes into a bank of fuel tanks blowing the whole thing sky high? I’ve played over 24 hours so far and I’m only at 34% completion.

The only real complaint I have is that on the PC, lacking an analogue keyboard, vehicle control and precise movement can be a challenge especially at high speed and it does make it difficult to realise some of the awesome manoeuvres that you know you *should* be able to pull off with the equipment you have.

You can buy Just Cause 2: Limited Edition from Play.com for £24.99 and you should.

Get with the program, Adobe

Almost 2 months after Adobe released a patch for Acrobat Reader 9.3.0 to resolve the highly critical remote execution vulnerability, they’re still offering 9.3.0 as the only option for download:


So unless you run the Adobe Updater immediately after install (Which seems to have issues with UAC on my Windows 7 machine unless you explicitly launch Reader as an Administrator), or make the effort to find the patch to 9.3.1, your machine is going to be at risk every time you open a PDF.

It’s not the first time they’ve done it, either.

Get failed sshd logons from Windows Eventlog

This script grabs IP addresses of the last 7 days worth (Customisable) of failed logon attempts for sshd from the Windows event log. This is handy if you use a Windows-based OpenSSH package like copSSH and want to be able to generate a list of all the people making random attempts to logon to your machine for adding to a blacklist or firewall rule.

#Get all SSH events from the last 7 days from the Application eventlog (this may take some time). Change "adddays(-7)" to alter the timeframe.
$events = Get-WinEvent -LogName Application -FilterXPath "*[System[Provider[@Name='sshd']]]" | ?{$_.timecreated -gt $((get-date).adddays(-7))}
 
#Create array to store IPs
$ips = @()
 
foreach($event in $events){
	#Convert the event data to XML so we can access the EventData (Otherwise there's no way to access the event message contents with "unregistered" eventids)
	$event = [xml]$event.ToXml()
	#Thin the herd a little and only process "Failed Password" messages
	if($event.Event.EventData.Data.Contains("Failed password")){
 
	#Do regex search of the message data for IP addresses and if found, add them to the $ips array
	$ip = $event.Event.EventData.Data
	$regex = [regex]"\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}"
	$ip = $($($regex.matches($ip)).Captures).Value
	$ips = $ips + $ip
	}
}
 
$date = get-date -Format yyyy-MM-dd
$file = new-item -type file "SSHLog-$date.txt" -force
 
#Add unique IPs to output file
add-content $file $($ips | select -uniq)

If anyone has a better way to filter Get-Eventlog using FilterXPath by date as well as something else (Provider in this case) rather than having to get the whole thing and “where” it after, please let me know. I know I *should* be able to do it, but I could never get it to work properly (I think it was a timestamp formatting issue) and the documentation is a bit spartan.

On IT and Friday Afternooons

It’s a curious feature of “Nine to Five” IT departments that Friday afternoons are always a write-off; not because of laziness or the typical end-of-week malaise, but because nobody is willing to risk making a change that could break something and leave them with Friday night overtime or even a full weekend of work.

As a result of this, a full 10% of the working week is wasted (well, 10% more than would be otherwise) playing flash games and messing around with remote controlled helicopters…for example. The problem is that there’s no easy solution, if you send everyone home on a Friday lunchtime, then it just means Friday morning is wasted – and the same obviously applies to having Friday off entirely or working Saturday mornings.

Clearly what’s needed is some kind of useful, read-only task that takes about 4 hours and can be done weekly without being too soul-destroying (I’m not spending every Friday afternoon writing documentation, that’s for sure). When I discover something I’ll let you know.