Tag Archives: rant

new flash security policies

So… I am not happy with Adobe right now. With the push of Flash Player 9,0,115,0 “moviestar”, which included such awesome features as H.264 and AAC codec support and improvements to fullscreen mode, they kind of ambushed me with some sweeping changes to their security policy.

I’d been running pre-release nightly builds of the player since 9,0,60,x… and had noticed some strange warnings. Mysterious “Socket Security Error #2048” exceptions that were being thrown at random – even though I was serving an appropriate (for the time) crossdomain.xml file, unexplained timeouts attempting to talk to an xml socket server when I was very clearly not attempting to do any such thing, etc… My regularly repeated attempts to find documentation on what the warnings actually meant proved fruitless. I believe that is because the appropriate document was not actually released to the public until 9,0,115,0 was released.

Now, the bit where they improved the format for crossdomain.xml files doesn’t really affect me one way or the other. I approve of the improvements but could really care less in this case. They don’t really affect anything I’m doing.

The part that really chaps my hide is the fact that they’ve completely redone the way that socket security policies are handled. The important parts:

  • A SWF file may no longer make a socket connection to its own domain without a socket policy file. Prior to version 9,0,115,0, a SWF file was permitted to make socket connections to ports 1024 or greater in its own domain without a policy file.
  • HTTP policy files may no longer be used to authorize socket connections. Prior to version 9,0,115,0, an HTTP policy file, served from the master location of /crossdomain.xml on port 80, could be used to authorize a socket connection to any port 1024 or greater on the same host.

That’s right. Your socket policy data can’t live in the sitewide crossdomain.xml file that Apache serves any more.

Flash Player 9,0,115,0 introduces a concept of socket master policy files, which are served from the fixed TCP port number 843.

Socket policy files may be obtained from the same port as a main connection (the socket connection being made by ActionScript, which is authorized by a socket policy file), or from a different port, separate from the main connection. If you opt to serve a socket policy file from the same port as a main connection, the server listening on that port must understand socket policy file requests (which are indicated by a transmission of from Flash Player), and must respond differently for policy file requests and main connection requests.

  • When a SWF file attempts to make a socket connection, even to its own domain, Flash Player will first attempt to contact port 843 to see if the host is serving a socket master policy file.

So… regardless of whether you’re even using a custom port 843 client, the Flash Player is going to try to hit it. What if your firewall doesn’t allow/route traffic to sub-1024 ports w/o special configuration? What if you don’t have the access to bind to a sub-1024 port and can’t rewrite your other server process to serve the policy data on its port?

  • Socket meta-policies can only be declared in a socket master policy file. The syntax is the same as for declaring a meta-policy in an URL master policy file, using the <site-control> tag. Socket meta-policies cannot be declared in HTTP response headers, as HTTP is not involved.

This implies that you can’t even tell apache to listen to port 843 and serve up the data. You HAVE to either maintain a separate server process specifically for the purpose of serving this policy data, or you have to edit the process that SWF’s are connecting to and make them serve the data..

As of the time of this writing (10 days after moviestar’s release), they have yet to release promised help on how to deploy a solution to these new changes. Granted, the one article they did release explains what needs to be done in high level terms. It was sufficient to help me out. I wrote a server that simply listens on port 843 and spews the required xml. But… I’d have really appreciated specific examples, and I suspect plenty of people would appreciate drop-in solutions to the issue.

A 5-minute skeleton implementation (not recommended for production use by any means) written as a PHP cli script might look something like this:

I’ll try to make my production version of this a bit more suitable for public consumption and release it as soon as I can.

The random #2048 security errors continue, despite having deployed my port 843 policy xml server. Granted, they happen less than before… but they still happen. And even when my policy server isn’t running, the errors aren’t thrown 100% of the time. This just baffles me. If they were consistent, that would be one thing. But when you get a security error 1 time in 20… that’s not security, that’s not even a lame deterrent. It’s just incentive to hammer the same port over and over again until something finally gives.

Now, I admit that I could be wrong here… but I’ve re-re-read the documentation on these policies a few times now, and cannot find any reason for the behaviors I’m seeing.

update

On April 22nd, 2008, I released a much better, much more reliable version of this daemon. Head over there for more details and source code.

crippleware only $5

Today I swiped the office’s spare monitor, grabbed a cheap PCI video card, and am now seated at a desk with something just shy of five million pixels of doom (1600×1200 + 1600×1050 + 1280×1024). It’s a lot of space, and after having used it for about an hour now, I’m wondering if it really IS a bit excessive. Oh well, I’ll see how I like it a few weeks from now.

As part of testing out my new monitor layout, I decided that my 3rd screen currently gets to hold my email as I work like normal on the remaining two. The only new message in my inbox intrigued me (kind of) – it was a survey from ADV, an fine company who’s done a lot to bring some of the better anime out there (and some of the worst :P) to this country. I figured that the survey couldn’t hurt, and they promised it wouldn’t take more than five minutes.

Well, they lied. Most of the questions were innocuous inough. Which demographic categories can we file you under? Which genres do you like? Do you read Newtype? etc… But one question…

Q: Would you buy anime for download?

A: After looking at their selection of initial offerings, and at their FAQ page, I clicked No.

They then offered a box for me to explain my answer. I don’t know if their database will have been configureded to deal with a response of the length I provided. 🙂

Crippled files with DRM are an abomination. They break digital standards and mandate my choice of player software and even operating system if I want to watch them. At least with a physical DVD purchase, I can watch it on any computer I want AND on my dvd player/playstation/father-in-law’s 50″ tv/whatever… At $5/episode, it’s just not worth the inconvenience.

Especially since you’re using inferior WMV files that lack such 5-year-old features as multiple audio tracks and optional subtitles. Are all of your files dubbed? Yuck. If I’m gonna be cheap about my shows, I’ll just wait until they’re in the discount bin or buy them used or support my local comic shop and rent them or something.

Besides, DRM doesn’t work. People are ALWAYS going to find ways around copy protection on digital media. There are countless pirates out there with nothing better to do with their time than bypass the latest audio/video/whatever protection scheme.

I’d wanted to go on, but as it is, they’re probably not gonna get the whole rant, much less read any of it. Oh well. Maybe one day they’ll realize that they can make money by selling whole files, not broken ones.

If it was $5 for dual-audio ogg or mkv files that I could play in VLC or if they offered PDA-sized AVI’s that I could carry with me and that wouldn’t necessitate that I use Windows Media Player? I’d have bought a few episodes on the spot. In stead, I have little confidence in this part of the industry getting any better for a very long time.

ancient rpg history 101

Ok, so… yesterday, I was looking for information on suggested secondary classes for my lowbie Assassin char in Guild Wars, when I stumbled across a preview of Nightfall at Softpedia.com.

I read some of it, hoping that it might be informative or at least entertaining. Nope. What it DID manage to do is get me all sorts of riled up about the current state of idiots in this country in a way that I’ve not felt in a few months at least 😛

To quote the preview:

Paragons would be more suitable named paladins, but I guess that monicker is already taken by a World of We-know-what class. Paragons hold heavier armor, similar to a Ranger�s, with extra protection from elemental and either fire or lightning attacks.

Questionable grammar aside, What kind of idiot even vaguely qualified to post reviews on fantasy games thinks that WoW is in any way has claim to the word ‘paladin’?

According to the dictionary:

pal‧a‧din  /ˈp�lədɪn/ [pal-uh-din] � noun

  • any one of the 12 legendary peers or knightly champions in attendance on Charlemagne.
  • any knightly or heroic champion.
  • any determined advocate or defender of a noble cause.

[Origin: 1585�95; < F < It paladino < LL palātīnus imperial functionary, n. use of adj.; see palatine]

That’s right. The word is over 400 years old. In the more modern sense of a knight with healing spells, it has seen use in fantasy gaming for 30+ years. Probably before the author of this preview was even born.

I bet he spells rogue “rouge” and thinks Warhammer Online is a WoW rip-off too.

Two weeks ago, OGX had a very good article on this particular one. The Warhammer thing, not the makeup.

Back in april, Penny Arcade also commented on this misconception apparently prevalent in today’s world of newbish children who wouldn’t know a d4 if they stepped on one in the dark.

From Tycho’s blog post that day:

On forums of wanton reputation, I sometimes hear that Games Workshop – Games Workshop – has stolen this or that from Blizzard, and that odious charge will only grow in volume and intensity as screens and news of Warhammer Online achieve wider circulation. There is no small amount of danger involved in presenting this notion: as proof, I offer Exhibit A (ed: that day’s comic strip).

A charitable person might call the many points of continuity “homage.” These days, I think Blizzard genuinely owns their contexts to a much greater extent – there are what I would call “significant” story innovations in Warcraft 3, Brood War, and World of Warcraft that assert their homegrown narrative power. As Games Workshop has begun to license its properties in a more measured, “skilful” way, it’ll be interesting to see how well they actually do against the worlds they inspired.

Yeah… I’ve been waiting for a good Warhammer game for 10 years now. Mythic had better deliver with this one 🙂

But back to the subject of traditional FRPG character classes and their linguistic/historical origins. Here are a few other words that are ‘unique’ enough that the average wet-nosed kid might not have encountered them before.

Assassin

I’ll start with one of the easier and more interesting ones. I don’t really suspect that anybody seriously doubts this one, but so long as I’m in full rant, I may as well…

Assassin derives from the Hashishin, an old (like 11th century old) secret society who had members who engaged in the odd political murder or two. These missions were often suicidal and they were promised the standard extremist’s afterlife care package, which in this case included a substantial amount of hashish (pot).

The Wikipedia has a decent article on the subject.

One interesting thing to note from the article: They called themselves fedayeen from the Arabic fidā’ī, which means “one who is ready to sacrifice his/her life for a cause.” Coincidence that Frank Herbert’s death squad commandos are the “fedaykin“? I think not 😛

Druid

Druids were the ancient Celtic priestly caste. In addition to the worship of assorted gods and chopping off people’s heads as saccrifices, they also worshipped trees and mistletoe and stuff. Legends have them doing all sorts of interesting magic like changing the weather and turning people mad. In several versions of the Arthurian legends, Merlin was a druid.

The shape-shifting aspect of the class comes from old fantasy roleplaying stuff. 1st edition Dungeons and Dragons (1970’s) had a druid class that could turn into animals… which ability is probably originally derived from old ceremonial costumes or from Merlin or whatever.

Ranger

A bit of abbreviated dictionary searching will discover that:

rang‧er  /ˈreɪndʒər/ [reyn-jer] � noun

  • one of a body of armed guards who patrol a region.
  • a soldier specially trained in the techniques of guerrilla warfare, esp. in jungle terrain.
  • a person who ranges or roves.
  • British. a keeper of a royal forest or park.

[Origin: 1350�1400; ME; see range, -er]

Let it also be known that Tolkien’s ‘ranger’ (Aragorn) was based on this original definition of the word and is the original template for all future incarnations. Aragorn does such rangerly things as dual-wield swords, track, shoot, talk to elves, run through the forest, etc…

Sorcerer

Sorcery is generally defined as black magic.

The modern WotC class and Terry Pratchett’s Discworld seem more inclined define the term in a slightly less evil terms and see it as a more primal, ancient type of magic. Less of written spells and incantations, more of making it up as you go along.

The word itself is a 16th century adaptation of some really old latin for ‘to cast lots’. Fortune teller types.

Shaman

I like this definition of shaman:

sha�man (sh�mn, sh-) n.
A member of certain tribal societies who acts as a medium between the visible world and an invisible spirit world and who practices magic or sorcery for purposes of healing, divination, and control over natural events.

So what did we learn today, class? That’s right. Any time somebody’s coming up with a new character skill set that they need a name for, they’re actually go with existing words… because, well, those words already exist.

It’s like in that that 1960’sish sci-fi novel whose name and author I can’t remember right now where the author introduced this strange new creature with a strange new name. The creature looked like a bunny. It acted like a bunny. It even tasted like a bunny. But he refused to call it a rabbit. And that was dumb, he should have just called them rabbits and been done with it. And so people made fun of it sufficiently that I was told the story as a small child.

new mmo’s

It’s been a while since I’ve given a new MMORPG a test drive… literally. It was Auto Assault, and I hated it 😉 The driving and shooting bit is kind of fun, but towns are an ugly heinous experience that left me feeling oddly soiled for having looked at them. Partying is meh. I expect it can be better than what I experienced, but the rest of the game is so generally uninspiring that I’m not surprised to hear that NCSoft has been losing fistfulls of money as a result. And, honestly, if I want a driving game… I’ve got several for my GCN/PS2 that don’t require me to pay a monthly subscription fee. Go Mario Kart!

So, I’m looking into the betas of Hero and Deicide Online. (Why can’t people come up with game titles that don’t have the word ‘online’ in them, I wonder?)

We’ll see what happens. I’ve got the Deicide client downloading right now (at the traditional 1kbps rate that one tends to expect from these kinds of downloads). The Hero client won’t let me download until the 14th or 15th when the closed beta actually starts. So it’s really a race. Will the Deicide client finish downloading before the Hero client lets me start downloading? 🙂

update – June 14th, 7:15pm

Well… It’s the 14th. Hero’s site has changed, but the client still refuses to download – saying that “Client Download will be available on June 14th”. Are they trying to kill their bandwidth all at once or something? 🙂

Deicide is still downloading 😛 Though, I admit, I had paused it for a few hours there.

update – June 14th, 9:40pm

And whaddaya know, the Hero client lets me download now 😉

And of course, the Deicide download broke on me so I’m having to start over again. Apparently they patched versions or something and took the other file down. 😛

So far, both games are really failing to impress, ne?

update – June 15th, 6:15pm

Well. Once Hero finally let me download the client yesterday, it didn’t let me play, citing that the servers wouldn’t be open until 11pm PST. I logged in at 5pm PST with no problems. It was slow, but it let me in and let me create a character (more on that another time).

I ran around for 5 minutes before Penny called and I left the game idle as I drove around the corner pick her up from work. Upon my return, I discovered that not only had I been disconnected (which would have been acceptable, even expected), but I also was greeted by a machine that had quit out of the client program entirely. No main menu or login screen. Nothing. Not even a stale crashed process from what I can tell.

My attempts to reconnect all hang – the third time, I finally got a timeout message saying that the server was down for maintainance or something. Perfectly allowable, but very inadequately handled.

And of course, Deicide is still downloading 😛

Actually, it’s funny. The download froze on me again. Just locked up solid at around 31% and resisted all attempts to resume… I’ve got A’tuin downloading it now and will see if that makes any kind of difference. Not terribly hopeful though, for behold:

It’s fluxuating pretty evenly between 5-12K/s and just plain hanging for a 20 seconds before resuming. I think I saw it burst as high as 14K/s a few seconds ago… 😛

ie stupidity

Quick little annoyance that I need to gripe about.

I’m prone to beta testing software, since, well… that’s what I do. As such, I’ve been running the IE7 beta ever since it launched and am using it right now to post this. I am impressed with the thoroughness with which Microsoft has stolen features from Firefox and Opera and I am happy that they finally offer decent PNG and CSS support (hooray for 10-year-old technologies).

It generally appears to have been a well thought out product – at least, it becomes a usable browser when compared to IE6. And they have absolutely no excuse not to have produced something just astronomically better than IE6. After all, it’s been 5 years since they released a feature upgrade in their browser – which curiously accompanied all of the anti-trust fun.

That said, I’m expecting that they’ll experience something like tremendous backlash when they start pushing the browser on unsuspecting lusers. The menu layout is borderline arcane. I’m looking as hard as I can, and cannot manage to find anything resembling a “File -> Open” menu option. Ok, I lied. By navigating to “Tools -> Toolbars -> Classic Menu”, I was able to toggle this back on (don’t remember if it is disabled by default or not).

So… I select Open because I want to open a locally stored file – jpeg comp of a site I’m working on. Since I have IE open for testing anyways, and since it offers tabbed browsing and all… I navigate to the directory in question and have to change the file type in the little box to jpeg (by default, they were displaying only html files in the dialog). The file becomes selectable and I tell it to open.

Which it does.

In GIMP.

Now, had I double-clicked on the icon in Windows Explorer, I would have expected to fire up GIMP. But I specifically told Internet Explorer to load the file… Of course, Microsoft swears up and down that they’re separate products, and that your computer can function w/o IE…

URGH!

Upon further investigation (in IE6), it appears that this is IE’s native behavior – that it refuses to display an image unless it is loaded from an html page. Using the open dialog in IE6 on another machine, we got the picture in question to load in the Windows Picture Viewer Thing.

tektonic teamspeak

Ok, a while back when TekTonic (A’tuin’s ill-favored hosting service) crashed and had all kinds of problems in general, this caused a reboot of my system. Quite understandable that. Unfortunately, the box had been up for a while (probably 3 months or so of uptime) and they must have applied some kernel patches or something to their system because it has been unstable ever since.

Most notable among these problems is a heinous memory management problem – new processes segfault in stead of making something else swap out. Only slightly less notable is the fact that TeamSpeak ceased to work at the same time.

Yeah. Fun stuff. Over time, the only difference in the output tends to be the memory address at which it borks out on me 😉 Didn’t really bother me much since I wasn’t actually hosting any chat services – I had actually only installed it on a whim in the first place anyways.

I’m also not the only one with this problem. Before they mysteriously vanished, the TekTonic support forums had at least 3 or 4 threads complaining about this exact problem.

Well, earlier this week, I had a discussion with guild leader on CoV where we talked about possibilities for voice chat. I brought up A’tuin and its currently functional Ventrilo setup – but the Vent license only allows 8 clients to connect to a non-pro account… and they’re very picky about with whom they will do business (pro accounts supporting a minimum of 1000 clients at once spread across multiple servers and stuff).

Our SG has more than 8 members now, and it would be a shame if people were getting rejected just because Vent refuses to sell me a license. So, I started looking back into TS again today. It still crashed.

Using the trick taught to me back during my first Google tech interview, I applied strace to the binary. Lo and behold, the trace reveals that the crash occurs whilst trying to open /usr/lib/locale/en/LC_CTYPE. I checked, and sure enough… my machine seemed to have a broken installation of the locales package… and along with it, a rather old version of libc.

So… patching these up gives me progress. I’m going to see what else needs to be done to bring things up to speed, but I might actually get TS running on this monster tonight.

Update – 12:30am, Feb 22

After updating glibc and locales (and practically every other system library), I am still getting the following output from strace:

Blech. So… it’s closing the locale archive document and then trying to pipe it somewhere else? Don’t know if this is actually the problem though. I really need to learn how to use this utility better. Mumble, grumble. I’m gonna dig through ML and forums and stuff to see if I can come up with anything further.

Update – 7:30am, Feb 23

Well, fooey. I looked at man pages online (since I can’t seem to locate which Debian package actually installs the syscall man pages for me…) and aside from discovering that there is apparently nothing fishy about the pipe call, noticed something else in the sigreturn man page:

sigreturn never returns.

Well, not terribly interesting. If the machine is segfaulting, the kernel is well within its rights to make whatever syscalls are necessary to recover and report error messages to me and stuff, no? So that might be a dead end.

Looking further up through the entire stack trace, I noticed that attempts to read from this /etc/ld.so.nohwcap file that I’d never heard of were all failing. Google turns up this blog entry. So, I created the file and nothing really changed except that the program doesn’t fail on those particular reads any more. I’m assuming that the access to /etc/ld.so.preload is also harmless, so will ignore this one.

So, I figured I’d try to force a segfault of my own to compare the two straces for any similarities. Not much there, eh? But when I do an ltrace on my file – it clearly specifies what’s crashing.

The ltrace of the TS binary is way too verbose to put online anywhere, so yeah. It looks like it’s dying on some assortment of pthreads mutex calls, which I guess is entirely possible and realistic.

Update – 8:50am, Feb 23

The TeamSpeak forums seem to have a handfull of threads dealing with this exact sort of problem – which seems to have affected people on multiple distros (including Debian). A German thread is the longest discussion of the problem and seems to have an answer.

They use setarch to fool the machine into thinking that it is something it is not… Erm, ok, I guess. It sounds like problems with architecture-specific behaviors failing when run on the wrong kind of box. That makes some sort of sense.

It especially makes sense on my machine – a VPS on dual Opterons. Not the most normal architecture out there. When you run uname -m, it just says i686… so shrug.

Of course, setarch isn’t available for Debian. The solution given in the german thread is to use alien to turn an RPM into a DPKG for installation 😉 I’ll try that out later and see what it does to me.