Friday, February 26, 2010

Basics of Reversing (Reverse Engineering)

If you aren't into challenges, have never looked at a Rubik's cube as anything but a colorful plastic square, suck at math, are regularly infuriated by computers, and have zero patience, you can stop reading now, there is nothing for you here beyond this sentence. For the rest of you, read on...

Every now and then I come across a topic I am simultaneously unfamiliar and fascinated with. Recently this as been reversing (and yes I'm talking about reverse engineering software, not taking apart your cable box to try and figure out how to get more channels you cheapskate). I have had my share of brushes with reverse engineering, and most of us probably have without knowing it. Anyone who has been exposed to a 'cracked' version of a program, run an anti malware application, got a computer virus, used a key generator, watched a 'backed up' DVD, or used a patch to modify the way a program runs (like removing a nag screen or something similar) has been blessed with the byproduct of reverse engineering software.

In short, reversing is looking at the files that make up a program, and using tools to peek inside, prod around, and find ways to tweak the files and make the system behave the way you want it to. The amount of changes you can make to a binary application are obviously limited and it can be very complex, time consuming and challenging, but the end result is unbelievably rewarding.

Of course I'm not condoning pirating software or violating any applications terms of use agreement, but these sorts of intense puzzles are far more entertaining than sudoku or a Rubik's cube, and can yield some pretty cool results while strengthening your general understanding of exactly how applications work at the ground level. For example, reversing is a powerful tool used to thwart malware and is one of the ways anti spyware/malware applications are able to remove those nasties from an infected system. Awwww, thanks reverse engineering! It is also very useful to developers who want to make their application more secure, after all you have to know how people break into them in order to protect against it (like that movie where Martin Laurence is a thief who becomes a cop and ends up finding out he's pretty good at catching thieves... yea kind of like that).

The thing I've really found interesting is how many new areas studying this topic really opens up. It forces you to delve into assembly language for example, and understand the transmission of network packets at a very different level. Diving into these subjects introduces tools and techniques that are applicable to so many troubleshooting tasks that it can really improve your capabilities as a tech person in virtually any area of expertise.

To get your feet wet, I would recommend searching youtube for videos on ollydbg, IDA pro, (both disassemblers), DeObfuscation, unpacking, and revers engineering in general. Also get familiar with hex editors and what they can be used for, decompilers like flasm and sothink for flash decompilation, etc. etc. etc.

Here are a couple links to sites with lots of different tools you can play with:
http://reversingproject.info/?page_id=153
RCE's tool library

And here is a list of some other apps that I've been toying with as of late:
XVI32, Hex Workshop, PEid, .NET Reflector, OllyDBG, IDA Pro

more reversing resources:
RCE Messageboard - be sure to check out the FAQ, tons of great information on there.
Lena's tutorial series - An excellent set of 40 tutorials including demo files, videos, documentation and even the freeware apps you'll need to get started. Highly recommended.

Bottom line is, if you're not familiar with any of these things, that's ok, you've just got a lot of toying around to do. If you want to try cracking a very simple application, check out oldversion.com - they keep a repository of older versions of all types of popular software that is much less complex and easier to crack than then more heavily protected modern applications (of course this is a sweeping generalization and not universally applicable).

And of course what would a blog post be without a couple little videos to show you what the hell I'm talking about:




Happy reversing =)

Wednesday, February 17, 2010

Starcraft 2 Closed Beta Lanches

Blizzard announced today that the multiplayer beta test for StarCraft II: Wings of Liberty is now underway. The client downloader is available through Battle.net for people who have received invites, and the system requirements have been posted as well. A list of known issues is up on the official forums.

Lots of questions about the Beta have been answered by Blizzard on a German website instarcraft.de. You can access the translated FAQ here.

In addition there have been a few live streams popping up for those of you want to get an early look at the game. Several of them are getting thousands of active viewers only a couple hours after the beta has launched. The masses are certainly writhing in anticipation for their opportunity to either get in on the Beta, or to pick up a copy of the game when it is released later this year. Here are the streams:



Starcraft Method:
http://www.livestream.com/starcraftmethod
Several streams from Starcraftmethod.com


1Up:
http://www.1up.com/do/newsStory?cId=3177988

LiquidNazgul's Livestream:
http://www.teamliquid.net/video/userstream.php?user=Chill

http://www.livestream.com/jobbies

Wr3k's SC2 stream

KOre's Stream

Response's Stream

Windows 7 Mobile - First Impressions

There's no doubting that the initial end-user impressions scattered in comments across blogs, youtube videos and technology forums from all around the internet have been very good. The only real negative feedback seems to be centered on the bad taste Microsoft has left in so many nerdy mouths over the years, especially in the mobile world. Microsoft has lost over 30% of the U.S. smart phone market share since 2007 and is currently hovering somewhere around 16% and dropping like a rock.

So what has Microsoft done that is making real success a possibility?



They have completely redesigned windows mobile from the looks of things. The new user interface is reminiscent of Windows Media Center in terms of looks and comes paired with a new ideology in terms of navigation and functionality. The information is data-centric unlike our current popular mobile Os platforms like Apple's iPhone OS and Google Android OS among others. The layout makes sense and could really stir things up if the cards are played correctly.

All of this is exciting and all, but I can't help but to be somewhat afraid of what Microsoft will manage to do to undermine its own success. This reminds me of how excited I was about xBox Live and the many possibilities there specifically with the integration with Windows Media Center and how I couldn't wait to replace my cable box with a media center computer and an xBox360. Unfortunately the corporate mentality of Microsoft killed both of these things for me over time. Instead of allowing free and cheap user created content to integrate with xBox and Windows Media Center pcs, we were locked into only playing windows media formatted files and purchasing videos. We were forced to rely on all sorts of hacks and workarounds to get our xvid movies to play on our TV and couldnt enjoy most of what the internet already offers us for free (Like HULU and YouTube!). The dream of a centralized unrestricted home entertainment seems to be hitting road blocks everywhere, and the first one to tear them down will undoubtedly see some real success.

Here are a few items we will just have to wait and see about before we go buying a Windows Mobile 7 device...

  • Will Microsoft lock down media formats, cripple xBox Live and media center integration or try and heavy handedly push 'premium content'?
  • Can apps directly integrate with the UI to bring their data front and center (which is what makes this OS so attractive anyway), or will microsoft lock down which services get special treatment? If they can, can I get in and tweak what shows where, when and how it is displayed? This style of interface could quickly become overrun with useless app notifications at time when they aren't needed if I can't have tight control over it.
  • Can users disable the long transitions? They look great but I'm sure some people would like to shave any extra seconds off their day to day tasks like adding contacts, browsing the internet or looking up someones contact details, etc.

These are just a few things that come to mind, but I'm sure all of the thorough comparisons, benchmarks, overviews, photos and videos that are sure to begin flooding the interwebs will reveal the answers in due time.

Microsoft, don't lock us out of our own content. Don't force us to use something when we already like something else much more. Feel free to give us the option to try something new, but don't flood me with nag screens teasing me to open my wallet to enjoy what I thought I had already purchased (like with xBox), or handcuff me to your favorite video and audio services owned by you and your buddies. You've got a good idea here, and you seem to have done well with Windows 7. Please don't make Windows 7 brief moment of clarity, tell me you've changed for good.

Sunday, February 14, 2010

FL Studio 9

 Haven't been toying with this too much these days but figured I'd post what I have done lately anyway. Heres a track I made recently. FL files included so you can tweak it yourself if you like.Feel free to use it as you wish =)



Dethroned.zip

Friday, February 12, 2010

How to Customize an Office 2007 Installation

Requirements: Office 2007 copied to an accessible network location

To start the customization Wizard launch setup.exe with the /admin switch like this:
Start > Run and then:












"\\server\share\distrib\Microsoft\Office 2007\setup.exe" /admin

This will launch the Office Customization Tool

Each section has options that can be configures, such as adding trusted macros and security certificates of trusted applications, Added the Volume license keycode so it doesnt have to be entered during installation and even customizing outlook exchange server settings to automate profile creation.

Example of licensing and User Interface section:


In the Outlook Section, do the following to auto setup a users profile so you dont have to enter the exchange and user settings each time a new profile is configured:



Once you are done configuring the various options, click File > Save from the main menu.

Save the file (you can name it anything) in the 'Updates' folder located on your network installation source.










Next time you launch the installer (via setup.exe, not the .msp file you created), all of the settings will be automatically applied during installation. The .msp file you created can also be used to update existing installations of MS Office 2007.


Thursday, February 11, 2010

The Buzz on Google Buzz


Over the past few days since the release of Google Buzz I have noticed countless articles stating that Google is stepping on their own toes, people cant wait to see Buzz launched so they can turn it off, and that it's redundant, useless, privacy nightmare, etc etc etc.

This is a far stretch from Google's typical announcement reactions, to for example their up coming 1Gbps fiber to home service . So why the bad sentiment?

Two reasons.

First, the only big complaint people have with Google these days is Power and Privacy (yes that's one complaint). Google holds so much information about each individual's habits that they could probably launch some software that will give you accurate life coaching advice! The fear is that this info could some day (once the 'don't be evil' mantra is worn down by greedy board execs and share holders) fall into the wrong hands, and be used for the wrong reasons. Google Buzz is just another avenue for personal data gathering, which is the most precious type. I could care less if people knew about something as generic as what brand of cell phone I prefer, but to tap into conversation with close friends and family about private matters is a bit invasive. I see Google Buzz taking the wrap for that, but it's just like anything else, just like this blog for example. I just don't post things that are too personal to be public, and that's that.

Second reason is that people already have their beloved Facebook. Facebook is the one hub that has captured the market (which was MySpace's to lose). The universal, no frills, clean interface which brought an older age group into the fold, coupled with the chat feature was a hit.

What do I think will come from Google Buzz?

I think it will do well in due time. Facebook will not be replaced any time soon, but they are having some huge problems. Facebook's site is often so slow its almost unusable. This keeps them from expanding into more robust functionality and paves the way for up and coming competition like Google Buzz. Facebook is also getting into bed with some unsavories like AOL. Just the sheer mention of AOL brings back floods of memories nightmares of gaudy advertisements, ineffective search tools and god awful bloated user interfaces designed for seniors and infants. (Remember when AOL's installer was classified as badware?) Facebook doesn't integrate directly with other popular services the way that Buzz does (well you can make it work, but its a bit clunky and not a tight built in integration like Google Buzz has going). It's also being put right in the face of the entire gmail community which as you know is massive. This will give the service a couple advantages Orkut just couldn't touch, which is immediate membership and consistent member usage. This could be Google's first real shot at entering the world of social networking.

Facebook now has over 100 million mobile users. This number is only growing, and with social tools integrated out of the box with these types of tools this number shows no signs of slowing. Who is the king of mobile app development? Google of course. Their Android team is quickly sweeping the marking and positioned to be a major competitor in the smartphone marketplace for years to come. When all the android handsets start shipping with Google Buzz clients by default (which will possibly become more well produced and useful than the facebook app), and the facebook app is no longer pre installed we might notice a shift of power in the long run.

All in all there are privacy concerns with any social app, and its a new era that takes new responsibility and awareness that nothing is private. Social apps are not going anywhere, and the same complaints can be launched toward any one of the many services floating around out there. Google's ridiculous collection of gobs of personal data is scary as hell, but I dont think that will deter the service from being a success if they can continue to product the type of software we have seen that they are capable of (gmail, android, google maps, and of course search, etc. etc.)

Will be interesting to see how it all plays out.

Wednesday, February 10, 2010

Starcraft 2 Beta Launching This Month, and Final Release Summer 2010

As confirmed by the Activision Blizzard Fourth Quarter Calendar 2009 Results Conference Call, the Starcraft 2 Beta will be launching before the end of this month. Starcraft 2 is the sequel to the highly acclaimed Starcraft that first launched 12 years ago and still boasts a large online player base, particularly in Korea and other countries. This comes after lots of speculation flying around recently regarding the release date and beta launch date coming very soon, despite several delay announcements since mid 2007. In addition to the beta announcement, there was also mention that the ship date for the first installment of starcraft 2 (Wings of Liberty) is slated to be shipped mid 2010. This can be confirmed by looking at the earnings guidance provided (if you consider attributing the expected revenue increases for Q2 to come from preorders which would likely begin in Q2 also). 


According to the call, this will be a global beta with "thousands" of users from the US as well as other nations around the world. We know they gave out several beta keys during Blizzcon over the past few years, several others via their official twitter page, as well as others via several contests they have been running on the official SC2 website. They have also been accepting beta opt ins via the battle.net website so long as you have a valid product key from an existing Blizzard game for some time now, but we still don't know just how many users will be able to get in on the Beta in comparison to how many opt ins they have received, or what the criteria is. All we can do for now is sit and wait for an email...


The conference call was recorded and will likely be available on the Activision website after the call is concluded as well as the slides provided during the call:
http://investor.activision.com/results.cfm

Friday, February 5, 2010

The Missing Software - Painless Imaging

I think there is a huge hole in the market when it comes to imaging software. We've got some really good companies out there like Symantec and Acronis, but I feel like there is a big gap requiring an IT Administrator to take multiple steps to create a universal image that can be rolled out to many different hardware types throughout the office. This can be achieved using imaging software like Backup Exec System Recovery or True Image in conjunction with Sysprep and MySysprep but its clunky and takes time to set up.

I see it like this. Why cant I just create an image as usual, and have a bootable application that will go to a web based driver repository and download the network and storage drivers needed to boot that image on dissimilar hardware, as well as switch to the correct hardware abstract layer as well as regenerate SIDs AND join the PC to the domain automatically and name the PC according to serial number all in one product? In addition most of these apps support converting to and from virtual images. Forget converting, we want to boot the image so we can update it from time to time and just 'save' it back when we are done installing windows updates.

I've been putting together a tutorial on how to achieve this with BESR and sysprep, but like Conan O'Brien it's not quite ready for prime time yet. Stay tuned.

UPDATE: Somehow I missed UIU (Universal Imaging Utility). I'm trying it out now to see how well it works but it came highly recommended from a colleague. Looks like it does most of what I mentioned above but instead of downloading only your necessary drivers on the fly, it loads a 2GB repository of just about every driver you could need. Luckily it does give you the ability to narrow that down after it is already installed on your base image.

My big question is, will it allow for more flexibility than sysprep in terms of customizing your settings, specifically with computer naming schemes and domain autojoin? We will soon find out.