Author Topic: This stuff still on my mind...  (Read 517 times)

Offline Botsareus

  • Society makes it all backwards - there is a good reason for that
  • Bot God
  • *****
  • Posts: 4483
    • View Profile
    • DJ Paul Kononov
This stuff still on my mind...
« on: January 29, 2016, 04:31:42 PM »
I have been having flashbacks about this all day today so I thought it is best for me to visit and just talk about it. This is primarily a question to Numsgil:

From the first attempt to make Darwinbots2 run in internet mode there was some kind of virus developed to modify the program during run-time to make it freeze or crash. I recently read an old post where Numsgil wanted to set up something like what I wanted to setup and posting an ftp ip address and even Shvarz remarking something like: "That is a silly idea. If a bot survives across different enough settings then by definition the settings are not different enough"

What I am trying to get to: It looks like this hack and probably the potential instigator was around for a long time. What makes you certain that he will not port this hack to work against c# or say Java or C++ ?

Also, lets say I do get to hook up a PeterIM server. What will prevent this same hacker from doing the same exact thing to me?
(A note that I stopped playing MMO completely since 2004 because I pretty much owned a tournament and got the shit hacked out of me. I thought I would be safer just developing for Darwinbots. I was wrong.)

I would also like to explore how exactly do hacks like that work? How exactly are they able to get on my system even when my task-manger is not really showing me anything specific?

I eventually figured out that they added stuff when I was updating my cosmic rift because Sony wanted to install an update for this specific game. But that still does not explain how they managed to redirect me from the official Sony update site to theirs.

With Darwinbots it was even stranger:

My best guess is when Peter decided to package the python with all its dependencies into the exe instead of having them as install components. And the only reason I think that is what happened is because I was not able to change the icon for the exe. It was acting read-only. Still, that means that at some point Peters system got compromised. Or, the forum got compromised.

Another possibility (although I would have no clue how it might actually work) is that they corrupted a file for the db2 source code with a virus and when I opened and ran the source code it caused the memory vulnerability. (A note here that the only way I detected that anything was wrong was when stepping trough the source code and some variables where being reset without anything resetting them.) But how is that even possible?

Also, I did find that C++ has some reasonable add-on library to enable stack tracing. Nifty.

Thank you for any help on the subject in advance.

Offline Numsgil

  • Administrator
  • Bot God
  • *****
  • Posts: 7704
    • View Profile
Re: This stuff still on my mind...
« Reply #1 on: January 29, 2016, 08:43:23 PM »
IM has never been "hacked".  The server, the forums, the wiki, probably some other stuff, yes all been "hacked" at some point.  All of it was a huge PITA and caused a lot of "the world is burning" responses from me and mostly Shasta.

But IM has never been "hacked".  More because of the size of the community than any particularly brilliant security on our side.  Basically security through obscurity.  You keep insisting that there are hackers messing with you or the community but hear me when I say I am 100% sure (100%!  I don't throw that number around a lot) you are misattributing technical difficulties you don't understand and refuse to Google for "hacks".  This feeds in to your persecution complex/paranoia, which are issues you know you have, so hear me and start dealing with your shit.  Absolutely no one cares about you as a person enough to "hack" you.  You will be subject to all sorts of viruses, trojans, adware, and malware, but they're not targeted at you as a person.  They're targeted at you as a machine attached to the internet that can be turned in to part of a botnet.

The closest thing that you will ever face to a personal "hack" is phishing scams (designed to steal your login info for banks and games and shit like that) and people digging through your trash IRL to find bank statements.  Even then if they can't figure out how to extract money from you, they leave you alone.

That's not to say you weren't "hacked" by other players from an MMO back in the day.  My friends and I used to try and trick each other in to running various EXEs that were infected with trojans that would let us control the other person's computer.  Things like opening and closing the CD tray and setting up keyloggers and shit.  But all that stuff gets caught by antivirus software.  It did even back in 2002 when I was doing it but especially now.  Keep your anti virus up to date and running, don't run EXEs if something tells you not to (Chrome will scan for known trojans and viruses when you download attachments, for instance), don't download and run warez unless you're willing to get infected, cause that shit is rife with it, and have your PC behind a firewall and LAN (ie: your router), and you basically can't be hacked in the way you're thinking.  All your personal data, passwords, bank information, money, your very soul, sure all vulnerable.  We live in the cloud.  But no one's gonna mess with your machine.

Offline Botsareus

  • Society makes it all backwards - there is a good reason for that
  • Bot God
  • *****
  • Posts: 4483
    • View Profile
    • DJ Paul Kononov
Re: This stuff still on my mind...
« Reply #2 on: January 30, 2016, 09:58:02 AM »
Numsgil, your points are all valid. I know I have that shit but, it does not send me over the edge. Spork22 reported a similar thing at some point. Something about a trojan slowing the simulation down. That does however mean that I am at the edge most of the time.  :redface:

I guess the only thing I can take from that reply is I need more programming skills to debunk that sort of stuff.

edit: Let me explain exactly what went down

I am running my survival evolution thing over PeterIM. First thing I note is that since PeterIM uses the chart files and the robot files separately a weird thing is happening where the graph is displaying robots from a non existing user and I am getting robots from a user that does not exist on the graphs. I thought that was kind of weird. I am still running directly from vb6 and I did not see any bugs for a while while other people still see some. Suddenly the simulation starts running twice as slow as it should. I have about 50 robots on the screen. So I figure I will release fruit flys to see what will happen. An hour later I go back to check on it and my portal changed its size from an inch to half a centimeter. Now I am really freaking out. I keep running it. I come back about an hour later and everything is frozen. My first guess is that it is my high mutation rates again. I had a counter programmed (once again not the cleanest way to implement mutation limits) that simply counts up to a reasonable value and when reached it exits mutation early. So I start breaking execution to see what is going on to this counter. I watch this counter suddenly it goes from 1071 or so back to 33 or so. Attached is the bas to show you what I am talking about. The counter was called "overtime"

edit 2:

I am pretty sure I also checked that it was not a new robot as overtime resets for each.

It is ok Numsgil I'll get over it. I do feel better today than the last two days. Just random stuff bubbling up from my suppressed mind that I had to work trough.

Still waiting to get back into school. Tired of vb6 planning a port. Bots out.
« Last Edit: January 30, 2016, 10:47:23 AM by Botsareus »