One of 3 Principals of The Jonah Group, husband, Dad, and technology geek all contained within a single human being.
1088 stories
·
39 followers

'Obduction' Successfully Recaptures What We Loved About 'Myst'

1 Comment

Of all the people who've played Jonathan Blow's The Witness, a puzzle game inspired by the '90s hit Myst that dominated headlines in the games press last January, you'd think Myst creator Rand Miller would have been among the first. But nope! Miller tells me he's skimmed though a few videos, watched some friends play it, and that's it, even though he really wants to play it.

"I kind of like puzzles and that sort of thing," he says.

So he does. It's puzzling enough that he's so calm just a handful of days ahead of the release of his latest game Obduction, a crowdfunded "spiritual successor" to Myst that grabbed more than $1,300,000 when Miller and Cyan announced it on Kickstarter in 2013. (It's out now on Steam.) Two days earlier his P.R. contact shot me a code for the game itself, and I sheepishly respond that I "haven't got that far" when he asks where I am. Truth is, in another window I'm still running around the opening town pulling levers and pushing buttons that do nothing. I'm wondering if I'm just dumb or if some of these things could be bugged. Rand Miller himself, a deity of design, is offering me hints or outright solutions, and I turn him down because I'm too deep in the game's genesis to make good use of his revelations.

The epiphany comes after the call. I pull the right lever, and water rushes out. I've poked around enough to know where it's going, so I follow the flow and handle some other environmental puzzle I'd spoil if I explained. I start to see where the pieces of Miller's puzzle, seemingly unrelated, start to fit together. It's not long before I'm chatting with some dude in an airtight tank through his window, and I laugh with satisfaction at how I see him as an actor filmed in real life rather than a 3D model, just as in proper classic Myst. And to think, all this takes place in a strange world where what looks like a '50s suburban home, an 1880s mining town, and a seeming copy-paste of the southern Arizona desert reside in a dome on a clearly alien planet with purple, bulbous rocks and planets looming overhead. That very bizarreness invites exploration, and Miller tells me that's been the point all along.

"We hope all of it pushes you forward a little bit," he says, adding that for him and his team, the setting has always come before the puzzles. "It's so odd, it's so strange, and we're hoping it motivates you to figure out the mystery and learn a little bit more about how this all came to be."

It's all so weird that it's Myst in all but name, and it makes me realize I've missed Myst. I don't think it's too much of a stretch to claim the dormant puzzler series probably saved my life, as 2004's Myst IV (which Miller had nothing to do with) was a bridge between me and one of my professors when I was at a low point in my graduate studies at the University of Chicago. Figuring out the puzzles alongside figuring out a direction for my studies, I gained a new confidence in my ability to think. Her enthusiasm made me realize, seemingly for the first time, that I didn't have to give up games to keep my mind honed for research.

But that was 2004. It's less true now. For almost the entire '90s Myst and Miller's sequel, Riven, dominated PC game sales, but today those charts stay dominated by the likes of Minecraft, Overwatch, and The Sims. Minecraft encourages creativity, Overwatch encourages some sense of strategy, but nothing else on the list really demands the same depth of analytical thought. It's no accident that the official trailer (above) ends with the imperative pun "Think, again."

Image: Cyan

So what happened? Miller says the bigger studios don't want games like this; that "they have specific genres that do well for them and I think they now consider this kind of thing a niche." He's thus thankful that crowdfunding allows for such projects to thrive. Yet Miller thinks their decline might also lie in that very depth of thought, and not just from a consumer standpoint. Turns out, it's just as draining to make this stuff as solve it.

"These games are freakin' hard to make," he says. "You know, we don't get the advantage of having gameplay mechanics that are kind of just known, like a shooter where I can kill a bad guy and I get stuff."

He tells me puzzle games like Myst require a constant "reinvention of the wheel." It's not hard to grasp why. Myst and Obduction aren't really like The Witness, which for all its power and sense of place still comes off like a collection of pencil-friendly mazes or sudoku you might find in the back of a really colorful newspaper. You'll get some of that in Obduction, but for the most part its puzzles are the brain-teasers of the mundane. They're about figuring how to flip a bridge around so I can check out an easel on the other side of a creek, or getting a generator running using only the scattered crap on an alien world. They're about remembering to prime that generator before you turn it on. The kind of stuff that'd make my Dad proud.

"We can't use the puzzles from Myst but just skin them differently or have just a little bit of a story there," he says. "All this has to be woven together in a rather intricate manner, and I think it limits the number of people who really want to vest themselves in doing this kind of thing."

That's a shame. Obduction may be a puzzler, but like Myst, it's also memorable for how it uses those puzzles to craft a memorable story stuffed with great characters and settings and meaningful small details. Most games serve up their stories like pre-prepared multicourse meals, offering this or that choice of a side. But Obduction's narrative pleasures are those familiar to the researcher: the pulling together of invisible lines connecting myriad parts. The moment when those lines become clear without hints or heavy prodding, how briefly, is empowering and euphoric. It's why I loved Myst so much as an academic. I felt a bit of it when I pulled that first "correct" lever in Obduction, and in that moment I knew Miller had been on the right track all along.

Image: Cyan

These days, it must be hard to shrug off the temptation to look up videos showing how to solve these things after a few minutes of inaction. You could find walkthroughs for Myst and Riven online even while Seinfeld was still on the air, but in this age of Twitch streaming and "let's play" videos on YouTube, Obduction suffers the risk of having its challenges spoiled through its very fandom. There may still be some satisfaction from playing it if you play Obduction after seeing someone else play parts of it first, but Miller believes it'd be greatly diminished.

"You know, I hate that. I think it misses the point," he says. "It's like beaming yourself down into the Grand Canyon. If you're at the top and you beam yourself to the bottom, you kind of missed a really amazing journey that you would've had otherwise."

And the journey is amazing this time around, even if it's a little technically demanding. Miller and his friends at Cyan give us a beautiful, realistic world in Obduction, but my PC with 16GB of RAM and an Nvidia GeForce GTX 980 graphics card sometimes struggled to keep up with rapid shifts in perspective. That's almost always been a hallmark of the series, though. Myst IV, which I found so life-changing, caused a bit of a stir in 2004 on account of its then-boggling installation size of 7GB.

This doesn't seem to bother Miller. He's practically planned it, in fact, in part because of the ability to play Obduction in virtual reality on the Oculus Rift.

"Frankly, we want to use the technology to make this world seem real, which is all we've ever wanted to do," Miller says. "We want this place to become your world. If people said that about Myst, I hope they say it about Obduction on the desktop and I think in VR it feels even more so."

That world has been Miller's for years now, and now it's ours. Framerate drops aside, it's a worthy successor. But what about Miller? What does he plan on doing with all this newfound time?

"Well, actually, I can't wait to be done with this so I can jump in and give The Witness a shot," Miller says. "It's been frustrating not being able to do that."

Read the whole story
glenn
4 days ago
reply
I've read a few reviews and it looks like a winner. I backed the original Kickstarter. Mac version is still sluggish so waiting for next patch.
Waterloo, Canada
Share this story
Delete

Sophisticated, persistent mobile attack against high-value targets on iOS

1 Comment and 3 Shares

August 25, 2016

Lookout_Pegasus_TechnicalAnalysis_Final_V.4_COVERPersistent, enterprise-class spyware is an underestimated problem on mobile devices. However, targeted attack scenarios against high-value mobile users are a real threat.

Citizen Lab (Munk School of Global Affairs, University of Toronto) and Lookout have uncovered an active threat using three critical iOS zero-day vulnerabilities that, when exploited, form an attack chain that subverts even Apple’s strong security environment. We call these vulnerabilities “Trident.” Our two organizations have worked directly with Apple’s security team, which was very responsive and immediately fixed all three Trident iOS vulnerabilities in its 9.3.5 patch.

All individuals should update to the latest version of iOS immediately. If you’re unsure what version you’re running, you can check Settings > General > About > Version. Lookout will send an alert to a customer’s phone any time a new update is available. Lookout’s products also detect and alert customers to this threat.

Trident is used in a spyware product called Pegasus, which according to an investigation by Citizen Lab, is developed by an organization called NSO Group. NSO Group is an Israeli-based organization that was acquired by U.S. company Francisco Partners Management in 2010, and according to news reports specializes in “cyber war.” Pegasus is highly advanced in its use of zero-days, obfuscation, encryption, and kernel-level exploitation.

We have created two reports that discuss the use of this targeted attack against political dissidents and provide a detailed analysis of the malicious code itself. In its report, Citizen Lab details how attackers targeted a human rights defender with mobile spyware, providing evidence that governments digitally harass perceived enemies, including activists, journalists, and human rights workers. In its report, Lookout provides an in-depth technical look at the targeted espionage attack that is actively being used against iOS users throughout the world.

The overview

Ahmed Mansoor is an internationally recognized human rights defender and a Martin Ennals Award Laureate (sometimes referred to as a “Nobel prize for human rights”), based in the United Arab Emirates (UAE). On August 10th and 11th, he received text messages promising “secrets” about detainees tortured in UAE jails if he clicked on an included link. Instead of clicking, Mansoor sent the messages to Citizen Lab researchers. Recognizing the links as belonging to an exploit infrastructure connected to NSO group, Citizen Lab collaborated with Lookout to determine that the links led to a chain of zero-day exploits that would have jailbroken Mansoor’s iPhone and installed sophisticated malware.

This marks the third time Mansoor has been targeted with “lawful intercept” malware. Previous Citizen Lab research found that in 2011 he was targeted with FinFisher spyware, and in 2012 with Hacking Team spyware. The use of such expensive tools against Mansoor shows the lengths that governments are willing to go to target activists.

Citizen Lab also found evidence that state-sponsored actors used NSO’s exploit infrastructure against a Mexican journalist who reported on corruption by Mexico’s head of state, and an unknown target or targets in Kenya.

The NSO group used fake domains, impersonating sites such as the International Committee for the Red Cross, the U.K. government’s visa application processing website, and a wide range of news organizations and major technology companies. This nods toward the targeted nature of this software.

The Pegasus spyware

Pegasus is the most sophisticated attack we’ve seen on any endpoint because it takes advantage of how integrated mobile devices are in our lives and the combination of features only available on mobile — always connected (WiFi, 3G/4G), voice communications, camera, email, messaging, GPS, passwords, and contact lists. It is modular to allow for customization and uses strong encryption to evade detection. Lookout’s analysis determined that the malware exploits three zero-day vulnerabilities, or Trident, in Apple iOS:

  1. CVE-2016-4654: Memory Corruption in Webkit – A vulnerability in the Safari WebKit that allows the attacker to compromise the device when the user clicks on a link.
  2. CVE-2016-4655: Information leak in Kernel – A kernel base mapping vulnerability that leaks information to the attacker allowing him to calculate the kernel’s location in memory.
  3. CVE-2016-4656: Kernel Memory corruption leads to Jailbreak – 32 and 64 bit iOS kernel-level vulnerabilities that allow the attacker to silently jailbreak the device and install surveillance software.

The attack sequence, boiled down, is a classic phishing scheme: send text message, open web browser, load page, exploit vulnerabilities, install persistent software to gather information. This, however, happens invisibly and silently, such that victims do not know they’ve been compromised.

In this case, the software is highly configurable: depending on the country of use and feature sets purchased by the user, the spyware capabilities include accessing messages, calls, emails, logs, and more from apps including Gmail, Facebook, Skype, WhatsApp, Viber, FaceTime, Calendar, Line, Mail.Ru, WeChat, SS, Tango, and others. The kit appears to persist even when the device software is updated and can update itself to easily replace exploits if they become obsolete.

We believe that this spyware has been in the wild for a significant amount of time based on some of the indicators within the code (e.g., a kernel mapping table that has values all the way back to iOS 7). It is also being used to attack high-value targets for multiple purposes, including high-level corporate espionage on iOS, Android, and Blackberry.   

To learn more

Our reports provide in-depth information about the threat actor as well as their software and the vulnerabilities exploited — Citizen Lab has tracked the actor’s political exploits around the world, while Lookout has focused on the technical details of the malware from the beginning of the exploit chain to its use. Our reports include detailed analysis of the Trident iOS vulnerabilities that are patched in the 9.3.5 release from Apple, as well as the various components of the espionage software.  

Lookout customers: Read this document on how to tell if you’re impacted by this attack.

Think you’ve encountered a suspicious link such as the ones described above? Email <a href="mailto:support@lookout.com">support@lookout.com</a>.

Research teams:

Citizen Lab: Bill Marczak and John Scott-Railton, Senior Fellows 

Lookout: Max Bazaily, Andrew Blaich, Kristy Edwards, Michael Flossman, Seth Hardy, Staff Security Researchers, Mike Murray, VP of Security Research

Read the whole story
glenn
4 days ago
reply
Waterloo, Canada
acdha
4 days ago
reply
Washington, DC
Share this story
Delete
1 public comment
analytics
15 hours ago
reply
{ "header": [ "general:0.2.0", "malware:0.1.1" ], "general": { "internal": false, "hot": false, "industry": [ "information technology" ], "location": [ "global" ], "language": "en", "sophistication": "1", "tags": [ "mobile", "pegasus", "zero day", "iphone", "exploit", "ios", "high profile targets", "cyber espionage", "trident", "nso group", "cyber threat", "spyware", "memory corruption", "vulnerability", "cyber security" ] }, "malware": { "malware": [ "pegasus spyware " ] } }

robotlyra: Me: *watching* What the hell is the point of th- OH...

4 Comments and 11 Shares


robotlyra:

Me: *watching* What the hell is the point of th- OH MY GOD

Read the whole story
sirshannon
5 days ago
reply
Whoa.
popular
3 days ago
reply
glenn
5 days ago
reply
Waterloo, Canada
Share this story
Delete
3 public comments
Courtney
15 hours ago
reply
Now that is some rocket design
Portland, OR
leiter420
3 days ago
reply
This is cool.
ChrisDL
5 days ago
reply
awesome. I want the back story.
New York
dreadhead
5 days ago
Hold my beer and pass me that duck tape I have an idea.

Google Intrusion Detection Problems | Fred Trotter

1 Comment and 2 Shares

So today our Google Cloud Account was suspended. This is a pretty substantial problem, since we had committed to leveraging the Google Cloud at DocGraph. We presumed that Google Cloud was as mature and battle tested as other carrier grade cloud providers like Microsoft, Rackspace and Amazon. But it has just been made painfully clear to us that Google Cloud is not mature at all.

Last Thursday, we were sent a message titled “Action required: Critical Problem with your Google Cloud Platform / API Project ABCDE123456789″ here is that message.

action_required

Which leads to our first issue Google is referring to the project by its id, and not its project name. It took us a considerable amount of time to figure out what they were talking about when they said “625834285688”. We probably lost a day trying to figure out what that meant. This is the first indication that they would be communicating with us in a manner that was deeply biased towards how they view their world of their cloud service internally, totally ignoring what we were seeing from the outside. While that was the first issue, it was nowhere near the biggest.

The biggest issue is that it was not possible to complete the “required action”. Thats right, Google threatened to shut our cloud account down in 3 days unless we did something… but made it impossible to complete that action. 

Note that they do not actually detail the action needed, in the “action required” email. Instead they refer to a FAQ, where you find these instructions:

request_appeal

So we did that.. and guess what, we could not find the blue “Request an appeal” button anywhere. So we played a little “wheres waldo” on the Google Cloud console.

  • We looked where they instructed us to.
  • We looked at the obvious places
  • We looked at the not-obvious places

As far as we can tell, there was no “Request an appeal” button anywhere in our interface. Essentially, this makes actually following the request impossible.

So we submitted a support request saying “Hey you want us to click something, but we cannot find it” and also “what exactly is the problem you have with our account in any case?”

However, early yesterday morning, despite us reaching out to their support services to figure out what was going on, Google shut our entire project down. Note that we did not say “shutdown the problematic server” or even “shutdown all your servers”. Google Cloud services shutdown the entire project. Although we use multiple google cloud APIs we thought it made sense to keep everything we were doing on the same project. For those wondering that is a significant design flaw, since Google has fully-automated systems that can shut down entire projects that cannot be manually overridden. (Or at least, they were not manually overridden for us).

We have lost access to multiple critical data stores because Google has an automated threat detection system that is incapable of handling false positives.  This is the big takeaway: It is not safe to use any part of Google Cloud Services because their threat detection system has a fully automated allergic reaction to anything that has not seen before, and it is capable of taking down all of your cloud services, without limitation. 

So how are we going to get out of this situation? Google offers support solutions where you can talk to a person if you have a problem. We view it as problematic that interrupting an “allergic reaction” as a “support issue”. However, we would be willing to purchase top-tier support in order to get this resolved quickly. But there does not appear to be an option to purchase access to a human to get this resolved. Apparently, we should have thought about that before our project was suspended.

Of course, we are very curious as to why our account was suspended. As data journalists, we are heavy users of little-known web services. We suspect that one of our API client implementations looked to Googles threat detection algorithms like it was “hacking” in one way or another. There are other, much less likely explanations, but that is our best guess as to what is happening.

But we have not idea what the problem is, because Google has given us no specific information about where to look for the problem. If were actually doing something nefarious, we would know which server was the problem. We would know exactly how we are breaking the rules, but because we are (in one way or another) a false positive in their system, we have no idea where to even start looking for the traffic pattern that Google finds concerning.

Now when we are logged in, we simply see an “appeal” page that asserts, boldly “Project is in violation of Google’s Terms of Service”. There is no conversation capacity, and filling out the form appears to simply loopback to the form itself.

It hardly matters, Googles support system is so completely broken, that this issue represents a denial of service attack vector. The simplest way to take down any infrastructure that relies on Google would be to hack a single server, and then send out really obvious hack attempts outbound from that server. Because Google ignores inbound support requests and has a broken “action required” mechanism, the automated systems will automatically take down an entire companies Cloud infrastructure, no matter what. 

Obviously, we will give Google a few hours to see if they can fix the problem and we will update this article if they respond in a reasonable timeframe, but we will likely have to move our infrastructure to a Cloud provider that has a mature user interface and support ticketing system. While Google Cloud offers some powerful features, they are not safe to use until Google abandons its “guilty until proven innocent, without an option to prove” threat response model. 

-FT

Read the whole story
glenn
7 days ago
reply
"We have lost access to multiple critical data stores because Google has an automated threat detection system that is incapable of handling false positives. This is the big takeaway: It is not safe to use any part of Google Cloud Services because their threat detection system has a fully automated allergic reaction to anything that has not seen before, and it is capable of taking down all of your cloud services, without limitation. "
Waterloo, Canada
acdha
7 days ago
reply
Washington, DC
wreichard
7 days ago
Yikes.
chrishiestand
7 days ago
"Update: Less than four hours after tweeting out this blog post, we got our access turned back on. So the Google support team is definitely listening on social media. We very much appreciate that, because it resolves this issue as a crisis. We are still concerned by the “auto-off” trend and the missing button. But we will be working to make sure there is a better long term solution. Will update this post as appropriate moving forward."
wreichard
7 days ago
That at least is good to hear.
Share this story
Delete

August rushes by like desert rainfall,A flood of frenzied upheaval,Expected,But ...

1 Share
August rushes by like desert rainfall,
A flood of frenzied upheaval,
Expected,
But still catching me unprepared.
Like a matchflame
Bursting on the scene,
Heat and haze of crimson sunsets.
Like a dream
Of moon and dark barely recalled,
A moment,
Shadows caught in a blink.
Like a quick kiss;
One wishes for more
But it suddenly turns to leave,
Dragging summer away.
 - Elizabeth Maua Taylor
l'assommoir
Read the whole story
glenn
7 days ago
reply
Waterloo, Canada
Share this story
Delete

Male Termites Open to Same-Sex Relationships in Absence of Females

1 Comment

Same-sex relationships are common in nature, and run the gamut from monogamous lesbian penguins to the riotous pansexual bonobo orgies. As in humans, the underlying reasons that some species form these intimate partnerships is complex and varies widely case-by-case.

Case in point: New research published in the journal Animal Behavior proposes that male Japanese termites pair up with their rivals when they are unable to procure a female. These male-male couples build nests together and share resources, just like a male-female termite partnerships, but one shouldn’t be fooled by this heartwarming tableau.

Unlike evolution’s panoply of affectionate same-sex partnerships, coupled termite males are all about heartbreak and bloodshed. According to lead author Nobuaki Mizumoto, an insect ecologist based at Kyoto University, the ultimate strategy for the males seems to be methodically devastating any male-female termite couples unlucky enough to be in their way.

“Male termites aren't able to survive on their own, but those that make nests with another male survived for much longer," said Mizumoto in a statement. "This was especially beneficial in situations when searching for females raises the risk of being preyed upon. It's clear that male-male pairing is a strategy for survival."

By working together, the same-sex units survive longer, upping the odds that they’d find a male-female nest. At that point, they team up on that male, kill him, and mate with the female. Or, as IFLScience put it, “Gay Termites Kill Straight Males To Steal Their Wives.”

"Pairing with another male isn't the best option, but it gives mateless termites a chance to survive until they find a female, if that happens at all," said Mizutani. "To understand this behavior further, it will be important to consider the effects of other factors such as predators."

Read the whole story
glenn
7 days ago
reply
got wood?
Waterloo, Canada
Share this story
Delete
Next Page of Stories