FreshRSS

Zobrazení pro čtení

Jsou dostupné nové články, klikněte pro obnovení stránky.

Preview: Ama’s Lullaby (PC – Steam) ~ Hacking The Point-And-Click Genre

Od: NekoJonez

Itch.ioSteam

Back in 2017, a developer from France contacted me about their new point-and-click sci-fi game in the works called Ama’s Lullaby. But, it’s more than a point-and-click game, it’s also a hacking game. Now, this developer works on this game in his free time after his day job and with a small budget. Sometimes these passion projects die due to lack of time, money, motivation and/or just interest. But it looks like Ama’s Lullaby isn’t going to be one of those projects. Earlier this year, a demo of the game got released. Now, I asked the developer if he was interested in streaming this demo with us, and he did. Here is a link to part 1 & part 2. Sadly, due to overheating of Klamath’s computer, it had to be cut into two parts and the ending was quite abrupt. Now, this stream is almost a month ago, and I still wanted to write an article about this game. So, what do I think of the demo? Am I still as impressed when I saw it during the livestream, or is my opinion going to change when I’m not back seating and playing it myself? Let’s find out in this article.

Hacking The Point-And-Click Genre

The story of this demo is quite simple. Ama enters the police station and gets new tasks to aid the space colony she is in. Overall, the story is told more naturally compared to other games. Mostly, we get an opening where the main story of the game is teased, but not in this game. During interactions with the others, we get little glimpses into the world and story. Now, this is a tricky thing to pull off, since either you have to force the player to interact with everybody or risk that some players miss potentially important information. On the other hand, info dumping on the player isn’t always the best solution.

Now, in this space colony, there is an AI that makes a lot of decisions. It turns out that Ama and her dad have created that AI and the software to interact with it. She is one of the ambassadors of the human race. But it doesn’t take too long before strange things start to happen, and you notice that not everything is what you think it is.

The dialogues in this game appear above the character’s their head. When it’s cursive, you know it’s a thought. Not only that, you have simple sound effects that appear to put some additional power to the dialogues and to quickly differentiate between thoughts and spoken dialogues. Currently, there are plans to fully voice act this game, but if those plans fall through, I’d recommend to the developer to have different sound effects for the dialogues for different emotions.

Now, the game cold opens with an old school terminal as a main menu. This might be a bit jarring for new players who aren’t used to working with the command line. Personally, as somebody who knows how a command line works, I really love this touch. Since, this interface is also present in a lot of puzzles in the game. It fits the atmosphere and style of the game as a glove. To be honest, I think that with some minor polishing, it would be perfect.

There are a few things I would change. First, I’d get rid of the case-sensitive commands. The main reason is that a lot of people have the default keybinding for the Steam overlay with is… Shift+Tab. Since I love using autocomplete, it got pretty frustrating when I was holding my shift button and tabbed to autocomplete and my Steam overlay popped up.

A second thing I’d change is to allow the user to enlarge the font of terminal. The reason for that is because it doesn’t really scale pretty well with people who are using larger monitors.

Now, since this game is still in development and this is just the demo… I can totally excuse that there are features not present. Like pushing the up arrow to get the last command, or the help feature not always working correctly in all menus. For example, if you are in the options menu and use “QUALITY HELP”, you get information but if you first write “QUALITY” to see the options you can input and then “QUALITY HELP”… It bugs out and doesn’t give you help at all. Another small bug I noticed is that for some reason, the enter button on my numpad didn’t enter but always selected the whole text. But hey, during the stream the developer said that some of these things are on the list to get fixed for the full game.

Cyberpunk Sci-fi

I was impressed with the visuals of the game when we were playing this game on stream. While I haven’t played the Blade Runner games yet, I have seen a lot of people talk about it and know the visual style of the game. This game really mimics that style extremely well. You really feel like you are in a sci-fi world with some older technology than we have compared to our own technology.

Also, something I really love in this demo is that everything is one big space. You don’t really have “screens” in this game, like in a Broken Sword game for example. No, the camera swings and follows Ama as if she was in a movie. This sells the illusion of the area even more. While I’d have loved to see the details the developer put in every scene more up close sometimes, the more zoomed out look gives you a better overview on the scene. It almost feels like you are watching Ama through security camera’s or a drone camera in a way.

The biggest thing that I want to point out in terms of the visuals is Ama herself. The game goes for a more dark and dimly light environment and with a main character that’s wearing black clothes, it’s extremely easy to lose Ama in the scenery. It wouldn’t surprise me if they gave our main character in Blade Runner a brown coat for that reason, so you can more quickly see the main character without breaking the visual style of the game. But, overall, this is almost a nitpick. Since, it didn’t happen a lot that I lost Ama in the scene. It mostly happened when I was replaying parts of the demo while writing this article.

Now, I want to talk about the command line. The tutorial in this game on how a command line works is actually well done. I love how it doesn’t hold the players hands and tries to force them to input the right thing. It really lets you experiment with it and learn how it works. All the while, a small guide on how things work is displayed on the top of your screen.

This whole command line mechanic in this game is a breath of fresh air. It’s impressive how true to reality the whole command line is. While it uses some creative liberties here and there to make it fit into the game world, overall, it might be a real command line interface that’s open in the game.

In this demo, you have a few tasks to complete. Most of these tasks involve fixing various things. One task is highly dependent on the command line. This was quite easy for me since, like I said, I know how to use a command line. Visually, it’s a bit tricky during the tutorials in the network view since it’s not really clear/easy on how you can scroll up or down while in the network view. Using the mouse mostly scrolls around the network map. I think an easier way to scroll up and down in the terminal could be useful there. Also, when you have to input a command that’s longer than the terminal screen, I’d start a second line. Since, that’s how real life works. Or move the whole thing, and not let the username stay.

Final thoughts and future wishes

Overall, the demo is quite short. If you don’t know what you are doing and exploring everything, it will take you mostly two hours to complete. But if you know what to do, you can finish this in 10 minutes. Yet, the impression I got from the stream hasn’t changed. This game has quite a lot of potential but it needs some polish here and there.

There are some minor things like some objects not being solid and Ama being able to run through them, but there are also more major issues. The elevator bug the developer Marc mentioned during the stream, happened to me. Ama didn’t go up with the elevator and she was stuck. I think it was related to another bug I encountered where the head of IT got stuck in an animation loop. Somehow it was like Ama was near him while Ama was walking in other parts of the station. I don’t know what exactly triggered that, and I have replayed the demo trice to try and get it back into that bugged state, but I was unable to find the cause and I was unable to replicate it.

Currently, there is one way to save the game. There are several terminals in this demo where you can save your game. You only have one save slot. There is also no manual saving of the game. So, remember that. You can also only load from the main menu.

Reviewing a demo is always tricky to do. Especially if the game is still in development, since you never know for sure how the final game is going to look like. Yet, this demo is extremely promising. The puzzles where a lot of fun and after playing the demo, I had the same feeling that Klamath had at the end of the stream. I want to play more or similar games like this.

I could start talking about how the sound effects are amazing but there isn’t enough music yet. But, at one hand, the lack of music really sells the atmosphere of the game a lot more but on the other hand, the music during the terminal sections is really enjoyable. But, I’m sure that in the full game we shall see more music.

Just like I’m convinced that when the full game releases and the players find bugs, they will get fixed. While I was talking with Marc during the stream, I really felt the passion for creating this game and how he wants to make it the best experience it can be for his players. So, if you are interested in this game after reading this article in any way shape or form, I highly recommend that you give this game a chance, play the demo for yourself and give the developer feedback via his Discord or any other of his official channels.

I can’t wait to see and play the final game. Various things got revealed and talked about during the stream and I have to say, it was an amazing experience and conversation. I was already interested in seeing this game when it was on KickStarter but now that I have played the demo, I think we are on a winner here. This game will put an interesting twist on the point-and-click genre and will be interesting to anyone who enjoys adventure games with a sci-fi influence or just enjoy more unique puzzle games.

I want to thank Marc for reaching out to me and talking about his unique project. You can be sure that when the full version releases… me and Klamath will play through it and most likely stream it. And I’ll write a more in-depth article on the final product. Since, I might have not talked quite in-depth in this article but I want to hold off my final opinions when the game is fully released.

If you have read my article, played the demo and/or watched our stream, I’m curious, what did you think about this game? Feel free to talk about it in the comments. Am I overhyping the game or overlooking flaws? Or is there something you’d love to see in the full game?

And with that said, I have said everything about the game I want to say for now. I want to thank you for reading this article and I hope you enjoyed reading it as much as I enjoyed writing it. I hope to be able to welcome you in another article but until then, have a great rest of your day and take care.

Legendary ROM hacking site shutting down after almost 20 years

Super Mario Land 2 in full color, with Mario jumping over spiky balls.

Enlarge / A thing that exists through ROM hacking, and ROMHacking.net: Super Mario Land 2, in color. (credit: Nintendo/Toruzz)

If there was something wrong with an old game, or you wanted to make a different version of it, and you wanted people to help you fix that, you typically did that on RomHacking.net. After this week, you'll have to go elsewhere.

For nearly 20 years, the site has been home to some remarkable remakes, translations, fix-ups, and experiments. Star Fox running at 60 fpsSuper Mario Land 2 in color, a fix for Super Mario 64's bad smoke, even Pac-Man "demake" that Namco spiffed up and resold—and that's not even counting the stuff that was pulled down by corporate cease-and-desist actions. It's a remarkable collection, one that encompasses both very obscure and mainstream games and well worth preserving.

Preserved it will be, but it seems that the RomHacking site will not go on further. The site's founder posted a sign-off statement to the site Thursday night, one that in turn praised the community, decried certain members of it, and looked forward to what will happen with "the next generation."

Read 7 remaining paragraphs | Comments

Who are the two major hackers Russia just received in a prisoner swap?

Who are the two major hackers Russia just received in a prisoner swap?

Enlarge (credit: Getty Images)

As part of today’s blockbuster prisoner swap between the US and Russia, which freed the journalist Evan Gershkovich and several Russian opposition figures, Russia received in return a motley collection of serious criminals, including an assassin who had executed an enemy of the Russian state in the middle of Berlin.

But the Russians also got two hackers, Vladislav Klyushin and Roman Seleznev, each of whom had been convicted of major financial crimes in the US. The US government said that Klyushin “stands convicted of the most significant hacking and trading scheme in American history, and one of the largest insider trading schemes ever prosecuted.” As for Seleznev, federal prosecutors said that he has “harmed more victims and caused more financial loss than perhaps any other defendant that has appeared before the court.”

What sort of hacker do you have to be to attract the interest of the Russian state in prisoner swaps like these? Clearly, it helps to have hacked widely and caused major damage to Russia’s enemies. By bringing these two men home, Russian leadership is sending a clear message to domestic hackers: We’ve got your back.

Read 17 remaining paragraphs | Comments

Self-Destructing Circuits and More Security Schemes



Last week at the IEEE International Solid-State Circuits Conference (ISSCC), researchers introduced several technologies to fight even the sneakiest hack attacks. Engineers invented a way to detect a hacker placing a probe on the circuit board to attempt to read digital traffic in a computer. Other researchers invented new ways to obfuscate electromagnetic emissions radiating from an active processor that might reveal its secrets. Still other groups created new ways for chips to generate their own unique digital fingerprints, ensuring their authenticity. And if even those are compromised, one team came up with a chip-fingerprint self-destruct scheme.

A Probe-Attack Alarm

Some of the most difficult-to-defend-against attacks involve when a hacker has physical access to a system’s circuit board and can put a probe at various points. A probe attack in the right place can not only steal critical information and monitor traffic. It can also take over the whole system.

“It can be a starting point of some dangerous attacks,” Mao Li, a student in Mingoo Seok’s lab at Columbia University, told engineers at ISSCC.

The Columbia team, which included Intel director of circuit technology research Vivek De, invented a circuit that’s attached to the printed-circuit-board traces that link a processor to its memory. Called PACTOR, the circuit periodically scans for the telltale sign of a probe being touched to the interconnect—a change in capacitance that can be as small as 0.5 picofarads. If it picks up that signal, it engages what Lao called a protection engine, logic that can guard against the attack by, for example, instructing the processor to encrypt its data traffic.

Triggering defenses rather than having those defenses constantly engaged could have benefits for a computer’s performance, Li contended. “In comparison to…always-on protection, the detection-driven protection incurs less delay and less energy overhead,” he said.

The initial circuit was sensitive to temperature, something a skilled attacker could exploit. At high temperatures, the circuit would put up false alarms, and below room temperature, it would miss real attacks. The team solved this by adding a temperature-sensing circuit that sets a different threshold for the probe-sensing circuit depending on which side of room temperature the system is on.

Electromagnetic Assault

“Security-critical circuit modules may leak sensitive information through side channels such as power and [electromagnetic] emission. And attackers may exploit these side channels to gain access to sensitive information,” said Sirish Oruganti a doctoral student at the University of Texas at Austin.

For, example, hackers aware of the timing of a key computation, SMA, in the AES encryption process can glean secrets from a chip. Oruganti and colleagues at UT Austin and at Intel came up with a new way to counter that theft by obscuring those signals.

One innovation was to take SMA and break it into four parallel steps. Then the timing of each substep was shifted slightly, blurring the side-channel signals. Another was to insert what Oruganti called tunable replica circuits. These are designed to mimic the observable side-channel signal of the SMAs. The tunable replica circuits operate for a realistic but random amount of time, obscuring the real signal from any eavesdropping attackers.

Using an electromagnetic scanner fine enough to discern signals from different parts of an IC, the Texas and Intel team was unable to crack the key in their test chip, even after 40 million attempts. It generally took only about 500 tries to grab the key from an unprotected version of the chip.

This Circuit Will Self-Destruct in…

Physically unclonable functions, or PUFs, exploit tiny differences in the electronic characteristics of individual transistors to create a unique code that can act like a digital fingerprint for each chip. A University of Vermont team led by Eric Hunt-Schroeder and involving Marvell Technology took their PUF a step farther. If it’s somehow compromised, this PUF can actually destroy itself. It’s extra-thorough at it, too; the system uses not one but two methods of circuit suicide.

Both stem from pumping up the voltage in the lines connecting to the encryption key’s bit-generating circuits. One effect is to boost in current in the circuit’s longest interconnects. That leads to electromigration, a phenomenon where current in very narrow interconnects literally blows metal atoms out of place, leading to voids and open circuits.

The second method relies on the increased voltage’s effect on a transistor’s gate dielectric, a tiny piece of insulation crucial to the ability to turn transistors on and off. In the advanced chipmaking technology that Hunt-Schroeder’s team uses, transistors are built to operate at less than 1 volt, but the self-destruct method subjects them to 2.5 V. Essentially, this accelerates an aging effect called time-dependent dielectric breakdown, which results in short circuits across the gate dielectric that kill the device.

Hunt-Schroeder was motivated to make these key-murdering circuits by reports that researchers had been able to clone SRAM-based PUFs using a scanning electron microscope, he said. Such a self-destruct system could also prevent counterfeit chips entering the market, Hunt-Schroeder said. “When you’re done with a part, it’s destroyed in a way that renders it useless.”

Hugging Face, the GitHub of AI, hosted code that backdoored user devices

Photograph depicts a security scanner extracting virus from a string of binary code. Hand with the word "exploit"

Enlarge (credit: Getty Images)

Code uploaded to AI developer platform Hugging Face covertly installed backdoors and other types of malware on end-user machines, researchers from security firm JFrog said Thursday in a report that’s a likely harbinger of what’s to come.

In all, JFrog researchers said, they found roughly 100 submissions that performed hidden and unwanted actions when they were downloaded and loaded onto an end-user device. Most of the flagged machine learning models—all of which went undetected by Hugging Face—appeared to be benign proofs of concept uploaded by researchers or curious users. JFrog researchers said in an email that 10 of them were “truly malicious” in that they performed actions that actually compromised the users’ security when loaded.

Full control of user devices

One model drew particular concern because it opened a reverse shell that gave a remote device on the Internet full control of the end user’s device. When JFrog researchers loaded the model into a lab machine, the submission indeed loaded a reverse shell but took no further action.

Read 17 remaining paragraphs | Comments

"Ladies and girls kissing" shock as mega-church leader falls victim to cyber intruder!

Pastor Brian Houston — famous former head of the Hillsong Christian megachurch in Australia — is the victim of Twitter hack!

Here are the facts:

  • On February 20, 2024 at 11:41 pm, a devious hacker broke into Pastor Houston's account and posted, "Ladies and girls kissing"
    • Sixteen minutes later, Houston was made aware of the breach and he posted, "I think my twitter may have been hacked"

    While some uncharitable folks are saying the kindly Pastor mistakenly thought he was typing "Ladies and girls kissing" into a web browser with the safe search filter disabled, that is not the case. — Read the rest

    The post "Ladies and girls kissing" shock as mega-church leader falls victim to cyber intruder! appeared first on Boing Boing.

    After years of losing, it’s finally feds’ turn to troll ransomware group

    After years of losing, it’s finally feds’ turn to troll ransomware group

    Enlarge (credit: Getty Images)

    After years of being outmaneuvered by snarky ransomware criminals who tease and brag about each new victim they claim, international authorities finally got their chance to turn the tables, and they aren't squandering it.

    The top-notch trolling came after authorities from the US, UK, and Europol took down most of the infrastructure belonging to LockBit, a ransomware syndicate that has extorted more than $120 million from thousands of victims around the world. On Tuesday, most of the sites LockBit uses to shame its victims for being hacked, pressure them into paying, and brag of their hacking prowess began displaying content announcing the takedown. The seized infrastructure also hosted decryptors victims could use to recover their data.

    this_is_really_bad

    Authorities didn’t use the seized name-and-shame site solely for informational purposes. One section that appeared prominently gloated over the extraordinary extent of the system access investigators gained. Several images indicated they had control of /etc/shadow, a Linux file that stores cryptographically hashed passwords. This file, among the most security-sensitive ones in Linux, can be accessed only by a user with root, the highest level of system privileges.

    Read 9 remaining paragraphs | Comments

    ❌