Jump to content
  • Advertisement

FRex

Member
  • Content Count

    195
  • Joined

  • Last visited

Community Reputation

1798 Excellent

About FRex

  • Rank
    Member

Personal Information

  • Role
    Programmer
  • Interests
    Business
    Design
    Education
    Production
    Programming

Social

  • Github
    FRex

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. IF you had an actual malware (and not some weird clean-up-your-pc-now-because-9999-problems-were-found scanner) then it might be real but I doubt it, especially the part about infecting a newly made exe, that's too targeted/advanced (unless you have thousands of customers and someone knows and targeted you to infect them via your program?). This is like those stories of people targeting tax handlers to get all their clients tax details for fraud and such, not like a random malware. But IF you had a real virus you should of course be less skeptical of most AVs than I am here. You should try make sure you're not doing something unusual or that someone might consider strange, like accessing the clipboard, calling some weird WinAPI functions, using libraries many viruses use (like curl maybe? its author Daniel Stenberg once said its used in many proof of concepts and viruses and when he was denied entry to USA once or twice with no reason given he was guessing that might be the reason, I'm not sure if that was cleared up), etc. Or you can try set up on another machine and see if your compiled exe (copy only the textual code you have and no binaries) triggers the AV there too. False positives happen a lot and for really silly things, e.g. some AV consider things like exe stored in a zip, UPX compressed exe, gdb files, debug enabled exes, etc. to be sketchy on their own. 8-10 years ago when I was using VS 2008 or 2010 Avast! would delete or sandbox or (over many seconds) first scan my freshly made Debug exes with reason being 'never seen before file' (although that's true AND better pop up than the idiotic 'generic trojan!!' labels some use). I've also seen a (totally innocent demo of a library) program that accesses the clipboard be flagged 'generic malware' and such. Probably because many viruses steal credentials from the clipboard. But it was a clean exe, and results around it were so silly it's hard to take many of those AV seriously: appending a single random byte to end of an exe (which changes nothing about how it works) made some new AV flag the file (and some of the AV that flagged the original file unflagged it!), putting the exe in a zip made a few of them miss it (it's really hard to trust 'heuristics' of an AV that won't even try to open/scan an ordinary non-bomb zip file or even label the zip as virus free on Virus Total because they didn't even look or something!). I even have an exe of a C program that opens your disks for direct read to get read their NTFS headers and is compiled with a niche compiler (Pelles C) - 0/69 on virus total despite these two facts. Niche compilers are fine, and to access raw disk you need to be ran as administrator and I use read-only access (to not accidentally destroy my NTFS) but still - two very unusual facts + exe that I made so no AV ever seen it before... zero tags (but the exe of a GUI program that touches the clipboard - that's the criminal, 20x 'generic trojan malware'). If I compress my C exe with UPX - instantly 2/69 because 'heuristics' or 'ML' (machine learning?).
  2. Yes. There are file searchers that can search by name thru literally all files (over 500k of them for me) on a disk or few/all disks (I have an OS 256 GB SDD and a 1TB HDD) in a couple of milliseconds like that (I never perceived a delay in one I use). I also use http://www.voidtools.com/support/everything/ I didn't list that one since a file searcher doesn't help with finding out what kind, size and amount of files are in the folder as conveniently as WinDirStat or similar does. WinDirStat is old and also doesn't use NTFS MFT but it's fast enough for me (a minute or two at most) and I prefer it over some tool that has an ad or banner asking me to buy/donate. It's development seems dead but it's FOSS so if needed I could compile or extend it myself even (but it's written in C++ with MFC). Reading raw disk is also very easy via WinAPI but you need admin rights and to seek/read by sector size and have right flags (and know NTFS structure from somewhere): https://support.microsoft.com/en-us/help/100027/info-direct-drive-access-under-win32 This C program prints sizes of all NTFS partitions taken from their NTFS headers: https://gist.github.com/FRex/5ee5d6efd4910ad90b24a84a429dfe9b I've no idea if there is a special purpose API for NTFS MFT in WinAPI or COM. There might be. I googled but couldn't find it. If you ever want to play with NTFS structure then make a 1 GB ram disk, format it as NTFS, copy some files onto it and saving that ramdisk to a file. It will let you open it easier in a hex editor or a normal non-admin ran program. I use Imdisk for my ram disk needs: http://www.ltr-data.se/opencode.html/#ImDisk 7zip also supports opening an NTFS image (and few other FS formats and many archive formats): https://www.7-zip.org/ NTFS MFT also keeps names of deleted files (I'm not sure how long) in MFT so if you ever delete your very_evil_plans.txt you're not in the clear just yet (even when it's gone from trash bin). Yes. That and not hiding extensions are two very useful things to programmers and most people. It's silly they are off by default.
  3. This was a question to Promit about where that chat he mentioned was. Turns out if was a Unity Pro specific channel that isn't public. I'm done chatting about it now and forever really. My opinion of Unity is set (to zero). Apology in one place and passive aggressive "not everyone can be as open as mature as we are" on the other. It turned out they knew what Improbable were doing since they were at Unite 2016 talking about "running thousands of Unity instances int he cloud". Here are things they could have avoided doing: changing the ToS like that; claiming they blocked Improbable's license keys to "protect the integrity and value of our technology and Unity developers" (actual blog post quote); claiming there always was ToS violation even when backpedaling hard and restoring the keys; saying "we won't say the details of their violation out of respect for all sides" while calling Improbable immature withing the same hour. I'm not sure why you are so contrarian. I'm done with this topic and won't reply anymore. All the arguments are on the table. If you think Unity acted well - I think you're wrong but what can I do? If you just like the engine, work for a company using it, work for Unity company itself, use it for your projects - that's fine, the criticism is of CTO, CEO and the corporation. No sane person would blame a random user or employee for something bad Unity did as a corporation. Now I'm unfollowing all Unity related threads since this is all over. Goodbye.
  4. Oh sure, I can buy that, but: It's Unity who used the word as a noun for years now all over the place. Their website does it still: "announcing Unity XXXX.YY", "Download Unity", etc. Even the blogpost announcing these rules does it. It's as if they just had lawyers who never even heard of Unity before copy paste some legalese. It also sends mixed signals yet again: "everyone does it", "Unity does it", "Unity let's people do it", etc. just like with 2.4.
  5. I can't find any discussion of Unity in any #channel. Can you point me to that? Seemingly no one uses the forum to chat about this. This comment also didn't merge with my last one like they usually do and I have no idea why (sorry). Another tough question where Joachim's answer is "IDK ¯\_(ツ)_/¯": https://old.reddit.com/r/Unity3D/comments/agn89u/join_john_riccitiello_and_joachim_ante_for_an_ama/ee7g0x7/
  6. I have no stake. I'm genuinely pissed at them for this after all these years of "democratization of gamedev" marketing which I also fell for and recommended them to people. The toxic parts of their community who jump to their defense no matter what don't help one bit. Insults towards developers during email drama was my main reason for deleting my account back then despite Unity handling it mostly okay. This forum is also only 'real' social media-ish account I have so what I said here is 100% of my online ouput about this. I don't have Twitter or Reddit accounts and I use my YT one just to manage subscriptions. Edit: CEO just said "I understand the curiosity, but out of respect for all involved, we won't be getting into more details." to a question about details of the original 'over a year ago' ToS breach. And someone else just pointed out this video about SpatialOS from Unite 2016 on Unity's YT channel where it literally says they are running thousands of Unities in the cloud and had no problem with that: https://www.youtube.com/watch?v=ffWaRbYXxRc Jesus.
  7. It appeared only today and feels like an excuse to keep claiming "Improbable started it" or to justify how their "community" shits at Improbable, Epic, Sweeney, etc. for last 5 days. Even on this forum a Unity employee claimed it's a conspiracy. Even he/they made a passive aggressive comment about Improbable just now: https://old.reddit.com/r/Unity3D/comments/agn89u/join_john_riccitiello_and_joachim_ante_for_an_ama/ee7jsgz/ Real rich coming from John Riccitiello: https://www.forbes.com/sites/insertcoin/2013/04/09/ea-voted-worst-company-in-america-again/#435b40597aeb
  8. They got asked about this on Reddit and this is their answer (from Unity_John):
  9. And still no mention of ToS section Improbable broke a year ago. Their trademark guidelines also say not to use 'Unity' as a noun: https://unity3d.com/legal/branding_trademarks But literally everyone does: game developers, YouTube tutorials, Unity's own website, this blog post even does.
  10. Happening today/tomorrow (in 13 hours):
  11. Yes, if xor is fine then that's a great and simple idea actually, just wrap around whatever reading from file function you use to add xoring read buffer with your key to it. Set key to all 0s to disable it when developing the game (so you can use and edit plain files).
  12. PhysFS is just a library for reading archives, it doesn't create them. It doesn't care about file extensions but anyone who looks at your file in a hexeditor or right click open it with 7zip will instantly know if it's zip, 7z, iso, etc. It also only (AFAIK) handles passwords for zips with "Traditional PKWARE Encryption" but you need to put "$your_password" at the end of the path you give to PHYSFS_openRead which is annoying to do and documentation doesn't even mention that. The last version of PhysFS is also badly busted on Windows 10 (fails to initialize and doesn't set any PHYSFS error code) so you need to take code from their Mercurial when building it, not the latest stable release from 2017: http://icculus.org/pipermail/physfs/2018-October/thread.html You could also write own custom file format and code to work with that or implement/use one of: PHYSFS_Archiver, PHYSFS_Io, PHYSFS_mountHandle with encrypted zip storing the actual archive (I'm not sure how well it'll perform), PHYSFS_mountMemory (for small files). But in any case a determined hacker would still find out how you store and/or decrypt it and dig your key out of your exe. Even real commercial DRM gets cracked all the time and extractors or at least format descriptions exist for most any semi-common bundle format. Security through obscurity is most that you can get. Edit: I'd honestly say to just use a zip or 7z with reasonable settings (non-solid archive with reasonable compression level), rename it to hide its extension from total casual observer who doesn't know what a hex editor is and don't worry about it that much. For when you develop your game you can use a loose folder for convenience and only pack it all up for distribution or when making content patches (that's the point of PhysFS).
  13. So, you want to use C# for runtime scripting instead of Lua? Mono has a C# repl called csharp in its distribution (or at last used to years ago) so it is possible. Apparently both Mono and .NET allow you to programmatically access the C# compiler. Do these two links help at all? https://www.mono-project.com/docs/about-mono/languages/csharp/#compiler-service https://support.microsoft.com/en-us/help/304655/how-to-programmatically-compile-code-using-c-compiler
  14. FRex

    Question on which engine should I use

    Don't be afraid to use their forums too, they/we (I'm not a developer myself) are very friendly. That's true and why they dropped '3D' from their name a while back but I do not recommend Unity to anyone for anything due to their ToS and attitude (current SpatialOS drama and July 2018 email drama) regardless of its quality.
  15. Did you take a look at these two pages (second seems specific to Unity Analytics but lol @ "Unity Analytics Data Privacy Plug-in" not supporting Linux)? https://unity3d.com/legal/privacy-policy https://docs.unity3d.com/Manual/UnityAnalyticsDataPrivacy.html
  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

GameDev.net is your game development community. Create an account for your GameDev Portfolio and participate in the largest developer community in the games industry.

Sign me up!