Archive

Archive for the ‘Blog & Opinion’ Category

Dying with M.E. as a software developer

January 27, 2014 40 comments

[If you’d like to donate, please click here: Crowdfund or Become a Patron]

[Updates to this article: Final wishes: Crowdfund Update, and Future of my Blog: I’m Still Alive]

A couple of months ago I wrote about Living with M.E. as a software developer. What I didn’t write about was the true extent of my illness, the potentially fatal prognosis of M.E. and what I want to happen as a precaution to my possible death. Read more…

Living with M.E. as a software developer

October 26, 2013 14 comments

This is not a sob story. I’m just going to tell you about how I feel.

I wouldn’t normally write an article like this on my professional blog, but I’m fed up and want to reach out to people and share my experience for anyone who is interested.

Many of you have noticed that the posts on my blog are very sparodic. Well, a few years ago, I started to get tired easily and found myself needing 12 hours of sleep per day. I thought that I was just someone who needed more sleep than average, although it was frustrating that the days were so short. In the last 2 years, I’ve been extremely tired, and out of professional work, my sleep level rising to 16-20 hours per day, constant pain in my back, neck and shoulders (which is occasionally excruciating; I pop painkillers like candy), a strong sensitivity to changes in temperature making me feel very hot and cold all the time (thermostatic intolerance), regular headaches that I never used to get, periodic bowel irritation, weakness in the arms and legs to the point that some days I can’t walk and others I am so tired that I can’t even lift my phone to call someone for help. Sleeping does not actually make me feel any more refreshed, I am usually just as tired when I wake up as I was when I fell asleep. Mentally, my brain is full of thoughts and ideas, but physically I am quite destroyed almost all of the time. If I walk the ten minute distance to town and take a coffee, a typical result for me would be 1-2 days of sleep afterwards. Finally, in October last year, I received a diagnosis of M.E. Read more…

Xbox One Reveal Post-mortem: Microsoft reveals expensive PVR which under limited circumstances can play games

May 28, 2013 2 comments

I’ve waited for a few days after Microsoft’s Xbox One reveal on May 21st 2013 to gather up the trickle of additional information that has been leaking out of the press in the aftermath of what has widely been considered one of the most disastrous console reveals of all time. While fanboys and media alike were quick to criticise the new machine, here I am going to present just the facts as we know them so far, and a dose of reality that some readers may find startling. Read more…

PlayStation 4 Reveal Post-mortem: The end of gaming as we know it?

February 21, 2013 1 comment

Logo of the PlayStation Network

Let’s not pull any punches: while the PlayStation 3 has been successful as a games console, its development and lifecycle management has more or less been a catalogue of errors by Sony Computer Entertainment (SCE). We have seen a hardware architecture that nobody knew how to use, backed up by poor quality development tools; hardware reliability for the first years was extremely poor with a 33% return rate due to the ‘yellow light of death’ syndrome; management of the PlayStation Network (PSN) has been extremely shoddy, with one security breach leading to over a month of downtime, regular large maintenance windows which often stretch to 12 hours or more, and pricing/availability errors with each new store update every week. Regionalized versions of the PSN store (something the Xbox 360 doesn’t have) have created almost a kind of class divide between Europeans and Americans, with each complaining that the other gets better service and offers. Each region uses its own certification and QA processes, leading to non-uniform release dates for digital titles that are sometimes staggered by months. In the meanwhile, the platform has become infested with day 1 DLC, online passes, in-game micro-transactions and other ploys to milk the gamers of their hard-earned cash in as many ways as possible. Consumer confidence in PlayStation among hardcore gamers is at an all-time low. In the meanwhile, Sony as a global brand have failed to turn a profit for the last 4 years running due to poor TV sales, lack of interest in 3D (mercifully), the earthquake in Japan and unfavourable exchange rates against the Yen.

It was with a healthy dose of trepidation, therefore, that I tuned into the PlayStation 4 Reveal which took place at midnight CET on the morning of 21st February 2013. Read more…

The State of the PlayStation Mobile SDK with regards to PlayStation Vita development

September 23, 2012 2 comments

It has now been several months since PlayStation Mobile (formerly PlayStation Suite) was unleashed onto developers in beta form. On 20th September 2012, Sony announced that store deployment will be made available from October 3rd, with a final version of the SDK to be released in November.

So far, I am sorry to report that, in my opinion, the PSM SDK is not in a fit state for production use, particularly for PlayStation Vita development. Far from it. Before I look at the key issues, I want to make it clear that I do understand that PSM is designed as a portable platform to work on all PS Certified devices (which currently includes a range of Xperia Play, Sony Tablet and HTC One devices as well as the Vita), and as such developers wishing to max out the Vita’s hardware potential should ideally be using the official full-blown Vita SDK for games specific to that platform. And that brings me to the core political problem:

Read more…

PSN Cards and MMOGA: A Warning (Previously Unpublished)

April 29, 2010 Leave a comment

Regional PSN cards: an unnecessary evil of the PS3 gaming world.

A good friend of mine tried to purchase a US PSN card yesterday with an Electron card from code trading site mmoga.com. As is sometimes the case these days with first time purchase of instant downloads from abroad, she was asked to photograph her face with her ID in her hand. Unfortunately with neither a driving license nor passport – and no national ID scheme in the UK – she wasn’t able to provide the information required.

Here is where the trouble started. In order to refund the $20 purchase, MMOGA wants to charge a processing fee of €10. Clearly a rip off that people should be aware of, but there are deeper issues:

  1. A contract for sale is only binding once both parties have agreed on the terms under which the transaction will occur. MMOGA did not state anywhere during the purchase process that ID would be required – therefore the visible contract prior to purchase is misleading.
  1. Since the terms of the contract could not be fulfilled by either party, no exchange of goods or funds can take place. The buyer is entitled under EU law to a full and complete refund with no administration fee.

MMOGA is apparently cheap, but the company’s credentials are dodgy to say the least. They are registered at a Hong Kong address but appear to operate out of Germany. There is no telephone number on their site and they refused to call the buyer for voice verification as can be done with reputable sites such as Gamecards.eu.

I located a phone number for them elsewhere on the web, it was either constantly engaged or an answering machine. It was not possible to get through.

The only recourse if you have a problem with MMOGA is to use the Live Support, which, when it doesn’t make you wait for ages only to be told the service is now unavailable, greets you with staff of this skill level (re-printed with permission from the customer):

Emily – MMOGA: identity card
<name omitted>: with a photo ?
Emily – MMOGA: yeah
<name omitted>: sorry but I don`t have any photographic id
<name omitted>: passport, driving liscence etc
<name omitted>: how else can we procede with verification ?
Emily – MMOGA: we just can process your order after we get your verification
<name omitted>: I have no identification with a photo
Emily – MMOGA: you can use a camera to take a pic
<name omitted>: yes but that pic won`t be of me holding a photo of myself as you suggested I need
<name omitted>: I have no identity card
Emily – MMOGA: you can ask your friend to help you to take the pic
<name omitted>: Just a picture of me – not holding any identification ?
Emily – MMOGA: no , you have to hold
<name omitted>: I repeat again – I have NO identification
<name omitted>: are there any other ways that you can verify that I am who I say I am
Emily – MMOGA: sorry no
<name omitted>: then how do we procede ?
<name omitted>: will my money be refunded ?
Emily – MMOGA: but refund the money to your moneybookers has to charge 10 euro fee.
<name omitted>: Unnaceptable
<name omitted>: if I had been told this in the first place I would never have tried to place an order
<name omitted>: your company has misled me into a purchase that I could now possibly loose out on
Emily – MMOGA: we do the verification just for the security reasons
<name omitted>: you already have my money – moneybookers have confirmed who I am – why must you now take it a step further
<name omitted>: I understand that however I do not believe that there is no other method of verification
<name omitted>: not everyone on the planet has identification cards
Emily – MMOGA: okay what kind of id do you have ?
Emily – MMOGA: passport ?
<name omitted>: bank card, utility bills
<name omitted>: no passport
<name omitted>: Nothing photographic
<name omitted>: do you have any suggestions ?
Emily – MMOGA: sorry this is the only way to do the verification 😦
<name omitted>: then how do I take this matter further
Emily – MMOGA: send us the pic or transfer the 10 charge to us , we will give you the full refund

This went on for several hours at which point Emily stopped replying altogether after letting my friend know that she also had to fill in a PDF form that was never sent to her.

I asked to speak with Emily’s supervisor and was told that she had no supervisor. She also said that only the verification team and not herself could access photos sent by email and that the verification team was currently “off work”.

The moral is therefore very simple. Avoid MMOGA like the plague, and use a company like shopto.net, gamecards.eu or hdmoviesource.com instead.

OtherOS: From The Mind of A Hacker

April 16, 2010 Leave a comment

This is a re-print of an article originally posted on another site, included here so that the blog is a complete repository of my written work. The article is reproduced without pagination, formatting, images or editorial changes made on the original site prior to original publication.

I am a software developer. I got my first computer in 1982 (I was 2 years old) – a VIC-20 with 3.5k of RAM. In those days, computers came with manuals which tought you how to program in BASIC. The systems were not locked down and anyone could learn to program without any extra purchase or licensing. Most of the machines also let you program in assembler, and as 1990 rolled around, C compilers became freely available as 16-bit machines came into force.

In those days, people often wrote games for fun. One person could stretch the ability of the machine to the limit, and no modelling or complex graphics or sound was required. The very important point is, many if not all of today’s best programmers taught themselves at home on their 8-bit computers. They did not come from Universities.

If those machines hadn’t existed in an open architecture, we would not have the games we have today. I strongly believe that. We would also not have an internet that is mature as it is, or many other programs and devices we now take for granted. Ask almost any game developer how he or she got started, and they will most likely say, in the 1980s, on their home computer.

For hobbyists, and people who want to tinker in this day and age, setting up is complicated and expensive. Programming is a lot more tricky than it used to be, and the development tools are insanely complex for a beginner. Unlike in the old days, it is also extremely difficult to do anything unless you are programming for a popular platform (Windows, Mac, Linux) because everything is locked down.

Some of you may remember when PS1 was released, you could buy a home development kit called Net Yaroze. It wasn’t a full-blown product to let you develop commercial games – it was for homebrew hobbyists. It did not have a significant impact on the level of pirated PlayStation 1 games and was available throughout the lifetime of the console.

If you want to get your foot in the door of something other than writing Windows applications and you have a healthy interest in proprietary platforms, the PS3 was a very compelling purchase. You could do something completely different: learn to program basic assembler using the Cell architecture. IBM published a free SDK (software development kit) especially for PS3 users wanting to experiment with this, and have a large collection of tutorials on their web site. For me, that is an excellent precedent to set to young programmers in this era of encrypted filesystems, locked down custom application install and DRM craziness.

There is no doubt in my mind that PS3 has already been reverse-engineered plenty of times by bright minds. GeoHot made a stupid mistake by going public.

While GeoHot was naïve to post his work on his blog, I have to take issue with the people telling him he’s an asshole and that he should be sued. It’s very important to realise that genuine hackers (not the people who steal Warcraft accounts) are the backbone that created much of this industry in the first place, including the internet, and the PS3’s security.

In order to improve the security of a device, it has to be tested and pushed. Smart companies always hire the hackers – which is what Sony should do at this point – and I have proof.

My time at News Corporation

Not a lot of people know this, but in 1997 I reverse engineered the current Sky card of the time and let the code leak out via other pirates. I’m very familiar with piracy, it’s a multi-billion dollar industry. It was the first dual-processor smartcard ever manufactured and I was 17. It took me about 8 months to crack it. As with the GeoHot farce, this led to months of cat-and-mouse between myself and Sky as they issued updates to the genuine smartcards over the satellite and I had to produce countermeasures to keep the pirate cards working. And as with the GeoHot farce, it was in the newspapers and led to a flood of worshipping fans; however I remained anonymous and used tons of pseudo-aliases.

I did it, not for the fame, or for money, or for free TV, or to please my fans. Indeed, several pirate card companies took the designs and software I had published, copied them and sold them for hundreds of pounds a pop. They made millions of pounds from my work. On my part, that was completely expected. If I had been out for the money, I could have done that myself. But I didn’t, because I did it for the challenge of proving it could be done. There is nothing like a company claiming a product is unbreakable to give inquisitive minds the momentum to break it.

What happened as a result of that? I gained an exquisite knowledge of cryptography, security, set top box and smart card design. I learned several new programming languages, new techniques and new algorithms which can be applied in every day work.

One day, NDS (a branch of News Corporation) – the designers of Sky cards – caught up with me. They tested me on my knowledge to make sure I was the real hacker, and then hired me to provide information. The next card released was the result of a £21 million redesign and redistribution. This was already well underway by the time they talked to me, but I was given the opportunity to stand in front of some engineers and highlight what was wrong with the existing card. The replacement was never reverse-engineered publicly. I privately reported several vulnerabilities in the new card including how to dump 1k of memory which contained the addresses of all the main over-the-air data processing routines, and they were patched via satellite before anyone else figured out how to take advantage.

Among other things, the new cards also had the two processors glued together top-to-bottom, so you could no longer melt the card in acid and extract the two processors and probe them separately. Separating the processors in the new card destroys them both. I raise this point because it demonstrates that to be a successful security expert, you need knowledge of both software and hardware exploits, and the best way to gain that knowledge is to hone your skills by hacking something that hasn’t been publicly hacked before. This is exactly what GeoHot has accomplished with the iPhone and PS3.

A real hacker will never bother to get into someone’s Facebook account. It is boring and there is no challenge in it, and it’s been done over and over already. These are not the people I am talking about. They are parasites to the industry. The real hackers are future assets and should be treated as such.

Did all of my mischief make me a bad person? No, actually it put me at the top of my field. It was a well paid job, Google wanted to hire me without interview but I said no because I didn’t want to move to California. I would not have the skills I have now if I hadn’t been allowed to carry out that hacking exercise, and because it had never been done before, it is the sort of thing that earns you a lot of respect among your peers. Sky also saved a lot of money on piracy in the long run into the bargain.

What did NDS actually employ me to do? Sit in my University dorm and hack their products. A few weeks after SkyDigital was launched (1st October 1998) I presented them with the first firmware dump of the set-top box. That was quite the vulnerability for them, not least because the box could record upto 25 PPV purchases before phoning home, among other reasons. Future set-top boxes were modified to make it harder to dump the firmware. If someone else had got there first, they could have made a complete farce of the pay-per-view system – which ultimately, as the bankruptcy of other European satellite networks due to piracy such as FilmNet shows, will affect the quality of programming legitimate customers receive eventually. Satellite networks facing massive piracy turned to NDS and became their customers, because they had ultimately designed the most secure system – and a high proportion of the developers were former hackers. The result? We now have a better satellite TV delivery network.

There is nothing wrong with hacking for the sake of hacking. People need to understand that it leads to the output of some of the most skilled people in our industry. Don’t knock it. Hacking requires skill and dedication, and most hackers stop hacking when they get out of school and learn that the real world places too many demands on their time. I have seen this over and over again. Then they get good jobs and produce products that benefit and entertain you and me.

Why saying “it will blow over” is bad for you

Turning political, consider this argument which I have seen on TSA several times: “why the fuss? This will all blow over, Sony will release some cool upgrades and everyone will forget about it, it’s only a tiny minority of users affected,”. That kind of thinking is a microcosm of why you don’t live in a free society anymore. According to the National Autistic Society about half a million people in the UK suffer from autism. That’s less than 1% of the population, so, maybe we should just not give them the facilities they need? Which is exactly what happens. What excuse does the government give for why the NHS is so shoddy at dealing with minority disorders? Cost-cutting. A certain ring of familiarity, no?

Is one of the cool content upgrades Sony will release something that lets me tinker around with the Cell processor again? No it isn’t. Will cross-game chat and 100 free Blurays make this problem go away for me? No it won’t. Is it fair that I should be able to stand up for my rights and keep what I paid for? Yes it is, so stop bitching that I’m in a minority, therefore I don’t matter.

An apology from Sony doesn’t cut it. That is the corporate way of fobbing off the consumer.

Over in the free world

I live in Norway. When the iPod was released, the Norwegian Supreme Court declared it to be an illegal device. The reason? Norwegian law states that you should be able to export purchased media from any device to any other device. Videos, music and photos. The iPod was temporarily banned while it was modified to comply with local laws, and the public were in favour of the ban, because they believed they had a right to control their own media and pushed for their rights. They could have let Apple get away with it, but they didn’t. The result? A fairer, less DRM-riddled marketplace.

Sony audio CDs with certain copy protection on them were also banned here as a result of consumer protests, and were re-released without copy protection.

In other, less related examples, the FBI tried to prosecute Norwegian cellphone network provider NetCom because they refused to release the contents of SMSs sent by a suspected terrorist. It went to court, and NetCom won the case. Personally, I applaud that decision. It shows that NetCom respects its users’ privacy and gives me more confidence when I use my phone.

Viasat – one of the two main satellite networks here – decided to get rid of MTV from its channel line-up because people basically didn’t like it or want it. MTV Networks drove vans around Oslo with megaphones and loudspeakers in protest, and they were ignored. The general public consensus was that the world was a better place without MTV, and it was the public who got rid of it from our airwaves – not a forced decision by a company. What is the effect of getting rid of MTV? Less children watching immature irresponsible crap on TV.

What does all this mean? It means that in civilised society, the consumer has the final choice, as it rightly should be. But you must stand up and speak out to avoid your rights from being eroded away.

If a group of Scandinavians came together and sued Sony over the OtherOS removal, Sony would get their asses kicked. It is practically beyond doubt. I hope it happens soon.

%d bloggers like this: