Friday, November 27, 2009

Games and privacy


I was in the mood to play a game. So I downloaded "Little Space Duo" to give it a try. But I never had the chance to run this Game. It was complaining it needs to register itself at launch. Now why? Its the first launch of the game. I didn't even had a chance to enter a registration key or anything. So what is it registering??

Now I use LitteSnitch for a very clear purpose. To know when evil programs violate my privacy and send out data I don't want to be sent out. Well in this game's point of view, LittleSnitch is considered evil as it specifically complains about it. Never the less, even if you allow all on LittleSnitch or disable it temporarly, it didn't work. So I did some research on what this app is really doing and did a wireshark trace with interesting results:

The app does connect to www.macgamestore.com and sends the following HTTP request:


GET /blocked/Little%20Space%20Duo HTTP/1.1
Host: www.macgamestore.com
User-Agent: Little%20Space%20Duo/1.0 CFNetwork/454.5 Darwin/10.2.0 (x86_64) (MacBookPro5%2C3)
Connection: close

So far not much information being revealed except my computer's type and architecture.
The response is however indicating more clearly on to why this doesn't work:

HTTP/1.1 404 Not Found
Set-Cookie: bpp=324184256.20480.0000; expires=Fri, 27-Nov-2009 17:41:17 GMT; path=/
Date: Fri, 27 Nov 2009 13:53:22 GMT
Server: Apache/2.2.4 (Ubuntu) PHP/5.2.3-1ubuntu6.3 mod_ssl/2.2.4 OpenSSL/0.9.8e
Last-Modified: Tue, 25 Mar 2008 05:53:37 GMT
ETag: "da4b2b-3c2-92d2da40"
Accept-Ranges: bytes
Content-Length: 962
Vary: Accept-Encoding
Connection: close
Content-Type: text/html

<HTML>
<HEAD>
<TITLE>404 Not Found</TITLE>
</HEAD>
<BODY>
<H1>Not Found</H1>
The requested document was not found on this server.
<P>
<HR>
<ADDRESS>
Web Server at macgamestore.com
</ADDRESS>
</BODY>
</HTML>

<!--
- Unfortunately, Microsoft has added a clever new
- "feature" to Internet Explorer. If the text of
- an error's message is "too small", specifically
- less than 512 bytes, Internet Explorer returns
- its own error message. You can turn that off,
- but it's pretty tricky to find switch called
- "smart error messages". That means, of course,
- that short error messages are censored by default.
- IIS always returns error messages that are long
- enough to make Internet Explorer happy. The
- workaround is pretty simple: pad the error
- message with a big comment like this to push it
- over the five hundred and twelve bytes minimum.
- Of course, that's exactly what you're reading
- right now.
-->

In other words they built a blacklist mechanism into the application and lateron removed the blacklist from the server which makes probably all games complain which have an online connection. The workaround is simply to disable the network interface completely. Then it doesn't complain ;-)

Posted by Andreas Fink at 14:49 0 comments Links to this post
Labels: , , ,

Thursday, October 8, 2009

AppStore Dwarfs need glasses...

AppStore Dwarfs are those magic workers behind the scenes at the AppStore. They do a lot of work simultaneously but they don't pay attention to details. Global.AQ 1.0.2 when submitted to the AppStore was rejected by the dwarfs with the comment that sending SMS doesnt work. It was written in the FAQ, on the App documentation, on the website that you must enter phone numbers in international format. Meaning with + in front. Every european who sends SMS across the border knows that. But the american dwarfs don't so they didn't type it correctly. I've heard another developer with a very similar application had exactly the same problem.

Now Global.AQ 2.0 is ready for prime time. First it was hold up due to "itunes disconnect". Then it took a full 2 weeks to get a reply saying, the app doesn't do what the advertisement text was saying.

They complained it doesn't do incoming SMS. Well they tested on AT&T where in fact it doesn't work yet (but AT&T is working on it, I'm sure it does soon) but it does work on a few selected networks (and many more are coming). But the advertisement text was telling this.

Conclusion: the AppStore Dwarfs must be blind. They never read the text fully.

So we have to wait for another 2 weeks. *Sight*
Posted by Andreas Fink at 21:39 0 comments Links to this post
Labels: , , , , ,

Wednesday, September 23, 2009

iTunes Disconnect

For those of you who develop iPhone / iPodTouch applications, you are probably familiar with iTunesConnect, Apple's tool to upload iPhone applications. I don't often use it because I'm not producing 100's of iPhone applications every months and for the statistics part I use AppViz which summarises daily everything I want to know.
Now yesterday our Global.AQ software was ready to be released in version 2.0 into the wild after having worked many many months on fine tuning thousands of small little bits. So I pressed:




and then I got this:






for over 15 minutes! So I retried and retried and retried. Nothing seemed to work. As it was already late I decided to try again in the early morning, a time where USA usually went to sleep and European business have not started to work yet so the hope was that servers where completely idle. But no luck either. Even at 07:30 CET, it didn't work. Some users on twitter reported similar problems but success by just waiting. So arrived in the office I did start up Safari and just have it wait.

So I did and got this after like 30 minutes I got:





Trying again, I got another 30 minutes later:






Maybe that's the new way of rejecting developers?

PS: Apparently I'm by far not the only one havin
g this problem. 2 days later its still there. Apple apparently is "aware" but they did not answer any of my e-mails.

Today I even had a new variant of error message








Its getting more and more absurd.



24. Sept. 2007 19:45 CET
I think apple has moved the site from a mac mini to an array of XServes. Upload was out of a sudden possible and blasting fast. Global.AQ PRO 2.0 is finally there. Now we only have to pass the review process (another 2 weeks to wait... )




Posted by Andreas Fink at 10:17 0 comments Links to this post
Labels: , , ,

Wednesday, August 5, 2009

Espresso














By espresso I don't mean the coffe but the radio emission on swiss radio DRS. In the next emission on friday 5th August 2009 Wednesday 12. August 2009, there are talking about data retention and the new rules layed out by the EJPD. The same EJPD which responds today with the picture

Ok now I'm censored from viewing the law pages. Kind of interesting approach.

PS: it looks like everyone was getting this page. It is no longer the case. So it sounds like a stupid mistake of a sysadmin instead of real censorship. But still funny.
Posted by Andreas Fink at 19:58 0 comments Links to this post
Labels: , , ,

Wednesday, July 22, 2009

Swiss version of the german "Vorratsdatenspeicherung"

The swiss federal police forces, the department for telecommunications surveillance, has invented new lawmaking. Based on the swiss law of telecommunications, they sent a "Vernehmlassung" to all internet providers in switzerland. "Vernehmlassung" is the discussion about a new law. Its usually a public process where the parliament asks the public if this new intended law is a good idea and what modifications should be made.

This time it was however different. The "Vernemlassung" was about rules which should follow the law. However those "rules" are self made rules by the police which go far and beyond what the law says. It invents interfaces which all internet providers must have so the police can send wiretap orders automated etc. Those orders which by law have to be authorized by a judge, however dont carry the information about which judge has ordered it. So the internet provider is by far not able to verify if this is legal or not. Also it imposes massive costs to the burden of the internet providers which he can not recover. So small ISP's can't complete this and have to go out of business. Furthermore those undemocratic rules have been declared confidential (how can you have a public discussion on something confidential??), are put into force on 1. August and passed through the "Vernemlassung" within 3 weeks at vacation time so nobody takes notice.

We have thus decided to stand up and break the confidentiality and publish our full answer so everybody can see for himself what power the police is trying to achieve.

The full answer is published on http://www.fink.org/ejpd-antwort.pdf

Other related posts:

http://www.woz.ch/artikel/2009/nr29/schweiz/18143.html
http://www.inside-it.ch/frontend/insideit?&site=ii&_d=_article&news.id=18419
http://blog.internet-briefing.ch/2009/07/22/vorratsdatenspeicherung_schweiz/
http://www.ayom.com/topic-30668.html
http://www.heise.de/newsticker/Bericht-Schweiz-plant-Echtzeit-Ueberwachung-des-Internetverkehrs-von-Verdaechtigen--/meldung/142082
http://www.statewatch.org/EUFBISW.HTM
http://www.cablemodem.ch/forum/viewtopic.php?t=8463
Posted by Andreas Fink at 10:13 1 comments Links to this post
Labels: , , ,

Friday, July 10, 2009

Amusing iPhone

Don't ask me how I got to this one. I'm sure I can not repeat it. I can confirm you its not photoshopped..

I tried to call someone and then hanged up. The phone
didn't took the hangup instantly and went black. Somehow I ended up with this after having it on again.

Posted by Andreas Fink at 15:18 0 comments Links to this post
Labels: ,

Monday, June 29, 2009

Free SMS for your iPhone

If you want to send free SMS from your iPhone, simply download this iPhone application and you are all set.



Posted by Andreas Fink at 11:03 2 comments Links to this post
Labels: , ,
Subscribe to: Posts (Atom)