May 9th, 2015

ChunLiGamer

Who Do We Pick On Today?

So let me get this straight....

Scott Cawthon's Five Nights At Freddy's is stupid and derivative and he doesn't deserve his success because there's not much to the games and the changes between installments are uninspired.

ZUN's TouHou is a work of genius and he deserves the fan following and success even though his installments are just reworkings of the original engine with some tweaking to the math.

If you don't like something, fine.  You don't like it.  But don't judge who deserves success or not, because the ones who truly don't deserve success are never the ones you target, just people who got lucky while you didn't.
Let Me Tell You Why That's Bullshit

We Love Anyone Who Pays Us Enough

So, the most American game is football.  I guess.  I'm not much for sports, but baseball is in decline, while football players are heroes.  No sport comes close to the amount of patriotism the game inspires.

As a result, the military is closely associated with football.  You have teams, squads, special ops/teams, a lot of things that lend themselves to being football being an analog for the Theater Of War.  During the climax of last summer's When The Game Stands Tall, a high school football team that loses a game because one of their players died and they couldn't cope with the pressure, visits a military hospital where injured soldiers urge them to overcome their inner demons and win the game.  (We are going to ignore how stupid it is that soldiers with PTSD and missing limbs are reacting in any way other than, "You fucking crybabies!")  Football and the armed services are best buds.  Well, sort of.  Ever since 9/11 and Pat Tillman, the NFL has been tributing our troops, saluting them and saying what great Americans they are, risking their lives to protect this great country.

Well, turns out the NFL is paid to say that.

The Department Of Defense catagorizes it as advertising.  The New York Jets got $377,000 from the DoD and the New Jersey Army Nation Guard from 2011 to 2014 for their "salutes and other advertising."  Since 2011, the DoD has paid 14 NFL teams $5.4 milion, and the National Guard has paid 11 NFL teams $5.3 mil.  This little arrangement got out because of US Sen. Jeff Flake (R-AZ), calling it an "egregious and unnecessary waste of taxpayer dollars."  "Those of us go to sporting evenets and see them honoring the heroes," he told NJ.com.  "You get a good feeling in your heart.  Then to find out they're doing it because they're compensated for it, it leaves you underwhelmed.  It seems a little unseemly."

To be fair, it's not like anyone arches an eyebrow at the recruiting commercials for the Army and such that run during the games.  And the armed forces have a long history of using "soldiers are cool" propaganda -- a Navy rep once called Top Gun the best recruitment poster they ever had.

But if you sit there, getting a little misty eyed as the NFL salutes someone you know who is risking their lives and living in hellacious conditions you wouldn't wish on your worst enemy, just remember -- the NFL would salute Twinkie The Kid if Hostess paid them enough.
ChunLiGamer

Konami -- Crash And Burn

One of the most important lessons anyone in a creative field can learn is, You should never treat your audience with complete and utter contempt.  Some people get away with it, like some punk rock acts, or the Kardashians, or everyone has their own favorite examples.  But for the most part, people learn that it chases their reliable supporters away, and they really weren't all that special to begin with.

Like I said, there are people who can get away with it.  But the field where you are least likely to survive is the video game field.  Atari, John Romero, Derek Smart, and many many others have seen their worlds collapse into dust.  And more are coming.  Sega has moved away from its unique identity (plus the fact that no one there seems to know how to make a decent Sonic game to save their lives) and is now abandoning console gaming to focus on mobile and PC.  Capcom is almost broke, and their gamble to focus on DLC (and some really stupid DLC, I might add -- I had no interest in giving my SFIV characters "Snooki hair" or playing as the US box art version of the first Mega Man) has turned out to be a disaster, pushing them closer to the drain they were circling around.  And these things all stem from thinking fans are fans of the companies themselves instead of their creations.

Hello, Konami.  Are you resting comfortably?

In the past couple of months, Konami has really really fucked up.  Konami made missteps before.  For example, cancelling Kumite all those years ago, which was supposed to be a one-on-one fighter that took physical damage (up to and including broken bones and torn ligaments and tendons) into account.  Suing ITG over In The Groove saying that it violated their copyrights when they hadn't released a new DDR game in three years.  Refusing to release Guitar Freaks in the US for years, then suing Red Octane for infringment when Guitar Hero redefined gaming.  But there was more than enough in their plus column to make people look past that.  They created some of the legends of gaming, and in fact were the only Nintendo licensee in the 8-bit days to be allowed to publish more than Nintendo's allotment of games for the system (the Ultra Games line-up).  Konami ran off the creative staff behind the original Contra, making them pull up stakes after Contra III and form Treasure (the criminally underrated Gunstar Heroes).  Eventually, they hired Treasure to make Contra -- Shattered Soldier.  Last year, the creator of Castlevania told Konami to go fuck themselves and left, and there hasn't been any preproduction on Castlevania since.  And the biggest name, their bread and butter, in the current era were two franchises, Silent Hill and Hideo Kojima's Metal Gear Solid.

Things got a bit confusing when Konami refused to let Team Silent continue to work on Silent Hill, but things were looking good with their announcement of Silent Hills.  This was a project that had every video game nut wetting themselves in anticipation.  Team Silent was out, but Kojima was in.  And he would be working with Guillermo del Toro with no limitations, no guidelines, just make the scariest horror game ever.  They signed Norman Reedus of The Walking Dead to star.  To kick things off, Konami released The P.T., which stood for "Playable Trailer" to give people a taste of things to come.  And the fans went wild.

But things got shaky last year.  Konami was working hard on Metal Gear Solid:  The Phantom Pain.  To help keep interest up, they released Ground Zeroes.  However, this backfired.  Ground Zeroes was basically a demo that could have been recapped in a cut scene at the start of Phantom Pain, and charged $30 dollars for something that could be completed in a little over an hour if you ignored the side quests (and the side quests just reused things from the main game anyway, so it's not like there was a lot of new ground there).  They were orginally going to charge more before fan outrage made them lower the price, and everyone still feels like they got ripped off.  The game was $20 digitally, but most people simply got the game from RedBox and played it through to unlock the things that would factor in to Phantom Pain rather than shelling out that much for it.  Konami made a huge huge mistake.

Now, the company could have recovered, if they had the resources.  Literally, the only games Konami had scheduled for release in 2015 were Silent Hills and Phantom Pain.  Do them right, and the fans will love you.  But then, Kojima got bit by the same bug that infected Treasure and the others.  There was a public kerfuffle, and in short order, Kojima's profile and prominent placement on the Konami site was gone.  No one would say anything, but it's pretty obvious that he's only there to finish Phantom Pain and then he's gone.

What's that?  What about Silent Hills?  ...yeah...about that....Konami started backpedaling on that, too.  Reedus and del Toro both found out and talked casually in interviews about the project being scrapped.  It took Konami a couple of days to make the official announcement.  That means there is only one Konami game coming out this year, Phantom Pain.  And once it's out, Konami's version of Shigeru Miyamoto is out the door.

Konami delisted themselves from the New York Stock Exchange last week.  To be fair, this isn't really that bad.  Something like 99% of their stock is in the Japanese market, and a smidgen is in Europe.  The American portion was even less than Europe's, so I can't blame them for wanting to move on.  But the real PR disaster came this week.

With the cancellation of Silent Hills, suddenly, all fans had was the PT demo.  Konami pulled it from the digital stores.  So people started selling their PS4's and XB1's with the PT demo installed on eBay, with some units pulling in almost $2K.  Then, suddenly, every game unit with the PT demo on it got delisted.  eBay said selling systems with software preinstalled violated the TOS (which is technically true, but with all the used computers, phones, and so on being sold there, you know that's not rigidly enforced), refunded the listing costs, and said move along, nothing to see here.

Why would eBay suddenly enforce this rule?  Well, let's see, who out there is trying to George Orwell Silent Hills from existence, going so far as to pretend it never existed, scrubbing all artwork and press releases they can?  Konami.

Konami recently gave their earnings report, and frankly, their pachinko business is not only thriving, it's growing.  Meanwhile, the video game field has mutated.  You either make AAA titles with budgets higher than the GDP of a third world country (EA, Ubisoft) or you're an indie with a shoestring budget making cheap derivative games and unable to quit your day job.  And Konami has run off so many people...Konami is done.  After this year, I don't think Konami will even exist as a publisher.  The people behind Gradius and Percussion Master and the original good Teenage Mutant Ninja Turtles games and Suikoden and....

...on the trash pile of video game history.  Just like Sega.  Because they forgot video games are a collaborative process.
Tux

APB: Linux Malware Alert

A shoutout to my homies running Linux servers -- there's a new malware family that targets Linux and BSD servers, and it's working.  (Note:  there is a version of this for Windoze as well, but we Linux nuts love to brag how secure we are, so we have to keep from getting lazy.)

Eset has reported on the existence of "Mumblehard," which installs a backdoor and spamming daemon on the server.  Mumblehard itself is written in Perl, but it is hidden in an ELF (executable and linkable format).  ELF binaries are written in assembly.  That means whoever created this is very very good at what they do.

Who's responsible?  Potentially, YellSoft, a Russian online company that makes and sells DirectMailer, a spamware software package (a.k.a. DarkMailer) that lists for $240 US.  Infections are linked to cracked versions of the software, and at the moment, it is sending out pharmaceutical spam.  (Infection is also traced to Joomla and Wordpress exploits, so keep that in mind if you are hunting.)  Particularly vulnerable are web servers that run Perl scripts (Win, Unix, Linux, and BSD) and lets users, customers, and admins change their web pages.

What does it do?  The Perl backdoor installs in crontab, contacts C&C servers for commands every fifteen minutes, and reports back whether it was successful or not.  The backdoor is a single command, "download from URL and execute."  There are 10 C&C servers on the list, but only one is actually sending commands, the others might just be blinds.

How long has this been going on?  This exploit actually has been out there for about five years now, but it's only now starting to be utilized.  The size of the botnet has doubled in the past six months.  Eset has a sinkhole that recorded over 8,800 unique IP addresses, with 3,300 hitting in one day.  The number of infected hosts is going down, but infections occur at specific times, so it could just seem like fewer.

How do you know if you have it?  On Linux or Unix, just do a process status and you'll see it.  Also check for unsolicitied cronjob entries from all users on the server.

What can you do if you have it?  The simplest way is for the admin to encrypt their data.  The backdoor usually goes in /tmp or /var/tmp, so if you mount the tmp directory with "noexec," the backdoor won't execute.  You can also whitebox it to prevent it from elevating its permissions and running discovery -- even if it finds information, it is returned as ciphertext, which is useless to crackers.

So stay frosty and do that process status.