is the video quality and sound decent enough?
| asm | what is ?
|
| LocoDelAssembly | yep
|
| sleepsleep | so COOL
|
| asm | yes
|
| vid | we're recording on camera as well in better quality, might be able to put that somewhere later on after some editing
|
| vid | vid back here again
|
| vid | i will be moderating this chat, so keep on topic ;)
|
| sleepsleep | k
|
| asm | who is this man?
|
| vid | tom tobias
|
| sleepsleep | tom tobias
|
| asm | nice
|
| sleepsleep | ^^" no wonder :P he knew so much
|
| asm | //62 //15
|
| allie | //59 //52
|
| 0_1 entered the room. |
|
| sleepsleep | yo yo
|
| MHajduk | Hello, 0_1. :)
|
| 0_1 | Hi all!
|
| vid | hi
|
| MHajduk | Should the motherboard be always flat? We could think about 3D motherboards...
|
| sleepsleep | Bill Gates (famously) thought 640 Kilobytes RAM would be enough for anyone
|
| asm | haha
|
| 0_1 | a newbie question (sorry!) who is the mr. x, who is giving a presentation now?
|
| sleepsleep | tom tobias
|
| vid | tom tobias
|
| asm | today the school is empty
|
| sleepsleep | lol
|
| asm | it's holiday
|
| vid | post question here if you have some
|
| sleepsleep | woops? the cam stop
|
| vid | doesnt for me... isnt it your client?
|
| 0_1 | r u guys also in class room
|
| sleepsleep | normal back
|
| vid | try reconecting?
|
| vid | i say, it does still work for me
|
| sleepsleep | ok already
|
| vid | ok
|
| allie | //49
|
| MHajduk | Question: Why we don't build processor with only one instruction? I know it's theoretically possible. :)
|
| vid | mhajduk: only real questions please :)
|
| 0_1 | guys plz listen to Sir!
|
| MHajduk | It's real question. I saw somewhere theoretical project of such processor. :)
|
| MHajduk | Every instruction could be defined by sequence of one specific instruction. Really. :)
|
| vid | ok, but it isn't releated to this topic
|
| MHajduk | Why?
|
| asm | who is this boy?
|
| MHajduk | Madis?
|
| asm | maybe
|
| vid | madis
|
| sleepsleep | lol, my office also use that projector
|
| sleepsleep | should put some curtain on the window
|
| f8 entered the room. |
|
| MHajduk | Conference should be in the cellar. ;)
|
| asm | ya ,next to wine bottle
|
| sleepsleep | wats da topic for current presentation?
|
| vid | XMM as general purpose register
|
| MHajduk | asm: :D
|
| sleepsleep | COOL
|
| vid | and using SIMD with GPR
|
| asm | what is gpr ?
|
| LocoDelAssembly | general purpose register
|
| asm | ok
|
| vid | general purpose register, like RAX, RBX, RCX, RDX, RSI, RDI, RSP, RBP
|
| asm | ok ok
|
| Artlav entered the room. |
|
| vid | hi artlav
|
| 0_1 | dear Madis, be confident, and do not jerk
|
| Artlav | hi vid and all.
|
| vid | madis is presenting his "XMM as GPR, SIMD with GPR"
|
| vid | you missed tom tobias :)
|
| MHajduk | Hello, Artlav. :)
|
| sleepsleep | //15
|
| rCX entered the room. |
|
| sleepsleep | one question, if we start using xmm as GPR, then wat is the purpose of GPR? (like, when to use them?)
|
| allie | bye ppl
|
| sleepsleep | bye allie
|
| allie has left the room. |
|
| vid | bye
|
| asm | privet
|
| vid | sleepsleep: hope that answers your question :)
|
| sleepsleep | k, thanks
|
| 0_1 | plz guys, ask madis to write an article/tutorial about this topic
|
| vid | okay, remind it when he finishes, i dont want to interrupt him now
|
| asm | my computer does not have sse
|
| sleepsleep | 486? asm :P
|
| asm has left the room. |
|
| sleepsleep | omG
|
| asm entered the room. |
|
| 0_1 has left the room. |
|
| 0_1 entered the room. |
|
| asm | connection problem
|
| MHajduk | Question: In which program Madis measured number of clocks of these algorithms?
|
| asm | ya
|
| vid | rdtsc
|
| asm | rdtsc it's no a program
|
| 0_1 | so what?
|
| 0_1 | is not it most precise?
|
| sleepsleep | http://en.wikipedia.org/wiki/RDTSC
|
| 0_1 | asm?
|
| rCX has left the room. |
|
| rCX entered the room. |
|
| asm | mhajduk say ,wich program
|
| MHajduk | Thanks. :)
|
| vid | asm: no program, he simply had his own application which did movement to measure time and display it
|
| 0_1 | vid u need a haircut (sorry!)
|
| asm | for precise calculation only rdts it's not enough
|
| vid | 0_1: no problem, your opinion doesnt matter to me :) but keep on topic
|
| vid | asm: its error is small enough for these tests
|
| asm | //40 vid's hairdresser
|
| vid | asm: please keep on topic, you can create a blog about my hair if you like
|
| 0_1 | i think madis u r right, xmm should be the future, actually they are the future
|
| 0_1 | there was no xmm in older cpus
|
| asm | maybe among 15 year
|
| 0_1 | if we do not consider size at all
|
| 0_1 | is xmm also the fastest
|
| asm | no
|
| 0_1 | why?
|
| 0_1 | i heard all xmm are done in or under 1 cycle
|
| asm | you must load 128 bit
|
| 0_1 | that's size
|
| 0_1 | ?
|
| asm | better 8 bit or 16
|
| 0_1 | speed?
|
| asm | no
|
| rCX | GPR were General Purpouse Registers?
|
| asm | please test yourself
|
| f8 | yes
|
| 0_1 | madis is the xmm also fastest
|
| asm | no
|
| sleepsleep | vid presentation fasmlib :P
|
| vid | hey, f0dder here while vid is doing his presentation
|
| 0_1 has left the room. |
|
| vid | XMM is very fast when you need to process large amounst of data
|
| sleepsleep | lol, thought vid got 2 souls :P
|
| asm | ya
|
| f8 | somebody has problems with the video
|
| vid | isn;t the video working properly?
|
| LocoDelAssembly | yep, me
|
| vid | remember that there's quite a bit of latency on it
|
| sleepsleep | avatar chain reactions
|
| LocoDelAssembly | It freeze at times, and sometimes it starts with "buffering..."
|
| vid | loco: you're having problems?
|
| sleepsleep | maybe u could temporarily kill ur torrent client :P Loco
|
| f8 | yes it freezes time to time
|
| vid | you could try restarting your browser and connecting to the stream again
|
| vid | if that doesn't help we might have to have don look at the streaming settings
|
| asm hugs |
|
| asm kisses |
|
| asm kisses |
|
| sleepsleep status report | cam works fine here
|
| LocoDelAssembly | maybe is my problem
|
| asm | //21 //21 //21 //21
|
| vid | loco, how fast (and stable) is your internet connection?
|
| LocoDelAssembly | let my see what is doing my fucking brother :@
|
| vid | I think we're streaming at around 300kbps?
|
| LocoDelAssembly | my brother with youtube....
|
| sleepsleep | lol
|
| vid | kill him then, youll need around 300kilobit to stream it
|
| vid | I hope there arent other problems
|
| LocoDelAssembly | it is a 512 kbps connection that works stable at ~400 kbps
|
| sleepsleep | bbl,
|
| vid | that should be enough if you don't have any other tranfers/whateveer going on
|
| asm has left the room. |
|
| MHajduk | ping
|
| vid | hajduk: pong
|
| LocoDelAssembly | since I already killed him now works fine :D
|
| f8 | strange the video freezes but the sound is ok
|
| MHajduk | f8 Is there cold? ;)
|
| vid | f8: can you right-click the media player control and check the statistics?
|
| f8 | actually it is quite hot in here ;)
|
| f8 | yes
|
| MHajduk | Hehe :D
|
| f8 | strange there are no lost packets
|
| vid | what does it say about your internet connection and the video bitrate?
|
| f8 | maybe there is some software which is causing the problem
|
| vid | I'm happy the thing works at all, btw, there's no cabled internet connection at the hotel, so we'er using some t-mobile wireless hotspot
|
| vid | is the sound coming through okay for you people? Is it loud & clear enough?
|
| LocoDelAssembly | yep
|
| rCX | yeah
|
| f8 | the sound is fine
|
| f8 | and the video is ok too only tiime to time the is some freezes
|
| vid | f8: like a short freeze and then it continues, or do you have to reconnect?
|
| f8 | not very short
|
| MHajduk | Sound is excellent. :)
|
| f8 | the actual rate changes from 30 to about 7
|
| vid | hm, that's weird
|
| f8 | now the video is ok
|
| vid | I think there should be enough bandwidth, we're streaming from the hotel to the relay server at hypervista-tech
|
| vid | quite happy the the powerpoint thingy is readable, we had a lot of problems wgetting the lighting right etc
|
| vid | I just counted latency, it's around 20 seconds... not too bad
|
| rCX | who is speaking right now?
|
| vid | vid's speaking, f0dder sitting here typing
|
| Artlav has left the room. |
|
| 0_1 entered the room. |
|
| 0_1 | is GUI also possible in FASMLIB
|
| MHajduk | Question: Do you plane implementing regular expressions processing?
|
| 0_1 | i mean in futur
|
| vid | remember, 20sec latency, vid is answering questions now :)
|
| vid | okay, any further questions? :)
|
| 0_1 | thanks vid
|
| MHajduk | Thanks. :)
|
| Biterider entered the room. |
|
| 0_1 | will FASMLIB have efficient algorithms for general uses
|
| 0_1 | ie. sorting and other stuff.
|
| 0_1 | since in asm it's most efficient
|
| vid | 0_1: asking him in a few seconds
|
| 0_1 | thx.
|
| vid | answering now
|
| MHajduk | Yes, some 'sort' procedure (as in PERL) would be nice. :)
|
| 0_1 | tell him that really imp. task in asm is efficiency
|
| 0_1 | of speed
|
| sleepsleep back |
|
| Artlav entered the room. |
|
| sleepsleep | lol, u tube
|
| vid | this is feryno
|
| Artlav | What is on the schedule?
|
| vid | 0_1: speed is important regardless in language, and is just aj important in asm as in C++. But it is not important everywhere, and sometimes some other things are more important
|
| 0_1 | sorry to differ vid
|
| 0_1 | every body uses asm for efficiency (speed!)
|
| vid | not really
|
| sleepsleep | for fun, hobby, arts too
|
| 0_1 | unless an adict or hobbist
|
| MHajduk | Assembler has very simple syntax (almost none). ;)
|
| LocoDelAssembly | for accessing architectural parts not available with HLLs, etc
|
| vid | and even though most of them do, having fast app doesnt mean that 100% code should be as fast as possible
|
| 0_1 | yeah
|
| vid | for majority of code, you dont even need to optimize, and speed will be virtually same
|
| 0_1 | but a fasm lib is ought to be most powerful
|
| 0_1 | isn't it?
|
| Artlav has left the room. |
|
| sleepsleep | windows even goes to invent sleep(ms)
|
| 0_1 | see it this way
|
| 0_1 | no GUI
|
| MHajduk | sleepsleep(ms) ;)
|
| 0_1 | no regex
|
| 0_1 | no PLATFORM independance
|
| 0_1 | no frills
|
| sleepsleep | :)
|
| 0_1 | and sad, no efficinecy
|
| vid | but it can save you hours of programming in real applications
|
| 0_1 | so can C++ lib
|
| vid | when you need to format output you can make it in one minute, and then use rest of time to make the real bottleneck faster
|
| vid | C++ lib cannot be used in asmin normal way
|
| 0_1 | why use asm? efficiency?
|
| 0_1 | speed?
|
| 0_1 | or simplicity?
|
| 0_1 | that was asmlib? in above ques.
|
| sleepsleep | =code detail and clarafication, knowing wat underneath
|
| vid | in the beginning i explained that assembly library is not very usable for real application development. it is for those who still want to do entire app in asm - hobbyist, students, etc..
|
| 0_1 | may b i'll tale you guyz later
|
| vid | bye
|
| 0_1 | lets c what mr. x is sayin
|
| MHajduk | sleepsleep: Yeah, clarification and obfuscation in the end. ;)
|
| sleepsleep | lol
|
| rCX | gtg (breakfest)
|
| rCX | bye
|
| rCX has left the room. |
|
| sleepsleep | lol 10:26 pm here
|
| MHajduk | Question: What are main differences between your debugger and OllyDbg (I mean advantages)?
|
| vid | this is NOT about FDBG, but i will ask anyway
|
| MHajduk | Ok. Thanks. :)
|
| Biterider | who is speaking now?
|
| MHajduk | Feryno.
|
| SvedigDværg entered the room. |
|
| SvedigDværg | SUNE.. SUUUUNE ER DU HER
|
| vid | yeah, he's here... english please :)
|
| MHajduk | You're Swede?
|
| SvedigDværg | Sorry :$ Im danish
|
| sleepsleep | win64, use KERNEL32?
|
| MHajduk | I was misleaded by your nick. :)
|
| 0_1 has left the room. |
|
| SvedigDværg | It means sweaty dwarf..
|
| MHajduk | Aha... LOL
|
| SvedigDværg | Im sorry tired and I miss Sune :(
|
| mandeep entered the room. |
|
| SvedigDværg | im sorry, im so tired* christ..
|
| SvedigDværg has left the room. |
|
| MHajduk | Hello, mandeep. :)
|
| mandeep | hi
|
| mandeep | hi all
|
| Henriette entered the room. |
|
| LocoDelAssembly is currently away. |
|
| vid | hi
|
| LocoDelAssembly is back again. |
|
| Henriette | there
|
| MHajduk | Hello, Henriette. :)
|
| Henriette | buy sune some internet plz
|
| vid | henriette: hi, greetings from sune and all of us :)
|
| Henriette | thank you :)
|
| vid | i am letting sune to this computer with internet
|
| Henriette | Oh my
|
| LocoDelAssembly is currently away. |
|
| MHajduk | Question: Is there any programming trick, which may break debugging in FDBG (As we could do with OllyDbg)? ;)
|
| MHajduk has left the room. |
|
| MHajduk entered the room. |
|
| f8 has left the room. |
|
| MHajduk | Thanks. :)
|
| LocoDelAssembly is back again. |
|
| MHajduk | Question: How FDBG treat self-modifying code? Could you debug such programs?
|
| vid | theyre trying to fix the screen garbling issue now
|
| vid | answerign now
|
| MHajduk | Thanks. :)
|
| mandeep | a general ques: Is it better to debug for asm code or a HLL code?
|
| vid | mandeep: do you mean whether FDBG is better for HLL or ASM code?
|
| mandeep | no generally
|
| mandeep | i mean generally, which is more suited?
|
| vid | for writing the debugger, or the code being debugged?
|
| mandeep | for debugging an .EXE
|
| vid | hmm, can you rephrase the question? I don't understand it :.
|
| vid | :/
|
| LocoDelAssembly | he means if in a given program written in an HLL it is better to debug it in HLL level or assembly level
|
| vid | okay, one second
|
| mandeep | if a code was written in asm/HLL it is easy/hard to debug, especially when i do not have the code, only .exe. And what if i have the code?
|
| Sfeli entered the room. |
|
| mandeep | in particular my ques. is: Is it helpful in debugging if the code is in asm or if you know asm?
|
| MHajduk | Hello, Sfeli. :)
|
| vid | well, if you don't have source, you will be debugging in assembly mode
|
| vid | whether using a high-level debugger for high-level code is useful or not depensd on your own personal preference :)
|
| vid | (still f0dder in front of the computer btw)
|
| mandeep | thx guys.
|
| vid | hope your question was answered and that we understood it correctly :)
|
| mandeep has left the room. |
|
| sleepsleep too tired, |
|
| vid | personally, I use assembly level debugging sometimes even when writing highlevel code
|
| sleepsleep | watch recorded version later
|
| LocoDelAssembly | me too, OllyDbg is soo sweet :D
|
| sleepsleep | bye
|
| LocoDelAssembly | bye sleepsleep
|
| sleepsleep has left the room. |
|
| vid | I think FDBG is going to be pretty sweet as well once its a bit more polished - work on olly is going very slow
|
| LocoDelAssembly | but FDBG does work with 32-bit apps?
|
| vid | just a sec
|
| vid | amswering now
|
| MHajduk | Question: Could FDBG save disassembled code?
|
| LocoDelAssembly | thanks, didn't know
|
| vid | so only 64bit code, and debugger not disassembler
|
| vid | (he means 64 when he says 46 :))
|
| LocoDelAssembly | Ahp, I heard wrong, so only 64-bits
|
| MHajduk | Thanks. :)
|
| vid | yeah, 64-bit support took him quite a while, so he's focusing on that... requires some more work on the disassembly unit as well as other things to also support 32bit
|
| rCX entered the room. |
|
| Sfeli has left the room. |
|
| vid | seems like OpenOffice isn't too good at handling microsoft powerpoint slides, sorry for the very garbled screens
|
| LocoDelAssembly | hohoho, this one is really messed :P
|
| rCX | lol
|
| LocoDelAssembly | upload it to gmail and then use the link "view as HTML" ;)
|
| vid | *grin*
|
| Biterider has left the room. |
|
| vid | I hope that we can get the video edited a bit and uploaded somewhere later no
|
| Biterider entered the room. |
|
| f8 entered the room. |
|
| MHajduk | f0dder: Place them in YouTube. ;)
|
| vid | having connection troubles?
|
| LocoDelAssembly | nope
|
| vid | hajduk: we'll figure out something :)
|
| vid | I hope this chat text can be saved... I think it can, but probably doesn't have timestamps
|
| MHajduk | :D
|
| LocoDelAssembly | yes, you can save it but as plain TXT and without timestamps
|
| MHajduk | A year ago chat was saved and placed on FASM forum.
|
| vid | we need a better chat system for the next conference
|
| LocoDelAssembly | I'll try to dump browser memory to see later how the format could be recovered
|
| vid | I guess something IRC-based would be a good idea, as long as we can find a decent web applet for it as well, so everybody will be able to connect... but that'll be for next year
|
| vid | the only-break-on-branch thing for debugging is VERY useful btw
|
| vid | because your traced code won't be interrupted on every instruction, thus running faster
|
| vid | good if you want to unpack something and try automagically finding original entrypoint
|
| LocoDelAssembly | is this feature supported on all Athlon64?
|
| vid | should be, can't remember exactly when it was introduced, but I think it was in early pentium and athlon machines... I even think my 700mhz slot-A athlon supported it
|
| vid | tech manuals from intel and amd should tell
|
| vid | dunno if theres any public projects using this feature, but I know of a few private ones that do
|
| vid | early pentium-4 machines I meant, sorry
|
| MHajduk | ping
|
| vid | hajduk: pong
|
| LocoDelAssembly | i'm reading AMD64 manual to see how to detect the presence of this feature to later test my slot-A 750Mhz Athlon :D
|
| vid | you'll need some driver code, or booting to dos/whatever, but it's not too difficult :)
|
| LocoDelAssembly | ahp, no CPUID way to detect the feature?
|
| vid | hm, good question, been years since I messed with it - i;ll ask feryno, sec
|
| MHajduk | Feryno is the real Marathonian. ;) Respect for endurance. :)
|
| vid | perhaps cpuid, check the SIV program linked on wikipedia's CPUID article
|
| vid | yeah, he has a very long presentation, I hope you guys enjoy it as mcuh as me :)
|
| MHajduk | :D
|
| Henriette has left the room. |
|
| LocoDelAssembly | hahahaa
|
| LocoDelAssembly | thanks feryno!!
|
| vid | I think it was a pretty good overview
|
| vid | madis back again
|
| vid | I think he wrote the presentations for openoffice, they dont look all wrong :)
|
| vid | loco: vid looked through the intel manuals, it doesn;t look like theres any CPUID detection for trap-on-branch, so youll probably need to check for cpu family and stepping instead
|
| LocoDelAssembly | yep, I don't find much information on AMD64 about detection neither :(
|
| MHajduk | Question: Is there any possibility to transfer some lack drivers from Linux to MenuetOS?
|
| vid | ill ask in a sec
|
| vid | oh, tom interrupted, doh
|
| LocoDelAssembly | f0dder: ----------S000001DB-------------------------- MSR 000001DBh - Pentium Pro, PentiumII - "LASTBRANCHFROMIP" Desc: stores the address from which a branch was last taken SeeAlso: MSR 000001DCh
|
| LocoDelAssembly | so yes, the feature is ancient :D
|
| vid | hm, already implemented back then?
|
| vid | hajduk: ill ask your Q as soon as it's natural to do so, so i dont interrupt him
|
| MHajduk | OK.
|
| vid | grmbl, tom tobias interrupting again
|
| vid | oh well :)
|
| LocoDelAssembly | I took that from http://www.oopweb.com/Assembly/Documents/InterList/Volume/MSR.LST
|
| vid | loco: that MSR just stores the last branch addr though, not the feature that traps on branches, though?
|
| LocoDelAssembly | see MSR 000001D9h - Pentium Pro, PentiumII - "DEBUGCTLMSR" DEBUGGING CONTROL in that link
|
| vid | want me to bag up tom tobias and dump him in a river? ;)
|
| MHajduk | Hehehe... LOL
|
| Biterider | lol
|
| Biterider | but he has a point
|
| vid | yeah, he does, but he keeps on repeating himself and interrupting... anyway, got a chance to ask the questoin
|
| LocoDelAssembly | just bug up him when he start complaining about XOR :P
|
| MHajduk | Thanks. :)
|
| Biterider | vid... who is on your side? is it fOdder?
|
| vid | f0dder's me (dunno how to change nick on the chat), im in the black+red slayer tshirt
|
| vid | hope your question was answered, hajduk :)
|
| MHajduk | Yes, thanks. :)
|
| vid | but basically, no you cant just move a driver, it needs more or less a full rewrite
|
| MHajduk | Yes, agree. :)
|
| vid | situation is pretty nasty with wireless for anything but windows, damn hardware manufacturers and their unwillingness to let you use the firmware blobs
|
| MHajduk | If MenuetOS would be developed by some company... situation may be better. But then it won't be free?
|
| vid | i dont think any company would be interested in doing so... even a thing as big as linux has problems and has to use windows drivers + NDIS wrapper to have proper wireless
|
| vid | youd really need a commercial company with closed-source drivers and money enough to get attention, and then youd need to sign some nasty NDAs
|
| MHajduk | It's sad that such good ideas aren't supported correctly. :(
|
| vid | i dont personally care much about menuet, but I agree that the driver/spec sigtuation in general is very bad
|
| vid | even reduced specifications that only let you use basic features would be nice
|
| vid | btw, could a couple of you guys save the chat log every once in a while? just so we don't lose it if there's some acciedent or whaever :)
|
| LocoDelAssembly | I'm sending regular pings to prevent that but yes I'm saving a copy now
|
| vid | thanks
|
| MHajduk | Unfortunately, I had to re-login in the middle of the conference (error in Java applet).
|
| f8 has left the room. |
|
| LocoDelAssembly | done
|
| LocoDelAssembly | 647 lines so far
|
| vid | ive saved a copy as well, the more the merrier :)
|
| MHajduk | I have an idea for Ozzy: to write program in FASM for chatting for next conference. :)
|
| vid | hehe
|
| vid | well, I think just using IRC would be a good optoin
|
| MHajduk | Yes. I wonder, why most of the suggestions comes at the time of the conference, not before? ;)
|
| vid | any questions for madis about menuet/kolibri/etc?
|
| MHajduk | Tom... ;)
|
| vid | hajduk: we need to get a bit better at planning i guess :), this is only the second conference, and the first one i've attended
|
| vid | hehe yeah tom is a bit of a blabbermouth
|
| Biterider | menuetOS32 will not be developed anymore?
|
| vid | sec, will ask
|
| vid | sec, will ask
|
| vid | is the stream still working for you guys?
|
| MHajduk | With FASM and OS fully written in FASM we could be completely independent. :)
|
| LocoDelAssembly | yes
|
| Biterider | yep
|
| MHajduk | Working, so far.
|
| rCX | yeah
|
| vid has left the room. |
|
| hypervista entered the room. |
|
| hypervista | just a second guys, monitoring computer vid and f0dder are using is glitching
|
| MazeGen entered the room. |
|
| MazeGen | Hi guys. We've got some problems with our primary internet connection so we have to repair it now :(
|
| LocoDelAssembly | the video stills working great
|
| rCX BRB |
|
| MazeGen | oh, ok :)
|
| MazeGen | we are now preparing for HyperVista and vid's presentation
|
| MHajduk | ping
|
| MazeGen | pig
|
| MHajduk | LOL
|
| LocoDelAssembly | MHajduk, you can use /ping command ;)
|
| MHajduk | Thanks. :)
|
| LocoDelAssembly | -- roundtrip: 625 ms.
|
| LocoDelAssembly | pretty slow :S
|
| MHajduk | Slow? My is 735ms.
|
| hypervista has left the room. |
|
| MazeGen | thezre in the process of adjusting the camera now
|
| Homer entered the room. |
|
| MazeGen | starting now, dunno how much latency we have, hope everything is set up correctly :)
|
| MazeGen | christ, this secondary connection is very slow and unstable, I hope the connection used for the video stream works okay for you guys
|
| rCX | seems fine
|
| MHajduk | Video quality is ok.
|
| LocoDelAssembly | yes, works fine
|
| MazeGen | good, lets keep our fingers crossed
|
| rCX | lol
|
| Biterider | lol
|
| MazeGen | i can hardly monitor the video from here :s
|
| MazeGen | (f0dder here again btw)
|
| MazeGen | ah, appearantly the reason this secondary connection is slow, is that we're running off mazegens cell phone :)
|
| MHajduk | Question: Could we make hyper-hypervisor? ;)
|
| Homer | lol
|
| MazeGen | like nesting?
|
| MHajduk | Yeah.
|
| MazeGen | "it has been done actually"
|
| LocoDelAssembly | yes, it is possible but the outermost hypervisor must emulate SVM
|
| MHajduk | Thanks :)
|
| MazeGen | it's tricky, and you end up playing the cat-and-mouse game if you want to make an undetectable hypervisor
|
| MazeGen | still working? :)
|
| Biterider | yep
|
| rCX | yes
|
| LocoDelAssembly | I had few problems at the same time you asked but surely its a local problem and works fine again
|
| MHajduk | Question: I suppose, that your Hypervisor will be the first commercial program written in FASM in the market? Am I right?
|
| MazeGen | well, this secondary connection is running off mazegens cellphone, so I cant follow the video stream very well
|
| MazeGen | hajduk: the first one I\ve heard about at least
|
| MazeGen | but theres a BIOS hacking/reverseengineering book that makes a lot of mention of fasm
|
| MazeGen | good part coming soon :)
|
| Homer | they have changed it - they deprecated the macro support, and introduced new bugs
|
| MazeGen | yeah, even if tom tobias doesnt believe it :_
|
| MazeGen | homer from the asmcommunity board btw?
|
| Homer | yes
|
| MazeGen | welcome :) - too bad I forgot potsing a note about the conference on the asmcom board forum :(
|
| Homer | I am sure there would have been other interested parties - oh well
|
| MazeGen | we'll try getting an edited video posted somewhere after the conference
|
| MazeGen | but of course a bit more input and questions might have been nice
|
| Biterider | good idea
|
| MazeGen | we might even mix in some non-conference video stuff, hehe
|
| MazeGen | .cz has nice beer ;)
|
| MazeGen | if you can hear a baby in a bit, it's Feryno's daughter :)
|
| Homer | I was wondering :P
|
| Biterider | :)
|
| MHajduk | Youngest conference participant. :)
|
| MazeGen | haha yeah :)
|
| MazeGen | the various girlfriends have been on a girlie trip during most of the conference
|
| MHajduk | First FASM family conference. ;)
|
| MazeGen | it's been a nice pre-conference as well
|
| MazeGen | I (f0dder) arrived thursday, most of the others during fri/sat
|
| MHajduk | Question: Aren't hypervisor "suspicious" for any anti-virus program?
|
| MazeGen | hajduk: ideally, the antivirus wouldn't even be able to see that it's running in a hypervisor
|
| Homer | aint there a sysinternals patch for allowing windebug to work across a lan?
|
| MazeGen | there's some timing-attack ways to detect it and other trickery, but it's dirty stuff
|
| MazeGen | homer: if you can find info on somethingl ike that, PLEASE let me know, it could be pretty nice
|
| MHajduk | Yeah, but I was talking about compiling sources under Win.
|
| Homer | I am sure I read it on their page, which as you know, m$ have bought out now
|
| MazeGen | hajduk: not that i know of... it's still pretty new stuff and not actively used by malware yet, at least ntohing big and widespread, so... :)
|
| MazeGen | homer: yeah, but aren't must of their old stuff still available?
|
| MazeGen | *isn't
|
| Homer | I just checked google's cache, all I can find is references to DbgView - perhaps I am mistaken, and that tool is what I was reading about
|
| MazeGen | ok
|
| MazeGen | we're looking into alternatives to windbg anyway, since that obviously won't work for debugging large parts of the hypervisor
|
| Homer | essentially it just traps messages from WinDebug and redirects them..
|
| MazeGen | ah yeah, that's completely diff
|
| Homer | nice
|
| MazeGen | some of the problems you get when doing things like hypervisor dev leaves the system in a very unstable state, so we can't really rely too much on the kernel
|
| MazeGen | i want to get some alternative done, like flushing memory to a USB flashdrive (doing our own driver code) or whatever, for those really nasty situations
|
| LocoDelAssembly | video is out
|
| MazeGen | tom mistakenly turned off the camera, so we will have a short output
|
| Biterider | here too
|
| MazeGen | *outage
|
| Homer | heh ok
|
| Homer | coffee break :)
|
| MazeGen | I did that earlier as well, thought it was the zoom dial :)
|
| Artlav entered the room. |
|
| MazeGen | I could do with some water or beer, it's pretty hot and humid here by now
|
| Biterider | cool work guys
|
| MazeGen | we\ll get the video fixed asap
|
| MazeGen | biterider: it's still very early dev, but it _will_ end up as cool stuff :)
|
| MazeGen | of course can't talk too much about specifics of the project
|
| rCX | quick Question: Does rdtsc command (mentioned earlir) work on an 386? It seems to work in dosbox but wiki suggests that it only works on pentium.
|
| MazeGen | video should be back any second
|
| MazeGen | rcx: iirc it appeared with the pentiums, but a few 486s also had it (undocumented) - x86 secrets might have some more info
|
| MazeGen | or sandpile.org perhaps
|
| MazeGen | video workign again for you guys?
|
| LocoDelAssembly | streamming is working good again
|
| rCX | thx
|
| Biterider | nop
|
| MHajduk | Yes.
|
| MazeGen | good
|
| Biterider | now
|
| rCX | yup
|
| MazeGen | heh, getting the camera adjusted for the screens is a bit complicated with the delay and the very bad connection through the cellphone :)
|
| Homer | I thought it looked pretty good
|
| Homer | very decent framerate too
|
| MazeGen | good, at least the primary net connection isn't fucking up
|
| rCX | hehe :)
|
| MazeGen | we're on t-mobile wireless, think it's 1/1mbit, and relaying through the hypervista servers
|
| MazeGen | dunno how much battery is left on mazegen's phone
|
| Biterider | :)
|
| MazeGen | I'll have to talke to vid and hypervista about using sync.exe before loading the driver, hehe
|
| MHajduk | Question: Hypervisor is projected for secure computer against malware (am I right?), but it could be even more dangerous... ;)
|
| MazeGen | hypervisors can be used for malware protection, or things like vmware (although vmware claims that hardware VMX is slower in some circumstances, but that's half marketing, half truth)
|
| MazeGen | and yes, VMX can be used by malware as well, which could be VERY dangerous, which is why you should either turn off VMX or have a hypervisor intalled
|
| MazeGen | if you turn off the VMX capability it can't be turned on again without a hardware reset, so it's safe
|
| MazeGen | doing simple protection against malware is simple enough, but then there's all kinds of attacks involving various sources of DMA and bus reprogramming, which are somewhat trickier to detect
|
| MazeGen | Joanna (bluepill project) have written something on this I believe
|
| LocoDelAssembly | yes she did
|
| MazeGen | any questions?
|
| LocoDelAssembly | she shown how to hide a block of physical memory by reconfiguring the memory controller of the Athlon64
|
| MazeGen | yeah, very interesting stuff, but nothing I would fear for a generic exploit
|
| MazeGen | but for a really targetted attack where you want to do industrial espionage, it's something you have to worry about
|
| MazeGen | video still working?
|
| LocoDelAssembly | yep
|
| rCX | yes
|
| Biterider | yes
|
| MHajduk | Yes
|
| LocoDelAssembly | a cell phone is too near of the microphone and it is introducing interference to the audio
|
| LocoDelAssembly | (well, it not happening now)
|
| MazeGen | ok :)
|
| MazeGen | any more questions?
|
| MazeGen | well do a panorama view of the people then :)
|
| Homer | not at the moment :P
|
| MazeGen | well continue for a bti yet
|
| MHajduk | Nice girls. ;)
|
| MazeGen has left the room. |
|
| LocoDelAssembly | is unsecure saying passwords to the public ;)
|
| rCX | video is frozen
|
| LocoDelAssembly | works for me here
|
| rCX | now it works...
|
| f0dder entered the room. |
|
| f0dder | theeere, back on wifi
|
| f0dder | mazegen is about to do a presentation on his stuff
|
| LocoDelAssembly | BTW, no one of you realized that the password was said with the streaming still functioning there?
|
| f0dder | Loco: can you save chat log periodically? I think mazegen accidentally closed the chat running on his machine without saving log
|
| LocoDelAssembly | yes, I'm doing it
|
| f0dder | loco, no problem, it's a temporary pass for wifi
|
| LocoDelAssembly | ah, hahah ok
|
| f0dder | you'd need to come to Brno within today to be able to abuse it :)
|
| Homer | a bit out of my current range
|
| LocoDelAssembly | and a good memory to remember it :P
|
| f0dder | hehe yeah
|
| f0dder | is the sound loud and clear?
|
| LocoDelAssembly | yep
|
| rCX | yeah
|
| f0dder | good
|
| Homer | looks like C64
|
| f0dder | hehe, I think it's the FAR file manager
|
| MHajduk | C64 asm obfuscation. ;)
|
| Biterider | :)
|
| Homer | protecting our software from ourselves
|
| f0dder | hehe
|
| LocoDelAssembly | yes, it is readable
|
| f0dder | yeah, dunno if a white-on-black color scheme would be better, so I think we'll just stick to this
|
| MHajduk | Question: Do you use blocks of junk code, and if yes is it completely random generated?
|
| Homer | have to go fullscreen to read it properly
|
| f0dder | hajduk: sec
|
| f0dder | I hope that answered your question hajduk
|
| f0dder | he will explain further about the various stuff
|
| f0dder | damn 20+ sec latency :)
|
| MHajduk | Thanks. :)
|
| rCX | thats clever
|
| f0dder | it's good stuff :)
|
| f0dder | relatively simple expansions atm, and you could probably do a compression for it, but once moer tricks are mixed in...
|
| Homer | loud and clear, but we have only looked at opcodes that manipulate registers - what about general pointers?
|
| f0dder | more instructions will be added a bit later
|
| f0dder | he wanted to show the basics of expansion first
|
| rCX | Will it eventually use differnt (random) tricks for each instruction?
|
| Homer | question - this expansion scheme looks to be hardcoded - is there any randomness to the expansions at all?
|
| Homer | heh
|
| rCX | hehe :)
|
| f0dder | homer: well, he did show that there's different types of expansions, but it depends on the RNG, that's why a lot of it looked the same
|
| f0dder | the templates are hardcoded, but the template picked and the immediate values are random
|
| Homer | ok :)
|
| f0dder | expansion itself isn't THAT bad, but once it's mixed with code rearrangement it becomes harder to do auto compression
|
| f0dder | he's showing the mix now, so youll see soon
|
| Homer | lol over 100
|
| f0dder | ;)
|
| LocoDelAssembly | guys I gotta go :(
|
| f0dder | he needs a better initial seed for the prng I think :)
|
| rCX | bye
|
| Homer | happy travels
|
| f0dder | loco, please save chatlog and email f0dder@flork.dk
|
| f0dder | if you have time
|
| LocoDelAssembly | I'll keep this open for logging and I'll try to back soon
|
| LocoDelAssembly | yes, I'll do it
|
| LocoDelAssembly | bye for the moment
|
| f0dder | ah, that'll be ncie too, but pelase email now as well in case of crash whaever
|
| LocoDelAssembly is currently away. |
|
| f0dder | damn unfamiliar keyboard layout
|
| f0dder | mazegen is the name of mazegen's code morphing thing too, btw
|
| Homer | ah, the order of operations was rearranged too
|
| Homer | nice
|
| f0dder | interesting stuff coming up now as the input becomes more complex
|
| Artlav has left the room. |
|
| rCX | I imagine this would turn 3 months of cracking into 3 years
|
| Homer | very nice - hardcoded values are obfuscated using binary operations
|
| f0dder | it does make things annoying
|
| Homer | makes searching for them a bit harder :P
|
| f0dder | rcx, try googling for informaton on starforce... that's a pretty hard system too
|
| f0dder | they turn x86 instructions into their own 128bit VM etc
|
| f0dder | yeah homer, the constant cloaking thing is pretty nice
|
| MHajduk | Question: Is the code obfuscated such way much slower than original?
|
| Homer | a few more opcodes, a few more cycles...
|
| Homer | bigger and slower by a factor of 2 to 4 by the look of it
|
| f0dder | you probably wouldn't want to enabel this across your entire app, for critical code peices etc, but other than that...
|
| MHajduk | Thanks. :)
|
| rCX | what program is he using to step through the code?
|
| f0dder | ollydebug
|
| f0dder | this makes cross-reference analysis in IDA just about impossible... :)
|
| rCX | wow!
|
| LocoDelAssembly is back again. |
|
| rCX | 3 jmps in a row!
|
| LocoDelAssembly | I'm back :D
|
| f0dder | wb loco
|
| f0dder | heh, cute jump chaining going on
|
| LocoDelAssembly | 904 chat lines so far
|
| MHajduk | Question: Do you use self-modifying code?
|
| f0dder | you now udnerstand why it's called mazegen? ;)
|
| LocoDelAssembly | hahaha yeah
|
| f0dder | hajduk: done :)
|
| MHajduk | OK. :)
|
| Homer | returning to self is one thing, but returning to somewhere else is far more interesting..
|
| Homer | actually obfuscating the execution flow..
|
| MHajduk | Question: How about marketing effects?
|
| f0dder | i hope nobody would tro to analyze this code manually...
|
| f0dder | hajduk, marketing in which way?
|
| MHajduk | I mean, do they earn money on service/sell this?
|
| Homer | that was interesting :)
|
| f0dder | it's used in a protector
|
| LocoDelAssembly | Thanks Mazegen!!
|
| f0dder | so you might stumble into code like this if you play with RE/cracking, it's used in the real world already
|
| Homer | yep nothing new as such
|
| f0dder | try googling for mazegen+protector
|
| f0dder | you'll see
|
| Homer | still, interesting and entertaining, and educational for some I am sure
|
| f0dder | yeah
|
| MHajduk | Question: Are there programs, which may help in deobfuscation? Is it possible anyway?
|
| Homer | code analysis could be written with some pre-knowledge of the fixed templates
|
| LocoDelAssembly | Yes I was wondering if some algebraic analysis can beat this
|
| f0dder | it's an NP complete problem loco, so its pretty nasty to do
|
| Homer | even with randomly selected templates, we are selecting from a fixed and predetermined set
|
| f0dder | you can't get back to the original code already, but you can do some simplification, it's not easy though
|
| LocoDelAssembly | yes, that what I mean, "optimizing" the executable to the minimal expression posible
|
| rCX | you could probably obfuscate the obfuscated code :)
|
| f0dder | rcx: that's what he showed with multientru
|
| rCX | hehe :)
|
| Homer | yeah, a few passes through the obfuscator would make it hell to reverse..
|
| MHajduk | Thank you for presentations. :)
|
| f0dder | homer: yes you're right, so instruction reordering IS necessary to make de-obfuscation nontrivial
|
| Homer | you would be obfuscating inactive opcodes etc
|
| f0dder | thanks for watching and asking qustionds:)
|
| f0dder | and bearing over with my typos
|
| LocoDelAssembly | you're welcome ;)
|
| Homer | thank you guys, that was a great presentation
|
| f0dder | hope we can bring even more people next year :D
|
| LocoDelAssembly | please make sure to keep well the video of Mazegen presentation!!
|
| Homer | "and all I got was this lousy tee shirt"
|
| rCX | lol
|
| f0dder | enjoying the strip show? ;)
|
| LocoDelAssembly | HAHAHAHAHA
|
| Biterider has left the room. |
|
| f0dder ) We're streaming pr0n |
|
| f0dder | hehe
|
| f0dder | we're off to a pub soon, have a nice evening everybody
|
| f0dder | 20:22 here, GMT+1
|
| rCX | bye! Great Conference
|
| f0dder | loco, you got all the text captured?
|
| rCX has left the room. |
|
| MHajduk | 20:22 here too. :D
|
| LocoDelAssembly | 15:22 here
|
| Homer | 4:23 tomorrow morning :P
|
| Homer | GMT+10
|
| LocoDelAssembly | GMT-3 in my case :D
|
| LocoDelAssembly | where are you?
|
| Homer | australia
|
| Homer | east coast
|
| f0dder has left the room. |
|
| Homer | heh, must be beer time
|
| MHajduk | Seems that's end. Bye everybody. :)
|
| Homer | bye!
|
| Homer has left the room. |
|
| LocoDelAssembly | bye
|
| MHajduk has left the room. |
|