oooh, the redbox uses full AES encryption!
-
@[email protected] probably not at all a security risk, no need to think twice about that one
-
@gudenau yeah we've talked about that in the discord. We've compiled a list of places it stores PII
-
@[email protected] so strange they went bankrupt.
-
Perish! 👻 (the thot)replied to Asta [AMP] last edited by
-
Asta [AMP]replied to Perish! 👻 (the thot) last edited by
@[email protected] @[email protected] I implemented the "factory/builder" thing once just to see if I was missing something about why writing four times the amount of code with two to three times the amount of repeated variables and functions across two nearly identical objects was a good idea, and yeah, no, that's a hundred+ lines I'll never get back that could have been a fucking init function
-
@[email protected] @[email protected] sometimes it seems people do this in Rust and I don't know why you would do that to yourself when you could just literally not.
-
Xandra Granade 🏳️⚧️replied to Asta [AMP] last edited by
-
Asta [AMP]replied to Perish! 👻 (the thot) last edited by
@[email protected] @[email protected] (oh, I guess I was talking about builders instead of factories but whatever just instantiate your object already)
-
Asta [AMP]replied to Xandra Granade 🏳️⚧️ last edited by
@[email protected] @[email protected]
"During debate over his nomination, a list of videotapes Bork had rented was leaked to the press, which led to the enactment of the 1988 Video Privacy Protection Act as a response. The leak was inspired by Bork's opposition to privacy protections beyond those explicitly outlined in the constitution."
baaaaahahahaha, this fucking guy though. this is awesome. -
@foone I now really want the forbidden knowledge of wheel of fortune’s bespoke multitasking programming language
-
@perplexes I'm still writing a disassembler, it'll be documented someday
-
So, quick summary:
Redbox went bankrupt and the machines are getting in the hands of individuals. The disk image has been dumped. The software is being reverse engineered: they're not currently very useful, since they need to talk to a server that's gone.But progress is being made
-
the devices themselves are windows 7 machines talking to the disc library. It's a small group of services talking to each other, mainly over HTTP
-
it's primarily written in enterprise-as-fuck C#, with some lua scripting, and the "HS" scripting language which seems to be proprietary to redbox machines.
-
I'm currently trying to acquire one so I can do more hands-on reverse engineering, but for now I'm focusing on the software and how it all interacts
-
and I'm told Doom has already been run on them. It's windows 7, it can run many doom sourceports.
With a little extra work you could probably play native MS-DOS Doom on them
-
rk: not a typewriterreplied to Foone🏳️⚧️ last edited by
Ohhh I do love me an embedded scripting language. Do you know if there’s any info on the HS language, or if you have time would you mind posting a sample or two?
-
MORE FUN FACTS:
it turns out the device has a database on it which lists the location of every single other redbox machine. full addresses.
-
Foone🏳️⚧️replied to rk: not a typewriter last edited by
@rk there's no info, but there are some samples. I don't have access to the full ones right now, but here's a snippet from the discord:
GRIPPER STATUS
POP GRIPPER-STATUS
IF "FULL" == GRIPPER-STATUS
LOG "The gripper is full - please fix."
APPLOG "The gripper is obstructed - exiting."
RESULT CODE="ItemStuckInGripper" MESSAGE="There is a disc stuck in the picker."
EXIT "Gripper is obstructed."
ENDIF -
Howard Chu @ Symasreplied to Foone🏳️⚧️ last edited by
@foone Encryption at rest is always that way though, whatever software is accessing the data always has to have the encryption key(s) available.