WTF is happening with Windows 11? And nothing else
-
@cvi Well, why do some gamedevs bother with it?
-
@Applied-Mediocrity Beats me. Stupid management?
Real question is whether any of the big engines (Unreal, Unity, ...) support it. If not, that's a good indication on how (in-)effective such attempts are currently.
Which isn't to say that things aren't looking to go that way. Graphics APIs have support for creating "protected" resources, i.e., that are in memory that you can't easily at once stuff is in there. Key point is "once stuff is in there".
Not that support for such looks like a priority:
Encrypting stuff on disk might still help with regards to content mining, assuming you can make sure that only the game is able to encrypt the data (heh). Means you have to fend off people who know of obscure tools like debuggers, etc etc. Seems like an exercise in futility.
As for asset theft? I thought the de-facto solution for that is to just sick a pack of lawyers onto whoever tries that.
-
@cvi said in WTF is happening with Windows 11? And nothing else:
Real question is whether any of the big engines (Unreal, Unity, ...) support it
That's why I'm bringing it up. Unreal does. The entire pak can be encrypted upon baking. Notably, Forknite paks are encrypted. Sssh, let's not leak our
hard workdumbass dance moves. But I've encountered it in the wild, too (Expeditions Rome, for example).Early Access titles could, in theory, have some use out of it. You might have carelessly forgotten to remove some future stuff. The idea
ismight be that if it's not an AAA title then for most people hopefully thewill prove stronger than trying to rip the key somehow.
-
@Applied-Mediocrity I briefly searched for encryption in Unreal paks (saw a reference to that while looking for information about whether Unreal had support for the protected memory stuff).
Mostly stumbling across stuff in their dev forums, and it mostly indicates that the encryption isn't exactly bullet proof. (To be fair, you get replies like this, which aren't exactly giving me too much confidence in them. But the guy is on the right track .. if there's a decryption key in there, you can probably get it.)
The idea is might be that if it's not an AAA title then for most people hopefully the
will prove stronger than trying to rip the key somehow.
Yeah, this. Keeping somebody really determined from grabbing your stuff is going to be difficult.
Somewhat paradoxically, optimizing your rendering code will likely make it more difficult to grab usable assets by intercepting the graphics API.
-
-
@cvi Back to the DirectumStorage then, I guess it would depend on the cipher mode used. Offloading stream ciphers - a good idea for 5000 magaherz CPUs with hardware AES - to the GPU doesn't seem like giving any advantage.
- You can have the new version (if they ever bother to make it anything else than vacuous Windows 11 marketing blurb)
- You can have the stream version for the playerbase which doesn't have the latest hottest (very literally, lately, it seems)
- You can have no encryptioning and not worry about it
-
@Applied-Mediocrity I'm still not convinced why one would care about encryption in DirectStorage. Why do you want to bother with that? Enough games seem to get by just fine without that stuff (e.g., look at the frame breakdowns here or here -- these people are running the games in debuggers, so grabbing data out of them is ... not that difficult).
Not supporting (de)compression is a much much bigger issue. If you look at the PS5 specs, they claim that their HW compression gives almost 2x the IO bandwidth (from ~5GB/s to almost 10GB/s). Not being able to use compression hurts IO bandwidth and makes assets take even more storage space.
That said ... the point for doing decryption on the GPU isn't even that the CPU is good at stream ciphers and the GPU (ostensibly) isn't(*). If you can use the protected memory mechanism (which is supposed to be enforced by hardware), and keep the data encrypted all the way until it is on the GPU, you close a lot of holes. I.e., the decrypted data is never in unprotected memory/system memory. (One remaining problem is how you get the key anywhere safely -- until you solve that, you might as well not bother with anything else either.)
(*) You're limited by IO BW, which means that if you can decrypt at those 10GB/s or whatever you end up with, you're good. According to this they get 200+ Gbps for AES on stuff like the 1080.
-
@cvi said in WTF is happening with Windows 11? And nothing else:
if there's a decryption key in there, you can probably get it
This is tautologically true for all DRM schemes where Bob and Eve are the same person. Your only hope is having locked down hardware where you
are not the ownercan't access everything..@cvi said in WTF is happening with Windows 11? And nothing else:
According to this they get 200+ Gbps for AES on stuff like the 1080.
Do GPUs have integer units or is this done using floating point and hoping there's no rounding?
-
@cvi said in WTF is happening with Windows 11? And nothing else:
I'm still not convinced why one would care about the encryption in the first place
Let's ask Tencent Timmy why they're doing it on their showcase.
Ā±1 for reminding me of Megatextures. Tried Rage on the Deck. What a nice rage-inducing soup of triangles all over the viewport. Probably a wontfix, too, given that there's what - two games using them? But it was the future! Carmack can do no wrong. As seen
on TVPixar and ILM (not really).
-
@topspin said in WTF is happening with Windows 11? And nothing else:
Do GPUs have integer units or is this done using floating point and hoping there's no rounding?
Integer units.
They tend to be a bit special(tm), depending on the GPU generation, though. Rules are different than for CPU. E.g., bitops (shifts, ...) aren't necessary cheap. Some generations had cheaper 24-bit integer mults, 32-bit was more expensive. 64-bit is almost always more expensive. Occasionally you get a few weirdo instructions too.
Floats (32-bit) tend to have more throughput than integer stuff.
Nowadays, you have some additional ML-instructions that can sometimes use weird precision integers (for matrix and tensor ops).
-
@Applied-Mediocrity said in WTF is happening with Windows 11? And nothing else:
But it was the future!
Well. You have mega textures in hardware now. (Sparse resources/residency.)
(The other aspect of mega textures, i.e. as a texture atlas, is less useful these days. At least if you can use stuff like bindless/descriptor indexing/dynamic indexing.)
Spoiler alert: HW implementations had problems like 10 years ago when they were first introduced. Whenever I hear somebody trying to use them, the problems are still there.
-
@cvi And it's a solution without a problem (much like UE5 ubermeshes and megascans). If the entire thing consists of static meshes acquired using photogrammetry, like for a VR tour of some boring place, then it's the right tool. It just seems to me that the entire big idea falls apart fast when you want anything but a lifeless setpiece -- which is decidedly not what I expect a modern AAA vidya to be.
I had a row with our notorious Gooseman (MISSING! Reward: 0x80 internetpointzz) back when the PS5 demo appeared. I keep that it's all masturbation over things that aren't important to better games - or games in general. Not even for graphically better looking games. Just mildly impressive showcases. It didn't go well
Ostensibly I don't really have the technical knowledge, aptitude or patience to prove him or anybody wrong.
-
@Applied-Mediocrity said in WTF is happening with Windows 11? And nothing else:
I don't really have the technical knowledge (...) to prove him or anybody wrong.
Since when is this required on WTDWTF?!
-
@Zerosquare said in WTF is happening with Windows 11? And nothing else:
@Applied-Mediocrity said in WTF is happening with Windows 11? And nothing else:
I don't really have the technical knowledge (...) to prove him or anybody wrong.
Since when is this required on WTDWTF?!
Well to "prove"...
obligatory for WTDWTF: I don't really have the technical knowledge (...) but I'll tell him or anybody
it's wrongwhat's right.edit: WTF clarity
-
@Applied-Mediocrity said in WTF is happening with Windows 11? And nothing else:
And it's a solution without a problem (much like UE5 ubermeshes and megascans). If the entire thing consists of static meshes acquired using photogrammetry, like for a VR tour of some boring place, then it's the right tool. It just seems to me that the entire big idea falls apart fast when you want anything but a lifeless setpiece -- which is decidedly not what I expect a modern AAA vidya to be.
Do you have any AAA games that aren't mainly static meshes, though? (I guess you could count Minecraft as an AAA title these days, and that one isn't static meshes.)
Whether UE5's ubermeshes are the right solution is a good question. (They certainly have their limitations.) Photogrammetry? Eh. Artists are expensive and modelling/designing is time consuming. I don't think we're quite at that point yet, but if you can just go outside and scan a thing (like a rock or a cliff or whatever) instead of spending time modelling it from scratch ... why not?
-
From what I've seen, the output generated by 3D scanners is pretty noisy, and converting it to something that looks good and doesn't use zillions of triangles requires significant work. I may be wrong, but I don't think it's worth it for general use.
-
@Zerosquare UE's ubermesh tech (=Nanite) tries to deal with the latter (e.g., zillions of triangles). Only heard about it, have a vague idea of the ideas behind the tech, but can't comment how well it actually works.
You can get some pretty good looking 3D scans these days. Don't know how much manual work went into fixing those up etc. Still seems like a bit of an art form (and complex environments suck, needing multiple scans). But it seems to be commercially viable to do & sell scans, so...
-
@cvi said in WTF is happening with Windows 11? And nothing else:
Do you have any AAA games that aren't mainly static meshes, though?
No. And that's where I think the problem is. I don't know to whom are they selling the product anymore. Or rather, I do suspect. Both Unreal and Unity are now fixing to be into CGI-fueled movie business, with vidyas, bland and lifeless as they were a decade ago, once again becoming second-rate time-wasters.
So, Microsoft and the rest of the fucks can save themselves the bother of trying to sell DirectStorage to me (and W11 with it). There's nothing in there that I want.
-
@Applied-Mediocrity said in WTF is happening with Windows 11? And nothing else:
trying to rip the key somehow.
The fun thing is, the key to decrypt it must necessarily be stored in an available way, so the entire point is rather moot.
-
Status: Windows you stupid fuck, run the fucking program that's in the literal first path to search you numbnuts sack of shit!
-
@Tsaukpaetra Yes, but everybody knows when your DRM fails, you just need to DRM harder
-
@Applied-Mediocrity said in WTF is happening with Windows 11? And nothing else:
Notably, Forknite paks are encrypted.
Was that a typo or are you talking about this game?
-
-
-
Windows 11 also has the highest quality scores and product satisfaction of any version of Windows weāve ever shipped.
-
Active DesktopGadgetsWidgets liiiiives!Live Tiles
-
@Applied-Mediocrity CADT model strikes again.
-
@topspin Not sure if the security model even can be fixed. Pulling assorted stuff from various third-party websites that you're supposed to trust is one thing. I used to have CPU and GPU monitoring gadgets on the Windows 7 sidebar. They required kernel-mode drivers (otherwise they couldn't possibly work)...
-
Status: Frustrated at the decreased stability of File Explorer, I went to toggle the setting that makes them fork and discovered...
Each item puts a
-OFF
or-ON
at the end now. Because the tickbox state is now ambiguous where it wasn't before.
-
@Tsaukpaetra It does that whenever it detects a screen reader that is trying so very hard to do the right thing, but was written back in the Windows 95 days and isn't using Active Accessibility (which has a slot for that). You may have some automation software, CBT software, or shitcoin miner that's triggering that unintentionally.
-
@TwelveBaud said in WTF is happening with Windows 11? And nothing else:
@Tsaukpaetra It does that whenever it detects a screen reader that is trying so very hard to do the right thing, but was written back in the Windows 95 days and isn't using Active Accessibility (which has a slot for that). You may have some automation software, CBT software, or shitcoin miner that's triggering that unintentionally.
Would that Windows could tell me what it thinks is a screen reader. Only things I have open are...
-
@Tsaukpaetra said in WTF is happening with Windows 11? And nothing else:
Would that Windows could tell me what it thinks is a screen reader.
Or maybe you just pressed the wrong magic key sequence.
-
@Tsaukpaetra A virus fishing for banking credentials, maybe?
-
@acrow said in WTF is happening with Windows 11? And nothing else:
@Tsaukpaetra A virus fishing for banking credentials, maybe?
But my credentials have been public for years now....
-
@Tsaukpaetra said in WTF is happening with Windows 11? And nothing else:
Each item puts a -OFF or -ON at the end now. Because the tickbox state is now ambiguous where it wasn't before.
That would actually be a huge help for the new and disimproved check box slider widgets that have metastasized along with the flat design cancers.
-
@Tsaukpaetra said in WTF is happening with Windows 11? And nothing else:
@acrow said in WTF is happening with Windows 11? And nothing else:
@Tsaukpaetra A virus fishing for banking credentials, maybe?
But my credentials have been public for years now....
Username:
Tsaukpaetra
Password:tsaukpaetra
-
@topspin said in WTF is happening with Windows 11? And nothing else:
@Tsaukpaetra said in WTF is happening with Windows 11? And nothing else:
@acrow said in WTF is happening with Windows 11? And nothing else:
@Tsaukpaetra A virus fishing for banking credentials, maybe?
But my credentials have been public for years now....
Username:
Tsaukpaetra
Password:tsaukpaetra
Close. The password is
Tsaukpaetra!
-
@TwelveBaud said in WTF is happening with Windows 11? And nothing else:
CBT software
Truly, we are living in a Golden Age.
-
@Tsaukpaetra Password may not contain username.
-
@PleegWat said in WTF is happening with Windows 11? And nothing else:
@Tsaukpaetra Password may not contain username.
Easy:
Tsaukpa3tra!
Standard replacement character.
-
-
@PleegWat the comic that taught everyone their password should just be ācorrect horse battery stapleā only to discover that password forms wonāt accept it because itās too long, has spaces, has no mixed case, no numbers and no special characters (just donāt use quotes, ok?)
-
@Arantor said in WTF is happening with Windows 11? And nothing else:
@PleegWat the comic that taught everyone their password should just be ācorrect horse battery stapleā only to discover that password forms wonāt accept it because itās too long, has spaces, has no mixed case, no numbers and no special characters (just donāt use quotes, ok?)
I love that spaces are banned in passwords, together with characters like ; < and such. Gives me great trust in the system.
-
@Carnage Is there any good reason to ban any characters?
Even something like backspace (ASCII 8?). Yeah, it'll be difficult to get that through e.g. the input system of the client machine, but if you were able to do so in the first place, you're clearly capable of doing so, so why not allow it?
-
@cvi said in WTF is happening with Windows 11? And nothing else:
@Carnage Is there any good reason to ban any characters?
Even something like backspace (ASCII 8?). Yeah, it'll be difficult to get that through e.g. the input system of the client machine, but if you were able to do so in the first place, you're clearly capable of doing so, so why not allow it?
At the last place, their reason was MUH SECURITY! While that may be a reason, it's the wrong fix for the problem. I kept fighting that particular windmill until they decided I was overqualified and didn't want to extend my contract.
If certain inputs in your system will cause root shell access or arbitrary SQL to be run, please start hiring non retarded developers instead, and put the ones you have in the basement, away from anything sharp.
-
@cvi said in WTF is happening with Windows 11? And nothing else:
@Carnage Is there any good reason to ban any characters?
Even something like backspace (ASCII 8?). Yeah, it'll be difficult to get that through e.g. the input system of the client machine, but if you were able to do so in the first place, you're clearly capable of doing so, so why not allow it?
Control characters would be a bad idea, just because of input problems. Same might go for other characters that may be hard to input on some devices, but at some point thatās the userās problem.
But in principle the password should just be a byte stream, thereās no reason to interpret it as anything.
-
@Carnage said in WTF is happening with Windows 11? And nothing else:
If certain inputs in your system will cause root shell access or arbitrary SQL to be run, please start hiring non retarded developers instead, and put the ones you have in the basement, away from anything sharp.
Those are too expensive. MUH OUTSOURCING!
-
@cvi there is no general reason to exclude characters from a password.
Exclusion of < and > usually indicates some oversanitisation too early. Exclusion of quotes and percent is usually a sense of not correctly parameterising queries.
All of the above suggests not properly hashing passwords.
However... we have to talk about that complicated space between characters and bytes.
My space is the web space (other spaces with other semantics apply), so I'm familiar with the weird-ass sematics there - if you have a UTF-8, the browser is supposed to only send UTF-8 valid bytes back when submitting a form, especially if the form itself expressly indicates accept-charset="UTF-8" but there's no guarantee you will get valid UTF-8 byte sequences back.
As a result you probably shouldn't send passwords that contain invalid UTF-8 byte sequences, because something could well be catching the sequence before it gets to the application. The reality is that many frameworks will also strip the ASCII control characters from form inputs because they shouldn't be 'valid' in form input but this is only by convention.
-
@topspin said in WTF is happening with Windows 11? And nothing else:
But in principle the password should just be a byte stream, thereās no reason to interpret it as anything.
Except backspace.
-
@dcon said in WTF is happening with Windows 11? And nothing else:
@topspin said in WTF is happening with Windows 11? And nothing else:
But in principle the password should just be a byte stream, thereās no reason to interpret it as anything.
Except backspace.
butā¦
That gets interpreted by the input method. Your code shouldnāt (and most certainly doesnāt) search for bytes with that ASCII code and remove it together with the previous one.