ဦးဘုန္း (ဓာတု) မႏၱေလး

(NOTE: this content is a teaser from my HCI's 2019 paper and the last post of this year)

The Brazilian gaming market is full of opportunities and peculiarities. The country is well-known abroad for being an emergent field where new game ideas can be explored, andalso for its high levels of piracy, unfortunately. In a certain way, the country is a unique "ecosystem" where different business models and creative processes can be explored, given the size and the diversity of its population, of almost 220 million people.

The gaming industry in Brazil is not consolidated though, and under many aspects it is still in an initial stage. As a first step into our discussion, we can highlight some attributes of the Brazilian gaming market, using as reference the data collected in an important survey named Game Brazil Research 2018 (Pesquisa Game Brasil 2018, in Portuguese), conducted by the company Sioux Games.

In its fifth edition, the research comprised interviews with 2853 people, in an attempt to investigate some demographic, consumption and behavioral aspects of the Brazilian gaming field. The first information we need to highlight is the fact that 75.5% of the Brazilian population plays games in a wide range of platforms, like smartphones, tablets, computers, consoles, portable consoles, etc.

According to this research, the gamer audience in Brazil is mainly cross-platform,with 74% of players experiencing games on more than one device. Smartphones lead the numbers as the most popular gaming platforms in Brazil (37.6%), while consoles occupy the second place (28.8%), followed by computers, in third place (26.4%).

Another interesting piece of information from Game Brazil Research 2018 concerns the self-image of the Brazilian gamer audience: only 6.1% of the respondents considered themselves to be "hardcore" gamers. Most of the interviewed people identified themselves as casual gamers.

It was also remarkable, in the research about mobile games, that 60.7% of respondents said they played while in transit (bus, subway or car).

Finally, it is noteworthy that 53.6% of Brazilian gamers are women, and among the female audience the favorite platform is mobile (59%), in which they spend an average of one to three hours a week playing games.

From these preliminary data, it is possible to understand that Brazil is a fertile ground for mobile games and a place with high potential for new gaming business in this field.

There are no massive game publishers in Brazil yet, and mobile platforms like App Store (Apple) and Play Store (Google) constitute interesting opportunities for game designers, indie studios and small gaming companies to showcase their work, in Brazil and abroad.

#GoGamers

In this episode, I wrap up my attempt to demystify AD&D combat with a correction, some odds-ends and Weapons vs. AC!

Anchor Episode link: https://anchor.fm/thedungeonmastershandbook/episodes/Podcast-Episode-30---Finishing-Up-Simplifying-ADD-Combat-eb80m2

What do you think?!

Leave me a voice message and let me know what you think or ask questions if you have them! (312) 625-8281‬ (US/Canada) You can also leave a message on Anchor: anchor.fm/thedungeonmastershandbook/message

Find episode posts and other D&D content on my blog: chgowiz-games.blogspot.com

Credits

Intro music: Dragonaut by Bradley The Buyer (bit.ly/2ASpAlF)
Outro music: Dream by Wild Shores (bit.ly/2jbJehK)
Stinger music by TJ Drennon - Check out his Patreon page at https://www.patreon.com/TJD/
Stinger music by Nightingale - https://www.looperman.com/users/profile/207475
All music used with permission.

by HeroOfAvalon

Before they were absorbed by Sony, Psygnosis were responsible for publishing some interesting games. Attack of the Saucerman, the sole release from Fube Industries Ltd, was an attempt at morphing the sci-fi stylings of a 1950s B-movie with an action-heavy mascot platformer. With Mars Attacks and Men in Black hitting cinemas, the late 90s had something of a renaissance of flying saucer schlock, the latter of which appears to be a heavy inspiration here. With its 2000 release (a year after the PlayStation original), did it miss the B-movie boat?

Read more »

I own a hobby game store but one of my other hobbies, the one that takes all my meager disposable income, is overlanding and off roading. I have been stuck many times in my Jeep. For a while, it seemed like that's what you did, drive until you got stuck. I learned a lot during this time, both about preparation and technique as well as wisdom in avoiding mistakes.

Once I tried to get up a muddy hill and slid back down sideways, nearly over an embankment. I tried several more times and slid into the exact same nook on the hill, a little closer to the edge each time. Eventually I got half way up, avoided the slide, and winched my way over the top. My friend who didn't get stuck was focused on getting me to learn how to navigate the vehicle up the hill. I just wanted to get to the top. My installer thought I was foolish to buy a winch, "I've been off-roading for 20 years and never used my winch." Well, he never went with us. I ended up using the winch several more times that year. There are some fundamentals to off-roading that apply to business.

Be prepared. In my Jeep sliding situation, I had the original, street tires on the vehicle. I had no business being in mud. A wiser me would have looked at that hill and said "Nope! We go around." In business this means having some form of reserve. A cash reserve is the most obvious. Before we had our large construction project, with tremendous debt, I had cash reserves. We would look around and try to solve problems with money, rather than seeing problems and putting them on my white board of shame, a list to be solved another day.

Being prepared also means having a plan. What would you do if you were forced to shut down for a long period of time? Would you continue the business at all? That's the first question. Is it worth it? If so, how? Having checked your resolve ahead of time means you are acting on your plan while others are searching their hearts. This is a discussion I've had with friends and family many times, and the weekend before I was shut down, we revisited this. Is it worth continuing if they shut you down?

Self rescue. Rule zero of survival is nobody is coming. Be self reliant. With rule zero in mind, how are you going to self rescue in a time of crisis? You should certainly call for help, but remember, nobody is coming. Hope they come, expect they won't. My solution was to set up an online store and do no-contact home delivery. The best time to have set up an online store was a year ago, but you do what you can in the time of crisis. In coming days, I will change that to far less profitable, but safer, shipping of all orders. Nobody is coming. I'll believe there is an outside solution when the money hits my bank account.

Call for help. Nobody is coming, but they might. I've got a ham in the Jeep, but I really want a satellite communicator. The price tag and subscription throws me off, but before every big trip, I consider it again. How remote is this trip? Who am I going with?

In the case of the business, I'm refinancing my house to acquire cash out and tapping investors for a "cash call." This alone is probably enough to self-rescue, assuming things go back to normal. They'll never be normal again. When I went to initiate a refinance, the first several days the banks were swamped and stopped publishing rates. The next week, my mortgage broker added me to her schedule. It has been three weeks and she hasn't called me back. I'm half way through a refinance with a second broker. Is it possible this falls through? Absolutely. Should I have relied on the first broker? Nobody is coming.

I'm also applying for an SBA economic injury disaster loan, and was recently approved for one. Next is the PPP payroll protection plan, which really will employ my staff for more hours than I would give them otherwise, probably building a new online store I should have created a year ago.

One of these things needs to happen. I need the mortgage refi or the SBA loan and gravy if I get both. Let's turn failure into an embarrassment of riches. Since nobody is coming, sending out a request for help on every frequency might increase my chances somebody comes. If nobody comes, the online store becomes an even hotter priority. Everyone is screwed. It is to everyones interest to be patient and allow self recovery. It's the best option since nobody is coming.

The time to be prepared with a strong resolve and resources in place, was before this happened. The time to begin the self rescue and call for help was last week. The time to accept nobody is coming and figure this out on your own is now.

Take me to the Kickstarter...

What does this project include?

The project was created to fund the tooling and production of a polystyrene plastic model kit. The Eisenken Grav StuG.

We also offer 3d printable building terrain sets, modular, stackable and and loaded with details.

The icing on the cake... Two lucky backers will receive an extra free kit, painted by the extremely talented David Woods! Each StuG you back will provide an entry into the raffle!

Good luck to all of you! now lets get this Kickstarter across the finish line!

Bluescan is a open source project by Sourcell Xu from DBAPP Security HatLab. Anyone may redistribute copies of bluescan to anyone under the terms stated in the GPL-3.0 license.

This document is also available in Chinese. See README-Chinese.md

Aren't the previous Bluetooth scanning tools scattered and in disrepair? So we have this powerful Bluetooth scanner based on modern Python 3 ---- bluescan.
When hacking new Bluetooth targets, the scanner can help us to collect intelligence, such as:

BR devices
LE devices
LMP features
GATT services
SDP services
Vulnerabilities (demo)

Requirements
This tool is based on BlueZ, the official Linux Bluetooth stack. The following packages need to be installed:

sudo apt install libglib2.0-dev libbluetooth-dev

When you play this tool in a Linux virtual machine, making a USB Bluetooth adapter exclusive to it is recommended, like the Ostran Bluetooth USB Adapter OST-105 CSR 8150 v4.0 for 99 RMB. Of course, the best one to use is the little bit expensive Parani UD100-G03, 560 RMB. And if you want to try the vulnerability scanning, see README.md of ojasookert/CVE-2017-0785.

Install
The lastest bluescan will be uploaded to PyPI, so the following command can install bluescan:

sudo pip3 install bluescan

Usage

$ bluescan -h  bluescan v0.2.1    A powerful Bluetooth scanner.    Author: Sourcell Xu from DBAPP Security HatLab.    License: GPL-3.0    Usage:      bluescan (-h | --help)      bluescan (-v | --version)      bluescan [-i <hcix>] -m br [--inquiry-len=<n>]      bluescan [-i <hcix>] -m lmp BD_ADDR      bluescan [-i <hcix>] -m sdp BD_ADDR      bluescan [-i <hcix>] -m le [--timeout=<sec>] [--le-scan-type=<type>] [--sort=<key>]      bluescan [-i <hcix>] -m gatt [--include-descriptor] --addr-type=<type> BD_ADDR      bluescan [-i <hcix>] -m vuln --addr-type=br BD_ADDR    Arguments:      BD_ADDR    Target Bluetooth device address    Options:      -h, --help                  Display this help.      -v, --version               Show the version.      -i <hcix>                   HCI device for scan. [default: hci0]      -m <mode>                   Scan mode, support BR, LE, LMP, SDP, GATT and vuln.      --inquiry-len=<n>           Inquiry_Length parameter of HCI_Inquiry command. [default: 8]      --timeout=<sec>             Duration of LE scan. [default: 10]      --le-scan-type=<type>       Active or passive scan for LE scan. [default: active]      --sort=<key>                Sort the discovered devices by key, only support RSSI now. [default: rssi]      --include-descriptor        Fetch descriptor information.      --addr-type=<type>          Public, random or BR.

Scan BR devices -m br
Classic Bluetooth devices may use three technologies: BR (Basic Rate), EDR (Enhanced Data Rate), and AMP (Alternate MAC/PHY). Since they all belong to the Basic Rate system, so when scanning these devices we call them BR device scanning:

As shown above, through BR device scanning, we can get the address, page scan repetition mode, class of device, clock offset, RSSI, and the extended inquiry response (Name, TX power, and so on) of the surrounding classic Bluetooth devices.

Scan LE devices -m le
Bluetooth technology, in addition to the Basic Rate system, is Low Energy (LE) system. When scanning Bluetooth low energy devices, it is called LE device scanning:

As shown above, through LE device scanning, we can get the address, address type, connection status, RSSI, and GAP data of the surrounding LE devices.

Scan SDP services
Classic Bluetooth devices tell the outside world about their open services through SDP. After SDP scanning, we can get service records of the specified classic Bluetooth device:

You can try to connect to these services for further hacking.

Scan LMP features
Detecting the LMP features of classic Bluetooth devices allows us to judge the underlying security features of the classic Bluetooth device:

Scan GATT services
LE devices tell the outside world about their open services through GATT. After GATT scanning, we can get the GATT service of the specified LE device. You can try to read and write these GATT data for further hacking:

Vulnerabilities scanning (demo)
Vulnerability scanning is still in the demo stage, and currently only supports CVE-2017-0785:

$ sudo bluescan -m vuln --addr-type=br ??:??:??:??:??:??  ... ...  CVE-2017-0785

Download Bluescan

via KitPloit

Related word

Welcome back to Linux Command Line Hackery series, I hope you've enjoyed this series so far and would have learned something (at least a bit). Today we're going to get into user management, that is we are going to learn commands that will help us add and remove users and groups. So bring it on...

Before we get into adding new users to our system lets first talk about a command that will be useful if you are a non-root user.

Command: sudo
Syntax: sudo [options] command
Description: sudo allows a permitted user to execute a command as a superuser or another user.

Since the commands to follow need root privileges, if you are not root then don't forget to prefix these commands with sudo command. And yes you'll need to enter the root password in order to execute any command with sudo as root.

Command: useradd
Syntax: useradd [options] username
Description: this command is used for creating new user but is kinda old school.
Lets try to add a new user to our box.
[Note: I'm performing these commands as root user, you'll need root privileges to add a new user to your box. If you aren't root then you can try these commands by prefixing the sudo command at the very beginning of these command like this sudo useradd joe. You'll be prompted for your root password, enter it and you're good to go]

useradd joe

To verify that this command has really added a user to our box we can look at three files that store a users data on a Linux box, which are:

/etc/passwd -> this file stores information about a user separated by colons in this manner, first is login name, then in past there used to be an encrypted password hash at the second place however since the password hashes were moved to shadow file now it has a cross (x) there, then there is user id, after it is the user's group id, following it is a comment field, then the next field contains users home directory, and at last is the login shell of the user.

/etc/group -> this file stores information about groups, that is id of the group and to which group an user belongs.

/etc/shadow -> this file stores the encrypted password of users.

Using our command line techniques we learned so far lets check out these files and verify if our user has been created:

cat /etc/passwd /etc/group /etc/shadow | grep joe

In the above screenshot you can notice an ! in the /etc/shadow, this means the password of this user has not been set yet. That means we have to set the password of user joe manually, lets do just that.

Command: passwd
Syntax: passwd [options] [username]
Description: this command is used to change the password of user accounts.
Note that this command needs root privileges. So if you are not root then prefix this command with sudo.

passwd joe

After typing this command, you'll be prompted password and then for verifying your password. The password won't show up on the terminal.
Now joe's account is up and running with a password.

The useradd command is a old school command, lets create a new user with a different command which is kinda interactive.

Command: adduser
Syntax: adduser [options] user
Description: adduser command adds a user to the system. It is more friendly front-end to the useradd command.

So lets create a new user with adduser.

adduser jane

as seen in the image it prompts for password, full name and many other things and thus is easy to use.

OK now we know how to create a user its time to create a group which is very easy.

Command: addgroup
Syntax: addgroup [options] groupname
Description: This command is used to create a new group or add an existing user to an existing group.

We create a new group like this

addgroup grownups

So now we have a group called grownups, you can verify it by looking at /etc/group file.
Since joe is not a grownup user yet but jane is we'll add jane to grownups group like this:

addgroup jane grownups

Now jane is the member of grownups.

Its time to learn how to remove a user from our system and how to remove a group from the system, lets get straight to that.

Command: deluser
Syntax: deluser [options] username
Description: remove a user from system.

Lets remove joe from our system

deluser joe

Yes its as easy as that. But remember by default deluser will remove the user without removing the home directory or any other files owned by the user. Removing the home directory can be achieved by using the --remove-home option.

deluser jane --remove-home

Also the --remove-all-files option removes all the files from the system owned by the user (better watch-out). And to create a backup of all the files before deleting use the --backup option.

We don't need grownups group so lets remove it.

Command: delgroup
Syntax: delgroup [options] groupname
Description: remove a group from the system.

To remove grownups group just type:

delgroup grownups

That's it for today hope you got something in your head.

More info

ဦးဘုန္း (ဓာတု) မႏၱေလး

Tuesday, September 22, 2020

A Word About The Brazilian Gaming Market

Monday, September 21, 2020

Podcast Episode 30 - Finishing Up Demystifying AD&D Combat

Saturday, September 12, 2020

ATTACK OF THE SAUCERMAN!

Rescue And Recovery

Friday, September 4, 2020

Kickstarter Ending Soon - Dreamforge Games Grav-StuG Tank

Monday, August 31, 2020

Bluescan - A Powerful Bluetooth Scanner For Scanning BR/LE Devices, LMP, SDP, GATT And Vulnerabilities!

Read more

Sunday, August 30, 2020

Aircrack-ng: The Next Generation Of Aircrack

Related word

Linux Command Line Hackery Series - Part 6

DAY:DATE:TIME

Labels

Blog Archive

ဘာသာေရးဆုိင္ရာဆုိဒ္မ်ား

ဘေလာ့မိတ္ေဆြမ်ား

IT ေလ့လာႏိုင္ရန္

ဧည့္သည္ေတာ္ မွတ္တမ္း

Ads 468x60px

Counter

Country