I recall a story of how the windows 95 team (or the like) was crazy dedicated to backwards compatibility, so they had a check to see if the user was running Roller Coaster Tycoon and if so, disabled virtual memory so the game would run.
Though I'd like to know more details, like:
* Why does blizzard need to run in the sandbox on Mac OS X? The app sandbox is opt-in (though required for App Store apps)
Here's the story Joel Spolsky wrote some time ago[1]:
> Windows 95? No problem. Nice new 32 bit API, but it still ran old 16 bit software perfectly. Microsoft obsessed about this, spending a big chunk of change testing every old program they could find with Windows 95. Jon Ross, who wrote the original version of SimCity for Windows 3.x, told me that he accidentally left a bug in SimCity where he read memory that he had just freed. Yep. It worked fine on Windows 3.x, because the memory never went anywhere. Here's the amazing part: On beta versions of Windows 95, SimCity wasn't working in testing. Microsoft tracked down the bug and added specific code to Windows 95 that looks for SimCity. If it finds SimCity running, it runs the memory allocator in a special mode that doesn't free memory right away. That's the kind of obsession with backward compatibility that made people willing to upgrade to Windows 95.
There are a lot of checks for specific apps in the Cocoa framework. It's pretty much what the undocumented CFExecutableLinkedOnOrAfter() is for (sometimes called in conjunction with a check for a specific bundle name).
When I worked at Apple before Steve came back there were tons of checks in MacOS for particular versions of apps, especially for Microsoft Word and Excel, working around their buggy behavior (or their workarounds for Apple's buggy behavior, a vicious cycle). While I have no idea if this person knows anything it would not be surprising.
Yeah. We port Windows applications to Mac at work. A couple years ago when Apple switched on a more stringent code signing requirement, we found many of our ports worked without the updated code signing, while some others would warn about an invalid signature. It was clear there was some internal whitelist for old, known signatures which had picked up many, but not all, of our ports. User friendly, I guess, but pretty ugly.
Horribly misleading title here. Blizzard is exempt from one tiny piece of the sandbox, namely the sandboxing around access(). Which is nearly irrelevant.
This guy published an app that did jailbreak detection and some other stuff on the App Store, it was taken down, and has been rambling since then in a very very childish way about stuff like this: https://twitter.com/i0n1c/status/738286205708738560
Truth is--he knew what was going to happen, so this looks just like another excuse to rant.
He is known in the jailbreak scene as someone who cannot stay serious - he's always involved in some kind of drama.
If I recall correctly, the pangu dev team attended some of his sessions about iOS hacking and used this knowledge to create a publicly available jailbreak tool. He then started to rant about how they "stole" his technologies on twitter (see for example https://twitter.com/i0n1c/status/481020166483238912).
[+] [-] Aissen|9 years ago|reply
I deleted the tweet with the picture of the sandbox because people start hyping it up without linking the clarification.
And the "clarification" tweet: https://twitter.com/i0n1c/status/738084828202053633
For those late to the party: the sandbox bypass exception for Blizzard only affects the access() family of syscalls - probably harmless
Edit: Original tweet screenshot http://imgur.com/c8RnYjo (it's still in Google cache… for now).
[+] [-] personjerry|9 years ago|reply
If an attacker knows what files Blizzard is calling access() on, they could likely use this exploit and execute arbitrary code.
[+] [-] mzs|9 years ago|reply
[+] [-] chillacy|9 years ago|reply
Though I'd like to know more details, like:
* Why does blizzard need to run in the sandbox on Mac OS X? The app sandbox is opt-in (though required for App Store apps)
* Can anyone set their team ID to blizzard's?
* Are blizzard games attack vectors?
[+] [-] reymus|9 years ago|reply
> Windows 95? No problem. Nice new 32 bit API, but it still ran old 16 bit software perfectly. Microsoft obsessed about this, spending a big chunk of change testing every old program they could find with Windows 95. Jon Ross, who wrote the original version of SimCity for Windows 3.x, told me that he accidentally left a bug in SimCity where he read memory that he had just freed. Yep. It worked fine on Windows 3.x, because the memory never went anywhere. Here's the amazing part: On beta versions of Windows 95, SimCity wasn't working in testing. Microsoft tracked down the bug and added specific code to Windows 95 that looks for SimCity. If it finds SimCity running, it runs the memory allocator in a special mode that doesn't free memory right away. That's the kind of obsession with backward compatibility that made people willing to upgrade to Windows 95.
[1] http://www.joelonsoftware.com/articles/fog0000000054.html
[+] [-] gutigen|9 years ago|reply
https://www.wired.com/2016/01/nsa-hacker-chief-explains-how-...
[+] [-] AimHere|9 years ago|reply
Perhaps you meant it's a later version of Windows, or the game's spiritual predecessor, Theme Park, which ran in DOS.
[+] [-] mschuster91|9 years ago|reply
No, at least not for apps that are distributed on the official channels and signed with an official developer cert.
> * Are blizzard games attack vectors?
All games are, savegame manipulation is often the first step towards jailbreaking a game console.
[+] [-] Negative1|9 years ago|reply
[+] [-] mikeash|9 years ago|reply
[+] [-] no_news_is|9 years ago|reply
[+] [-] unknown|9 years ago|reply
[deleted]
[+] [-] pcwalton|9 years ago|reply
[+] [-] afandian|9 years ago|reply
[+] [-] BakaRakuda|9 years ago|reply
https://mobile.twitter.com/gruber/status/738149554978070529
Turns out a complete non-story.
[+] [-] coldtea|9 years ago|reply
The reason doesn't make it a "non-story" in any way.
Nobody sane expected the reason to be anything besides something like that (e.g. some evil root access plan) -- and it's still a story.
[+] [-] neallindsay|9 years ago|reply
[+] [-] coldcode|9 years ago|reply
[+] [-] coldpie|9 years ago|reply
[+] [-] frou_dh|9 years ago|reply
[+] [-] mikeash|9 years ago|reply
[+] [-] protomyth|9 years ago|reply
[+] [-] unknown|9 years ago|reply
[deleted]
[+] [-] sprayk|9 years ago|reply
[+] [-] unlinker|9 years ago|reply
Truth is--he knew what was going to happen, so this looks just like another excuse to rant.
[+] [-] Longhanks|9 years ago|reply
If I recall correctly, the pangu dev team attended some of his sessions about iOS hacking and used this knowledge to create a publicly available jailbreak tool. He then started to rant about how they "stole" his technologies on twitter (see for example https://twitter.com/i0n1c/status/481020166483238912).
More about his childish public behavior related to the jailbreak scene can be read here: http://www.iclarified.com/41983/pangu-jailbreak-stops-using-...
[+] [-] medecau|9 years ago|reply