Lend Me Your Ear: Passive Remote Physical Side Channels on PCs
We show that built-in sensors in commodity PCs, such as microphones, inadvertently capture electromagnetic side-channel leakage from ongoing computation. Moreover, this information is often conveyed by supposedly-benign channels such as audio recordings and common Voice-over-IP applications, even after lossy compression.
Thus, we show, it is possible to conduct physical side-channel attacks on computation by remote and purely passive analysis of commonly-shared channels. These attacks require neither physical proximity (which could be mitigated by distance and shielding), nor the ability to run code on the target or configure its hardware. Consequently, we argue, physical side channels on PCs can no longer be excluded from remote-attack threat models.
We analyze the computation-dependent leakage captured by internal microphones, and empirically demonstrate its efficacy for attacks. In one scenario, an attacker steals the secret ECDSA signing keys of the counterparty in a voice call. In another, the attacker detects what web page their counterparty is loading. In the third scenario, a player in the Counter-Strike online multiplayer game can detect a hidden opponent waiting in ambush, by analyzing how the 3D rendering done by the opponent’s computer induces faint but detectable signals into the opponent’s audio feed.
When Random Isn't
So there were two environments: an insecure one where you can get all information but can’t act on it, and a secure one where you can act but can’t get the information needed for automation.
An evil idea came in my head: random number generators (RNGs) used in computers are almost always pseudorandom number generators with (hidden) internal state. If I can manipulate this state, perhaps I can use that to pass information into the secure environment.
I Ran a Chess Programming Tournament, Here's How it Went!
Why Is Your NES A TV Station? (That's Weird)
The title doesn’t lie, and the answer is mildly cursed but par for the course. Something I didn’t mention is that this applies to almost all consoles released in the entire decade, and in fact a significant number (like the Colecovision) ONLY had RF out; the NES was one of the first consoles to have composite at all. If I could do it all again I’d mention that. I’d also keep my Casio CZ-1000 instead of throwing it away when I was 25.
How I implemented MegaTextures on real Nintendo 64 hardware
This showcases a demo of megatextures running on n64 hardware. A “megatexture” for the n64 is really just a normal sized textured by modern standards but with that you can do some prebaked scenes that look like they don’t belong on the n64.
Analyzing Starfield’s Performance on Nvidia’s 4090 and AMD’s 7900 XTX
We analyzed this scene using Nvidia’s Nsight Graphics and AMD’s Radeon GPU Profiler to get some insight into why Starfield performs the way it does. On the Nvidia side, we covered the last three generations of cards by testing the RTX 4090, RTX 3090, and Titan RTX. On AMD, we tested the RX 7900 XTX. The i9-13900K was used to collect data for all of these GPUs.
Commander Keen's Adaptive Tile Refresh
I have been reading Doom Guy by John Romero. It is an excellent book which I highly recommend. In the ninth chapter, John describes being hit by lightning upon seeing Adaptive Tile Refresh (ATS). That made me realize I never took the time to understand how this crucial piece of tech powers the Commander Keen (CK) series.
At its heart the problem ATS solves is bandwidth. Writing 320x200 nibbles (32 KiB) per frame is too much for the ISA bus. There is no way to maintain a 60Hz framerate while refreshing the whole screen. If we were to run the following code, which simply fills all banks, it would run at 5 frames per seconds.
Shoot ’em up in style: the making of Gun Trails on Playdate
Enter Playdate. I had wanted to build a shmup for years, but for various reasons—primarily bad scoping—the efforts always sputtered out. This little yellow device could provide the constraints needed, with the added bonus of a programming challenge to hit consistently high framerates.
What Happened to Dolphin on Steam?
Well that blew up, huh? If you follow emulation or just gaming on the whole, you’ve probably heard about the controversy around the Dolphin Steam release and the Wii Common Key. There’s been a lot of conclusions made, and while we’ve wanted to defend ourselves, we thought it would be prudent to contact lawyers first to make sure that our understanding of the situation was legally sound. That took some time, which was frustrating to ourselves and to our users, but now we are educated and ready to give an informed response.
MMC2 Magic - How Punch-Out's Graphics Work
Two boxers. No flicker? How is this possible? The MMC2 Mapper chip: Explained
How to draw too many sprites by making one a background, then how to smoothly animate it by side scrolling.
The futex_waitv() syscall and gaming on Linux
The futex_waitv syscall is a new syscall through which the process can wait for multiple futexes. The task wakes up when any futex in the list is awakened. This can be used to implement wait on multiple locks and wait lists, etc, without the limitations imposed by using eventfd.
All the (open) world’s a stage: how the video game Fallout became a backdrop for live Shakespeare shows
The Wasteland Theatre Company is not your average band of thespians. Dotted all across the world, they meet behind their keyboards to perform inside Fallout 76, a video game set in a post-nuclear apocalyptic America.
There are no ticketed seats, and the company makes no money. The majority of audiences stumble across the performances accidentally in the wasteland, and sit to watch the show for free – or tune in on Twitch, where the company broadcasts every performance live. Characters stride across stages that are cantilevered together from in-game objects. Lighting cues provide atmosphere. Soliloquies are passionately delivered.
Porting Zelda Classic to the Web
I spent the last two months (roughly ~150 hours) porting Zelda Classic to run in a web browser.
I hope my efforts result in Zelda Classic reaching a larger audience. It’s been challenging work, far outside my comfort zone of web development, and I’ve learned a lot about WebAssembly, CMake and multithreading. Along the way, I discovered bugs across multiple projects and did due diligence in fixing (or just reporting) them when I could, and even proposed a change to the HTML spec.
Weird how there’s bugs everywhere one looks.
Fixing the entire SM64 Source Code (Insane N64 performance)
Recap of a lot of work, optimizing and rewriting code to squeeze out performance on limited hardware.
The games Nintendo didn't want you to play: Tengen
Recently, I took a look at Nintendo’s MMC line of mappers, and some other boards. All boards for the NES’ western releases had to be manufactured by Nintendo, and so they generally met certain standards set by Nintendo. But these rules were enforced by technology, not by law. And the company that had previously killed the American game industry decided to break those rules. Madness? No. This… is Tengen.
Lots of custom cartridges here.
Some additional info: https://hackmii.com/2010/01/the-weird-and-wonderful-cic/
Beyond the Remake of 'Shadow of the Colossus': A Technical Perspective
Intro to porting games between platforms, then also a deep walkthrough of a custom allocator libary.
Into the Breach Design Postmortem
In this 2019 GDC session, Subset Games co-founder Matthew Davis details the Into the Breach design process from early drafts to the final balancing decisions. Davis dives into years of cut content and iteration to show how Subset Games approached the difficult design challenges of making Into the Breach.
The Kilobyte's Gambit
How I cut GTA Online loading times by 70%
Some debug-stepping later it turns out it’s… JSON!
Of course it is. But a really solid reversing effort. And a nice fix.
Why are video games graphics (still) a challenge? Productionizing rendering algorithms
This post will cover challenges and aspects of production to consider when creating new rendering / graphics techniques and algorithms – especially in the context of applied research for real time rendering. I will base this on my personal experiences, working on Witcher 2, Assassin’s Creed 4: Black Flag, Far Cry 4, and God of War.
Many of those challenges are easily ignored – they are real problems in production, but not necessarily there only if you only read about those techniques, or if you work on pure research, writing papers, or create tech demos.
I have seen statements like “why is this brilliant research technique X not used in production?” both from gamers, but also from my colleagues with academic background. And there are always some good reasons!
This is quite extensive.