Occasionally you find an absolute treasure on the web.
May 21, 2000 7:32 PM   Subscribe

Occasionally you find an absolute treasure on the web. And I felt like sharing this one, though it's not topical at all. It's free and it's supercool. (So I'm a nerd. So sue me.) Requires WIN32 and a fast computer and OpenGL. But just the page itself is worth visiting even if you can't run the program.
posted by Steven Den Beste (13 comments total)
I seriously wish I had more RAM. I'd love to be able to run this program.

Someday in the future I may just have that RAM, so bookmarks are usually a good idea, IMO.
posted by lizardboy at 11:38 PM on May 21, 2000

I hate like the holy hell to be the wet blanket, but I had a machine get cracked last night, so...

Who are those people? And *how*, exactly, do we know that this isn't a Trojan? I had enough problems trying to talk people out of running *that* on their work machine.

Remember, folks: always run programs of unknown provenance on sandbox machines. Unless you have really good backups -- and unplug your ethernet cable...

posted by baylink at 8:47 AM on May 22, 2000

Sorry... "*that*" was Elf Bowling...
posted by baylink at 8:48 AM on May 22, 2000

And yet there was no trojan ever found in Elf Bowling. ??
posted by tsitzlar at 9:24 AM on May 22, 2000

The solution to that is to run a decent firewall. I use Norton Internet Security 2000 on my Win 98 computer, and those kinds of trojans are stopped cold. Even if my machine was infected (and it isn't; I do regular scans) it wouldn't matter because the connection would be broken at the ethernet interface.

In the meantime, I scanned the Mars 3D program before I ran it and it is not infected with any known virus or trojan (using the most recent NAV data set). And while it was running, it made no attempt to communicate outwards from my machine (which would have been trapped by NIS2K and I would have been alerted).

posted by Steven Den Beste at 9:31 AM on May 22, 2000

I didn't hear about one... but the people who were purveying that program had as their stated intention *trying* to get people to run executable programs that they just had mailed to them by others -- their business model was advertising branded executable games.

This makes them the antichrist.

posted by baylink at 9:33 AM on May 22, 2000

Um, Steven? *There* *is* *no* *way* *to* *detect* *a* *Trojan*.

Not until it runs.

You can't do it. It's just another application program... that does things besides what it says it will. Firewalls aren't going to prevent *a program running on your machine* from deleting files on that machine.

It will prevent them from being shipped out to the world... but that's a fairly new behavior pattern for Trojans.

Once the binary *is on your hard drive*, there's no practical way to sandbox it, short of having an entire machine reserved just for that.

And even if you've "validated" it... maybe there's a date test in there somewhere?

It's a *really* ugly situation, and there's damned near *no* way around it, until someone actually *gets* burned by any given program. It will eventually come down to cryptographically signed executables, reputation management... and capital punishment for the creators of malignant Trojan Horse code.

posted by baylink at 9:46 AM on May 22, 2000

Fine, Jay, then don't run the program.

But it may surprise you to learn that there do exist people who are not malevolent, and programs actually do exist which are not infected.

It's an amazing phenomenon: some programs are actually worth running!
posted by Steven Den Beste at 9:51 AM on May 22, 2000

Are you familiar, Steven, with the principle that states that you need be prepared not for what your enemy *might* do, but what he *can* do?

Hey, it's your machine; run it if you want.

But people *don't* think about this stuff... and they need to.
posted by baylink at 12:59 PM on May 22, 2000

baylink, you're exaggerating. Of course there isn't an easy way to detect a custom trojan ... but NAV should certainly be aware of well-known trojans such as Back Orifice (which can be attached to another kind of EXE file as a way to get inside).

I agree people need to be cautious. I would hope that someone posting something here would be responsible, but it's always going to be a risk. How well do you know your favorite weblogger? We all should be aware, as well, that there are security risks in merely visiting a website, quite apart from specifically choosing to download a program.

I don't think that means we need to go off half-cocked on everyone who posts a downloadable program on MetaFilter.

By the way, baylink -- all those *asterisks* are *mine*. I want them *back*.
posted by dhartung at 8:14 PM on May 22, 2000

Forgive me, Dan, if you felt I was 'going off half-cocked'. I've had, in my professional career, to clean up the mess after someone downloaded "a pefectly safe little game" off the net, and munched their machine, and part of a mounted server besides.

The problem is real, it's very nasty, it's almost undetectable, and it's only likely to get worse.

That these things are true isn't my fault.

That does *not* mean, however, IMHO, that my attempting to raise people's consciousness about it is a bad thing. Does it?
posted by baylink at 7:38 AM on May 23, 2000

What I don't think anyone took into consideration was that baylink just had to clean up a mess (presumably at work?) after some click-now-think-later user blew away any security means by running some random executable.

baylink's just reminding everyone that it's a dangerous world past your monitor, and if you're going to mess around with uknowns, do it where you're responsible for your own mess, not at work.

I too have cleaned up cracked, infected and otherwise compromised networks, both in a professional capacity (starting at my previous workplace, I enjoyed a good month-long cleaning, restructuring and rebuilding phase) and for friends' LANs (my girlfriend's brother fancies himself a network admin, yet doesn't understand what 'port' means... sigh)

A little bit of caution -- even if it takes some of the joy out of discovering a really really cool app (which this most definetely is) -- is never a bad thing.

posted by cCranium at 8:20 AM on May 23, 2000

Of course it's real and nasty, and don't think I don't sympathize, having had to wade through some hip-deep sewage in fisherman's trousers from time to time myself (metaphorically). It's one thing to remind people to be careful, but it didn't seem like you'd looked at this particular site at all. I did, after seeing your comment, and my spidey sense wasn't triggered at all. Plus I have a home firewall and appropriate anti-viral software at hand.

Also, your suggestion of running things on sandbox machines is rather impractical if you only have one machine. I have two, but the other one would have been too weak for this program anyway.

I'm not really questioning your suggestions, just the phrasing and timing.

Now, to say something ON topic, it is very pretty and I was impressed at how much information was in a relatively small download, but it wasn't as maneuverable as I'd have liked. This was actually very close to my heart: for years I've fantasized about putting together a Flight Simulator module using the maps of Mars, and gliders with huuuuge wings. But although interesting and cute, it wasn't anything like that. :-(
posted by dhartung at 8:26 AM on May 23, 2000

« Older   |   "Real" has done it again. Newer »

This thread has been archived and is closed to new comments