SimBin's GT Legends will prevent Windows 7 from booting...

If you don't believe me, install it and reboot -- you get a Windows is repairing install screen, wait about 1 hour and it will fail to repair, rebooting is the only option -- you'll be stuck in this cycle.

The problem is actually with StarForce copy protection, but the more serious problem is that Windows 7 claims to block the StarForce driver install but it actually does NOT!!

Wonder how many other copy protected games will do this.

So much for security and so much for compatibility.

Since I'm not a fanboy of any OS (although I prefer OSX), I'll post how you can recover from this disaster called Windows 7

1. during boot process, hit F8 to get the boot loader options (i.e. Safe Mode, etc.)
2. There is an option to "permit unsigned drivers", select it
3. Windows 7 will not boot
4. Go find the unsigned driver (good luck as this will vary from copy protection scheme) and remove it

As far as StarForce the driver is under Hidden devices under Plug & Play devices. You can also download a removal tool from StarForce web site.

Is your average user going to know this? Nope. They'll do what most do, just wipe and re-install everything. Oh yeah, you can't revert back to a previous restore point -- that will not solve this problem.

It you thought Vista problems were bad, Windows 7 is going to be a nightmare.

Add a reply

Register or log in to remove.

Thank you for bringing to our attention this rather old and rare Win 2K/XP game. Your fine contributions are deeply appreciated, and we look forward to seeing more fruits of your tireless efforts to root through all manner of obscure programs and applications in order to find and painstakingly document those which, through the shortsightedness of their original developers, cause issues with operating systems which had not yet been written at the time of (the application's) creation and subsequent release.

There is surely great value in the service provided by your sustained superior efforts. Or.. At least there must be for someone. Otherwise one might be persuaded it's all for the sake of puerile trolling.

Oh! Since there's a chance at getting your attention - Did your friends ever fix this stuff?

Show Leopard Less Secure Than Windows

After all, if you know what you're doing, it's perfectly possible to Hack a Macbook in Seconds (again)

Questions for Pwn2Own Hacker Charlie Miller - ZDNet.com

Message edited by Scotteq on 10-20-2009 at 08:25:49 PM

------------------------------ Which Chip? Well, it depends on which set of thieving b@stardz you choose to support: The ones who use insider trading to enrich themselves while running their company into the ground, or the ones who illegally pay vendors to not support the first group.
Reply to Scotteq

GT Legends is certainly NOT the only game using copy protection, this is just one example and the epic FAIL of Windows 7 in dealing with it -- it's how Windows 7 deals with this game that is the problem, not that it's a 3 year old game still being used by many.

So where is your data to prove that GT Legends is not still being played? A quick goolge search you'll find it has a very large following....sooo -- it was released in 2006, not exactly that old and is a DX9 title, like most PC games of today. You really should do some better research before posting.

No, but if you read my post, you'll see the article is by someone who has nothing to do with Apple and does this stuff to gain some publicity. Gee, I can hack into a Windows 7 PC with a simple Linux boot CD sooo, what's your point?

And thanks for pointing out Miller article, if you notice in the same article the same was accomplished on Windows 7. But notice how they don't give details, why, because you have to turn OFF most of browser's security measure to make the hack work - so another Epic fail.

Message quoted 1 times
Message edited by V8VENOM on 10-20-2009 at 10:14:47 PM

Reply to V8VENOM

Ahem - The copy protection is written by, and put into place by the people who wrote the original program. The only "Epic Fail" here is that when they wrote the thing, Windows 7 hadn't been created yet. Further, you found one example of copy protection: Where is YOUR data that shows anything other than this isolated case?

..and if you read the articles I linked for you, the attacks were done over an internet connection, and have been successful in mere seconds, and have been repeatable over several years the event had been held. Meaning, he came back and did it again a year later because Apple still hadn't fixed the problem. No rootkit involved. And the Epic Fail was APPLE's failure to fix the DOCUMENTED SECURITY FLAWS in their product. A quick Google search tells you the story, and that the Windows machines were NOT vulnerable to the attacks that allowed control over the internet into an Apple box.

And you really should be better prepared before you start another of your endless series of asinine trolling threads. Because it hardly stands to comparison that a years old game, installed on an OS that didn't exist when the game was created, and for which same game is NOT purported to run on would be even remotely in the same league as publicly documented security flaws which allow the takeover of your computer over the internet.

------------------------------ Which Chip? Well, it depends on which set of thieving b@stardz you choose to support: The ones who use insider trading to enrich themselves while running their company into the ground, or the ones who illegally pay vendors to not support the first group.
Reply to Scotteq

V8VENOM wrote :

?

And thanks for pointing out Miller article, if you notice in the same article the same was accomplished on Windows 7. But notice how they don't give details, why, because you have to turn OFF most of browser's security measure to make the hack work - so another Epic fail.

Wrong - The machines are tested/attacked fully patched, and box stock. Kindly don't make up conditions.

*ahem*

Quote :

Why Safari? Why didn’t you go after IE or Safari?

It’s really simple. Safari on the Mac is easier to exploit. The things that Windows do to make it harder (for an exploit to work), Macs don’t do. Hacking into Macs is so much easier. You don’t have to jump through hoops and deal with all the anti-exploit mitigations you’d find in Windows.

It’s more about the operating system than the (target) program. Firefox on Mac is pretty easy too. The underlying OS doesn’t have anti-exploit stuff built into it.

On a scale of 1-10, how impressive was the Nils’ sweep of exploiting all three main browsers?

I was surprised. For IE 8, I’d give him a 9 out of 10. For Safari, maybe a 2. It’s just too easy to pop Safari. For Firefox on Windows, I give him a 10. That was the most impressive of the three. It’s really hard to exploit Firefox on Windows.

Really? What’s the difference between what you can do on IE but can’t do on Firefox?

The technique he used works against IE but not Firefox. It allows you to place code in a specific spot in memory. Mark Dowd and Alex Sotirov talked about this at last year’s Black Hat. You can use a technique to make .net not opt into the mitigations and jump over hurdled easily. With Firefox, you can’t do that.

For all the browsers on operating systems, the hardest target is Firefox on Windows. With Firefox on Mac OS X, you can do whatever you want. There’s nothing in the Mac operating system that will stop you.

Message edited by Scotteq on 10-20-2009 at 10:36:20 PM

------------------------------ Which Chip? Well, it depends on which set of thieving b@stardz you choose to support: The ones who use insider trading to enrich themselves while running their company into the ground, or the ones who illegally pay vendors to not support the first group.
Reply to Scotteq

Fully patched does NOT mean protection was enabled.

The article itself discussing NOTHING about what browser security was enabled/disabled. They even said no "specific" details were given. So it's a pretty useless article all around.

"Place code in a specific spot in memory" -- now that's funny (could you be a little more generic) -- .NET generates HTML for a browser client, it does not execute .NET code client side, it can only do it server side. Unless he's talking about a .NET clickonce application that is loaded from a IIS server, but again that would require .NET framework to be installing and running on the client's computer. Guess what, there is NO .NET framework for Mac OSX.

What Miller doesn't say is that DEP has to be "disabled" -- he goes on to say that DEP is not available on Mac/OSX which is 100% false.

http://www.nsa.gov/ia/_files/facts [...] R-2007.pdf

Get back to me with some real facts, not quotes from self promoters.

Reply to V8VENOM

*sigh* Fully Patched, Default configuration:

Pwn2Own rules: http://dvlabs.tippingpoint.com/blo [...] n2own-2009

It took the guy 10 Seconds to take the Mac: http://www.computerworld.com/s/art [...] ws_ts_head

Quote :

Rules
The browser targets will be IE8, Firefox, and Chrome installed on a Sony Vaio running Windows 7 as well as Safari and Firefox installed on a Macbook running Mac OS X. All browsers will be fully patched and in their default configuration as of the first day of the contest. The mobile device targets will include fully patched BlackBerry, Android, iPhone, Symbian and Windows Mobile phones in their default configurations. A full list of available interfaces will be made available on the CanSecWest website under the Pwn2Own rules.

To participate in the contest, you can choose either or both technologies and must generally prove successful code execution. A contestant may only win one prize per flaw (e.g. if he is able to pwn a browser and a mobile device using the same flaw, he has to choose one to go after). Winning entries against the browsers include exploits which require no user interaction outside of a single click on a malicious link. Winning scenarios against the mobile devices include attacks that can be exploited via email, SMS text, website browsing and other general actions a normal user would take while using the device. Physical access will not be granted to the mobile devices, and proving successful exploitation of one of the mobile devices will be verified by our team of hardware hacker judges on the ground at the event.

------------------------------ Which Chip? Well, it depends on which set of thieving b@stardz you choose to support: The ones who use insider trading to enrich themselves while running their company into the ground, or the ones who illegally pay vendors to not support the first group.
Reply to Scotteq

Is protection enabled by default? If not, why not? If OS X is supposed to be more secure right out of the box, then why wouldn't protection be enabled the first time you turn on your Mac? Is there at least something telling the end user that protection must be enabled if it is not by default? Again if not, why not?

You don't simply make the claim that you're more secure and then set a pile of conditions up behind that statement... you're either more secure by default or you're not. You're worse than the Apple ads. All you can say when presented with the argument about these exploits is "Is protection enabled?" You tell us... is protection enabled by default? If not, then SFTU. If it is, then this so-called "protection" isn't really protection now, is it?

You claim not to be a fanboy, and perhaps you're not... but you are definately a Mac Fanatic. You'll defend them to the ends of the Earth despite the fact that they are more insidious than Microsoft could ever hope to be. The rest of us decided a long time ago that being locked into specific hardware and software configurations was a bad thing. Mac people haven't figured that out yet. Everyone complains about MS having a monopoly on operating systems... yet Apple has a monopoly on both their OS and the hardware it runs on.

Take your OS X and shove it squarely up your arse. Either you admit that it has flaws that need to be addressed or you can STFU. An OS that can be hacked over the internet in mere seconds doesn't sound more secure to me.

Message quoted 1 times

------------------------------ Desktop: Windows 7 Professional 64-bit; Intel Q6600 CPU; E-VGA 780i SLI motherboard; E-VGA E-GeForce 8800GT; OCZ Vista 4GB dual-channel kit; Ultra X2 750W power supply; 2 x Seagate Barracuda 7200.11 500GB in RAID 0. Laptop: Acer Aspire 8730-6314;
Reply to Zoron

And again, Windows 7 IE8 was hacked the same day in the same contest.
So what is your point? Did you do any research and followup on the information on Miller, later in May 09 he admitted that DEP had to be disabled.

I'm also 100% glad that Apple are not taking ASLR to an extreme, because ASLR has a significant impact on application performance. It's a poor fix to blanket a problem rather than address the issues specifically. No thank you, I'd rather take a security patch on Safari then endure the penalties of excessive ASLR.

But again, that's Microsoft for you -- screw the end user, lets incorporate performance killing, in your face security prompting, prevent the PC owner from doing anything, accepting anything, etc. etc. Does Microsoft even offer an option to turn ASLR off, no they don't. So for those users that turn off their NIC while working on other projects where connectivity is NOT required such as Video editing, Audio creation, non-online gaming, word processing, etc. etc.

And ASLR is really only affective on a 64bit address space as the randomization is not sufficient on 32bit systems allowing stack overflow attacks to still happen and hacker taking control.

What NEEDs to happen without forcing a performance penalty (on average you lose about 4% system performance because of ASLR) it to deal with a stack overflow in a manner that doesn't permit entry to a hacker.

Microsoft is capable of device context tracking so they can determine a valid owner/user, but their security model does nothing with such information ... it automatically assumes the owner/user is malicious. This IS a fundamental flaw in their security design. When I'm typing on a keyboard device physically connected to my computer and have successfully logged in, I should now be identified as "safe" context with my devices logged/associated to me. This "context" is available to Microsoft and could be used, but it's not, it's ignored and the security model assumes I'm still "unsafe".

ASLR is a bad idea ALL around -- it still doesn't prevent hacking just doubles the time it takes to successfully hack. It's a typical blanket approach (read doesn't take much effort for Microsoft to implement) that really solves nothing other than slowing down an end user's computer. And this is why Apple are not in favor of ASLR.

Anyway, you're diverting from the original thread and purpose:

1. Driver protection in Windows 7 doesn't really protect anything and ultimately prevents a user from loading the OS - what kind of protection is that??
2. Compatibility (especially games) is NOT there.

I can't wait to see the fall-out when the masses start using Windows 7, I'll watch this place light up like Xmas tree. And I can't wait to see all the "fanboys" show up posting their issues/problems -- maybe they'll all go post on some other site to avoid the embarrassment.

Reply to V8VENOM

Zoron wrote :

Is protection enabled by default? If not, why not? If OS X is supposed to be more secure right out of the box, then why wouldn't protection be enabled the first time you turn on your Mac? Is there at least something telling the end user that protection must be enabled if it is not by default? Again if not, why not?

You don't simply make the claim that you're more secure and then set a pile of conditions up behind that statement... you're either more secure by default or you're not. You're worse than the Apple ads. All you can say when presented with the argument about these exploits is "Is protection enabled?" You tell us... is protection enabled by default? If not, then SFTU. If it is, then this so-called "protection" isn't really protection now, is it?

You claim not to be a fanboy, and perhaps you're not... but you are definately a Mac Fanatic. You'll defend them to the ends of the Earth despite the fact that they are more insidious than Microsoft could ever hope to be. The rest of us decided a long time ago that being locked into specific hardware and software configurations was a bad thing. Mac people haven't figured that out yet. Everyone complains about MS having a monopoly on operating systems... yet Apple has a monopoly on both their OS and the hardware it runs on.

Take your OS X and shove it squarely up your arse. Either you admit that it has flaws that need to be addressed or you can STFU. An OS that can be hacked over the internet in mere seconds doesn't sound more secure to me.

Again, diverting from my original post and issues with Windows 7. But obviously you didn't read that article completely, Windows 7 using IE8 was also hacked that same day -- no time frame on how long it took to hack Windows 7 was obtained.

"STFU" and "shove it squarely up your arse" -- wow, so insightful, great way to bring tech to this thread -- promptly put you on the ignore list as your contribution is useless and ignorant. That's why I've bought video cards from NewEgg, CDW, audio interfaces from MOTU, HDMI capture cards from BlackMagic designs, eSATA controllers, LG BD burner from NewEgg, Dell monitor, WD 10K rpm hard drives -- none where purchased from Apple and all are working in my Mac. So you really really really should stop spewing out BS.

Message edited by V8VENOM on 10-21-2009 at 06:26:12 PM

Reply to V8VENOM

*ahem*

Regarding the original post: You found a 3rd party app, which it's creators do not certify, state, or imply runs on Windows 7. Similarly, Microsoft do not certify, state, or imply this game runs on Windows 7. And.. OMG.. It doesn't run on Windows 7. Congratulations.

It's not supported. Not by it's creator, nor by Microsoft. Nobody (including you)said it was. Therefore your entire premise amounts to nothing more than flame bait.

Oh - Nice attempt to dodge the ASLR issue. Pity that Apple don't bother to make the token effort to provide even this minimal protection to their users. But that's Apple for you: Screw The End User by not even bothering with providing even a fig leaf to protect them. Depend on their small market share numbers to keep them running under the radar of the malware~writers. Overcharge through the nose for the hardware, and plow a portion of the profits into marketing so the mindless fanbois get to feel cool while their experiencing a graduate course in financial sodomy.

I can't wait to see the fallout when hackers turn their attention to OSX and the Apple fanatics realize just how badly their choice of OS/HW has failed to protect them.

Security through Obscurity is *no* protection.

------------------------------ Which Chip? Well, it depends on which set of thieving b@stardz you choose to support: The ones who use insider trading to enrich themselves while running their company into the ground, or the ones who illegally pay vendors to not support the first group.
Reply to Scotteq

Ignore me all you wish... you still failed to answer my question: Is this miracle protection you refer to that stops these attacks dead in their tracks enabled by default or isn't it? Instead, you state that Windows 7 was hacked on the same day. That isn't what I asked you. I can clearly see that Windows 7 was also hacked, because I can read. You, quite obviously, refuse to answer a simple question posed to you because it might reflect badly on Apple. Deflect, deflect, deflect. I do not care whether or not Windows 7 was hacked, because that wasn't my question.

The difference is that MS might actually work to fix the flaw. By what Scott is telling us, Apple has yet to offer a fix for this flaw a year after it was discovered. Now you tell me who cares about it's customers more. Doesn't Apple also charge money for what amounts to a pile of security updates and service packs and then call it a new OS? OS X Leopard, OS X Snow Leopard... what exactly is the difference and why am I paying for it if it's not an entirely new OS?

It just amazes me that Apple bends it customers over a barrel, without even the courtesy of a reach-around and they happily take it. Yes sir, can we please have another? You can defend them all you wish... but believe me, they are worse than Microsoft.

Quote :

That's why I've bought video cards from NewEgg, CDW, audio interfaces from MOTU, HDMI capture cards from BlackMagic designs, eSATA controllers, LG BD burner from NewEgg, Dell monitor, WD 10K rpm hard drives -- none where purchased from Apple and all are working in my Mac.

Boo for you. People constantly complain about Windows validation and what a pain in the ass it is... yet everyone is strangely silent that most Mac hardware has to go through the same process. Mac had definately gotten better when it comes to proprietary peripherals... that much I will admit... but when it comes to such things as motherboards; how many choices do you have? How much does it cost to replace one if it goes after the warranty has expired? I can't just go down the street and expect to buy just any motherboard, can I? Say what you will... but nothing will ever justify the price premium of a Mac.

------------------------------ Desktop: Windows 7 Professional 64-bit; Intel Q6600 CPU; E-VGA 780i SLI motherboard; E-VGA E-GeForce 8800GT; OCZ Vista 4GB dual-channel kit; Ultra X2 750W power supply; 2 x Seagate Barracuda 7200.11 500GB in RAID 0. Laptop: Acer Aspire 8730-6314;
Reply to Zoron

Focus On

SimBin's GT Legends will prevent Windows 7 from booting...

Forum Windows 7 : SimBin's GT Legends will prevent Windows 7 from booting...