Chilling

Illustration

As I was doing a search on my own site, I noticed that one result was missing and at it place all I had was “In response to a complaint we received under the US Digital Millennium Copyright Act, we have removed 1 result(s) from this page. If you wish, you may read the DMCA complaint that caused the removal(s) at ChillingEffects.org.”

Going to the ChillingEffects link I found out that page in question was Installing Windows 8.1 (or 8) without a product key. Despite the name that might indicate some shenanigans, post only covers functionality that has been officially documented by Microsoft themselves (here and here). Heck, I even said so at the bottom of the post.

Only keys that ever appeared in that post were done by other people in the comments section. Some of them stayed there for a bit longer (e.g. Microsoft’s own default key), some comment were removed instantly (obvious pirate ones), and all surviving keys were changed to XXXXX anyhow (as soon as I noticed them).

My firm belief is that page doesn’t infringe so I went about finding a way to clear its name.

First issue was to find how to file counter notice. Among all links in regards to DMCA on both Google and ChillingEffects.org, there is not a single contact you can pursue for this. I did know that Marketly was one that complained on behalf of Microsoft, but there was no actual e-mail (no, microsoft-[redacted]marketly.com is not a valid e-mail) or postal address behind those. All that searching around gave me was a link to YouTube DMCA process but nothing applicable to Google Search.

After a while my inquiry finally stopped at the Google Webmaster forum where I finally got two links. It was either DMCA Counter Notification form or Restore URLs form. I went with a good faith belief that infringing content was indeed in comments and that Restore URLs form was an appropriate venue.

This happened on December 13th. Link is still blocked and there is no response from Google whatsoever. Company that usually takes content down less than 24 hours after notice is received sure does take its time doing the opposite thing. Or even just responding to my request with “you’re wrong”.

Whole process left me a bit baffled by a few things. First of all is the recipient of DMCA notice itself - Google, Inc. [Blogger]. I haven’t had my page hosted by blogger for three years now. If my assumption was correct about them finding issue with comments on my post, proper venue would be to send DMCA to either Google Inc. or to myself and not to an uninvolved third party.

Slightly more troubling issue is why I haven’t received information about issue from Google. I searched all my e-mails and I could not find a single warning about any issue. I have Google’s webmaster tools and nothing is there either.

And lastly I find it absolutely unacceptable to have DMCA notice filled without a proper e-mail address for a response. Notice on ChillingEffects.org did have a name of a person but only a generic Microsoft address as a contact and a redacted e-mail. That makes it impossible to respond directly. I believe that minimal courtesy would be to leave a valid e-mail.

All in all, between figuring all the information and writing this post, I have wasted a complete day on this topic. It is a matter of principle to me because I take this DMCA take down very personally. However, looking back at this I don’t think I will ever deal with this again. It just requires too much effort to go through motions for something that is essentially just a hobby.

PS: I find two things curious:

PPS: Yes, I am aware that DMCA is over a year old. I don’t google looking for my own posts that often…

Determining IPv4 Broadcast Address in C#

When dealing with IPv4 network, one thing that everybody needs sooner or later is a broadcast address based on IP address and its netmask.

Let’s take well known address/netmask combo as an example - 192.168.1.1/255.255.255.0. In binary this would be:

Address .: **^^11000000 10101000 00000001^^ 00000001**
Mask ....: **11111111 11111111 11111111 00000000**
Broadcast: **^^11000000 10101000 00000001^^ !!11111111!!**

To get its broadcast address, we simply copy all address bits where netmask is set. All remaining bits are set and our broadcast address 192.168.1.255 is found.

A bit more complicated example would be address 10.33.44.22 with a netmask 255.255.255.252:

Address .: **^^00001010 00100001 00101100 000101^^10**
Mask ....: **11111111 11111111 11111111 11111100**
Broadcast: **^^00001010 00100001 00101100 000101^^!!11!!**

But principle is the same, for broadcast address we copy all address bits where mask is 1. Whatever remains gets a value of 1. In this case this results in 10.33.44.23.

As you can see above, everything we need is simply taking an original address and performing OR operation between it and a negative netmask: broadcast = address | ~mask. In C# these steps are easiest to achieve if we convert everything to integers first:

var addressInt = BitConverter.ToInt32(address.GetAddressBytes(), 0);
var maskInt = BitConverter.ToInt32(mask.GetAddressBytes(), 0);
var broadcastInt = addressInt | ~maskInt;
var broadcast = new IPAddress(BitConverter.GetBytes(broadcastInt));

Full example is available for download.

Windows Store App Doesn't Start on Virtual Drive

Illustration

As I went to update my Resistance Windows Store application, I stumbled upon unexpected error while trying to run it. Message was quite generic “This application could not be started. Do you want to view information about this issue?” and application would stay stuck on the startup screen.

Details were not much better. It was essentially the same error message: “Unable to activate Windows Store app ‘47887JosipMedved.Resistance_805v042353108!App’. The Resistance.exe process started, but the activation request failed with error ‘The app didn’t start’.” As error messages go, pretty much useless.

I was thinking that I broke something with changes so I reverted to my last known good configuration - one that is actually currently deployed in the Store. Still the same error.

It took me a while to notice that, once project is copied to the other drive, everything would work properly. A bit of back and forth and I believe I found the issue.

I keep all my projects stored on a virtual disk. While everything else treats that disk as a real physical thing, Visual Studio sees the difference but only when dealing with Windows Store applications. It just wouldn’t work.

As you can guess it, solution was to copy project on a physical drive and work from there. Easy as solutions go but definitely leaves the bitter taste. Lot of wasted time simply because of a lousily written error message. A bit more clarity next time?

Captcha This

Illustration

A few weeks ago Google introduced No CAPTCHA reCAPTCHA. It is a new approach to recognizing whether we are dealing with robots or humans. It should be a modern alternative to good old CAPTCHA. And I say it was about the time.

Captcha was a good idea a few years ago. They give you garbled text and you write it down to prove that you are a human. State of OCR was such that no program could pass this with any meaningful accuracy. There was a further improvement with ReCaptcha where your input would be used to help with book OCR which also caused warm and fuzzy fillings.

But robots got smarter and captchas got more complicated to keep up. I don’t know about you but I average about 75% captcha accuracy on a good day. According to Google, most advanced robots reach 99.8% accuracy. If robots have a higher success rate than humans on a system that was designed to keep them out I believe it is a time for change.

New system aims to recognize behavior and to give various quiz tasks only if there is any doubt. This new API hasn’t been widely implemented yet so it is hard to know how good it really is. But, if it removes at least one stupid letter entering dialog, I will consider it a success.

So far I personally haven’t been presented by a single new dialog. However, I am not a robot so that is pretty much expected result by design. Based on examples Google has provided, it will be based on image recognition so hopefully robots will endure more pain than humans. Depending from where images are coming from, I also expect quite a lot of funny combinations.

Of course, there is a work involved for any site that is to support this. And my guess is that it will be a bit more difficult to implement than older ReCaptcha. Considering that even ReCaptcha didn’t take web world by storm although it was superior to self-created ones, it is pretty much safe bet that we will see old style captchas for a while.

But new captcha king is in town. May it stop our robot overlords.

PS: No, “abicl” was not correct answer for a picture above.

PPS: If 99.8% figure is for ReCaptcha captchas, I imagine that it is all but 100% for all those self-rolled captchas that think that having a line or two is protection enough.

Humble Bundle and One Order Too Many

Illustration

I am a fan of Humble Bundle so when they announced their winter sale, I of course had to buy something. As anybody with small kids will tell you, it is hard to go wrong with LEGO Harry Potter.

I used PayPal to pay gift purchase for one kid and tried to get the same for another only to be faced with “Sorry, your Humble Store order has been canceled. We have received too many purchase requests from you in a short period of time, so we have canceled your order (you will not be charged). We are very sorry for the inconvenience.” Well, I did try to buy second game less than another so I gave it a few minutes. Same again. Gave it 30 minutes, same again. Than 2 hours, same again.

At that time I decided to contact Humble Bundle support, the only website that gives you Forbidden error when you try to create a new account. At least their support system sends responses via e-mail so I could afford to give up on setting the proper account.

Talking with the Peter, their support guy, didn’t gain me much: “The purchase limits are part of anti-fraud measures”; “unusually large wave of traffic from one person”; “Sadly I am unable to lift the fraud protection”; and my favorite “Unfortunately I am unable to reveal that information”. I have been Humble’s customer since their very first Bundle. I have bought multiple games before (in one instance three of them). But now, two orders in a row are considered too many.

I understand that there was a need for some automated protections so people would not buy bunch of games and resell them. But I cannot believe that anybody would think a proper limit would be a single game per person, especially since they do offer option of a gift. And even if that is a decision, why would you not give possibility of an override to your own support staff? And why don’t you tell your customers how long they need to wait between purchasing two games? A day? A month? A year?

I did solve it at the end by using my credit card instead of PayPal. Somehow I am not considered a fraud if I use different payment method…