#(i had some user-error queueing this one) | Explore Tumblr posts and blogs

fandom-necromancer · 4 years ago

Text

‘You come here often?’ ‘Well I work here.’ Part 4

This was prompted by the lovely AO3 user LoafofCat! Enjoy!

Fandom: Detroit become human | Ship: Reed900 [Read complete on AO3]

‘You know, if you just wanted to see me, there would be easier ways.’ ‘Bold of you to assume I come here only to see you.’ Nines smiled looking up to Gavin, who was just untying his apron and sitting down in front of him with a coffee of his own. ‘Am I wrong then?’, the human asked and Nines huffed, letting his head fall. ‘No’, he admitted. ‘Okay, so let me get this right’, Gavin laughed. ‘I had to propose to my boss to get thirium drinks on the menu as a “costumer asked for it” and it might help us crank those numbers up, just so you could plant your ass here in your break?’ ‘It did get you more costumers though’, Nines shrugged pointing to the other tables. ‘That’s not- Nines, do you think I care about this shop? I just work here; I don’t care if… You know what? Screw it. Nice to see you, Nines.’ ‘Nice to see you too’, the android chuckled. ‘How are you?’ ‘Can’t complain. What do you have there?’

Nines looked down on the tablet in his hands. ‘Oh, just work. A case.’ ‘You are on your break and brought work?’, Gavin asked, looking at him sceptically. ‘Tina was right, you really are me just with a little less personality.’ ‘Being nice and polite doesn’t mean not having a personality. You were just an asshole.’ ‘What technically is a personality trait’, Gavin argued, taking a sip from his coffee. ‘Now come on, tell me about your case!’ Nines frowned. ‘I really can’t tell you, it’s-‘ ‘Confidential, I get it. But come on, I’m a former cop I can keep a secret. For old time’s sake.’ The android eyed Gavin and how he looked so eager to get information. It was cute in a way, how he looked in between his eyes and the tablet in his hands. Maybe that’s why Nines showed weakness and caved in.

‘Okay, but you really keep this to yourself. We are investigating a series of murders. They don’t have anything in common in regard to victims or how the deed was done or staged, but at every crime-scene we found the picture of this man.’ Nines flipped through the pictures of the different crime-scenes until he reached a few portraits. They weren’t really the kind of pictures you would expect of a cold-blooded serial-killer. Not after the few flashes of gruesome staging, Gavin caught a glimpse of as Nines had searched for these. They all portrayed a middle-aged man with a small belly you could easily get if you worked long hours in the office and were too exhausted afterwards to do sports. The pictures looked like they were ripped right out of a family photo-album. The guy was at the beach smiling at the camera with a cocktail in hand. The next one showed him in what Gavin supposed to be his home with a small dog on his lap. Then next to a ridiculously oversized barbeque grill all shiny chrome and reds.

Gavin lifted a brow at Nines. ‘Yeah, sorry Nines, but no way this is your killer.’ ‘I ruled it out as unlikely, too’, the android nodded. ‘Although you can never know with people. At the very least it’s a lead. Maybe the killer knows this man. As much as this is a lead, it is also our only link.’ Gavin shrugged, leaning back. ‘Well, why haven’t you solved it then? I mean, you can scan his face and get a name, age, address, likely even social media as creepy as they designed you and Connor. No offense there.’ Nines sighed. ‘As creepy as I might be designed, my scanner has its limits too. I can’t get a name to this man, not even an age. Scanning him just returns an error. Manual research in the police databanks also hasn’t brought up anything yet. We also can’t exactly go around asking for this man. If he is the serial killer, as unlikely as it might seem, we would only alert him.’ Gavin nodded absent-mindedly, staring at the photo, pulling the tablet closer to zoom in on some details. ‘Honestly?’, Nines said frustratedly. ‘We’re all currently waiting for the forensics to find more evidence on the bodies. It’s quite frustrating, but at the same time no one really minds if I spend a bit longer on my break with you.’

Gavin couldn’t help but let out an exaggerated ‘Awww’ at that, Nines reprimanded with an annoyed but amused look. ‘Nah, really thanks, looking at your tablet for what, ten minutes? This was already more exciting than the whole damn month. The most action I had was a drunk guy I had to escort out because everyone else was too chicken shit to risk getting vomited on.’ ‘Understandable.’ ‘Not the point. I mean, I’m happy here, I guess. It is decent money and I have more time for my cats at home. Also, maybe not being confronted with what humans are capable of is nice for a while. But I can basically feel my brain rot here.’ ‘That is also understandable’, Nines huffed. ‘Maybe search for some outside work activity? Something new to learn and keep you active mentally?’ ‘Like what? Knitting?’ ‘If you want that?’ ‘You know what? Maybe not the worst idea. I’ll see if I can find anything and when I have I will-‘

Nines never got to find out what Gavin would do afterwards, as his colleagues called him, pointing at the growing queue. The human sighed. ‘Well, my call to duty’, he announced and walked over to press a quick kiss to the android’s temple. ‘Was nice chatting with you, babe. Good luck with your case.’ ‘Yeah, you too.’

It was a slow Tuesday, without many costumers coming in. The rush of office workers in their break had already stormed the small shop and rushed back to their workplace and now it was mostly a few students and the regular old granny circle in the front judging people and eating cake. Living the life. Gavin had already washed the entire stack of mugs twice now and was out of work, except for manipulating the radio until his co-workers began to wonder why the last song had been so long and found him messing with the system. Then he walked around, collecting discarded newspapers and cleaning the tables while his co-worker told him she would be out for a cigarette. He nodded and continued working until a sole costumer entered. Gavin quickly rubbed the table dry and hurried over, throwing the man an extra smile just in case he wanted to complain about having to wait a few seconds. ‘What can I do for you?’ ‘I’d like a coffee, please. Medium, to go with cream but no sugar.’ ‘Coming right up.’ Gavin was already going through the motions of preparing the coffee and turned around to hand it over. ‘Anything else…’ He trailed off, as he saw the man’s face, but he seemingly hadn’t noticed his slip. ‘No, thank you, that would be all.’

Gavin watched him leave again and was trying to decide what to do next. He couldn’t just leave; he was at work after all. But he couldn’t do nothing either. Frantically he looked through the shop and, in the end, shook his head, rushing past the counter. Outside his co-worker stopped him. ‘Gavin? What are you doing?’ Gavin blinked, but came up with an excuse fast enough: ‘Dude forgot his wallet. Can you take over for a moment? Sorry!’ ‘Sure, no problem. Just hurry, he’s already behind the corner.’

Gavin did hurry. But not to run after the man, but to pull out his phone. ‘Nines? Yes, hi babe I know you are at work, shut up, this is work. Li-Listen, yes. Shut up for just a second! I’m pursuing your office killer. Ye-Yes, exactly, the beach holiday photo model with the ugliest dog I’ve seen in my life. Now will you phcking get your ass here? I will pursue him you can track my phone. Wh- come on, it can’t be that dangerous, I’m still well trained now stop worrying and move your ass!’

He had become louder than he wanted and had caused the man he wanted to follow inconspicuously to turn around. He wasn’t really unsuspicious though, dressed in the silly coffee-shop apron and shouting at someone on the phone. Trying to play it down, Gavin instead tried the open approach: ‘Hey, you forgot your wallet!’ It only caused the man to bolt. So much for being a friendly, costumer-orientated employee. Gavin pushed it all to hell, lifting up his apron and running after the man. So, he did had dirt on him. Gavin followed him down the street and used a streetlight to take the corner with more speed. A mistake he later would regret as he ran face first into a fist that definitely wasn’t human. Seeing stars, he looked up from where he had fallen against the building. The chubby man was surprisingly agile and fast, unfitting to his overall completely average looks. And Gavin saw why: The skin where the man had punched him had retracted to show stern white underneath. The man was an android? Where the hell did he get all these modifications from? Cyberlife had designed all androids to be phcking inhuman models. But maybe that had been the plan. Being as inconspicuous as possible. Remembering the brief flashes of crime-scenes that made him pale. Oh no.

‘How the hell did some barista recognise me, huh?’, the android asked, holding Gavin by the throat, his toes barely touching the ground. ‘You are all over the news!’, Gavin tried. ‘I’m not. None of my doings have even been published yet.’ ‘Well, I was a cop once.’ ‘Were you? Well, who is your contact then? If you were a cop once.’ Gavin really hoped someone would turn the corner and see this to help him. Because the way the android’s hand clenched around his throat, lack of oxygen could soon be his least concern. ‘My boyfriend, okay? But I will never tell you his name!’ ‘Your boyfriend? Alright, thank you. After I killed you, I will go to him next. See if I can’t keep this information from spreading.

The pressure on his throat became almost unbearable, as Gavin saw a flash of white behind the man. ‘I highly doubt that’, Nines voice sounded through the alley and Gavin could see the gun aimed at his head. ‘Now let him down and go.’ The android in front of Gavin cursed, but complied. ‘You are arrested for the suspected murder of three people, as well as the attempted murder of this man. Turn around, hands behind your back.’ Nines handcuffed him, reading him his rights before making the call to the station to send a car.

‘Gavin, that was extremely reckless of you.’ ‘Hey, I got your killer, right?’, Gavin croaked with a cocky grin while rubbing his throat. ‘I solved a case you would have waited weeks on before even getting close to the guy.’ ‘Oh, please, I’m the most advanced android there is. I would have gotten him.’ ‘Yeah, but it was the ex-detective they threw out to replace with you that caught him in the end. Please, rub that into Fowler’s face for me, would you?’ ‘I most certainly won’t’, Nines stated. ‘I will emphasize your involvement in this case though, what at least should keep your employer off your ass.’ ‘Oh, what would I do without you?’ The android in Nines grip struggled against him, causing Nines to return his attention to him. ‘Urgh, get a room, you two!’ ‘Excellent idea actually. Gavin, how about after our shifts ended, we meet at my place? You know? To celebrate.’ ‘Oh, I’d love to’, Gavin grinned and winked the RK900.

The captive criminal got a glimpse of the gesture and regretted it deeply. ‘Oh, please, just kill me, would you?’

#detroit become human #dbh #Reed900 #RK900 #Gavin Reed

23 notes · View notes

codrs · 4 years ago

Text

The secrets hidden under the screen curtains

We must always know that an application, on any platform, requires many lines of code tailored by the developers, a well-built interface made by the designers, among other things, that may include many other professionals (even from other areas!), they had to carefully think, prototype and validate to ensure that I am here able to write and publish this post! 📝✍️

With that many elements at the table, of course, we might not be able to think of every scenario that our application will misbehave, these are the famous hangs and delays that can be critical (we hope not!) and make a weird impression on whoever is using them.

That the session of WWDC21 from this Thursday that I chose to comment on and bring some insights trying to be as less technical as possible so that this post is readable for anyone.

What comes after the tap? 👆

When the user tries to make some kind of interaction on the application (the most common being a tap) there is a whole process behind performing some action and displaying it back to the user, it should be interpreted and properly translated to the application to handle.

When the finger interacts with the screen 👉📲, for the common user it may seem like nothing really happened, but by looking under the curtains, it becomes evident that each iteration has a beginning, an execution sequence, and an end to it, this behaviour is what we call "thread", meaning an execution of a specific sequence of tasks in the given context.

In this interval, there are several threads that are consulted on the code and work together to execute everything they need to guarantee the answer. This process, which isn't visible to the end-user, shouldn't be too time-consuming, and should never delay the response feedback. 🗣

Delays can occur when this queue is full and the extra seconds make the user repeat the interaction, which consequently repeats the query process, thus generating the hang, and the answer is shown after a brief moment, at that point in the championship, the "good experience" was already lost.

That could be worse 💢! Threads cannot always happen together, sometimes communication must be asynchronous, that is, run one thread at a time, because they have dependencies. When this error occurs it's not just a delay, it's a block! 🚫

When requesting a network or when using hardware resources that access files, for example, they should be coded with scenarios in mind that should guarantee good performance and prevent directly impacting user interactions.

How to minimize hangs from our apps?

The main tip is: reduce work on the main thread. It's always recommended that we optimize the work of the main thread and delegate functions to other ones to improve execution time.

Some implementation suggestions and best practices from the WWDC session that make these threads responsive and ensure good performance.

Caching 📲

Notification Observers 👀

Asynchronous API 🔃

Grand Central Dispatch (GCD)🚦

Even though they are good options, it's necessary to be aware of the tradeoffs 🚨 that each one can offer.

Communicating with the end-user ⭐️

Although these are things that happen within the application system, it's always necessary to communicate in some way with the user! This is part of a good design that can predict these kinds of events.

by: @victoriafaria

#wwdc #wwdc21 #WWDC21 #performance #hangs #apps #mobile apps #system #no crash #background #instruments #MetricKit #tools #iOS #OS

8 notes · View notes

weeeklyx · 4 years ago

Text

check in tag💕

ty @hongminchy for tagging me 💚

why did you choose this URL?

▶️because i love all the weeekly members i wanted an url that included all of them

do you have any sideblogs?

▶️this is in fact a side blog, my other one is @/gowontvs and my main @/chillycookies

how long have you been on tumblr?

▶️since i was like 13/14 but i actively started posting in 2017

do you have a queue tag?

▶️ yeah qniverse bc yknow... universe by weeekly?

why did you start this blog in the first place?

▶️i had so much to say about weeekly that i didnt think there was any space for it on my other blog and there werent many weeekly blogs at that time so i thought why not start one

why did you choose this pfp?

▶️jiyoon is my bias and she looked stunning in the bnt photoshoot

why did you choose your header?

▶️i currently dont have one because i changed my theme on mobile and there was an uploading error :(( but just know if it was there its the monday disney princess pic w/ lots of plants

what’s your post with most notes?

▶️i really dont know i dont think this blog has a specifically popular post

how many mutuals do you have?

▶️i dont count them? also i get really confused with side blogs and url changes so there might be a mutual whom i dont even know of :(

how many followers do you have?

▶️400+

following?

▶️160

do you make shit posts?

▶️i used to on other blogs but not so much rn

how long do you use tumblr each day?

▶️ depends... like sometimes i can spend the whole day on here but recently i check my notes & dash in the morning and evening so like maybe an hour or two?

did you have a fight/argument with another blog once?

▶️ i really have other things to do than to fight people online

how do you feel about ‘you need to reblog this’ posts?

▶️if its literally just a random user that wants notes... i dont care but i dont think its the way to go bro...

do you like tag games?

▶️i love them!! but sometimes i forget to do them and im afraid people think i dont want to be tagged when really im just stupid ://

do you like ask games?

▶️i do!!

which of your mutuals do you think is tumblr famous?

▶️i find tumblr famous hard to define so if your text post once got 5 notes i consider you famous

do you have a crush on a mutual?

▶️my heart skips a beat every time i see one of yalls lil icons in my notes

tagging some daileee mutuals: @starlit-serenade @yericity @pssoeun @yvesstagram @oddsandeyes @soojinlee

#s.talk #decided my tag for tag games should be #tag me (@me)

3 notes · View notes

arfox158 · 3 years ago

Text

5m Mathmrs. Mac's Messages

TLDR: With a bit of research and support we were able to demonstrate a proof of concept for introducing a fraudulent payment message to move £0.5M from one account to another, by manually forging a raw SWIFT MT103 message, and leveraging specific system trust relationships to do the hard work for us!

5m Mathmrs. Mac's Messages App

5m Mathmrs. Mac's Messages Message

5m Mathmrs. Mac's Messages To My

5m Mathmrs. Mac's Messages For Her

Before we begin: This research is based on work we performed in close-collaboration with one of our clients; however, the systems, architecture, and payment-related details have been generalized / redacted / modified as to not disclose information specific to their environment.

A desktop application for Instagram direct messages. Download for Windows, Mac and Linux.

Have a question, comment, or need assistance? Send us a message or call (630) 833-0300. Will call available at our Chicago location Mon-Fri 7:00am–6:00pm and Sat 7:00am–2:00pm.

5m Mathmrs. Mac's Messages App

With that said.. *clears throat*

The typical Tactics, Techniques and Procedures (TTPs) against SWIFT systems we see in reports and the media are - for the most part - the following:

Compromise the institution's network;

Move laterally towards critical payment systems;

Compromise multiple SWIFT Payment Operator (PO) credentials;

Access the institution's SWIFT Messaging Interface (MI);

Keys in - and then authorize - payment messages using the compromised PO accounts on the MI.

This attack-path requires the compromise of multiple users, multiple systems, an understanding of how to use the target application, bypass of 2FA, attempts to hide access logs, avoid alerting the legitimate operators, attempts to disrupt physical evidence, bespoke malware, etc. – so, quite involved and difficult. Now that’s all good and fine, but having reviewed a few different payment system architectures over the years, I can’t help but wonder:

“Can't an attacker just target the system at a lower level? Why not target the Message Queues directly? Can it be done?”

A hash-based MAC might simply be too big. On the other hand, hash-based MACs, because they are larger, are less likely to have clashes for a given size of message. A MAC that is too small might turn out to be useless, as a variety of easy-to-generate messages might compute to the same MAC value, resulting in a collision. WhatsApp Messenger is a FREE messaging app available for iPhone and other smartphones. WhatsApp uses your phone's Internet connection (4G/3G/2G/EDGE or Wi-Fi, as available) to let you message and call friends and family. Switch from SMS to WhatsApp to send and receive messages, calls, photos, videos, documents, and Voice Messages. WHY USE WHATSAPP. Garrick Hello, I'm Garrick Chow, and welcome to this course on computer literacy for the Mac. This course is aimed at the complete computer novice, so if you're the sort of person who feels some mild anxiety, nervousness, or even dread every time you sit down in front of your computer, this course is for you.

Well, let's find out! My mission begins!

So, first things first! I needed to fully understand the specific “section” of the target institution's payment landscape I was going to focus on for this research. In this narrative, there will be a system called “Payment System” (SYS). This system is part of the institution's back-office payment landscape, receiving data in a custom format and output's an initial payment instructions in ISO 15022 / RJE / SWIFT MT format. The reason I sought this scenario was specifically because I wanted to focus on attempting to forge an MT103 payment message - that is:

In this video I will show you where to locate the serial number on a Western golf cart. Ebay Store: Please SUBSCRIBE. Western golf cart serial number lookuplastevil.

MT – “Message Type” Literal;

1 – Category 1 (Customer Payments and Cheques);

0 – Group 0 (Financial Institution Transfer);

3 – Type 3 (Notification);

All together this is classified as the MT103 “Single Customer Credit Transfer”.

Message type aside, what does this payment flow look like at a high level? Well I’ve only gone and made a fancy diagram for this!

Overall this is a very typical and generic architecture design. However, let me roughly break down what this does:

The Payment System (SYS) ingests data in a custom - or alternative - message format from it's respective upstream systems. SYS then outputs an initial payment instruction in SWIFT MT format;

SYS sends this initial message downstream to a shared middelware (MID) component, which converts (if necessary) the received message into the modern MT format understood by SWIFT - Essentially a message broker used by a range of upstream payment systems within the institution;

MID forwards the message in it's new format on to the institution's Messaging Interface (let's say its SAA in this instance) for processing;

Once received by SAA, the message content is read by the institution's sanction screening / Anti-money laundering systems (SANCT).

Given no issues are found, the message is sent on to the institution's Communication Interface (SWIFT Alliance Gateway), where it's then signed and routed to the recipient institution over SWIFTNet.

OK, so now I have a general understanding of what I'm up against. But if I wanted to exploit the relationships between these systems to introduce a fraudulent payment without targeting any payment operators, I was going to need to dig deeper and understand the fundamental technologies in use!

So how are these messages actually 'passed' between each system? I need to know exactly what this looks like and how its done!

More often than not, Message Queues (MQ) are heavily used to pass messages between components in a large payment system. However, there are also various “Adapter” that may be used between systems communicating directly with the SAG (Such as SAA or other bespoke/3rd party systems). These are typically the:

Remote API Host Adapter (RAHA);

MQ Host Adapter (MQHA);

Web Services Host Adapter (WSHA).

Having identified that MQ was in use, my initial assumption was that there was most likely a dedicated Queue Manager (QM) server somewhere hosting various queues that systems push and pull messages from? However, due to SWIFT CSP requirements, this would most likely - at a minimum - take the form of two Queue Managers. One which manages the queues within the SWIFT Secure Zone, and another that manages queues for the general corporate network and back office systems.

Let's update that diagram to track / represent this understanding: Now I could research how this 'messaging' worked!

There are multiple ways to configure Message Queues architectures, in this case there were various dedicated input and output queues for each system, and the message flow looks something like this: Full disclosure, turns out it’s hard to draw an accurate - yet simple - MQ flow diagram (that one was basically my 4th attempt). So it’s.. accurate 'enough' for what we needed to remember!

5m Mathmrs. Mac's Messages Message

Now I had a good understanding of how it all worked, it is time to define my goal: 'Place a payment message directly on to a queue, and have it successfully processed by all downstream systems'.

This sounds simple, just write a message to a queue, right? But there are a few complications!

Why are there few indications of this attack vector in the wild?

How do I even gain “write” access to the right queue?

What protects the message on the queues?

What protects the messages in transit?

What format are the messages in?

What is the correct syntax for that message format at any particular queue (0 margin for error)?

Where does PKI come in? How / where / when are the messages signed?

Can I somehow get around the message signing?

What values in the messages are dependent / controlled / defined by the system processing them (out of my control)?

What is the maximum amount I can transfer using Straight Through Processing, without alerting the institution / requiring manual validation?

But OK, there's no point dwelling on all of that right now, I'll just clearly define what I want to do! The goal:

Successfully write a payment instruction for 500,000 GBP;

Inject that message directly onto a specific queue;

Have the message pass environment-specific validation rules;

Have the message pass sanctions and AML checks.

Have the message successfully signed;

Have the message pass SWIFTNet-specific validation rules;

What I was not interested in doing for this research - yet needed to understand nevertheless for a full attack chain was:

How to compromise the institution's network;

How to gain access to the MQ admin's workstation;

How to obtain the pre-requisite credentials.

What I wanted to 100% avoid at all costs:

The attack involving SWIFT payment operators in any way;

The attack involving SWIFT application access in any way;

A need to compromise signing keys / HSMs;

A need to compromise SWIFTNet operator accounts or certificates or any type of PKI;.

Now I had an idea of what to do, I needed to make sure I could write a raw MT103 payment instruction! Typically, even when operators write payment messages using a messaging interface application like Alliance Access, they only really write the message “body” via a nice GUI. As raw data this could look something like:

I'll break this down in the following table:

NameFieldValueTransaction Reference20TRANSACTIONRF103Bank Operation Code23BCRED (Message is to 'credit' some beneficiary)Value Date / Currency / Amount32A200102 (02/01/2020) GBP 500,000.00Currency / Original Credit Amount33BGBP 500000,00 (£500,000.00)Ordering Customer50KGB22EBNK88227712345678 (IBAN) JOHN DOE (Name) JOHN'S BUSINESS LTD (Line 1) 21 JOHN STREET, LONDON, GB (Line 2)Beneficiary59KFR20FBNK88332287654321 (IBAN) ALICE SMITH (Name) ALICE'S COMPANY (Line 1) 10 ALICE STREET, PARIS, FR (Line 2)Remittance Information7012345-67890 (essentially a payment reference)Details of Charge71ASHA (Shared charge between sender and receiver)

Now as this is a valid message body, if I were targeting a payment operator on SWIFT Alliance Access, I could - for the 'most' part - simply paste the message into SAA's raw message creation interface and I'd be pretty much done. With the exception of adding the sender / recipient BIC codes and most likely selecting a business unit. However, these values are not stored in the message body. Not stored in the message body you say? Well that complicates things! Where are they stored exactly?

The message “body” is referred to as “block 4” (aka the ��Text Block”) within the SWIFT MT standard. As suggested by the name, there is probably also a block 1-3. This is correct; and these blocks are typically generated by the payment processing applications - such as SWIFT Alliance Access - and not necessarily input by the operators. A 'complete' MT103 message consists of 6 blocks:

Block 1 – Basic Header

Block 2 – Application Header

Block 3 – User Header

Block 4 – Text Block

Block 5 – Trailer

Block 6 – System block

So it looked like I was going to need to learn how to craft these various “blocks” from scratch.

Block 1 (Basic header)

Reading through some documentation, I crafted the following “Basic header” block:

A breakdown of what this translates too is as follows:

NameValueContextBasic Header Flag1Block 1 (Not 2, 3, 4, or 5)Application TypeFFIN ApplicationMessage Type0101 = FIN (I.e not ACK/NACK)Sender BICEBNKGB20EBNK (Bank Code) GB (Country Code) 20 (Location Code)Sender Logical TerminalATypically A, unless they are a significantly large institution and require multiple terminalsSender BranchXXXAll X if no branch neededSession Number0000The session number for the messageSequence Number 999999The sequence number of the message

Taking a step back, I already identified two potential problems: the “session” and “sequence” numbers! These are described as follows:

Session Number – Must also equal the current application session number of the application entity that receives the input message.

Sequence number – The sequence number must be equal to the next expected number.

Hmmm, at this point I was not sure how I could predetermine a valid session and/or sequence number - considering they seemed to be application and 'traffic' specific? But there was nothing I could do at the time, so I noted it down in a list of 'issues/blockers' to come back to later.

Block 2 (Application Header)

A bit more dry reading later, I managed to also throw together an application header:

Again, I’ve broken this down so it makes sense (if it didn’t already; I’m not one to assume):

NameValueContextApplication Header Flag2Block 2I/O IdentifierIInput Message (a message being sent)Message Type103103 = Single Customer Credit TransactionRecipient BICFBNKFR20FBNK (Bank Code) FR (Country Code) 20 (Location Code)Recipient Logical TerminalXAll General Purpose Application Messages must use 'X'Recipient BranchXXXAll General Purpose Application Messages must use 'XXX'Message PriorityNNormal (Not Urgent)

Awesome! No issues crafting this header!

Note: At this point I should probably mention that these BIC codes are not 'real', however are accurate in terms of in format and length.

Block 3 (User Header)

The third block is called the “User Header” block, which can be used to define some “special” processing rules. By leverage this header, I could specify that the message should be processed using “Straight Through Processing” (STP) rules which essentially attempts to ensure that the message is processed end-to-end without human intervention. This could be specified as follows:

However, this was not yet a valid header! As of November 2018 the user header requires a mandatory “Unique end-to-end transaction reference” (UETR) value, which was introduced as part of SWIFT's Global Payments Innovation initiative (gpi)! This is a Globally Unique Identifier (GUID) compliant with the 4th version of the generation algorithm used by the IETF standard 'RFC4122'. This consists of 32 hexadecimal characters, divided into 5 parts by hyphens as follows:

where:

x – any lowercase hexadecimal character;

4 – fixed value;

y – either: 8, 9, a, b.

This value can be generated using Python as seen below:

With an acceptable UETR generated, this is how the third block looked:

And as before, a breakdown can be found below:

NameValueContextUser Header Flag3Block 3Validation Flag119Indicates whether FIN must perform any type of special validationValidation FieldSTPRequests the FIN system to validate the message according to the straight through processing principlesUETR Field121Indicates the Unique end-to-end transaction reference valueUETR Value8b1b42b5-669f-46ff-b2f2-c21f99788834Unique end-to-end transaction reference used to track payment instruction

Block 5 and 6 (Trailer and System Blocks)

I’ve already discussed “block 4” (the message body), so to wrap this section up, I'll be looking at the final 2 blocks: Block 5, aka the “Trailer”; and block S, aka the “System” block.

Before going forward, let me take a moment to explain the pointlessly complicated concept of input and output messages:

An “input” message (I) is a message which is traveling “outbound” from the institution. So this is a message being “input” by an operator and sent by the institution to another institution.

An “output” message (O) is a message which is traveling “inbound” to the institution. So this is a message being “output” by SWIFTNet and being received by the institution.

OK, moving swiftly (aaaahhhhh!) on.

For Input messages, these blocks were not too much of a problem. The headers only really seemed to be used to flag whether the message was for training / testing or to flag if it was a possible duplicate, which syntactically took the following form:

Where “TNG” indicated “training” and “SPD” indicated “possible duplicate”.

However, with Output messages, it got considerably more complicated. An example of what the trailer and system block could look like on an Output message is the following:

A breakdown of these various values is:

Trailer ((5:) MAC – Message Authentication Code calculated based on the entire contents of the message using a key that has been exchanged with the destination bank and a secret algorithm; CHK – This is a PKI checksum of the message body, used to ensure the message has not been corrupted in transit; TNG – A flag to indicate that the message is a Testing and Training Message.

System ((S:) SPD – Possible Duplicate Flag SAC – Successfully Authenticated and Authorized Flag. This is only present if:

Signature verification was successful.

RMA (Relationship Management Application) authorization and verification was successful.

COP – Flag indicating that this is the primary message copy; MDG – The HMAC256 of the message using LAU keys.

However, these seemed to only be values I would need to consider if I was to try and forge an “incoming” message from SWIFTNet or an 'outbound' message on the output of the SAG.

So.. I'll stick with crafting an “input' message trailer:

Now, having said all that, it turned out the trailer block did seem to sometimes hold a MAC code and a message checksum (sigh), meaning I actually needed to construct something like:

So that was +2 to my 'issues/blockers' list. However, issues aside, I now understood the complete message format, and could put it all together and save the following as a draft / template MT103 message:

Highlighted in bold above are the areas of the message I was - at this point - unable to pre-determine. Nevertheless, a summary of what that the message describes is:

Using the transaction reference “TRANSACTIONRF103”;

please transfer 500,000.00 GBP;

from John Doe, (IBAN: GB22EBNK88227712345678) at “English Bank” (BIC: EBNKGB20);

to Alice Smith (IBAN: FR20FBNK88332287654321) at “French Bank” (BIC: FBNKFR20);

Furthermore, please ensure the transaction charge is shared between the two institutions;

and mark the payment with a reference of “12345-67890”.

To wrap up this section, i wanted to take a moment to explain some logic behind the target of 500,000 GBP, as it is also important.

Aside from the many reasons it would be better to transfer (even) smaller amounts (which is an increasingly common tactic deployed by modern threat actors), why not go higher? This is where it’s important to understand the system and environment you are targeting.

In this instance, let's assume that by doing recon for a while I gathered the understanding that:

If a message comes from SYS which is over £500k;

even if it has been subject to a 4 eye check;

and even if it is flagged for STP processing;

route it to a verification queue and hold it for manual verification.

This was because a transaction over £500k was determined to be “abnormal” for SYS. As such, if my transaction was greater, the message would not propagate through all systems automatically.

OK, so now that I understood:

how the system worked;

how it communicated;

the fundamental structure of a raw MT103 payment messages;

and how much I could reliably (attempt) to transfer.

And with that, it was time to take a break from MT standards and establish an understanding of how I would even get into a position to put this into practice!

To place a message on a queue, I was going to need two things:

Access to the correct queue manager;

Write access to the correct queues.

Depending on the environment and organisation, access to queue managers could be quite different and complex. However a bare-bones setup may take the following form:

An MQ Administrator accesses their dedicated workstation using AD credentials;

They then remotely access a dedicated jump server via RDP which only their host is whitelisted to access;

This may be required as the queues may make use of Channel Authentication Records, authorizing specific systems and user accounts access to specific queues;

The channels may further be protected by MQ Message Encryption (MQME) which encrypts messages at rest based on specific channels. As such, even if someone was a “super duper master admin” they would only be able to read / write to queues specifically allocated to them within the MQME configuration file (potential target for another time?);

The MQ Admin can then use tools such via the Jump Server to read/write to their desired message queues.

So, in this scenario, to gain access to the message queues I - as an attacker - would need to compromise the MQ admin’s AD account and workstations, then use this to gain access to the jump host, from where I could then access the message queues given I knew the correct channel name and was configured with authorization to access it.. and maybe throw some MFA in there..

That is understandably a significant requirement! However, when discussion sophisticated attacks against Financial Market Infrastructure (FMI), it is more than reasonable to accept that an Advanced Persistent Threat (APT) would see this as a feasible objective - We don't need to dig into the history of how sophisticated attacks targeting SWIFT systems can be.

Next, it was time to finally identify a feasible attack vector for message forgery.

Now with an idea of how to gain the right access, as well as an understanding of the various technologies and security controls in place; I update my diagram:

You may have noticed I've added something called “LAU” around the SAA-to-SAG adapter, and another “LAU” to the MID-to-SAA MQ channels, which I have yet to explain. “Local Authentication” (LAU) is a security control implemented by SWIFT to authenticate messages using a pair of shared keys between two systems. These keys are combined and used to generate a SHA256 HMAC of the message and append it to the S block. This can then be validated by the recipient system. Effectively, this validates the origin and authenticity of a message. As such, even if an attacker was in position to introduce a fraudulent payment, they'd first need to compromise both the left and the right LAU signing keys, generate the correct HMAC, and append it to the message in order to have it accepted / processed successfully.

But LAU aside, I now just needed to figure out which queue to target! There were a lot of queues to work with as each system essentially has multiple “input” and “output” queues. With that in mind, it was important to note that: an incoming message would require being in the format expected by the target system (from a specific upstream system) and an outgoing message would need to be in the format “produced” by one target system and “expected / ingested / processed” by its respective downstream system. So to figure this out, I worked backwards from the Gateway.

Targeting SAG

This was the least feasible attack vector!

I hadn't really looked into how the SWIFT adapters worked - If only I could research literally everything);

SAA and SAG implemented LAU on messages sent between them - An excellent security control!;

The output of SAG was directly on to SWIFTNet which would entail all sorts of other complications - this is an understatement)!

Next!

Targeting SAA

So what if I wanted to drop a message on the “outbound” channel of SAA?

LAU and the SWIFT adapter aside, remember those session and sequence numbers? Well, messages which leave SAA are in the near-final stages of their outbound life-cycle, and as far as I understood would need to have valid session and sequence values. Given I didn't know how to generate these values without gaining access to SAA or how they worked in general (and lets not forget the LAU signing) this didn't currently seem feasible.

Next!

Targeting SANCT

This solution didn't actually transport messages back and forth; it just reads messages off the queues and performed checks on their details. Not much I could wanted to leverage here.

Targeting MID

To target MID, I could try and inject a message onto SAA’s “input” queue, or the “output” queue of MID. This would only need to match the format of messages produced by the Middleware solution (MID). Following this, in theory, the (mistial) message session and sequence number would be added by SAA, along with the UETR. This was promising!

However, MID was a SWIFT “message partner”, which are typically solutions developed using the Alliance Access Development Kit that allows vendors to develop SWIFTNet compatible software, and consequentially, implement LAU. So again, in-order to forge a message here, I’d need to compromise the left and right LAU signing keys used between SAA and MID, manually HMAC the message (correctly!), and then place it on the correct queue.. This also no longer looked promising..

Targeting SYS

OK, how about the input of the next system down - the 'Payment System'?

5m Mathmrs. Mac's Messages To My

As described previously, the inbound data was a custom “application specific” payment instruction from the institutions back office systems, and not a SWIFT MT message. This would be an entirely new core concept I'd need to reverse - not ideal for this project.

But how about the output queue?

Although SYS received custom format data, I found that it output what seemed to be an initial SWIFT MT messages. This was perfect! Additionally, SYS did not have LAU between itself and MID because (unlike MID) SYS was not a SWIFT message partner, and was just one of many-many systems within the institution that formed their overall payment landscape.

Additionally, because SYS was esentially just one small piece of a much larger back office architecture, it was not part of the SWIFT Secure Zone (after all you cant have your entire estate in the Secure Zone - that defeats the purpose) and as such, made use of the Queue Manager within a more accessible section of the general corporate environment (QM1). Konica minolta bizhub c352 driver mac os xcompubrown recovery tool.

With this in mind, and having - in theory - compromised the MQ admin, I could leverage their access to access on the corporate network to authenticate to QM1. I could - in theory - then write a fraudulent payment message to the SYS “output” queue, which we will call “SYS_PAY_OUT_Q” from here on.

OK! It seems like I finally had an idea of what to do! But before I could put it into practice, I of course needed to create a diagram of the attack:

I think it’s important to take a minute to refer back to the concept of “trust” which is what lead to this attack diagram. My theory behind why this may work is because the MID application, implicitly trusts whatever it receives from its respective upstream systems. This is intentional, as by design the security model of the payment landscape ensures that: at any point a message can be created, a 4 (or 6) eye check is performed. If there was a system whose purpose it was to ensure the validity of a payment message at any point upstream, the downstream systems should have no real issue processing that message (with some exceptions). After all, It would be next to-impossible to maintain a high-throughput payment system without this design.

And with that said, the plan was now clear:

Leverage the access of a Message Queue administrator;

to abuse the “trust relationship” between SYS, MID, and SAA;

to introduce a fraudulent payment message directly on to the output queue of SYS;

by leaning on my new found understanding of complete MT103 payment messages.

It was finally time to try to demonstrate a Proof-of-Concept attack!

So at this point I believe I had everything I needed in order to execute the attack:

The target system!

The message format!

The queue manager!

The queue!

The access requirements!

The generously granted access to a fully functional SWIFT messaging architecture! (that’s a good one to have!)

The extra-generously granted support of various SMEs from the target institution! (This was even better to have!)

Message Forgery

I needed to begin by creating a valid payment message using valid details from the target institution. So before moving on I was provided with the following (Note: as with many things in this post, these details have been faked):

Debtor Account Details – John Doe, GB12EBNK88227712345678 at EBNKGB20

Creditor Account Details – Alice Smith, GB15EBNK88332287654321 at EBNKGB20

Some of you may have notice that the sending and receiving BIC’s are the same. This was because, for the sake of the research, I wanted to send the message back to the target institution via SWIFTNet so that I could analyse its full end-to-end message history. Furthermore, you may have noticed we are using 'test & training' BIC code (where the 8th character is a 0) - this was to make sure, you know, that I kept my job.

But yes, with access to these 'valid' account details and the knowledge gained during the research so far, I could now forge a complete Input MT103 messages:

Note: Field 33B is actually an optional field, however, the MT standard stated that “If the country codes of both the Sender’s and the Receiver’s BIC belong to the country code list, then field 33B is mandatory”. As such, if 33B was not present in the message, it would fail network validation rules and SWIFTNet would return a NAK with the error code: D49.

Optional / Mandatory fields aside, it was not quite that simple! There were a few minor changes I needed to make based on the specific point in the message's its life-cycle I was planning to introduce it!

As I list these changes, remember that the objective is to introduce the message to the output queue of SYS (Which exists before MID, SAA and SAG)

The first 3 blocks needed to be placed on a single line;

Remove field 121 (UETR) from the User Header, as this would be generated by SAA during processing;

Remove 1 character from the transaction reference as it needed to be exactly 16 characters (classic user error);

Add decimal point to transaction amount using a comma - otherwise it would fail syntax validation rules;

Ensure the IBAN's were real and accurate, otherwise it seemed the message would fail some type of signature validation on the SWIFT network. The IBANs are fake here, but during the real PoC we used accurate account details in collaboration with the target institution;

Remove the trailer block (5) - as this would be appended by SAA during processing;

Remove the System Block (S) - as this would be completed by the SAG.

And the final message was as follows:

Note that the location in which I introduce the message has resolved all of the 'issues / blockers' I'd tracked whilst researching the message structure! It would seem the further upstream you go, the easier the attack becomes - given MQ is still used as a transport medium.

Message Injection

Now I had my raw MT103 message, I just need to save it to a file (“Message.txt” - sure why not) and place onto the “SYS_PAY_OUT_Q” queue using one of the admin's tools:

With access to a sole MQ Administrator's AD account;

We connect to the MQ admins machine;

Log into the Jump Server;

Open our MQ tools of choice and authenticate to queue manager (QM1) where the output queue for SYS was managed;

Connected to the 'SYS_PAY_OUT_Q' queue;

Selected my forged “Message.txt” file;

Invoked the “write to queue” function;

And it was off!

Loggin in to Alliance Access and opening the message history tab, we sat awaiting for an update. Waiting, waiting, waiting… waiting… and..

ACK! It worked!

That's a joke; did we hell receive an ACK!

See, this last section is written slightly more 'linear' than what actually happened. Remember those 'tweaks' used to fix the message in the previous section? I hadn't quite figured that out yet..

So roughly seven NACKs later - each time troubleshooting and then fixing a different issues - we did indeed, see an ACK! The message was successfully processed by all systems, passed target system validation rules, passed sanctions and AML screening, passed SWIFTNet validation rules, and SWIFT’s regional processor had received the message and sent an 'Acknowledgement of receipt' response to the sending institution!

For the sake of completeness, I’ve included the ACK below:

And of course a breakdown of what it all means:

NameValueContextBasic Header Flag1Block 1Application TypeFF = FIN ApplicationMessage Type2121 = ACKInstitution CodeEBNKGB20AXXXEBNKGB20 (BIC) A (Logical Terminal) XXX (Branch)Sequence and Session No.19473923441947 (Sequence No.) 392344 (Session No.)Date Tag177200103 (Date) 1102 (Time)Accept / Reject Tag4510 = Accepted by SWIFTNet

Excellent! WooHoo! It worked! .. That took a lot of time and effort!

Closer Inspection

But the ACK wasn't enough, I wanted to make sure I understood what had happened to the message throughout its life-cycle. From the message I placed on the initial queue, to being processed by SWIFTNet.

Thankfully, as we sent the message back to the target institution we could see its entire message history. I already knew what the raw message placed on the queue looked like, so I wanted to focus on what became of the message once it had been processed by SAA:

The end-to-end tracking UUID had been generated and added (b42857ce-3931-49bf-ba34-16dd7a0c929f) in block 3;

The message trailer had been added ((5:(TNG:))) where I could see that - due to the BIC code used - SAA had flagged the message as 'test and training'.

Additionally, an initial System Block segment had been added ((S:(SPD:))), tagging the message as a possible duplicate. I wonder why - *cough* 7th attempt *cough*?

OK, so that was SAA. Now let’s see how it looked it once it passed through the Gateway and regional processor:

OK, we can see a few changes now.

The session and sequence numbers have been populated (1947392344);

The I/O identifier in block 2 has been updated to track that it is now an 'Output' message;

The additional data within Block 2 is a combination of the input time, date, BIC, session and sequence numbers, output date/time, and priority;

The trailer has been updated with a message authentication code (MAC) calculated based on the entire contents of the message using a pre-shared key and a secret algorithm;

Additionally, a checksum of the message body has been stored within the trailer’s “CHK” tag. This is used by the network to ensure message integrity.

I also took a look at the entire outbound message history, just to see all the “Success” and “No violation” statements to make it feel even more awesome!

So that's that really..

With a bit of research and support I was able to demonstrate a PoC for introducing a fraudulent payment message to move funds from one account to another, by manually forging a raw SWIFT MT103 single customer credit transfer message, and leveraging various system trust relationships to do a lot of the hard work for me! https://arfox158.tumblr.com/post/655263262721638400/wireless-external-hard-drive-for-mac.

As mentioned briefly in the introduction, this is not something I have really seen or heard of happening in practice or in the 'wild'. Perhaps because it clearly takes a lot of work.. and there is a huge margin for error. However, if an adversary has spent enough time inside your network and has had access to the right documentation and resources, this may be a viable attack vector. It definitely has its benefits:

No need to compromise multiple payment operators;

No requirement to compromise - or establish a foothold within - the SWIFT Secure Zone;

No requirement to bypass MFA and gain credentials for a messaging interface;

No generation of application user activity logs;

No payment application login alerts;

No bespoke app-specific and tailored malware;

And all the other things associated with the complex task of gaining and leveraging payment operator access.

All an attacker may need to do is compromise one specific user on the corporate network: a Message Queue administrator.

The industry is spending a lot of time and effort focused on securing their payment systems, applications, processes, and users to keep - among other things - payment operators safe, Messaging Interfaces locked down, and SWIFT systems isolated. But the reality is,; the most valuable and most powerful individual in the entire model, might just be a single administrator!

As always, a security model is only as strong as its weakest link. If you're not applying the same level of security to your wider institution, there may very well be many weak links within the wider network which chain together and lead to the comrpomise of systems which feed into your various payment environment.

I think the main thing to remember when reflecting on this research is that it did not abuse any vulnerabilities within the target institution's systems, or even vulnerabilities or weaknesses within the design of their architecture. It simply leverages the legitimate user access of the Message Queue administrators and the trust relationships that exist by design within these types of large-scale payment processing systems.

So the harsh reality is, there is no particular list of recommendations for preventing this type of attack in itself. However, the main point to drive home is that you must ensure the security of your users - and overall organisation - is of a high enough standard to protect your highest privileged users from being compromised. Things such as:

Strong monitoring and alerting controls for anomalous behaviour;

Requirements for Multi-Factor authentication for access to critical infrastructure;

Segregation of critical infrastructure from the wider general IT network;

Strong password policies;

Well rehearsed incident detection and incident response policies and procedures;

Frequent high-quality security awareness training of staff;

Secure Software Development training for your developers;

Routine technical security assessments of all critical systems and components;

The use of 3rd party software from reputable and trusted vendors;

However, in the context of Message Queues, there is one particular control which I think is extremely valuable: The implementation of channel specific message signing! This, as demonstrated by SWIFT's LAU control, is a good way in which to ensure the authenticity of a message.

As discussed, LAU is - as far as I know at the time of writing - a SWIFT product / message partner specific control. However it's concept is universal and could be implemented in many forms, two of which are:

Update your in-house application's to support message signing, natively;

Develop a middleware component which performs message signing on each system, locally.

This is a complex requirement as it requires considerable effort on the client’s behalf to implement either approach. However, SWIFT provides guidance within their Alliance Access Developers guide on how to implement LAU in Java, Objective C, Scala and Swift;

Strip any S block from the FIN message input. Keep only blocks 1: through 5;

Use the FIN message input as a binary value (unsigned char in C language, byte in Java). The FIN message input must be coded in the ASCII character set;

Combine the left LAU key and the right LAU key as one string. The merged LAU key must be used as a binary value (unsigned char in C language, byte in Java). The merged LAU key must be coded in the ASCII character set;

Call a HMAC256 routine to compute the hash value. The hash value must also be treated as a binary value (unsigned char in C language, byte in Java). The HMAC size is 32 bytes;

Convert the HMAC binary values to uppercase hexadecimal printable characters.

An example of how this may work in the more flexible middleware solution proposed is where the original service is no longer exposed to the network, and is altered to only communicate directly with the custom 'LAU-eqsue' service on its local host. This service would then sign and route the message to its respective queue.

When received, the core of the recipient payment service would seek to retrieve its messages from the queues via the 'LAU-esque' signing middleware, which would retrieve the message and subsequently verify its origin and authenticity by re-calculating the signature using their shared (secret) keys. Key-pairs could further be unique per message flow. This design could allow for the signing to be used as a way to validate the origin of a message even if it had passed through multiple (local) intermediary systems.

As a final bit of creative effort, I made yet another diagram to represent what this could perhaps look like - if life was as easy as a diagram:

If you made it this far thanks for reading all.. ~6k words!? I hope you found some of them interesting and maybe learned a thing or two!

I'd like express our gratitude to the institution who facilitated this research, as well as specifically to the various SMEs within that institution who gave their valuable time to support it throughout.

Fineksus - SWIFT Standard Changes 2019

https://fineksus.com/swift-mt-standard-changes-2019/

Paiementor - SWIFT MT Message Structure Blocks 1 to 5

https://www.paiementor.com/swift-mt-message-structure-blocks-1-to-5/

SEPA for corporates - The Difference between a SWIFT ACK and SWIFT NACK

https://www.sepaforcorporates.com/swift-for-corporates/quick-guide-swift-mt101-format/

SEPA for corporates - Explained: SWIFT gpi UETR – Unique End-to-End Transaction Reference

https://www.sepaforcorporates.com/swift-for-corporates/explained-swift-gpi-uetr-unique-end-to-end-transaction-reference/

M DIBA - LAU for SWIFT Message Partners

https://www.linkedin.com/pulse/lau-swift-message-partners-mohammad-diba-1/

Prowide - About SWIFT

https://www.prowidesoftware.com/about-SWIFT.jsp

5m Mathmrs. Mac's Messages For Her

Microsoft - SWIFT Schemas

https://docs.microsoft.com/en-us/biztalk/adapters-and-accelerators/accelerator-swift/swift-schemas

SWIFT FIN Guru - SWIFT message block structure

http://www.swiftfinguru.com/2017/02/swift-message-block-structure.html

2 notes · View notes

letteredlettered · 4 years ago

Text

So, some of my recent and also very old asks have been swallowed, a few due to user error but others for Unknowable Reasons. If you’re really worried about it, feel free to ask again, though I can’t promise to answer quickly.

I want to be clear that I have a backlog of 6 months of asks, which developed due to several factors: a long period of sickness, quarentine with my gf, and one asks which has required an essay that may prove longer than most people’s word count for a month. I’ve answered most of this backlog, but not posted them. Sorry!

I have an extremely long attention span, which is highly advantageous in a lot of situations, but it’s quite hard for me to do short little things. Unfortunately, most social media, including tumblr, is built for short little things. Therefore, one of the only ways it works for me is to do things like answer asks in 4-6-hour blocks and queue them. This creates the illusion that I am able to interact with the world like a normal person, which I value.

I also want to be clear that I have a few asks that are a year to two years old, that I didn’t answer because they were difficult or deserved longer answers. I still plan on answering those too.

Welcome to my world of constant planning and infrequent execution. My present to my girlfriend for our anniversary was to tell her about the gift I would have made, had I actually finished it.

#asks

31 notes · View notes

maxismatchccworld · 6 years ago

Text

Sims 4 Patch Notes

UPDATE: 4/16/2019 – PC 1.51.75.1020 / Mac 1.51.75.1220

Happy April, Simmers. Nice to meet you! Maxis hired me as a freelance writer to work on these game update notes. (Side note — if you find a problem, blame SimGuru Graham — he’s my editor.) In all honesty, it’s a pretty sweet gig. I got to see the new Expansion Pack, Game Pack, and Stuff Pack that the team is working on, and did you know that they bring in bagels on Fridays? But hey, enough about me. Being a freelancer, I’ll be gone again before you know it.

Anyway, funny coincidence; there’s actually a brand-new Freelancer career arriving in this update that’s free for all players. I was playing around with it earlier, and go figure… my Sim self earns more money as a freelance writer than I do! Geez; guess I’ll have to live out my fantasies of getting rich through The Sims again. Looking beyond the new, free features though, I’ve got to say… those SimGurus really knocked it out of the park with this one. Just look at all those lovely fixes to many of the top discussed community issues!

Well, let’s get to it, shall we? Here’s everything you’ll find in this April update. Have fun!

Yours truly,

Sue D. Nym

Freelance Writer Extraordinaire

NEW CONTENT

Freelancer Career

Freelancer is a brand-new type of career. Sims can choose to be a Freelance Artist, Programmer, or Writer, and will work through an agency that will connect them with a variety of gigs. Unlike other careers, there’s no defined work schedule to worry yourself over. Need some extra Simoleons? Smash through a few gigs in a single day and get paid! Need some time off? No problem – plenty of gigs will be waiting for you when you’re ready to get back to work. Your office is wherever you want it to be. Perhaps a quiet corner in the local library, or maybe you’d prefer a home office decked out in the new set of office furniture? You’re your own boss, so the choice is yours! Completion of gigs across the different agencies will lead to a variety of rewards, and ever-increasing pay. Really, it’s the best Sims career Maxis has ever made. [Sue, please… remove this. No editorializing. – SimGuruGraham]

New Objects

This free set of home office furniture and decor is ideal for your burgeoning Freelancer Sims!

Bookcase: Edgier LadderCase

Desk: Anglette Desk

Desk Chair: The Professional

End Table: A Cute Anglette

Decor: Not So Simple Pen Holder

Decor: Hand Reference Model

Decor: Robo, The Friendly Circuitry Kit

Decor: The Note Book

Laptop: FreeRoam Portable Computing Device

Wall Decor: Better As A Pair Of Paintings

Wall Decor: Supreme Freelancer Award

New Clothing

Freelancers tend to want comfy, but professional outfits. We’ve got them covered with the following new pieces of clothing.

Women

Men

A cable knit cardigan outfit

A sweater and skirt outfit

A layered sweater

A pair of flats

A collared sweater

A button up shirt

A crewneck sweater

A pair of drawstring pants

Moschino

In collaboration with Moschino, your Sims can now enjoy an item from the Moschino X The Sims Capsule Collection. The new Freezer Bunny hoodie can be found in the Create a Sim catalog.

Immaculate White Shelf

I could have buried this down in the Fixes & Updates section, but… it’s kind of a big deal. There’s now a plain white version of “The Immaculate” shelf available in Buy Mode!

[Note to self: Sue seemed super excited about this. It sure seems like something we should do more of… – SimGuruGraham]

FIXES & UPDATES

The Sims 4

Sims will travel to the correct venue when invited out to an event by a NPC Sim.

Fixed an issue where the UI would occasionally indicate that a Sim was at work, when they were actually at home, which would block access to the Sim’s inventory.

Sims will no longer receive random phone calls from other Sims between the hours of 8pm and 10am, allowing them to enjoy a full – and speedy – night’s sleep.

Fixed an issue where multiple music tracks could end up looping and playing simultaneously.

Expecting parents will once again be able to “Take Family Leave” via their phone to take time off from work.

Fixed an issue where a Sim who had cheated with another Sim romantically, were then unable to successfully propose to that Sim and get married.

Fixed an issue where Sims in the eSport Gamer branch of the Tech Guru career were not earning money when programming video games.

The Pick Up Serving Together interaction will no longer cause one of the Sims involved to fail to route to the food.

Fixed an issue where interactions on the Digitalistic Sketchpad object would disappear if a Sim’s actions were canceled while they were picking up the Digitalistic Sketchpad.

Updated the Digitalistic Sketchpad object so that creating paintings on it will satisfy Aspiration goals and work tasks that involve painting.

Fixed an issue with the Lin-Z Smart Speaker, where the interaction to hire a Gardener would remain unselectable, even when the home had a garden that needed tending.

Sims will now look at the Lin-Z Smart Speaker when speaking to it.

The “Pre-Owned Painter’s Easel”, that’s unlocked via the Painter career, will now provide an Inspirational emotional aura, instead of a Focused emotional aura.

Fixed an issue where staircases were not rendering properly while held by a mouse cursor.

Updated positioning of overlapping Search & Reset buttons in a player’s catalog within the Gallery.

Adjusted icons of Lunar New Year recipes to better display what food you’re looking at within an inventory.

The children’s Yin & Yang Necklace will no longer clip into their neck when wearing a shirt that’s tucked in.

The “CleanRoom” wall pattern, which was previously missing a name for its 5th color variant, has now had that specific color variant named “Like Sand”.

Added the ability to click through different pack art on the main menu for any of the packs you currently have installed.

A new content alert icon has been added to individual careers within the Select a Career panel, to help players find new careers that have been added to their game.

Note: If a save file created prior to this update contains a Sim that’s already in this bad state, simply traveling to another lot with that Sim will permanently fix this issue.

As far as I’m aware, this is the only instance in the game where a color variant has been given a unique name. Huh… neat!

Mac

Fixed an issue for Mac users with Intel integrated graphics, where the mouse cursor would not move properly after adjusting the shape of a Sim’s body in Create a Sim.

Removed an outdated file that was causing a false error message to appear for 64-bit Mac users that said, “The Sims 4” is not optimized for your Mac and needs to be updated.”

Get To Work

Scientists will once again wear an appropriate outfit when going to work even if StrangerVille is not installed.

The “Chemical Analyzer” object can now be purchased from Build Mode without having to use a cheat.

Fixed an issue where selecting the Randomize from Gallery option until receiving an alien Sim, and then further randomizing that specific Sim, could result in a naked alien Sim.

Made updates to the list of valid objects that can be selected as the outcome of the SimRay’s “Transform Object” interaction.

City Living

Fixed an issue where objects from multiple festivals were appearing on top of each other in the neighborhood simultaneously.

Apartment landlords will now leave the apartment immediately after addressing a tenant’s complaint.

Added the ability for Sims with the Vegetarian trait to hire a Vegetarian Caterer by clicking on Stoves or Refrigerators.

Vegetarian Sims will no longer enjoy eating Mud Carp.

Cats & Dogs

After installing this update, Sims who adopt an animal after befriending them will be able to become companions with them and lecture them for misbehavior.

Fixed an issue where hungry pets would not eat from food bowls autonomously.

The pet toy box will no longer have its position rotated in a random direction when a Sim returns home from an active career.

Fixed an issue where the “Litter-Matic Scoop-Free” litterbox wasn’t looking clean after cat poop had been removed.

Fixed an issue with the Pet Adoption Agency, where they would occasionally show up at a Sim’s home without any pets to adopt, and would simply stand at the home’s front door and not do anything.

Note: Sims who have already adopted an animal after befriending them, in a save file created prior to this update, will continue to experience this issue. We’re investigating a separate fix for this issue in existing save files.

We’ve placed the magic gnomes responsible for this in the naughty box alongside SimGuruNinja.

Seasons

Updated the Gardening career so that Sims will earn more than 10 Simoleons per completed work shift.

Fixed an issue where on days where no holiday was set to occur, a Sim’s work schedule would update to falsely indicate that the day was a Holiday just prior to going to work, causing the Sim to stay home for the day.

Fixed an issue where NPC Sims were not autonomously using the skating rinks that appear in certain neighborhoods.

Toddlers will no longer attempt to queue up behavior to “Run Inside” during bad weather conditions if they’re already inside.

Fixed an issue where Sims voices could not be heard when Singing Together around a Holiday Tree if City Living was not installed.

Get Famous

The Acting career task to “Get Into Hair and Makeup” can be successfully completed once again.

Fixed an issue where celebrity Sims who had been set to use their normal walkstyle were switching back to using the celebrity walkstyle after traveling to certain types of venues.

Three star celebrity Sims will no longer use the celebrity walkstyle.

Dine Out

Players who have City Living installed can now add the Siopao and Ensaymada dishes to their restaurant’s menu. Yum!

Vampires

Vampire Sims created after installing this update will be able to continue to gain points after reaching the rank of Grand Master.

Fixed some circumstances where Vampire NPCs could appear at a venue and prevent the player from being able to save the game.

Fixed an issue where NPC Vampires would have their Vampire Energy drained after completing a load, which was causing them to idle in place instead of performing their expected autonomous behavior.

Note: Vampires that already exist will continue to experience a problem with gaining points after reaching Grand Master. We’re investigating a separate fix for Vampires in existing save files.

StrangerVille

Fixed an issue where Sims that had been shared to the Gallery after completing Act 1 of the StrangerVille Mystery would be blocked from progressing in the mystery when downloaded from the Gallery into a new game.

The following environment objects, which were created for StrangerVille, have been added to the Build Mode debug catalog to allow placement on lots. Players must enter the bb.showhiddenobjects cheat before they can be seen in the catalog.

Added proper images to the Officer and Covert Operator branches of the Military career.

Removed the “Question about Spores in Lab” interaction for Sims who have already acquired the Modified Hazmat Suit.

Removed the “Heart of the Pack” styled look from Create a Sim, as it was authored using clothing that’s only available to Sims that have joined the Military career.

Updated the pack information panel on the main menu to not display world objects under the Build Mode Items.

10 different cacti

3 different Joshua trees

3 different RVs

2 clusters of rocks

2 junked cars

A group of desert flowers

A military truck

A tire

A parking stop

My First Pet Stuff

Fixed an issue where deleting/selling the rodent habitat could cause the game to become unresponsive.

Holiday Celebration Pack

The Crown Roast platter will now show a partially eaten state when half of its servings have been taken.

I’d like to adjust the wording here, as this issue was not specific to stray pets and there may be confusion. The bug was happening if you became Friends with the pet before using the Adopt interaction. You HAVE to become Friends for Adopt to become available on a stray, but some users were encountering this by petting their computer-adopted pet a bunch of times before hitting Adopt.

#s4cc #s4mm #ts4cc #ts4mm #maxis match #thesims4 #s4 patch update #s4 patch notes

124 notes · View notes

loquaciousquark · 6 years ago

Text

Hey, all, I’m probably not going to be around much for a few months aside from queues & TM posts.

Work stress has taken over my life in a way it never has before. A very long story short, my closest coworker (both friend-wise and workload-wise) took another job that began at the end of April. While she knew from November she was going to take this job, she did not inform administration until the very final contractual required moment of 30 days out. This means there has been no chance for admin to be looking for long-term qualified candidates to replace her position, since to get hired on at the school even on a temporary faculty basis takes about six-eight weeks.

(She told me about this job in November, but made me promise at the time not to tell anyone because she was going to tell them soon. Then, as schedules were being planned out for this summer and her time was being allotted under the assumption she would be there, she deliberately said nothing and made me answer the emails so she wouldn’t be “lying.” I have known this hell has been coming for me for five months and haven’t been able to do anything about it because I gave her my word.)

In addition, while not her fault, three other administrative support employees and two other faculty members have left/will be leaving in less than a month as well. One employee’s family member died unexpectedly, one employee was grossly incompetent (although I can’t remember the last time we actually fired someone for that), and the other faculty members are leaving for really good jobs elsewhere. Just very unfortunate timing that means we are all spread excruciatingly thin for now.

This all comes at a time where I am actively beginning that Service Director position for the primary care clinic on top of everything else. This position, while I think a great fit for me, what else I teach in the school, and how I plan/organize/relate to the students, has come at a terrible time because it in and of itself is a massive amount of work, especially getting it off the ground. If I’m going to implement all these new policies and changes I’ve been dreaming of for years, I need to do it at the beginning of my tenure--to try and keep everything going the way it has been and change later once everything calms down would be infinitely more work at that time & have a bunch more pushback from both the students and the faculty I now lead as part of this clinic, many of which have decades of seniority on me.

I’m doing the work of two-and-a-half full-time faculty right now. I do still really love this job, but right now I can’t handle it.

I’m grinding my teeth at night and clenching my jaw during the day. My dentist suddenly wants me to get a bite plate when before a few months ago, I’d never ground my teeth in my life. I’m getting excruciating stress/tension headaches almost every other day from how tight every muscle of my face and neck is. I’ve gained over ten pounds in the last two months from eating like crap because anything that requires more than two steps of prep is mentally, physically, and emotionally impossible, which has the added effect of making me want to cry every time I look in a mirror and see my stomach so far away from my mental “normal,” because I was already seven pounds or so more than I wanted to be. I’m only getting three or four hours of sleep a night despite melatonin because my mind is just reciting checklist after checklist of things I need to do to keep all my sudden responsibilities on track.

I saw my psychiatrist today (which in and of itself was overwhelming--I thought until I was leaving for the appointment that today was my annual physical, and it wasn’t until I was checking the auto-filled address that I realized it was in the wrong building for that. Turns out I’d independently scheduled both the psych follow-up & the physical within a few days of each other, and I’d missed the text appointment reminders for the physical because the psych ones were more recent. I have never straight up no-showed an appointment in my life before this.)

I only had about thirty minutes with her, but part of the problem is that I haven’t taken my meds regularly in over a month because even such a little thing was too difficult. I’m going to try to start back on that, but...

I told her it doesn’t feel like I’m trying to keep plates spinning in the air. It feels like I have them all under control at the moment, they’re just excruciatingly heavy. The only way I’ve been handling this sudden pressure of doing basically two and a half jobs with no margin for error in any of them is being ruthlessly, relentlessly organized. Which is fine, except that I can feel how that changes my personality when I have to go so hard and regimented, and I hate how it feels to have both no margin and no grace.

I had a student the other day email me about a flight she booked for a Memorial Day vacation at 6pm on a Friday, not thinking about how clinic does not always end on the dot at 5pm. We (both students and faculty) are required to stay until the patient’s exam is complete. Sometimes that’s at five. Sometimes that’s at 6:30. On rare occasions I’ve stayed until 9pm in clinical care because that’s what was needed at the time for that patient.

She wanted to get out of clinic with an excused absence. We require three weeks’ minimum notice because when a student leaves without coverage, we have to reschedule all the patients they were meant to see. Her schedule was fully booked, and I had to say no, because right now I have nothing left to try to find an alternative for her. I hate saying no to students, especially when it’s something I truly could help them solve with some investment on my part, but right now--I’m sorry, but I can’t. Why on earth did you schedule a flight for 6pm on a day you have clinic until 5, especially when the airport is a 20-minute drive from the school even without traffic? I can’t fix this for you, not right now. You have to show up to clinic or find your own coverage. I don’t care how you do it, but someone has to be there, and I don’t have anything left in me to help you figure out how to do it.

My mom listens to a guy who sometimes talks about how you have to have a margin in your life to manage your stress. A margin in your work helps you enjoy your leisure time; if you don’t have that margin, even scheduled play feels stressful because you have work playing through your head the whole time.

I’m out of margin. I’m ten feet over the line in every direction I’m so out of margin, and I am constantly being asked by students and other faculty, “How are you doing now that the person who you shared 90% of your work life with is gone? Who’s going to help take over [year-long highly-intensive Methods course] now that Dr. So-and-So is gone? Who’s going to help you teach it since we all know what a gigantic course it is and how it’s always required two people to run full-time, and now you’re down to one who’s also taken on a bunch of other responsibilities at the exact same time?”

and they’re laughing when they say it. and i’m laughing when i tell them the truth, which is “no one.” and we all laugh together and inside my head i am ripping apart under the pressure.

Even if they hire someone by August, it’s not going to mean any relief until September due to onboarding, and even then it won’t be what I really need. This woman I worked with and I had both taught this course together for years, and before that we’d both taken it as students. We knew how it ran inside and out. We knew what the responsibilities were. We had the workload divided evenly and didn’t have to consult over every decision that was made--it just got done. Even if they do hire someone at lightning speed, I still have to train them. I have to show them where the group drive is on the faculty intranet. I have to teach them how it’s organized. I have to show them how to upload quizzes and how to grade them and how to edit the Excel practical documents and the timeframe we expect the grades back and why our grading standards are the way they are and what to say to guest graders and guest lab instructors and show them where the file folders are kept and where the .docx’s are kept and the way things are sorted and how the tests are written and how to extensively edit a PDF file and give them the contact information for faculty IT support (which still ends up being me half the time) and the manual printer and the woman who orders office supplies and the woman who orders clinical equipment and the man who orders building maintenance supplies and when you go to one and not the other and how electronic testing works and how to grade it and how to upload a document with all the specific little requirements the program wants to make sure it imports correctly and how to deal with the errors this program will inevitably throw back because it’s niche software for a niche school and that means it’ll never be user friendly.

It took me almost two years to really feel comfortable being co-coursemaster for this course because it is so unbelievably massive. Even if they hire someone by August, I still won’t have a full-time coursemaster pulling their weight until 2021.

The other metaphor I used with my psychiatrist is that I’m holding on to a cliff’s edge with my fingertips. Right now, I’ve got a pretty decent grip, but that doesn’t change the fact that if you put another pound on my back it might pull me right off the rock.

I don’t see practical relief coming any time soon. “What can we do to help? We want you to know you are very supported right now. You let us know what you need.” What can you do? Hire someone tomorrow who already knows how our computer system works, who can troubleshoot their own IT, who can look at a list of tasks that need to happen to get this Methods course fully ready every single semester of every single year and do them without any handholding from me. Hire someone with as much attention to detail as I’ve had to have because it’s the right way to do the damn job. Hire someone I won’t have to clean up after because to them “the cart in the closet” is the same thing as “the specific place on the labeled closet shelf where the equipment belongs.”

I’m clenching my teeth so hard they’re hurting, so I guess I have to stop. If you see me in-game somewhere, believe me, it’s not because I’ve caught up. It’s because I haven’t and I can’t bear thinking about how much I still have to do.

#quark rambles #optometry /#kindly refrain from reblogging

64 notes · View notes

hydrus · 4 years ago

Text

Version 422

youtube

windows

zip

exe

macOS

app

linux

tar.gz

🎉🎉 It was hydrus's birthday this week! 🎉🎉

I had a great week. I mostly fixed bugs and improved quality of life.

tags

It looks like when I optimised tag autocomplete around v419, I accidentally broke the advanced 'character:*'-style lookups (which you can enable under tags->manage tag display and search. I regret this is not the first time these clever queries have been broken by accident. I have fixed them this week and added several sets of unit tests to ensure I do not repeat this mistake.

These expansive searches should also work faster, cancel faster, and there are a few new neat cache optimisations to check when an expensive search's results for 'char' or 'character:' can quickly provide results for a later 'character:samus'. Overall, these queries should be a bit better all around. Let me know if you have any more trouble.

The single-tag right-click menu now always shows sibling and parent data, and for all services. Each service stacks siblings/parents into tall submenus, but the tall menu feels better to me than nested, so we'll see how that works out IRL. You can click any sibling or parent to copy to clipboard, so I have retired the 'copy' menu's older and simpler 'siblings' submenu.

misc

Some websites have a 'redirect' optimisation where if a gallery page has only one file, it moves you straight to the post page for that file. This has been a problem for hydrus for some time, and particularly affected users who were doing md5: queries on certain sites, but I believe the downloader engine can now handle it correctly, forwarding the redirect URL to the file queue. This is working on some slightly shakey tech that I want to improve more in future, but let me know how you get on with it.

The UPnPc executables (miniupnp, here https://miniupnp.tuxfamily.org/) are no longer bundled in the 'bin' directory. These files were a common cause of anti-virus false positives every few months, and are only used by a few advanced users to set up servers and hit network->data->manage upnp, so I have decided that new users will have to install it themselves going forward. Trying to perform a UPnP operation when the exe cannot be found now gives a popup message talking about the situation and pointing to the new readme in the bin directory.

After working with a user, it seems that some clients may not have certain indices that speed up sibling and parent lookups. I am not totally sure if this was due to hard drive damage or broken update logic, but the database now looks for and heals this problem on every boot.

parsing (advanced)

String converters can now encode or decode by 'unicode escape characters' ('\u0394'-to-'Δ') and 'html entities' ('&'-to-'&'). Also, when you tell a json formula to fetch 'json' rather than 'string', it no longer escapes unicode.

The hydrus downloader system no longer needs the borked 'bytes' decode for a 'file hash' content parser! These content parsers now have a 'hex'/'base64' dropdown in their UI, and you just deliver that string. This ugly situation was a legacy artifact of python2, now finally cleared up. Existing string converters now treat 'hex' or 'base64' decode steps as a no-op, and existing 'file hash' content parsers should update correctly to 'hex' or 'base64' based on what their string converters were doing previously. The help is updated to reflect this. hex/base64 encodes are still in as they are used for file lookup script hash initialisation, but they will likely get similar treatment in future.

birthday

🎉🎉🎉🎉🎉

On December 14th, 2011, the first non-experimental beta of hydrus was released. This week marks nine years. It has been a lot of work and a lot of fun.

Looking back on 2020, we converted a regularly buggy and crashy new Qt build to something much faster and nicer than we ever had with wx. Along with that came mpv and smooth video and finally audio playing out of the client. The PTR grew to a billion mappings(!), and with that came many rounds of database optimisation, speeding up many complicated tag and file searches. You can now save and load those searches, and most recently, search predicates are now editable in-place. Siblings and parents were updated to completely undoable virtual systems, resulting in much faster boot time and thumbnail load and greatly improved tag relationship logic. Subscriptions were broken into smaller objects, meaning they load and edit much faster, and several CPU-heavy routines no longer interrupt or judder browsing. And the Client API expanded to allow browsing applications and easier login solutions for difficult sites.

There are still a couple thousand things I would like to do, so I hope to keep going into 2021. I deeply appreciate the feedback, help, and support over the years. Thank you!

If you would like to further support my work and are in a position to do so, my simple no-reward Patreon is here: https://www.patreon.com/hydrus_dev

full list

advanced tags:

fixed the search code for various 'total' autocomplete searches like '*' and 'namespace:*', which were broken around v419's optimised regular tag lookups. these search types also have a round of their own search optimisations and improved cancel latency. I am sorry for the trouble here

expanded the database autocomplete fetch unit tests to handle these total lookups so I do not accidentally kill them due to typo/ignorance again

updated the autocomplete result cache object to consult a search's advanced search options (as under _tags->manage tag display and search_) to test whether a search cache for 'char' or 'character:' is able to serve results for a later 'character:samus' input

optimised file and tag search code for cases where someone might somehow sneak an unoptimised raw '*:subtag' or 'namespace:*' search text in

updated and expanded the autocomplete result cache unit tests to handle the new tested options and the various 'total' tests, so they aren't disabled by accident again

cancelling a autocomplete query with a gigantic number of results should now cancel much quicker when you have a lot of siblings

the single-tag right-click menu now shows siblings and parents info for every service, and will work on taglists in the 'all known tags' domain. clicking on any item will copy it to clipboard. this might result in megatall submenus, but we'll see. tall seems easier to use than nested per-service for now

the more primitive 'siblings' submenu on the taglist 'copy' right-click menu is now removed

right-click should no longer raise an error on esoteric taglists (such as tag filters and namespace colours). you might get some funky copy strings, which is sort of fun too

the copy string for the special namespace predicate ('namespace:*anything*') is now 'namespace:*', making it easier to copy/paste this across pages

misc:

the thumbnail right-click 'copy/open known urls by url class' commands now exclude those urls that match a more specific url class (e.g. /post/123456 vs /post/123456/image.jpg)

miniupnpc is no longer bundled in the official builds. this executable is only used by a few advanced users and was a regular cause of anti-virus false positives, so I have decided new users will have to install it manually going forward.

the client now looks for miniupnpc in more places, including the system path. when missing, its error popups have better explanation, pointing users to a new readme in the bin directory

UPnP errors now have more explanation for 'No IGD UPnP Device' errortext

the database's boot-repair function now ensures indices are created for: non-sha256 hashes, sibling and parent lookups, storage tag cache, and display tag cache. some users may be missing indices here for unknown update logic or hard drive damage reasons, and this should speed them right back up. the boot-repair function now broadcasts 'checking database for faults' to the splash, which you will see if it needs some time to work

the duplicates page once again correctly updates the potential pairs count in the 'filter' tab when potential search finishes or filtering finishes

added the --boot_debug launch switch, which for now prints additional splash screen texts to the log

the global pixmaps object is no longer initialised in client model boot, but now on first request

fixed type of --db_synchronous_override launch parameter, which was throwing type errors

updated the client file readwrite lock logic and brushed up its unit tests

improved the error when the client database is asked for the id of an invalid tag that collapses to zero characters

the qss stylesheet directory is now mapped to the static dir in a way that will follow static directory redirects

downloaders and parsing (advanced):

started on better network redirection tech. if a post or gallery URL is 3XX redirected, hydrus now recognises this, and if the redirected url is the same type and parseable, the new url and parser are swapped in. if a gallery url is redirected to a non-gallery url, it will create a new file import object for that URL and say so in its gallery log note. this tentatively solves the 'booru redirects one-file gallery pages to post url' problem, but the whole thing is held together by prayer. I now have a plan to rejigger my pipelines to deal with this situation better, ultimately I will likely expose and log all redirects so we can always see better what is going on behind the scenes

added 'unicode escape characters' and 'html entities' string converter encode/decode types. the former does '\u0394'-to-'Δ', and the latter does '&'-to-'&'

improved my string converter unit tests and added the above to them

in the parsing system, decoding from 'hex' or 'base64' is no longer needed for a 'file hash' content type. these string conversions are now no-ops and can be deleted. they converted to a non-string type, an artifact of the old way python 2 used to handle unicode, and were a sore thumb for a long time in the python 3 parsing system. 'file hash' content types now have a 'hex'/'base64' dropdown, and do decoding to raw bytes at a layer above string parsing. on update, existing file hash content parsers will default to hex and attempt to figure out if they were a base64 (however if the hex fails, base64 will be attempted as well anyway, so it is not critically important here if this update detection is imperfect). the 'hex' and 'base64' _encode_ types remain as they are still used in file lookup script hash initialisation, but they will likely be replaced similarly in future. hex or base64 conversion will return in a purely string-based form as technically needed in future

updated the make-a-downloader help and some screenshots regarding the new hash decoding

when the json parsing formula is told to get the 'json' of a parsed node, this no longer encodes unicode with escape characters (\u0394 etc...)

duplicating or importing nested gallery url generators now refreshes all internal reference ids, which should reduce the liklihood of accidentally linking with related but differently named existing GUGs

importing GUGs or NGUGs through Lain easy import does the same, ensuring the new objects 'seem' fresh to a client and should not incorrectly link up with renamed versions of related NGUGs or GUGs

added unit tests for hex and base64 string converter encoding

next week

Last week of the year. I could not find time to do the network updates I wanted to this week, so that would be nice. Otherwise I will try and clean and fix little things before my week off over Christmas. The 'big thing to work on next' poll will go up next week with the 423 release posts.

#release

1 note · View note

thesims4blogger · 6 years ago

Text

The Sims 4: New Game Patch (April 16th, 2019)

There’s a new Sims 4 PC update available via Origin!

Remove all MODS and Custom Content before updating your game!

UPDATE: 4/16/2019 – PC 1.51.75.1020 / Mac 1.51.75.1220

Happy April, Simmers. Nice to meet you! Maxis hired me as a freelance writer to work on these game update notes. (Side note — if you find a problem, blame SimGuruGraham — he’s my editor.) In all honesty, it’s a pretty sweet gig. I got to see the new Expansion Pack, Game Pack, and Stuff Pack that the team is working on, and did you know that they bring in bagels on Fridays? But hey, enough about me. Being a freelancer, I’ll be gone again before you know it.

Well, let’s get to it, shall we? Here’s everything you’ll find in this April update. Have fun!

Yours truly, Sue D. Nym Freelance Writer Extraordinaire