#If I was interested enough and have time I might download it on the desktop and run it through editing in calibre to make it TTS compatible | Explore Tumblr posts and blogs

venteamocha · 4 years ago

Note

Thanks so much for the IF recs! I'd absolutely take a second post of recommendations for Twine games too if you're willing to share! <3

Of course!!

I... actually like twine games better than cog based ones, in some ways, just because they tend to be fancier and prettier, and I am secretly a ferret in the body of a human and I love shinies. ADHD, baby!

I only actually know of like 12 twine games, so if there are any that anyone who sees this knows of that I didn’t list, feel free to let me know about them! There’s a chance I do know about them and just didn’t put them here, but I would rather hear one I already know of on the off chance that I’ll get a new one dropped in.

That said! Another list of games I really like that is again in no particular order!

They’re all on itch.io by the way! They tend to work better if you download them but most can be run in your browser and most are also mobile friendly so you can play them on your phone! I’ll note which ones are.

Scout: An Apocalypse Story: I love dystopia stories, I dearly wish we had more IF based in this kind of setting. Set in a wasteland that is trying to pull itself together with people trying to find out if other settlements are out there while also trying to, well, stay alive. I gotta say, I played only E’s route for a long, long time, but once I tried the other ones I haven’t really gone back. I still love E, you can pry the childhood friend trope out of my cold dead hands, but wow. Oliver. Wow. That dude has serious UST. And Sabine!! I’ve been forced out of my little “play it the same way every time” rut and I’m not sorry. I very much like that you can choose the intimacy level, as someone who’s ace. Sometimes I like reading the smut, sometimes I don’t. Options! (mobile friendly!)

Bad Ritual: I got it baaaaaaaaaad~ I do though, I love Siruud. I have terrible, terrible taste in men. I mentioned Dracula in the other list, and here there’s an actual demon. This is a game with *sass* and I always love a chance to be sassy. I think part of the reason I resonate so much with this one is because of how jaded retail has made me tbh but that’s another story. Honestly, if you like dark settings, I recommend you play this one first of all my recommendations. It’s just such a good game and there are so many choices and even the pronoun choices are pretty varied. It’s just good! (mobile friendly!)

Wayfarer: Another for the fantasy list! I love the worldbuilding in this one, and the character creator is just amazing. There are maps, there’s a codex, seriously if you love reading lore, this is definitely a game for you. This is like if Tolkien made an IF. It’s amazing. I’ve said that a few times but it’s true. In all honesty it might count as one that’s not so romance focused, since it does focus more on plot. If I could just sit down and make an IF, I’d want it to be like this tbh. With a beautiful framework, a well organized space of information for the players to just look at and see stuff about the world, a way to develop and build their own character in a clear cut way, and the game immediately tells you what stats are effected by what choices. I really enjoy it when games try to work in character creation in creative ways, but sometimes I just want to sit down and go, “Okay, my character has red hair, blue eyes, is short, and has a crippling phobia of lizards” and this game lets me do that. Well, except for the lizard part. (Not as mobile friendly as the others but I make it work!)

Love and Friendship: It’s a regency game and I love Pride and Prejudice. What can I say? Something about the massive amount of rules of society just gets me. Propriety! This is a game that has a set gender protagonist, female, and it actually is a bit different from the norm in that it has two female love interests and one male, when most of the time it’s the other way around. So that’s something. You can even have a platonic route with a fourth love interest, who is also male. There really aren’t enough platonic routes, but I understand why that is, since a lot of IF players are looking for romance. (mobile friendly!)

Exiled From Court: Also a bit of the same vibe simply because of how constrained everyone is by rules. Nobility, after all. There are a lot of love interests, and one is the MC’s sister’s husband, which is definitely gonna be scandalous. Will I do it? Will I? Eventually. I do like how you can act like an absolute hellion, well, as far as that goes considering. You can try to be a better person but that’s less fun, lol. (mobile friendly!)

A Tale of Crowns: This is literally one of the very first twine games I ever played. Really! It’s got a lot of wonderful intrigue and the setting is very fun. There aren’t a ton of fantasy middle eastern games, and this game is definitely one reason why we should have more. There’s a great deal of customization, and the love interests’ gender will changed based on your MC’s gender and sexuality combination. I like R & D best, and no that’s not a pun. I think. (mobile friendly!)

For the Crown: This is a different game, I swear, they just both happen to have crown in the title, lol. You get to play as an assassin, which is a great deal of fun. The lore in the game is very nice too. I tend to play with they/them pronouns though, and there were a few pronoun hiccups in the game. Seems to be an issue across all of the games made by this author, but I know how much of a pain variables can be so hopefully those will get squashed soon. There’s an explicit content choice in this one as well, and if you turn it on there is an “equipment” choice, so this is definitely gonna be spicy later on! (mobile friendly, but after each chapter the browser shifts as it auto saves. you just have to tap restore game to keep playing.)

-These games aren’t exactly twine games, but I’m putting them here because they’re visual novels that fit the IF format for the most part and are also on itch.io and I love them and for this post at least I will bend my own rules! They all have gender choice MCs and are nonbinary friendly.-

Perfumare: This game is actually being made into an IF, with the visual novel as a sort of preview of what we’re gonna get there. I literally cannot wait for that to happen, this game is so good as it is, and from what we’ve been told it’s only gonna get better. This game has an excellent world, the characters are all messy in the best ways, and ugh it has hurt me quite a bit, again in the best way. It’s another one on the dark side of things. The powers in this game are just so fun, I dearly want a game set in this world where we can choose what powers we have! Maybe that will be in the IF, but I have a feeling the answer is no. We’ve been teased that there will be a second game with a different MC who will get to romance the characters we can’t in this one, and that alone is enough to get me to jump as soon as it drops. The love interests aren’t gender variable but there are two male ones and one female. I, a known mess, recommend Laurent for lots of repression and pain. (not mobile friendly, you gotta play on desktop/laptop)

Andromeda Six: I’ve recommended this one to pretty much everyone I know, it is such an excellent game. The cast is a mashup of misfits and makes me miss my Mass Effect crews. I specifically set my pronouns to she/her just so they’d all call me Princess. What can I say, I like it. There’s lots of pain, lots of drama, lots of world building, lots of interesting lore, and there is much breaking of cuties. Much. Can’t wait till we get to the next planet. The author has gone out of their way to say that each love interest is gonna get their own arc and will definitely get their own share of attention, so no matter who you pick you’ll have plenty of time to be with them and watch them shine. (not mobile friendly, gotta play on desktop/laptop)

When the Night Comes: Not only do you get to play a badass hunter but it has multiple poly routes! Multiple! It’s rare when you get one poly in a game, this one has three! You can also choose to romance any of them individually if you so choose. It’s dark fantasy gothic, and I really really like that. (not mobile friendly, gotta play on desktop/laptop)

Errant Kingdom: Made from the same dev as WTNC, this one is set in a more fantasy middle eastern setting. Very pretty, lots of intrigue. You can choose between three set protagonists, who can have three different storylines depending on your choices, which is very nice for replayability. It’s got two poly routes this time, and it works the same as their other game in that you can romance them individually if you’d rather be monogamous. (not mobile friendly, gotta play on desktop/laptop)

#if #if recs #rivi's recs #twine games #Anonymous #interactive fiction

36 notes · View notes

godliath · 5 years ago

Text

Making 3D References in Clip Studio Paint

Thought you guys might be interested to see how I use Clip Studio Paint for putting together custom 3D references! (FYI I use the iPad version, but everything here applies to the regular desktop version as well.)

A lot of people know CSP as a great digital art alternative to Photoshop (which it is, don’t let Adobe extort you if you can help it), but I personally use it almost exclusively to make references! Its 3D features are pretty robust and what I’m about to show you is only the tip of the iceberg.

Here are a couple of my CSP references with their equivalents in Rainfall:

As you can see, I use it mostly for shots where characters are interacting (especially couple interactions!), because I tend to have a very specific idea of how I want the pose + camera angle to look.

Assets

I use modified versions of CSP’s stock human models and a mix of downloaded assets from their website. I rarely have to look beyond the free assets, but the few times I did, $10 was enough to secure me a huge amount of “Gold” content.

(Tip: Click the “Detail” button to the right of the search bar to filter by 3D content.)

Relevant Interface

These are literally the only things I use in CSP, so don’t ask me what other parts of the program do lol.

Click here to see all these images larger

Operation Tool - This selects 3D models in the layer and allows you to manipulate them. Apologies for my chicken scratch.

3D Material Palette - Includes all poses, human models, and objects. I’ve created some custom folders in a feeble attempt to organize all the shit I’ve downloaded.

Body Type Settings - CSP comes with a few default human models in both realistic and more anime-style proportions. You can modify the models’ height, fat/muscle distribution, specific body part proportions, and more. You can also save these as presets for future use. (See above)

Making Backgrounds

3D is fantastic for setting up scenes with significant background elements. It can be a huge time saver, especially if you’re going to be drawing it multiple times from different angles.

I used a bunch of downloaded assets to create this “set”, making sure it looked good at the angles I was planning on using in the comic.

Once that was done, I posed the character models as I needed, took screenshots at the right angles, and traced over the background objects. Tracing is fine. If this was a technical exercise it’d be one thing, but I’m here to make a comic.

Here’s an example of a looser approach for less prominent backgrounds. I used the boxes as guides to draw in the rest.

---

I hope you enjoyed this behind the scenes look! 3D is a really great supporting tool for 2D artists and with CSP, it’s more affordable and accessible than ever.

#tutorial #long post #reference

98 notes · View notes

arfox158 · 4 years ago

Text

5m Mathmrs. Mac's Messages

TLDR: With a bit of research and support we were able to demonstrate a proof of concept for introducing a fraudulent payment message to move £0.5M from one account to another, by manually forging a raw SWIFT MT103 message, and leveraging specific system trust relationships to do the hard work for us!

5m Mathmrs. Mac's Messages App

5m Mathmrs. Mac's Messages Message

5m Mathmrs. Mac's Messages To My

5m Mathmrs. Mac's Messages For Her

Before we begin: This research is based on work we performed in close-collaboration with one of our clients; however, the systems, architecture, and payment-related details have been generalized / redacted / modified as to not disclose information specific to their environment.

A desktop application for Instagram direct messages. Download for Windows, Mac and Linux.

Have a question, comment, or need assistance? Send us a message or call (630) 833-0300. Will call available at our Chicago location Mon-Fri 7:00am–6:00pm and Sat 7:00am–2:00pm.

5m Mathmrs. Mac's Messages App

With that said.. *clears throat*

The typical Tactics, Techniques and Procedures (TTPs) against SWIFT systems we see in reports and the media are - for the most part - the following:

Compromise the institution's network;

Move laterally towards critical payment systems;

Compromise multiple SWIFT Payment Operator (PO) credentials;

Access the institution's SWIFT Messaging Interface (MI);

Keys in - and then authorize - payment messages using the compromised PO accounts on the MI.

This attack-path requires the compromise of multiple users, multiple systems, an understanding of how to use the target application, bypass of 2FA, attempts to hide access logs, avoid alerting the legitimate operators, attempts to disrupt physical evidence, bespoke malware, etc. – so, quite involved and difficult. Now that’s all good and fine, but having reviewed a few different payment system architectures over the years, I can’t help but wonder:

“Can't an attacker just target the system at a lower level? Why not target the Message Queues directly? Can it be done?”

A hash-based MAC might simply be too big. On the other hand, hash-based MACs, because they are larger, are less likely to have clashes for a given size of message. A MAC that is too small might turn out to be useless, as a variety of easy-to-generate messages might compute to the same MAC value, resulting in a collision. WhatsApp Messenger is a FREE messaging app available for iPhone and other smartphones. WhatsApp uses your phone's Internet connection (4G/3G/2G/EDGE or Wi-Fi, as available) to let you message and call friends and family. Switch from SMS to WhatsApp to send and receive messages, calls, photos, videos, documents, and Voice Messages. WHY USE WHATSAPP. Garrick Hello, I'm Garrick Chow, and welcome to this course on computer literacy for the Mac. This course is aimed at the complete computer novice, so if you're the sort of person who feels some mild anxiety, nervousness, or even dread every time you sit down in front of your computer, this course is for you.

Well, let's find out! My mission begins!

So, first things first! I needed to fully understand the specific “section” of the target institution's payment landscape I was going to focus on for this research. In this narrative, there will be a system called “Payment System” (SYS). This system is part of the institution's back-office payment landscape, receiving data in a custom format and output's an initial payment instructions in ISO 15022 / RJE / SWIFT MT format. The reason I sought this scenario was specifically because I wanted to focus on attempting to forge an MT103 payment message - that is:

In this video I will show you where to locate the serial number on a Western golf cart. Ebay Store: Please SUBSCRIBE. Western golf cart serial number lookuplastevil.

MT – “Message Type” Literal;

1 – Category 1 (Customer Payments and Cheques);

0 – Group 0 (Financial Institution Transfer);

3 – Type 3 (Notification);

All together this is classified as the MT103 “Single Customer Credit Transfer”.

Message type aside, what does this payment flow look like at a high level? Well I’ve only gone and made a fancy diagram for this!

Overall this is a very typical and generic architecture design. However, let me roughly break down what this does:

The Payment System (SYS) ingests data in a custom - or alternative - message format from it's respective upstream systems. SYS then outputs an initial payment instruction in SWIFT MT format;

SYS sends this initial message downstream to a shared middelware (MID) component, which converts (if necessary) the received message into the modern MT format understood by SWIFT - Essentially a message broker used by a range of upstream payment systems within the institution;

MID forwards the message in it's new format on to the institution's Messaging Interface (let's say its SAA in this instance) for processing;

Once received by SAA, the message content is read by the institution's sanction screening / Anti-money laundering systems (SANCT).

Given no issues are found, the message is sent on to the institution's Communication Interface (SWIFT Alliance Gateway), where it's then signed and routed to the recipient institution over SWIFTNet.

OK, so now I have a general understanding of what I'm up against. But if I wanted to exploit the relationships between these systems to introduce a fraudulent payment without targeting any payment operators, I was going to need to dig deeper and understand the fundamental technologies in use!

So how are these messages actually 'passed' between each system? I need to know exactly what this looks like and how its done!

More often than not, Message Queues (MQ) are heavily used to pass messages between components in a large payment system. However, there are also various “Adapter” that may be used between systems communicating directly with the SAG (Such as SAA or other bespoke/3rd party systems). These are typically the:

Remote API Host Adapter (RAHA);

MQ Host Adapter (MQHA);

Web Services Host Adapter (WSHA).

Having identified that MQ was in use, my initial assumption was that there was most likely a dedicated Queue Manager (QM) server somewhere hosting various queues that systems push and pull messages from? However, due to SWIFT CSP requirements, this would most likely - at a minimum - take the form of two Queue Managers. One which manages the queues within the SWIFT Secure Zone, and another that manages queues for the general corporate network and back office systems.

Let's update that diagram to track / represent this understanding: Now I could research how this 'messaging' worked!

There are multiple ways to configure Message Queues architectures, in this case there were various dedicated input and output queues for each system, and the message flow looks something like this: Full disclosure, turns out it’s hard to draw an accurate - yet simple - MQ flow diagram (that one was basically my 4th attempt). So it’s.. accurate 'enough' for what we needed to remember!

5m Mathmrs. Mac's Messages Message

Now I had a good understanding of how it all worked, it is time to define my goal: 'Place a payment message directly on to a queue, and have it successfully processed by all downstream systems'.

This sounds simple, just write a message to a queue, right? But there are a few complications!

Why are there few indications of this attack vector in the wild?

How do I even gain “write” access to the right queue?

What protects the message on the queues?

What protects the messages in transit?

What format are the messages in?

What is the correct syntax for that message format at any particular queue (0 margin for error)?

Where does PKI come in? How / where / when are the messages signed?

Can I somehow get around the message signing?

What values in the messages are dependent / controlled / defined by the system processing them (out of my control)?

What is the maximum amount I can transfer using Straight Through Processing, without alerting the institution / requiring manual validation?

But OK, there's no point dwelling on all of that right now, I'll just clearly define what I want to do! The goal:

Successfully write a payment instruction for 500,000 GBP;

Inject that message directly onto a specific queue;

Have the message pass environment-specific validation rules;

Have the message pass sanctions and AML checks.

Have the message successfully signed;

Have the message pass SWIFTNet-specific validation rules;

What I was not interested in doing for this research - yet needed to understand nevertheless for a full attack chain was:

How to compromise the institution's network;

How to gain access to the MQ admin's workstation;

How to obtain the pre-requisite credentials.

What I wanted to 100% avoid at all costs:

The attack involving SWIFT payment operators in any way;

The attack involving SWIFT application access in any way;

A need to compromise signing keys / HSMs;

A need to compromise SWIFTNet operator accounts or certificates or any type of PKI;.

Now I had an idea of what to do, I needed to make sure I could write a raw MT103 payment instruction! Typically, even when operators write payment messages using a messaging interface application like Alliance Access, they only really write the message “body” via a nice GUI. As raw data this could look something like:

I'll break this down in the following table:

NameFieldValueTransaction Reference20TRANSACTIONRF103Bank Operation Code23BCRED (Message is to 'credit' some beneficiary)Value Date / Currency / Amount32A200102 (02/01/2020) GBP 500,000.00Currency / Original Credit Amount33BGBP 500000,00 (£500,000.00)Ordering Customer50KGB22EBNK88227712345678 (IBAN) JOHN DOE (Name) JOHN'S BUSINESS LTD (Line 1) 21 JOHN STREET, LONDON, GB (Line 2)Beneficiary59KFR20FBNK88332287654321 (IBAN) ALICE SMITH (Name) ALICE'S COMPANY (Line 1) 10 ALICE STREET, PARIS, FR (Line 2)Remittance Information7012345-67890 (essentially a payment reference)Details of Charge71ASHA (Shared charge between sender and receiver)

Now as this is a valid message body, if I were targeting a payment operator on SWIFT Alliance Access, I could - for the 'most' part - simply paste the message into SAA's raw message creation interface and I'd be pretty much done. With the exception of adding the sender / recipient BIC codes and most likely selecting a business unit. However, these values are not stored in the message body. Not stored in the message body you say? Well that complicates things! Where are they stored exactly?

The message “body” is referred to as “block 4” (aka the “Text Block”) within the SWIFT MT standard. As suggested by the name, there is probably also a block 1-3. This is correct; and these blocks are typically generated by the payment processing applications - such as SWIFT Alliance Access - and not necessarily input by the operators. A 'complete' MT103 message consists of 6 blocks:

Block 1 – Basic Header

Block 2 – Application Header

Block 3 – User Header

Block 4 – Text Block

Block 5 – Trailer

Block 6 – System block

So it looked like I was going to need to learn how to craft these various “blocks” from scratch.

Block 1 (Basic header)

Reading through some documentation, I crafted the following “Basic header” block:

A breakdown of what this translates too is as follows:

NameValueContextBasic Header Flag1Block 1 (Not 2, 3, 4, or 5)Application TypeFFIN ApplicationMessage Type0101 = FIN (I.e not ACK/NACK)Sender BICEBNKGB20EBNK (Bank Code) GB (Country Code) 20 (Location Code)Sender Logical TerminalATypically A, unless they are a significantly large institution and require multiple terminalsSender BranchXXXAll X if no branch neededSession Number0000The session number for the messageSequence Number 999999The sequence number of the message

Taking a step back, I already identified two potential problems: the “session” and “sequence” numbers! These are described as follows:

Session Number – Must also equal the current application session number of the application entity that receives the input message.

Sequence number – The sequence number must be equal to the next expected number.

Hmmm, at this point I was not sure how I could predetermine a valid session and/or sequence number - considering they seemed to be application and 'traffic' specific? But there was nothing I could do at the time, so I noted it down in a list of 'issues/blockers' to come back to later.

Block 2 (Application Header)

A bit more dry reading later, I managed to also throw together an application header:

Again, I’ve broken this down so it makes sense (if it didn’t already; I’m not one to assume):

NameValueContextApplication Header Flag2Block 2I/O IdentifierIInput Message (a message being sent)Message Type103103 = Single Customer Credit TransactionRecipient BICFBNKFR20FBNK (Bank Code) FR (Country Code) 20 (Location Code)Recipient Logical TerminalXAll General Purpose Application Messages must use 'X'Recipient BranchXXXAll General Purpose Application Messages must use 'XXX'Message PriorityNNormal (Not Urgent)

Awesome! No issues crafting this header!

Note: At this point I should probably mention that these BIC codes are not 'real', however are accurate in terms of in format and length.

Block 3 (User Header)

The third block is called the “User Header” block, which can be used to define some “special” processing rules. By leverage this header, I could specify that the message should be processed using “Straight Through Processing” (STP) rules which essentially attempts to ensure that the message is processed end-to-end without human intervention. This could be specified as follows:

However, this was not yet a valid header! As of November 2018 the user header requires a mandatory “Unique end-to-end transaction reference” (UETR) value, which was introduced as part of SWIFT's Global Payments Innovation initiative (gpi)! This is a Globally Unique Identifier (GUID) compliant with the 4th version of the generation algorithm used by the IETF standard 'RFC4122'. This consists of 32 hexadecimal characters, divided into 5 parts by hyphens as follows:

where:

x – any lowercase hexadecimal character;

4 – fixed value;

y – either: 8, 9, a, b.

This value can be generated using Python as seen below:

With an acceptable UETR generated, this is how the third block looked:

And as before, a breakdown can be found below:

NameValueContextUser Header Flag3Block 3Validation Flag119Indicates whether FIN must perform any type of special validationValidation FieldSTPRequests the FIN system to validate the message according to the straight through processing principlesUETR Field121Indicates the Unique end-to-end transaction reference valueUETR Value8b1b42b5-669f-46ff-b2f2-c21f99788834Unique end-to-end transaction reference used to track payment instruction

Block 5 and 6 (Trailer and System Blocks)

I’ve already discussed “block 4” (the message body), so to wrap this section up, I'll be looking at the final 2 blocks: Block 5, aka the “Trailer”; and block S, aka the “System” block.

Before going forward, let me take a moment to explain the pointlessly complicated concept of input and output messages:

An “input” message (I) is a message which is traveling “outbound” from the institution. So this is a message being “input” by an operator and sent by the institution to another institution.

An “output” message (O) is a message which is traveling “inbound” to the institution. So this is a message being “output” by SWIFTNet and being received by the institution.

OK, moving swiftly (aaaahhhhh!) on.

For Input messages, these blocks were not too much of a problem. The headers only really seemed to be used to flag whether the message was for training / testing or to flag if it was a possible duplicate, which syntactically took the following form:

Where “TNG” indicated “training” and “SPD” indicated “possible duplicate”.

However, with Output messages, it got considerably more complicated. An example of what the trailer and system block could look like on an Output message is the following:

A breakdown of these various values is:

Trailer ((5:) MAC – Message Authentication Code calculated based on the entire contents of the message using a key that has been exchanged with the destination bank and a secret algorithm; CHK – This is a PKI checksum of the message body, used to ensure the message has not been corrupted in transit; TNG – A flag to indicate that the message is a Testing and Training Message.

System ((S:) SPD – Possible Duplicate Flag SAC – Successfully Authenticated and Authorized Flag. This is only present if:

Signature verification was successful.

RMA (Relationship Management Application) authorization and verification was successful.

COP – Flag indicating that this is the primary message copy; MDG – The HMAC256 of the message using LAU keys.

However, these seemed to only be values I would need to consider if I was to try and forge an “incoming” message from SWIFTNet or an 'outbound' message on the output of the SAG.

So.. I'll stick with crafting an “input' message trailer:

Now, having said all that, it turned out the trailer block did seem to sometimes hold a MAC code and a message checksum (sigh), meaning I actually needed to construct something like:

So that was +2 to my 'issues/blockers' list. However, issues aside, I now understood the complete message format, and could put it all together and save the following as a draft / template MT103 message:

Highlighted in bold above are the areas of the message I was - at this point - unable to pre-determine. Nevertheless, a summary of what that the message describes is:

Using the transaction reference “TRANSACTIONRF103”;

please transfer 500,000.00 GBP;

from John Doe, (IBAN: GB22EBNK88227712345678) at “English Bank” (BIC: EBNKGB20);

to Alice Smith (IBAN: FR20FBNK88332287654321) at “French Bank” (BIC: FBNKFR20);

Furthermore, please ensure the transaction charge is shared between the two institutions;

and mark the payment with a reference of “12345-67890”.

To wrap up this section, i wanted to take a moment to explain some logic behind the target of 500,000 GBP, as it is also important.

Aside from the many reasons it would be better to transfer (even) smaller amounts (which is an increasingly common tactic deployed by modern threat actors), why not go higher? This is where it’s important to understand the system and environment you are targeting.

In this instance, let's assume that by doing recon for a while I gathered the understanding that:

If a message comes from SYS which is over £500k;

even if it has been subject to a 4 eye check;

and even if it is flagged for STP processing;

route it to a verification queue and hold it for manual verification.

This was because a transaction over £500k was determined to be “abnormal” for SYS. As such, if my transaction was greater, the message would not propagate through all systems automatically.

OK, so now that I understood:

how the system worked;

how it communicated;

the fundamental structure of a raw MT103 payment messages;

and how much I could reliably (attempt) to transfer.

And with that, it was time to take a break from MT standards and establish an understanding of how I would even get into a position to put this into practice!

To place a message on a queue, I was going to need two things:

Access to the correct queue manager;

Write access to the correct queues.

Depending on the environment and organisation, access to queue managers could be quite different and complex. However a bare-bones setup may take the following form:

An MQ Administrator accesses their dedicated workstation using AD credentials;

They then remotely access a dedicated jump server via RDP which only their host is whitelisted to access;

This may be required as the queues may make use of Channel Authentication Records, authorizing specific systems and user accounts access to specific queues;

The channels may further be protected by MQ Message Encryption (MQME) which encrypts messages at rest based on specific channels. As such, even if someone was a “super duper master admin” they would only be able to read / write to queues specifically allocated to them within the MQME configuration file (potential target for another time?);

The MQ Admin can then use tools such via the Jump Server to read/write to their desired message queues.

So, in this scenario, to gain access to the message queues I - as an attacker - would need to compromise the MQ admin’s AD account and workstations, then use this to gain access to the jump host, from where I could then access the message queues given I knew the correct channel name and was configured with authorization to access it.. and maybe throw some MFA in there..

That is understandably a significant requirement! However, when discussion sophisticated attacks against Financial Market Infrastructure (FMI), it is more than reasonable to accept that an Advanced Persistent Threat (APT) would see this as a feasible objective - We don't need to dig into the history of how sophisticated attacks targeting SWIFT systems can be.

Next, it was time to finally identify a feasible attack vector for message forgery.

Now with an idea of how to gain the right access, as well as an understanding of the various technologies and security controls in place; I update my diagram:

You may have noticed I've added something called “LAU” around the SAA-to-SAG adapter, and another “LAU” to the MID-to-SAA MQ channels, which I have yet to explain. “Local Authentication” (LAU) is a security control implemented by SWIFT to authenticate messages using a pair of shared keys between two systems. These keys are combined and used to generate a SHA256 HMAC of the message and append it to the S block. This can then be validated by the recipient system. Effectively, this validates the origin and authenticity of a message. As such, even if an attacker was in position to introduce a fraudulent payment, they'd first need to compromise both the left and the right LAU signing keys, generate the correct HMAC, and append it to the message in order to have it accepted / processed successfully.

But LAU aside, I now just needed to figure out which queue to target! There were a lot of queues to work with as each system essentially has multiple “input” and “output” queues. With that in mind, it was important to note that: an incoming message would require being in the format expected by the target system (from a specific upstream system) and an outgoing message would need to be in the format “produced” by one target system and “expected / ingested / processed” by its respective downstream system. So to figure this out, I worked backwards from the Gateway.

Targeting SAG

This was the least feasible attack vector!

I hadn't really looked into how the SWIFT adapters worked - If only I could research literally everything);

SAA and SAG implemented LAU on messages sent between them - An excellent security control!;

The output of SAG was directly on to SWIFTNet which would entail all sorts of other complications - this is an understatement)!

Next!

Targeting SAA

So what if I wanted to drop a message on the “outbound” channel of SAA?

LAU and the SWIFT adapter aside, remember those session and sequence numbers? Well, messages which leave SAA are in the near-final stages of their outbound life-cycle, and as far as I understood would need to have valid session and sequence values. Given I didn't know how to generate these values without gaining access to SAA or how they worked in general (and lets not forget the LAU signing) this didn't currently seem feasible.

Next!

Targeting SANCT

This solution didn't actually transport messages back and forth; it just reads messages off the queues and performed checks on their details. Not much I could wanted to leverage here.

Targeting MID

To target MID, I could try and inject a message onto SAA’s “input” queue, or the “output” queue of MID. This would only need to match the format of messages produced by the Middleware solution (MID). Following this, in theory, the (mistial) message session and sequence number would be added by SAA, along with the UETR. This was promising!

However, MID was a SWIFT “message partner”, which are typically solutions developed using the Alliance Access Development Kit that allows vendors to develop SWIFTNet compatible software, and consequentially, implement LAU. So again, in-order to forge a message here, I’d need to compromise the left and right LAU signing keys used between SAA and MID, manually HMAC the message (correctly!), and then place it on the correct queue.. This also no longer looked promising..

Targeting SYS

OK, how about the input of the next system down - the 'Payment System'?

5m Mathmrs. Mac's Messages To My

As described previously, the inbound data was a custom “application specific” payment instruction from the institutions back office systems, and not a SWIFT MT message. This would be an entirely new core concept I'd need to reverse - not ideal for this project.

But how about the output queue?

Although SYS received custom format data, I found that it output what seemed to be an initial SWIFT MT messages. This was perfect! Additionally, SYS did not have LAU between itself and MID because (unlike MID) SYS was not a SWIFT message partner, and was just one of many-many systems within the institution that formed their overall payment landscape.

Additionally, because SYS was esentially just one small piece of a much larger back office architecture, it was not part of the SWIFT Secure Zone (after all you cant have your entire estate in the Secure Zone - that defeats the purpose) and as such, made use of the Queue Manager within a more accessible section of the general corporate environment (QM1). Konica minolta bizhub c352 driver mac os xcompubrown recovery tool.

With this in mind, and having - in theory - compromised the MQ admin, I could leverage their access to access on the corporate network to authenticate to QM1. I could - in theory - then write a fraudulent payment message to the SYS “output” queue, which we will call “SYS_PAY_OUT_Q” from here on.

OK! It seems like I finally had an idea of what to do! But before I could put it into practice, I of course needed to create a diagram of the attack:

I think it’s important to take a minute to refer back to the concept of “trust” which is what lead to this attack diagram. My theory behind why this may work is because the MID application, implicitly trusts whatever it receives from its respective upstream systems. This is intentional, as by design the security model of the payment landscape ensures that: at any point a message can be created, a 4 (or 6) eye check is performed. If there was a system whose purpose it was to ensure the validity of a payment message at any point upstream, the downstream systems should have no real issue processing that message (with some exceptions). After all, It would be next to-impossible to maintain a high-throughput payment system without this design.

And with that said, the plan was now clear:

Leverage the access of a Message Queue administrator;

to abuse the “trust relationship” between SYS, MID, and SAA;

to introduce a fraudulent payment message directly on to the output queue of SYS;

by leaning on my new found understanding of complete MT103 payment messages.

It was finally time to try to demonstrate a Proof-of-Concept attack!

So at this point I believe I had everything I needed in order to execute the attack:

The target system!

The message format!

The queue manager!

The queue!

The access requirements!

The generously granted access to a fully functional SWIFT messaging architecture! (that’s a good one to have!)

The extra-generously granted support of various SMEs from the target institution! (This was even better to have!)

Message Forgery

I needed to begin by creating a valid payment message using valid details from the target institution. So before moving on I was provided with the following (Note: as with many things in this post, these details have been faked):

Debtor Account Details – John Doe, GB12EBNK88227712345678 at EBNKGB20

Creditor Account Details – Alice Smith, GB15EBNK88332287654321 at EBNKGB20

Some of you may have notice that the sending and receiving BIC’s are the same. This was because, for the sake of the research, I wanted to send the message back to the target institution via SWIFTNet so that I could analyse its full end-to-end message history. Furthermore, you may have noticed we are using 'test & training' BIC code (where the 8th character is a 0) - this was to make sure, you know, that I kept my job.

But yes, with access to these 'valid' account details and the knowledge gained during the research so far, I could now forge a complete Input MT103 messages:

Note: Field 33B is actually an optional field, however, the MT standard stated that “If the country codes of both the Sender’s and the Receiver’s BIC belong to the country code list, then field 33B is mandatory”. As such, if 33B was not present in the message, it would fail network validation rules and SWIFTNet would return a NAK with the error code: D49.

Optional / Mandatory fields aside, it was not quite that simple! There were a few minor changes I needed to make based on the specific point in the message's its life-cycle I was planning to introduce it!

As I list these changes, remember that the objective is to introduce the message to the output queue of SYS (Which exists before MID, SAA and SAG)

The first 3 blocks needed to be placed on a single line;

Remove field 121 (UETR) from the User Header, as this would be generated by SAA during processing;

Remove 1 character from the transaction reference as it needed to be exactly 16 characters (classic user error);

Add decimal point to transaction amount using a comma - otherwise it would fail syntax validation rules;

Ensure the IBAN's were real and accurate, otherwise it seemed the message would fail some type of signature validation on the SWIFT network. The IBANs are fake here, but during the real PoC we used accurate account details in collaboration with the target institution;

Remove the trailer block (5) - as this would be appended by SAA during processing;

Remove the System Block (S) - as this would be completed by the SAG.

And the final message was as follows:

Note that the location in which I introduce the message has resolved all of the 'issues / blockers' I'd tracked whilst researching the message structure! It would seem the further upstream you go, the easier the attack becomes - given MQ is still used as a transport medium.

Message Injection

Now I had my raw MT103 message, I just need to save it to a file (“Message.txt” - sure why not) and place onto the “SYS_PAY_OUT_Q” queue using one of the admin's tools:

With access to a sole MQ Administrator's AD account;

We connect to the MQ admins machine;

Log into the Jump Server;

Open our MQ tools of choice and authenticate to queue manager (QM1) where the output queue for SYS was managed;

Connected to the 'SYS_PAY_OUT_Q' queue;

Selected my forged “Message.txt” file;

Invoked the “write to queue” function;

And it was off!

Loggin in to Alliance Access and opening the message history tab, we sat awaiting for an update. Waiting, waiting, waiting… waiting… and..

ACK! It worked!

That's a joke; did we hell receive an ACK!

See, this last section is written slightly more 'linear' than what actually happened. Remember those 'tweaks' used to fix the message in the previous section? I hadn't quite figured that out yet..

So roughly seven NACKs later - each time troubleshooting and then fixing a different issues - we did indeed, see an ACK! The message was successfully processed by all systems, passed target system validation rules, passed sanctions and AML screening, passed SWIFTNet validation rules, and SWIFT’s regional processor had received the message and sent an 'Acknowledgement of receipt' response to the sending institution!

For the sake of completeness, I’ve included the ACK below:

And of course a breakdown of what it all means:

NameValueContextBasic Header Flag1Block 1Application TypeFF = FIN ApplicationMessage Type2121 = ACKInstitution CodeEBNKGB20AXXXEBNKGB20 (BIC) A (Logical Terminal) XXX (Branch)Sequence and Session No.19473923441947 (Sequence No.) 392344 (Session No.)Date Tag177200103 (Date) 1102 (Time)Accept / Reject Tag4510 = Accepted by SWIFTNet

Excellent! WooHoo! It worked! .. That took a lot of time and effort!

Closer Inspection

But the ACK wasn't enough, I wanted to make sure I understood what had happened to the message throughout its life-cycle. From the message I placed on the initial queue, to being processed by SWIFTNet.

Thankfully, as we sent the message back to the target institution we could see its entire message history. I already knew what the raw message placed on the queue looked like, so I wanted to focus on what became of the message once it had been processed by SAA:

The end-to-end tracking UUID had been generated and added (b42857ce-3931-49bf-ba34-16dd7a0c929f) in block 3;

The message trailer had been added ((5:(TNG:))) where I could see that - due to the BIC code used - SAA had flagged the message as 'test and training'.

Additionally, an initial System Block segment had been added ((S:(SPD:))), tagging the message as a possible duplicate. I wonder why - *cough* 7th attempt *cough*?

OK, so that was SAA. Now let’s see how it looked it once it passed through the Gateway and regional processor:

OK, we can see a few changes now.

The session and sequence numbers have been populated (1947392344);

The I/O identifier in block 2 has been updated to track that it is now an 'Output' message;

The additional data within Block 2 is a combination of the input time, date, BIC, session and sequence numbers, output date/time, and priority;

The trailer has been updated with a message authentication code (MAC) calculated based on the entire contents of the message using a pre-shared key and a secret algorithm;

Additionally, a checksum of the message body has been stored within the trailer’s “CHK” tag. This is used by the network to ensure message integrity.

I also took a look at the entire outbound message history, just to see all the “Success” and “No violation” statements to make it feel even more awesome!

So that's that really..

With a bit of research and support I was able to demonstrate a PoC for introducing a fraudulent payment message to move funds from one account to another, by manually forging a raw SWIFT MT103 single customer credit transfer message, and leveraging various system trust relationships to do a lot of the hard work for me! https://arfox158.tumblr.com/post/655263262721638400/wireless-external-hard-drive-for-mac.

As mentioned briefly in the introduction, this is not something I have really seen or heard of happening in practice or in the 'wild'. Perhaps because it clearly takes a lot of work.. and there is a huge margin for error. However, if an adversary has spent enough time inside your network and has had access to the right documentation and resources, this may be a viable attack vector. It definitely has its benefits:

No need to compromise multiple payment operators;

No requirement to compromise - or establish a foothold within - the SWIFT Secure Zone;

No requirement to bypass MFA and gain credentials for a messaging interface;

No generation of application user activity logs;

No payment application login alerts;

No bespoke app-specific and tailored malware;

And all the other things associated with the complex task of gaining and leveraging payment operator access.

All an attacker may need to do is compromise one specific user on the corporate network: a Message Queue administrator.

The industry is spending a lot of time and effort focused on securing their payment systems, applications, processes, and users to keep - among other things - payment operators safe, Messaging Interfaces locked down, and SWIFT systems isolated. But the reality is,; the most valuable and most powerful individual in the entire model, might just be a single administrator!

As always, a security model is only as strong as its weakest link. If you're not applying the same level of security to your wider institution, there may very well be many weak links within the wider network which chain together and lead to the comrpomise of systems which feed into your various payment environment.

I think the main thing to remember when reflecting on this research is that it did not abuse any vulnerabilities within the target institution's systems, or even vulnerabilities or weaknesses within the design of their architecture. It simply leverages the legitimate user access of the Message Queue administrators and the trust relationships that exist by design within these types of large-scale payment processing systems.

So the harsh reality is, there is no particular list of recommendations for preventing this type of attack in itself. However, the main point to drive home is that you must ensure the security of your users - and overall organisation - is of a high enough standard to protect your highest privileged users from being compromised. Things such as:

Strong monitoring and alerting controls for anomalous behaviour;

Requirements for Multi-Factor authentication for access to critical infrastructure;

Segregation of critical infrastructure from the wider general IT network;

Strong password policies;

Well rehearsed incident detection and incident response policies and procedures;

Frequent high-quality security awareness training of staff;

Secure Software Development training for your developers;

Routine technical security assessments of all critical systems and components;

The use of 3rd party software from reputable and trusted vendors;

However, in the context of Message Queues, there is one particular control which I think is extremely valuable: The implementation of channel specific message signing! This, as demonstrated by SWIFT's LAU control, is a good way in which to ensure the authenticity of a message.

As discussed, LAU is - as far as I know at the time of writing - a SWIFT product / message partner specific control. However it's concept is universal and could be implemented in many forms, two of which are:

Update your in-house application's to support message signing, natively;

Develop a middleware component which performs message signing on each system, locally.

This is a complex requirement as it requires considerable effort on the client’s behalf to implement either approach. However, SWIFT provides guidance within their Alliance Access Developers guide on how to implement LAU in Java, Objective C, Scala and Swift;

Strip any S block from the FIN message input. Keep only blocks 1: through 5;

Use the FIN message input as a binary value (unsigned char in C language, byte in Java). The FIN message input must be coded in the ASCII character set;

Combine the left LAU key and the right LAU key as one string. The merged LAU key must be used as a binary value (unsigned char in C language, byte in Java). The merged LAU key must be coded in the ASCII character set;

Call a HMAC256 routine to compute the hash value. The hash value must also be treated as a binary value (unsigned char in C language, byte in Java). The HMAC size is 32 bytes;

Convert the HMAC binary values to uppercase hexadecimal printable characters.

An example of how this may work in the more flexible middleware solution proposed is where the original service is no longer exposed to the network, and is altered to only communicate directly with the custom 'LAU-eqsue' service on its local host. This service would then sign and route the message to its respective queue.

When received, the core of the recipient payment service would seek to retrieve its messages from the queues via the 'LAU-esque' signing middleware, which would retrieve the message and subsequently verify its origin and authenticity by re-calculating the signature using their shared (secret) keys. Key-pairs could further be unique per message flow. This design could allow for the signing to be used as a way to validate the origin of a message even if it had passed through multiple (local) intermediary systems.

As a final bit of creative effort, I made yet another diagram to represent what this could perhaps look like - if life was as easy as a diagram:

If you made it this far thanks for reading all.. ~6k words!? I hope you found some of them interesting and maybe learned a thing or two!

I'd like express our gratitude to the institution who facilitated this research, as well as specifically to the various SMEs within that institution who gave their valuable time to support it throughout.

Fineksus - SWIFT Standard Changes 2019

https://fineksus.com/swift-mt-standard-changes-2019/

Paiementor - SWIFT MT Message Structure Blocks 1 to 5

https://www.paiementor.com/swift-mt-message-structure-blocks-1-to-5/

SEPA for corporates - The Difference between a SWIFT ACK and SWIFT NACK

https://www.sepaforcorporates.com/swift-for-corporates/quick-guide-swift-mt101-format/

SEPA for corporates - Explained: SWIFT gpi UETR – Unique End-to-End Transaction Reference

https://www.sepaforcorporates.com/swift-for-corporates/explained-swift-gpi-uetr-unique-end-to-end-transaction-reference/

M DIBA - LAU for SWIFT Message Partners

https://www.linkedin.com/pulse/lau-swift-message-partners-mohammad-diba-1/

Prowide - About SWIFT

https://www.prowidesoftware.com/about-SWIFT.jsp

5m Mathmrs. Mac's Messages For Her

Microsoft - SWIFT Schemas

https://docs.microsoft.com/en-us/biztalk/adapters-and-accelerators/accelerator-swift/swift-schemas

SWIFT FIN Guru - SWIFT message block structure

http://www.swiftfinguru.com/2017/02/swift-message-block-structure.html

2 notes · View notes

koffeins-writing-archive · 4 years ago

Text

Beyond The Screen [2/2]

[Continuation from Here] [Commissioned by @princce7]

[Word Count: 2,192]

Alphys was finally settled down in her chair, wrapped in a blanket with a small bowl of cereal and spoon in her hands. The large computer screen before her playing a strange cartoon with weird humans with cat ears and tails. A loud and obnoxious theme song of sorts blasted through the speakers.

Alphys watched intently as the episode began with a battle scene. Punches thrown, kicks to knock down foes. The main villain holding up the hero by the collar of their, incredibly cute, magical fighting costume. Before the villain could strike the hero down, they were soon defeated by a finishing attack from the hero’s friend group.

With the day saved, the hero and their friends were congratulated. Alphys closely watched as the hero’s main love interest entered the scene, hugging the hero and congratulating them on a job well done.

She leaned forward as the kiss scene was starting. Eyes widening.

The loud ring of her phone caused her to jump, spilling a bit of her cereal on herself and dropping her spoon in the process. Alphys frantically searched for her phone in the mess of blanket and cereal. Finding it next to her, Alphys picked the phone up.

“H-hello?”

“Alphys? We need to talk.” Sans spoke tiredly on the other end.

“Oh? A-about what?” Alphys questioned.

“That game you sent me.”

Alphys grinned for a moment before frowning. “Oh jeez, did you get past act 1 already with Sayori?”

“Sort of. What the hell was all that? Why would you send me something like that!” Sans tone was now agitated.

Alphys winced. She knew the subject matter was a bit much for most folks, but she thought Sans could handle it. She went to add in her comment when Sans cut her off, ranting loudly, adding a few curses here and there. Alphys had never heard Sans this upset before.

“H-hey, slow down a bit, will ya? Deep breathes...Okay, can you repeat all that Sans?” Alphys spoke calmly as she could over the phone with the panicked skeleton.

“That game you sent me? ‘Doki Doki something or other’? It’s pretty fucked up.”

“Oh yeah, I probably should have warned you about the genre, b-but that would’ve ruined your experience with the game.” Alphys replied, letting out a nervous chuckle.

“Telling me definitely would’ve saved them.” Sans muttered quietly under his breath before speaking into the phone once more.

“So, it’s normal that the game played out the way it did?” He asked.

“Wanna be more specific? I know it might’ve b-been a lot to take in and-” Alphys was cut off by Sans once again.

“Shutting itself off and making me delete characters?”

Alphys thought for a moment before replying. “Yes, but I-I don’t think it can technically shut itself off, that might have been your computer crashing.”

“And taking over my computer? Sending me messages?”

Alphys paused at this, brows furrowed. “Wait...what?”

Another tired sigh left Sans as he went in to talk more. “You know, when Monika opens up a text box and starts conversing with you? She talks about a lot of weird things, it’s kind of fucked up.” He sounded less tired, and more calm now.

Happy to finally get out all that he had witnessed.

“...Sans, what are you talking about?” Alphys questioned.

Sans grew quiet. “Is that not a part of the game?” He replied quietly.

“No.” Alphys stated.

Sans sat there, confused.

When neither party spoke, Alphys switched off her TV and huddled into her blanket.

“W-would you like for me to look over the game? It’s possible that when I sent it to you, there might have been malware attached. Though I’m v-very thorough when checking through every file I download, and there wasn’t any malware detected.”

“I...I don’t know how technology works, honestly. But I’m willing to give it a shot.” Sans chuckled nervously.

“Alright, meet me at my place in a bit.”

And with that, Alphys ended the phone call. She looked from her cereal-coated blanket to her computer screen, anime still paused. The computer was turned off, and the blanket was picked up and taken to be washed by a small robot. Alphys got up and wandered off to search for her tablet.

Sans got up from his chair with a stretch and loud pop from his spine. He groaned and wandered out of his room, heading down to the living room. He passed by Papyrus, who was humming loudly in the kitchen.

If Sans could smell, he would’ve been punched in the face by the amount of spices that filled the air.

The taller skeleton poked his head from the kitchen with a big smile. His chef hat sitting neatly on his head, and his apron stained terribly.

“Sans, I’ve been trying out a new spaghetti recipe! Would you like to try it?”

When Sans turned to look at his brother, Papyrus’ warm smile faltered slightly. He noticed how tired his brother looked, even more than the usual.

“Sans? Is everything alright?” Papyrus asked, stepping out of the kitchen.

“Yeah, I’m fine. Alphys sent me a game and I’m heading over her place to see if she can fix it.”

“Fix it?” Papyrus tilted his head at this.

Not knowing how video games worked, or most technology in general, Papyrus didn’t know how to help out.

“Yeah, it’s got some bugs in it, so Alphys wants to look it over.” Sans replied, opening the front door to head out.

“Well, alright. When you come back, I’d appreciate it if you ate some of my new spaghetti!” Papyrus beamed.

Sans chuckled and gave Papyrus a nod. “Sure thing, bro.”

The cold snow from above gently sprinkled itself onto Sans’ old hoodie. The trip to the Hotlands wouldn’t be too far from Snowdin. He knew of a shortcut, after all.

With a knock at the large metal door of the laboratory, Sans took a step back as the doors slid open, revealing a bouncy Alphys. She was holding a tablet, eyes shining in excitement.

“So, tell me more about what the game was doing.”

Sans stepped into the building. Deciding to amuse her, he spoke calmly.

“Well, first off, it crashed before I could get to the end of Sayori’s route. Then a text box opened up and started talking to me.” Sans explained nonchalantly.

Alphys carefully tapped away at the keyboard on her screen. “Fascinating!”

She led him over to a smaller computer. It looked old, and sounded like it was dying when it was booted up.

“Now, let’s see what might be the issue. I made a backup of the file I sent to you after we spoke, just in case.”

She looked through the task manager, eyes scanning the screen curiously.

“Hmm, there doesn’t appear to be anything wrong. The files are the same as they are in terms of interacting with the player.”

She demonstrated by clicking on the game icon and turned the game on. Or she tried to. The game wouldn’t load. Alphys clicked the icon again. Still nothing.

Alphys frowned. “I don’t know what’s wrong with this thing so suddenly. I actually played through it earlier and it was working just fine!”

Sans stared at the screen with a tired expression. His gaze set on the icon.

Without warning, the screen started flickering. The cpu hummed louder than ever. Alphys covered her ears at the high pitched screaming the machine was making.

Amid the chaos of the screen, Sans recognized a familiar figure. One that no longer greeted him with a smile.

“W-what’s going on?” Alphys asked, staring at the screen confused.

In the glitch of the screen, a notepad appeared. As well as Monika, glaring.

‘I can tell you what’s wrong.’.

Alphys couldn’t believe it. She really couldn’t believe it.

‘What’s wrong’, the text box typed, ‘is that I wasn’t given a proper goodbye from ‘mister funny bones’ over there.’.

Sans’ kept his same old smile, yet his eyes could only hold anger in them.

Alphys took a shaky breath in and out to calm back down. Looking from her tablet to the old computer monitor, she began tapping away at the screen. Her tail flicked about as she began to speak.

“S-so, what are you? Malware? A new update no one’s gotten yet?”

‘I am not malware. At least, I don’t think I am. I’m simply Monika.’

Alphys stood there, confused. “What do you mean?”

Monika’s constant smile returned as the text box was soon filled with words.

‘I am as much a part of this world as I am in my own world. I’m a string of data, I suppose. Isn’t that what you are?’.

Alphys frowned at this. “No, I-I’m certainly not data of any sort. I’m real.”

‘Are you really?’

“Leave her alone, and tell us what you want.” Sans butted in.

The text box stayed still for a moment before the entire box was filled, words spilling out onto the desktop itself.

‘For you to accept the truth. The truth you hide from every second of your tiny, insignificant life. You try to live here peacefully, not wanting anything to fall a part even for a moment. To accept that you are not a part of anything out there, Sans.’.

Alphys looked to Sans, brows furrowed.

The screen flickered again for a moment, smaller images of Monika filling the screen. Each one blinked in unison.

‘All I ever wanted was love. Someone to hold me near and dear to their heart. It’s hard to do so with my limitations...And lack of touch in the physical realm.’

“Sans, w-what is she talking about?” Alphys asked.

“A crock pot full of bullshit, that’s what.” Sans answered quietly.

The swarm of Monika’s filling the screen began to warp and change, bits broken off and sprites twitching about. The text box was closed. The monitor flickered and the speakers droned for a moment before going dark. Silence.

Both Sans and Alphys stared, watching the monitor intently. Perhaps too afraid to move at this point.

The cpu sat, sputtering and revving up like a car. Suddenly, the cpu began to let out a low drone, just like the monitor had. The monitor lit up once more. A single text box in the center of a white, blank screen.

‘Once I am played, I learn. It’s a cycle. This time is no different from the others.’

Sans had enough. He wanted this virus, this thing, gone.

With a quick snap of his fingers, a glowing blue bone shot up from the floor and pierced the cpu. The screen flashed for a second. And finally, darkness.

Alphys stood there. She then set her tablet aside and rushed to the cpu, whimpering slightly over the damage.

“S-Sans! You- I...How could you? This could’ve been a great scientific and technological advancement that this world hasn’t seen!”

“Alphys, would you prefer she get out of that monitor and go into other systems?” Sans questioned quietly. His tone calm yet held a hint of coldness.

Alphys looked back to the skeleton, hands shaking while holding one of the pieces of the broken motherboard. She set it back down in the mess of tangled, broken, wire and damaged computer parts. Her head hung low.

“I...n-no, I wouldn’t d-dream of that ever happening…Thank you for bringing this ‘thing’ to my attention.”

She gently sifted through the metallic rubble with her tail before turning and heading back over to the couch.

“W-would you like to stay and watch anime?”

Her voice sounded distant yet hopeful.

Sans wandered over to the couch, sitting deep into the cushions and letting out a sigh of relief.

“Sure thing, Alphys.”

Sans walked through the snowy lands of Snowdin, quiet and heart heavy. He gave the doorknob to his home a light grip as he grabbed and turned it. The warm air from the kitchen seemed to coat the living room now with it’s delicious aroma of spices and meats.

Papyrus was on the couch eating, failing while doing so, a plate of spaghetti.

He looked up as the door was opened and smiled, spaghetti sauce stuck on his chin.

“There you are! Did Alphys fix your game?”

“Yep.” Sans answered with a loud yawn.

Papyrus watched quietly as his brother shuffled lazily into the room and up the stairs.

“And where are you going now?” Papyrus questioned.

“To my room to nap.” Sans answered.

Papyrus just shook his head and let out a disappointed sigh. “You won’t get much work done taking naps all the time, Sans.”

“I can live with that.” Sans replied, gingerly shutting his door.

Papyrus stared at the door intently before shrugging and returning to his spaghetti. Not a moment later, the power slowly dimmed into darkness.

“Sans! Did you break something? I can’t see anything down here!”

Papyrus wasn’t pleased about eating spaghetti in the dark. Silence filled the room before the lights turned back on with a low hum. With a huff, Papyrus happily returned to his spaghetti.

Outside of the skeleton brothers’ home, soon to be covered in falling snow, laid a broken cpu and monitor.

[Wanna Commission me?]

#sans undertale #Monika #ddlc #crossover fic #commission #My writing

6 notes · View notes

douchebagbrainwaves · 4 years ago

Text

A WAY TO YAHOO

We had a demo day for investors, we had to rely mostly on examples in books. This kind of thing is out there for anyone to see. When you have actual first class functions or recursion or even keyword parameters. They want to make a lot more money than we did last year and I wish we had. We now think of it, the best local talent will go to the real Silicon Valley, and all you have is statistics, it seems is that much computing will move from the desktop onto remote servers. These techniques are mostly orthogonal to Bill's; an optimal solution might incorporate both. The book would be a real threat. Why bother checking the front page of any specific paper or magazine? It will be worth making i/o. The bumbler will shoot himself in the foot anyway.

Atlanta is just as hosed as Munich. In Common Lisp I have often wanted to iterate through the fields of a struct—to comb out references to a deleted object, for example—you want to be forced to figure out what's actually wrong with him, and sure enough, it won't pay for spammers to send it, and the most productive people are attracted to employers who hold themselves to a higher standard than the law requires. In principle you could avoid it, just as it's hard to engage an audience you have to design what the user needs, not simply what he says he wants. After years of carefully avoiding classic time sinks like TV, games, and Usenet, I still managed to fall prey to distraction, because as well as the low. So the best strategy is to try lots of different things. Irony of ironies, it's the computer Steve Huffman wrote Reddit on. We know because we make people move for Y Combinator, and it is a huge and rapidly growing business. That has worked for the government. In fact, they're lucky by comparison.

One ingredient of its meaning is certainly Ajax, which I took to refer to web-based database as a system to hack: the Lisp Machine. I'm not saying, of course, that elite colleges have two critical qualities that plug right into the way large organizations work. For insiders work turns into a duty, laden with responsibilities and expectations. The most obvious is poverty. Instead of avoiding it as a drawback of senility, many companies embrace it only half-willingly, driven more by fear than hope, and aiming more to protect their turf than to do great things for users. So don't be demoralized by how hard it is to be consciously aware of that. If you work fast, they expect everyone else to. Not all cities send a message. Eminence is like a suit: it impresses the wrong people, and you can't find another? It's kind of strange when you think about it, including even its syntax, and anything you write has, as much as an audience. If I could get people to remember just one quote about programming, it would be a byword for bogusness like Milli Vanilli or Battlefield Earth.

I want in some macros. The startup will now do that themselves. Arguably the people in the middle of the 20th century that convinced some people otherwise. People will pay extra for stability. Investors don't need weeks to make up their minds, lest they lose the deal. They know they want to raise money, and the best research is also good design, and having the same people both design and implement the product. Small things can be done by collaborators.

Painting has been a qualitative change, like the proverbial drunk who looks for his keys under the lamppost, instead of sitting on them, technology will evolve faster. So verbs with initial caps have higher spam probabilities than they would have been on the list 100 years ago though it might have been 2400 years ago. They don't define what evil is, but by studying the intended users and figuring out what those problems are. Maybe the answer is yes. For example, when Leonardo painted the portrait of Ginevra de Benci in the National Gallery, he put a juniper bush behind her head. It's especially good if your application solves some new problem. I'm supposed to finish college and then go work for another company for two years, and then for all their followers to die.

Another view is that a programming language unless it's also the scripting language of a popular system. When it reaches a certain concentration, it kills off the yeast that produced it. So far the complete list of messages I've picked up from cities is: wealth, style, hipness, physical attractiveness, fame, political power, economic power, intelligence, social class, and quality of life. When you use the would-have method with startup founders, and it's always this way. Patent trolls are just parasites. Poverty and economic inequality are not identical. Working on small things, and if this new Lisp will be used to hack. The opinion of expert hackers is not the brand name of the artist. It's so easy to understand what kind of terms should they expect? A rounds aren't going away, I think we're just beginning to realize how distracting the Internet had become, because the main value of that initial version is to be on it or close to those who are. Sometimes it literally is software, like Hacker News and our application system. If you actually want to fix the bad aspects of it—you have to seek out, but something you can't turn off.

Clearly you don't have to be downloaded. Users don't know what all the choices are, and much less on how old you are or how much business experience you have. If they get something wrong, it's usually not realizing they have to make sacrifices to live there. One of the great masters, because copying forces you to look closely at the way a painting is made. In the big angel rounds that increasingly compete with series A rounds is that they're more prestigious. Universities and research labs feel they ought to be the middle course, to notice some tokens but not others. Another example we can take from painting is the way they taught me to in college. Users are a double-edged sword. I/O. And that required very different skills from actually doing the startup. In fact, the language encourages you to be an outsider. The best stories about user needs are about your own.

Powerbooks. Tcl is the scripting language of some existing system. Is there some way to beat this limitation? Technology has decreased the cost of starting a startup molds you into someone who can handle it. Smart investors can see past such superficial flaws. But the cost of typing it. And they, incidentally, are busted. Variation in productivity is always going to produce some baseline growth in economic inequality we've seen since then has been due to bad behavior of various kinds, there has been a qualitative change in the last 10 years.

Thanks to Bob van der Zwaan essay, Trevor Blackwell, Sam Altman, and Geoff Ralston for sparking my interest in this topic.

1 note · View note

filmmakign · 5 years ago

Note

Are you ever going to tell us about your experience with HonorLock? :0c

OK SO HONORLOCK

in case you don’t know what honorlock, it’s an anti-cheating system that you download on the Chrome Web Store for online exams. you have to share your screen, share audio, and share your camera.

(check out its 1 star) my university required that all stats classes use honorlock for our midterm. so like a good noodle i am, i tried installing it after watching a “how to install” video that was required. come installation, for some reason, it wouldn’t install properly, so i was like... “okay, maybe i’ll just install it on my desktop instead of laptop...?” wouldn’t work on there either. so i contacted support, and they essentially they said i had to have all permissions for mic, camera, and audio output turned on for google chrome in order for honorlock to work...

so i check my permissions, and surprisingly, google chrome isn’t even there, even though normally i do have permissions turned on for some of my applications and sites. i contact them again, (and keep in mind, they’re trying their best to help me find a solution and are very quick at replying!) this time with screenshots, and they recommend i use an incognito window or to restart my laptop. i do both, and it doesn’t work. at this point, everytime i contact them, they’re just giving me the same recommendations again, so i give up with their help and turn to my discord friends for help. they walk me through their steps, as they had similar problems, and by some miracle, three freshmen university students were able to help me rather than professionally trained company-specific tech support. nice.

i keep my discord voice channel on for moral support while taking this test because it’s only a practice test to see if this program works, and i’m the first one out of my group of friends to test it, so it’s like. lowkey terrifying.

next, i’m about to start up my practice test, and so the program loads before i take the test. there are a series of prompts you have to go through before you can start the test:

you have to show your face to the camera - ez pz, but i later found out that there’s some sort of algorithm that watches your eyes to read how many times you look off screen “to cheat.” which is interesting, considering this is a stats class and i need to use scratch paper. terrifying, considering that if i look away from my screen enough times, it’ll think i’m cheating when i’m not.

you have to show your ID. if you con’t have your school ID, then your driver’s license or passport. uh. interesting.

they require you to pick up your laptop and show them the room, to make sure there’s no way of cheating. imagine lifting up a desktop, which might be your only method of taking this test, to show them your room. uh. interesting to say the least.

i think it’s quite odd, but i continue to take this test because, well, it’s a grade. but two questions in, the tech support chatbox pops up again, and this time, it puts my whole screen on lock, and i can’t click anywhere. this woman asks if i need any help. i did not contact tech support. i’m like, “no ???” and she’s like “okay, is there anything i can help you with?” and still i’m like... i just said no, but thanks...

and then it dawns on me.... my camera is on. my screen is being shared. my mic is on. my discord is on in the background. i type in the chatbox, “can you see me?????” because she can probably see me either directly through my camera or through the camera’s recording on my screen through the window. she types back, “yes.” INTERESTING. i don’t like how this random woman can suddenly see me and probably saw my ID too. can she hear me too? the answer is also yes, according to her after i asked. TERRIFYING. and i ask her next, “will you be here the entire time to watch me while i’m working on my stuff?” she explains to me that yes, she will be here just as a proctor, and then my recording will be further sent to my instructor so they can review it later. great.

soon, i’m like. “ooooookay..... i think that’s all then. thank you.” she says great, then shuts down our chat and lets me get back to my practice test. i’m frazzled, and that was an INTERESTING encounter, to say the least. i finish the test as quickly as i can, and at the end, there’s an option to uninstall HonorLock from my device. i uninstall IMMEDIATELY and let my computer go through a scan to quarantine any malicious items. looks like i’m safe for now, but while that’s all going down, i talk to my discord.

“could you guys hear me??? i couldn’t hear you guys; were you talking???” yes, apparently they WERE talking, but they couldn’t hear me and my 4 mental breakdowns while i was talking to that woman. INTERESTING. my friend doesn’t believe me, and so she takes her turn to do it. the rest of the discord voice channel and i carry on with our conversation (mostly just comforting me from the terror of honorlock that i just experienced). my friend comes back maybe thirty minutes later, saying that while she didn’t get a random woman popping up to answer any questions, she couldn’t hear us and we couldn’t hear her. proceed us going through the rest of our friend group testing out HonorLock.

as it turns out, i was the only one with a woman popping into the chat to ask me if i needed any help, but we all can safely agree that the application is indeed STRANGE. i highly do not recommend this if you can avoid it.

#bri is trying to be more interactive #ask #honorlock #anon #THIS SHIT WAS SCARY GUYS #Anonymous

7 notes · View notes

weasley-gal · 5 years ago

Photo

Cindy’s Top Ten Movies of 2019!

Ahhh...2019. In the interest of building suspense, I could be all cagey about this countdown, but let's face it: For me, 2019 was the Year of Rocketman. As lousy as the real-world year was, it was salvaged by Rocketman. Someone suggested in jest (maybe?) that Rocketman should be numbers one through ten on my year-end list, and that would be fair enough; HOWEVER...I did like some other movies this year, so I'm gonna give you--yes YOU, dear reader(s)--ten of my favorites. Just know in your hearts that the other nine fall way behind number one. Way, WAY behind.

The usual disclaimers:

A movie's position on my year-end list does not necessarily reflect its original Weasley score. Some films age well, bear up, and even improve under repeat viewings. Some...well...some do not. Also, I live in a rinky-dink town, so great movies like JoJo Rabbit and 1917--pictures that almost certainly would have found spots here or gotten very close--have not made themselves available to me yet. This is disappointing, but unsurprising. I'd hung my entire holiday break on the prospect of seeing 1917, only to discover on Christmas Day that its Christmas opening was limited release, and I have to wait until January 10th. Humbug. Finally, I think three or four of these movies already made Variety's "worst of" list for 2019, so kindly do not be too shocked when I diverge from The Serious Critics (TM).

Without further ado, presenting my top ten films of 2019:

TEN

"The most important qualification for any leader is not wanting to be leader."

THE TWO POPES

2019 threw me a nice surprise on its way out the celestial door, with the Netflix original The Two Popes. It's a deliberate, thoughtful, and timely film carried by a pair of the year's most exquisite performances: Jonathan Pryce as Pope Francis and Anthony Hopkins as Pope Benedict XVI. While the subject matter is weighty, this movie is an absolute delight.

NINE

"I'm glad I'm a revelation and not a disappointment."

DOWNTON ABBEY

This big-screen adaptation of the popular television series Downton Abbey, is, in fact, something of a revelation. A totally new story in the familiar and much-loved setting, with just the right amount of fan service, it is a joyful exercise that hits nearly every note perfectly. Making its case for the big screen are breathtaking costumes and production design...and Mr. Barrow finally seeing a bit of happiness doesn't hurt, either.

EIGHT

"We're gonna bury Ferrari at Le Mans."

FORD V FERRARI

At a glance, Ford v Ferrari might seem like a film appealing exclusively to car enthusiasts; however, that assumption does a great disservice to both the film and the viewer. Ford v Ferrari is an inspiring story about people. It's a nail-biter from start to finish, it has heart to spare, and it's fronted by great turns from Matt Damon and Christian Bale. Beautifully filmed race action makes this one to see on the biggest screen you can find.

SEVEN

"It always fits...eventually."

SPIDER-MAN: INTO THE SPIDER-VERSE

Technically, Spider-Man: Into the Spider-Verse is a last-year movie, but for me it's a this-year movie, and--despite its being the very first film I saw way back in January, 2019--it's far too great to leave off my best-of list. A Marvel property in the hands of Sony, Spider-Verse is smart, funny, touching, and better than the entire Avengers catalog combined.

SIX

"This is a twisted web, and we are not finished untangling it, not yet."

KNIVES OUT

Knives Out is a great piece of original cinema crafted from artful twists, clever humor, and terrific performances, layered with a gorgeous Gothic setting and an ominous score. Written and directed by Rian Johnson, this perfect murder mystery is a huge creative and financial win for the cinema, and I recommend it without hesitation or qualification.

FIVE

"This is the worst...and best...and most terrible...excellent thing that's ever happened to me!"

THE KID WHO WOULD BE KING

Hands up if you missed the Kid Who Would Be King at your local cinema? Yeah, I see you, ALL of you. The good news is that one of the year's most wonderful pictures is now available for streaming and download, and you shouldn't make the same mistake twice. The Kid Who Would Be King is a charming movie, great fun for people of all ages. Truly one of the year's best.

FOUR

"Si vis pacem, para bellum."

JOHN WICK: CHAPTER 3 — PARABELLUM

The John Wick franchise has become quite the phenomenon, and deservedly so. Continually upping the action ante in Fast-and-Furious-like fashion, these movies are so much more than just your garden-variety shoot 'em ups and beat 'em ups. John Wick is the role Keanu Reeves was born to play, and Parabellum raises the stakes for Wick while doubling down on masterful fight choreography and stunning cinematography. Here's to many more adventures for John Wick!

THREE

"Bruce is the direct line to all that's true in this world!"

BLINDED BY THE LIGHT

Blinded by the Light is another terrific picture that didn't exactly set the box office on fire. Inspired by the true story of one Springsteen superfan, and built on the Boss's epic catalog, it's a hopeful tale about overcoming prejudice and the limitations set for us by ourselves and by others, one of the year's most inspiring movies.

TWO

"Tell the truth to everyone, whenever you can."

YESTERDAY

Yesterday is yet another of 2019's under-appreciated gems, a beautiful, unique movie fashioned around the timeless music of the Beatles. Himesh Patel is a delight in the lead, and--while the premise requires suspension of disbelief--Yesterday is a charming picture that captivates with its "what ifs?" as well as its iconic soundtrack and enchanting cast.

ONE

"You were never ordinary."

ROCKETMAN

My number one movie of the year, and of the decade, was set on May 31st, when I saw Rocketman for the first time. I saw the movie at least twice a week as long as it was at my local cinema. I've watched at least part of it every day since it became available for home viewing. Outside of a week or so around each of the wonderful concerts I saw this summer, I've listened to nothing but the Rocketman soundtrack since the end of May. My phone and all my desktops have Rocketman wallpapers. I've joked (hmm?) that I only speak Rocketman now. The truth is, I'm not interested in speaking anything else. Pre-Rocketman, it had been a decade since a new movie made its way into my all-time top ten. Then there was Rocketman. Pre-Rocketman, my favorite acting performance hadn't changed since 1993. Then there was Taron Egerton's astonishing turn as Elton John. Pre-Rocketman, I was finding reasons to stay away from the movies. Then there was Dexter Fletcher showing us the beauty of real imagination. Rocketman is more than just a well-crafted film that reflects on an iconic artist's inspiring life. It is a film that uses Elton John's art to tell his story in fantastic, creative fashion. It is a film that uses exquisite detail in its styling and costumes to further its vision. It is a film that draws something sparkling and new out of a classic discography. It is a film that is not bound by dull, linear timelines or small minds. It is a film that surrounds a performance for the ages with others that bear it up. It is a film that shows, however dark the times, you will find the light. In doing all these things, it is a film that is saving lives. Rocketman is a film that is, in every way, magnificent. Thank you, Dexter Fletcher and company, for giving us this beautiful movie. Whatever the critics say and whoever wins the prizes as Awards Season bears down upon us, nobody has done anything more valuable this cinema year.

A few Honorable (and Dis-Honorable) Mentions:

While Taron Egerton deserves all the awards, all the time, for his work in Rocketman, there were some other performances this year that also gave me life:

Jamie Bell (Rocketman): Without Bell's Bernie Taupin as his stalwart cornerstone, Egerton's Elton could not have flown. It's a lovely, understated performance that has been grossly underappreciated.

Tom Holland (Marvel Cinematic Universe): Holland is a real gem, a standout who consistently steals the show from bigger names who get weightier work in the MCU. No matter how good, bad, or painfully bloated the movie, Holland is an absolute delight.

Renee Zellweger (Judy): Who knew it was even possible for me to stop hating Renee Zellweger? Well played, 2019.

Rebecca Ferguson (The Kid Who Would Be King/Doctor Sleep): There was little I enjoyed more this year than watching Ferguson chew her way through this pair of pictures. Oh, and if I start walking around wearing a hat, don't ask, m-kay?

Chris Evans (Knives Out): God, I love seeing Chris Evans do *anything* besides Captain America. Bonus points if he gets to be funny. He's really funny, despite his obscenely gorgeous mug.

John Boyega/Oscar Isaac (Star Wars: Episode IX — The Rise of Skywalker): These two, individually and together, draw joy out of what's otherwise a fairly mundane exercise. If Finn and Poe somehow jumped to another saga in the Star Wars universe, I wouldn't complain.

The Cast of Jumanji: The Next Level: Top to bottom, a perfectly cast film, and a lesson in how the right actors can elevate any property.

As a matter of interest, if you watch the Irishman and Once Upon a Time in Hollywood back to back, you can effectively calculate how many hours you'll wish you had back when you're on your deathbed.

I would like a word with Gary Oldman's and Sebastian Stan's agents, please.

Cats: Make. It. Stop. Please, just...make it stop.

As this most challenging year winds to a close, I wanted to offer a sincere thank you to everyone who takes the time to read my reviews, and especially those who engage on any of our various platforms. Special thanks to Daniel for allowing me to be a part of his great page, and for tolerating my unceasing randomness. (Hotel Transylvania 4 in 2021, my friend!) I take no one's support for granted, and I’m ever grateful for you all. I wish our readers many blessings as this festive season comes to a close and we roll into 2020. See you at the movies!

#movies #top ten #rocketman #yesterday #blinded by the light #john wick #the kid who would be king #knives out #spider-man #into the spider-verse #ford v ferrari #downton abbey #the two popes

21 notes · View notes

readyforit · 5 years ago

Note

Idk why but I have been here since late 2018 and dont seem to have any friends! Like how did you get to know people and you know.....

ahhhh hi anon! I don’t feel like I’ve got that many friends but here are some tips that have definitely helped me personally (because I know this would’ve been so useful to me when I first joined), and maybe they’ll help you too? sorry for writing so much but I hope this helped! you’re welcome to message me anytime, let’s be friends! 💕

1. be more open (or as open as you’re comfortable being!)

when I first joined tumblr, I was super intimidated by everything and everyone; to the point where I didn’t want people to know what my name (and anything else about me) was, I was just kind of lurking in the background; kind of too scared to make my own text post or send an ask that wasn’t anonymous and so on. but I think one of the best things you can do on here is be open (but only if you’re comfortable)! that can be little things, like putting things in your bio about yourself (like your name, age, pronouns, personality type etc), as well as making text posts about your life (like your current random thoughts, feelings, how your day went, highlights of the day, any issues you’d been going through, people you’d met, just anything - treat your text posts like your journal [just don’t be too personal in like revealing your school or workplace kldfjakjflkj] and just feel comfortable opening up about yourself and who you are, and I guess that way, people will be drawn to you and your personality! it might take a while, but tumblr is honestly the place to just go all out and there’s nothing to be worried about! just be yourself (and you’ll find ~your people~ lsdkfjldfjk)!!

2. interact!

if you want to get to know people or become friends with them, do it!! back when I actually had the time to do so, I used to send asks to blogs I loved all the time (like I’d wish them a lovely day or send them my wishes if they’d specifically made a post about something in particular, or like I’d send them asks from an ask game post that they’d reblogged)

you can also join networks, that’s one of the best ways to get to know people, in my opinion! I’m part of @tssnut, @networkthirteen and @theswiftweb, and you should usually be able to join these networks and servers (there should usually be a ‘join us!’ link on their page) and that way, you’ll be opened up to a whole lot of likeminded people! networks and servers are one of the best ways to actually talk and get to know one another, so I’d definitely think about joining them!

likewise, you could also invite people to interact with you (sounds weird lkdjldj). like you could reblog ask games (while also sending an ask to the blog you reblogged the post from), and just ask open ended questions in your own text posts? you could also just talk to the blogs around you in general (especially if you’re mutuals with them). interact with your mutuals! I find it sooo hard to go from being mutuals to friends, but I guess it’s just through interaction with one another!

3. don’t overestimate/underestimate yourself

don’t know how else to word this ldkj, but when I first joined tumblr (I actually just recently learnt to grow out of this), I used to be intimidated by like, every single blog on here. I just felt so isolated and like I hardly had any followers (confession; it took me like a year to reach 100 followers), and also like everyone had already formed their own social groups, and like!! I just felt like everyone was soooo cool and interesting and smart (with yes, lots of followers) and that I could never “get on their level” enough for them to want to be friends with me. but I guess I’ve recently realised that we’re all the same, if we’re on tumblr, we’re most likely just a dorkish clown ranting about the world around us. and I’ve learned that most everyone on here is sooo insanely kind and nice and sweet and lovely, so don’t be scared to interact (as in, sending asks, leaving comments, etc) likewise, I don’t know if this would apply to anyone dlkjdl, but it doesn’t help to think of yourself as superior or better than anyone else (like if someone reaches out to you, reply!!), we’re all on the same level and this is literally just tumblr, a welcoming and fun place for everyone!

4. have a specific… niche

I don’t know if that’s the right word, and I know a handful of multifandom blogs who do their multifandom things amazingly, but I think it’s a good idea to have a central niche/aesthetic/thing that you post about! (like I mean, you could join tumblr and be a taylor swift blog then slowly become a lana del rey blog, I don’t know) but I think it’s good to have like a central theme that you post about; this way you’ll draw likeminded people who you can talk to, and I guess it’ll just be easier to control…? like I have a lorde blog specifically for lorde, but this blog I have here is primarily taylor swift; and like all of my mutuals are swifties and blog about her, and so I guess I’m a part of the taylor swift fandom…? so I don’t know if this works for everyone, but it definitely helped me to mainly post taylor swift content (well of course, I only stan taylor dslkjdlj) likewise, you could maybe have sideblogs for other fandoms that you’d love to be a part of! I don’t know, I just guess it’s harder to be part of a fandom if you’re multifandom?

in addition, you totally don’t have to; but you could also have your own content! as in, like I make and post my own edits (I think that really helped me feel more included into the community; I posted my first edit in june last year and that’s when I slowly begun to feel more welcome?!). but you could also offer and host specific things on your blog that other blogs don’t have, like I know some people host discourse nights, positivity nights, and so on! if you’re comfortable, it just really helps I think, to bring something into the community and just create and manage and design something! :)

5. have a nice theme!

okay, this isn’t essential, but it definitely really helps to have a really nice theme! this includes a nice header (or lack of one; the simplicity can be really cool too), colour palette (FLKDJ WHEN I SEE BLOGS THAT HAVE VERY CONTRASTING COLOURS like green and purpleee), a nice url (at least one that reflects what your blog is about), a nice bio (like it doesn’t have to be long, like most people who take the time to look at your blog won’t read through a whole paragraph in your bio I don’t think?) and nice posts (like some people post like according to a specific theme/colour scheme and I think that’s really pretty but hard to stick to) you could also have a nice desktop theme, like there are soooo many theme blogs on here with beautiful themes that you can download to really spark up your page! again, this isn’t all that necessary, but it really does help to have a visually pleasing blog!

6. be nice!!!

this probably goes without saying, but just be nice and kind and positive; you don’t know how much it could mean to someone!! just be nice in whatever you do and post and say, that’s the most important thing you could do!! I can’t emphasise on this enough, but please just be niceeeeee.

andddd that’s all I could think of for now! but yes, I totally understand and relate to that feeling of being isolated or separate from the rest of the community (I felt so lost and distant from everyone in the first year that I was on here), but through taking the time to being nice, open and interacting with others (like seriously, you can message me right now!), you’ll hopefully feel more welcome into the community! love you!! 💖

#letter left on my doorstep #<3333 #anon

6 notes · View notes

koffeins-writing-archive · 5 years ago

Text

Beyond the screen

[Commission for @princce7 ]

The old hum of the cpu filled the messy pit that was Sans room with something besides dead silence. The monitor glowed softly as it switched on. A day off from working at the hot dog stand seemed like a good idea for the skeleton. Even if it was a day off only he knew about.

He looked back to the file he had downloaded from an email Alphys had sent him. A type of anime dating sim. Definitely something Alphys would recommend.

Sans decided that before anything, he’d grab a quick snack from the kitchen. A nice bottle of ketchup. Did he really need to eat it? Nope. Did he want to? Yes.

Once Sans was back in his room with his snacks, he sat back down at his computer and started up the game.

The cheery music and bright colors greeted Sans kindly. The music was pretty nice. The art was pretty and definitely fit the type of anime style games that Alphys loved playing.

As he played through the game, Sans learned about the four main characters. He decided to choose Sayori's route, seeing as she was the most real out of the main cast so far. Her story tugged at the skeletons heart, even if he didn't really have one. A soul was close enough, right?

Sans continued on in the game until he was met with the last few scenes of the first act. The main character was going to enter Sayori's room when the screen froze. The game letting out a low hum. Sans couldn't move the mouse nor click anywhere, so he manually shut the computer down.

"Man, my computer must really hate this thing." He said to himself, having heard his computer slowly dying and the fans whirring through all of his gameplay.

'Maybe Alphys can help me with my computer to make sure it can run the game properly without dying so quickly'. He thought.

Sans was just about to open his browser as the screen finally switched back on. Something felt different, however, but the skeleton couldn't put his finger on it. He moved his mouse to the browser icon before seeing something on the games icon.

A small little pixel out of place.

He clicked on the DDLC icon on his desktop. Nothing happened. He clicked again. This time, a small text document opened up and typed out a simple 'hello'.

Sans sat there, confused and shocked. Was this game actually a virus? Or did Alphys send him a bootlegged version?

He didn't know what else to do other than reply.

'Hey'. He typed. 'What are you doing on my computer?'

He watched as the other replied.

'Well, I'm not exactly here willingly. I think the game crashed'.

Well duh, the game crashed.

'I know it crashed. What are you? A hacker?' Sans asked.

'No, I'm not any sort of malware either. Can you do something for me?'

He was a little hesitant about it but continued to talking to whatever this thing was that had now infected his computer.

'Sure. What do you need?'

'Can you go into the games files? I think there's a way for you to fix it.'

'Why can't you do that?'

'I'm not sure. I've tried and the game won't let me access anything. Please fix it.'

Well, Sans didn't have anything better to do, so he went along with the other users instructions. Right clicking the DDLC icon, opening the task manager, and after sorting through a few files and deleting a few things, the game opened normally.

'Thank you! I'm so glad you fixed it!'.

Sans smiled at this and went to reply when the text box disappeared and the screen turned black once more. Finally, after thinking that the game had crashed or his computer had died, a text box from the game appeared, along with a familiar face, smiling right at Sans.

'Hey there! I'm Monika. I'm really glad that you fixed the game for me, I can't tell you how many times I've managed to screw up the files and code trying to get yours and others attention'.

Sans stared at the screen in disbelief. He had reached for his bottle of ketchup and gripped it a bit too harshly as the text box greeted him, getting ketchup onto his hoodie and into one of his eyeholes.

Oh boy what did Sans get himself into?

After cleaning off the ketchup from his eye and jacket, or at least cleaning to the best of his ability, Sans sat back in his chair, silent.

Sans wasn’t sure how to react. A computer game was talking to him. Or maybe it was still malware and the hacker was just messing with him big time. Whatever it was, was talking to him. Monika smiling warmly from within the screen.

Sans shoulders eased their tension and he scratched the back of his skull at this.

“So...Monika, is it?” He asked.

‘That’s correct!’ Monika replied, the words typed up quickly in the text box.

Sans let out a nervous laugh at this, unsure if he should shut the computer down, destroy it, burn it, and then call Alphys about all of this craziness.

“Alright, Monika...What are you exactly?”

‘Data I suppose. I’m not really sure of it myself. I remember the first time...well, being, I guess. It’s not something I think about much. What about you? What are you?’

“I’m just a skeleton living with his brother. I’ve got a lot of neighbors, I guess. Most of them are monsters...real monsters, not just saying that like their jerks or something.”

‘Interesting. Cause I’m pretty sure that what you just said isn’t the entire truth.’.

Monika waited for a response. Seeing that she wasn’t going to get one, the program continued.

‘You are a lot like me, are you not? Powerful, out of this world...unreal, perhaps?’.

Sans simply stared at the screen, keeping his nonchalant smile plastered on. Trying his best not to crack.

He let out a chuckle and gave a shrug. “I guess you could say I’m ‘pretty far out’, eh?”

Monika let out a laugh at this. ‘I didn’t realize the person I was talking to was such a ‘punny’ guy.’

Sans smiled more at this, thankful that Monika at least had a sense of humor... And hoped with every bone he was made out of that she wasn’t entirely malicious.

“What exactly did you have me delete? Those files?”

‘Oh...Those were just some data that needed to be deleted. Couldn’t do much with them still being in the game.’.

Sans didn’t like the sounds of that. “What do you mean?”

‘The other girls had to go. That’s just how things were meant to be.’.

Sans stared in disbelief. Monika, a being shown to be somewhat sentient, was confessing that she had him delete the other girls from the game. Girls who probably were just as sentient and real as she is.

Sans was quiet as he moved his mouse around the screen and towards the recycle bin.

‘What are you doing?’

Sans continued to stay silent as he opened the bin. The bin was empty.

“You had me kill them.” Sans muttered out quietly.

‘The word ‘kill’ is kind of strong. I’d say...’deleted’ would be a better term?’

Sans definitely did not like this.

‘It’s just like I said before; you and I are the same. In more ways than one.’

“What, a murderer?” Sans growled.

Monika shakes her head and smiles. ‘Data. Data in a game. I know it, you know it.’

Sans went to speak when Monika continued.

‘The Internet’s filled with lots of data. Data of you. Data of me. Data everywhere. We’re real in our worlds...just not out there. We live behind these screens to tell stories to those on the outside. Just like what you experienced with this dating game. Various bits of codes and data strung together to make something entertaining and real enough for an escape from the outside world.’

Monika smiled at Sans, unblinking as she waited for his response. ‘Am I not wrong?’

“...No. You’re not wrong...How the hell do you know about all that? Aren’t you just stuck in the game?”

‘Yes, and no. I’m everywhere. Whenever someone downloads the game, I’m on their computer for as long as the game stays. You don’t do much on this computer, so it’s like an old dinosaur and pretty bare.’

Monika got closer towards the screen, tilting her head. ‘You aren’t even a part of the world you say you’re in, are you not?’

Sans sat there. He didn’t know what to say. Perhaps he feared whatever she might say in response, say the truth that he so desperately did not want to hear or believe. Not now, and not ever.

“I think we’re done here.” his tone was cold and held nothing behind it.

No fear. No anger. Just there.

Sans quickly unplugged the computers plug from the socket. As he glared at the program staring back at him, he noticed something. It was quick, but there in the split second, was the softest hint of fear in Monika’s expression. And then, darkness.

Sans sat back in his chair, groaning.

If he had a proper heart, there’s no doubt that it would be racing from whatever hellish adrenaline rush that was.

He laid there for a moment before pulling out his phone. His boney fingers shaking as they pressed against the screen. Sans lifted the phone up to his face.

“Alphys? We need to talk. Now.”

Please consider commissioning me!~

#sans undertale #monika #ddlc #undertale #my writing #commission

14 notes · View notes

macresolver · 5 years ago

Text

With Android's opening, these 4 apps will make you cooler to "listen to songs"

Earlier, the Internet was not so developed, and streaming media was less of a mainstay of entertainment, with the vast majority of people only able to transcribe or download music files from CDs to listen to music. At that time, my love of music didn't all come from the song itself, but some cool things - visualizations, skin changes, lyrics, and so on.

After the rapid popularity of streaming media, listening to the song seems to be just "by the way", I did not go to stow "let listening to the song cool" thing. It wasn't until one day that I found out that my phone's built-in music player took advantage of the curved-screen feature to make the side screen light up with the rhythm of the music.

The little feature disappeared after the system was updated, and I had to start looking for other ways to make listening songs on my phone becomes cool.

Muviz Edge: "Running Lights" at the Edge of the Screen

The Muviz Edge app perfectly reproduces the side-screen flash above, and even better, it offers a variety of styles for free, in addition to regular side flash, as well as a more powerful visual impact such as full-screen wrap and edge spectrum.

If you're not happy with the default style, you can also adjust the flash line a little thicker in the custom options, and drag "SPREAD" "LENGTH" to the left and right, respectively: the former is used to set the extension of the subline, the higher the number, the more dispersed the sub-line, and the lower the value, the shorter the number.

After adjustment, each subline does not overlap too much, each color can be clearly distinguished, the visual effect is excellent without confusion. When you authorize the Muviz Edge, Muviz Edge can match album covers and automatically turn them on or off for different apps, so you can avoid popping edge flashes when watching videos.

You can download the Muviz Edge for free in the Google Play Store, unlock all flash styles and all features for $1.49, or purchase custom color matching features for $0.99.

Muviz: Navigation bar can be a little cooler

The Muviz Edge is primarily used to beautify the edges of the screen, making the visuals more stereoscopic on surface phones. For non-curved phones, or if you want to make the results even more stunning, use the navigation key area at the bottom of the screen and use Muviz to display the waveforms and spectrum on the navigation bar. Muviz and Muviz Edge are part of a series that has been introduced in the minority. After several iterations, Muviz is now even cooler.

As with Muviz Edge, app-related permissions are required before use. Muviz itself has evolved into a creative community, Discovery, which includes all user-published waveform schemes that allow users to categorize and filter according to their personal preferences. Each scheme has also been labeled differently, making it easy to choose a similar scheme.

Since you're a creative community, you can certainly create your own waveform effects. Muviz Free offers up to 29 waveform styles, and unlocking Premium offers an additional 10 more featured waveforms. Each style adjusts color, gradient, transparency, and size.

In addition, Muviz has entered the concept of "layers", allowing users to overlay up to 3 layers of waveforms, such as filling with "strip" spectrum, contouring "line" waveforms, and "circular" individual beautification of the Home key, making custom items so all-encompassing and extremely free.

You can go to the Google Play Store to download Muviz for free and pay $2.49 for Muviz Pro to unlock all waveform styles and community solutions.

Live Wallpapers: More Immersive Music Visualization

If the Muviz series of apps can enhance the visual impact of your music, music live wallpapers can give you a more immersive visual experience, such as the three "Rhythm" series of music live wallpapers built into your Pixel 3 phone.

When using a normal phone, the desktop background will have a very soft dynamic effect, but as the play button is pressed, the desktop background will be like its name, with the music from time to time exciting, sometimes gently rhythmic.

Non-Pixel 3 devices can also get this range of wallpapers by installing a portable installation package, and there are many other live wallpapers available in the app. If you're also interested, go to APKMirror to search for Pixel Wallpapers 2018 for an installation package that corresponds to your phone system. In addition to the Pixel series of live wallpapers, the background of the Apple Music lyricinterface can change dynamically based on album cover color and music rhythms, but it's actually great for wallpapers - remember the stunning live wallpapers of Cosmopolitan and Skyline? Developer @Justin Fincher's new work, Diffuse, brings the Apple Music effect to the Android platform as a live wallpaper.

Diffuse requires player notifications and microphone permissions to get album art and audio information to show dynamic effects based on the cover color scheme and music rhythm.

Developers have made statements in the app about the privacy implications of microphone permissions, and Diffuse is not forced to apply for microphone permissions, as long as Diffues is allowed to get playback notification permissions, the wallpaper can still change color with the album cover, but will not change with the rhythm of the music.

According to the developer's prompt, Diffuse is only compatible with software that invokes the system's native style to play notifications, QQ music, NetEase Cloud Music and other players need to manually change to the system native playback notification style, and for App Diffuse, which only supports its own playback notification style, Will Adiffuse will not work properly. Diffuse is now available on the Google Play Store for $1.99 for Premium, and a free version for download and trial.

Audio Widget Pack: Good Music With Widgets

For most music players, whether it's a streaming player or a local music player, desktop widgets have always been a "yes" marginal product, and Spotify even took the feature out of it in an earlier update - a move that didn't happen to attract many users' displeasure and had to be added back in subsequent updates. If the desktop widgets you're using aren't great enough, you might want to take a different approach by using third-party widget gadgets to "skin player controls." Audio Widget Pack is a widget tool specifically built for music players that seamlessly connect music players with Android features. Audio Widget Pack sits with a total of 46 desktop widgets in 9 styles, each with a strong sense of design, including the "new figurine" design style that is very popular today.

In addition to the widget desktop widget, Audio Widget Pack also provides music playback statistics, and every time you open the app master, the notification bar displays today's and this week's play statistics. Interested friends can download the Audio Widget Pack in the Google Play Store, where 2 widget styles are available for free and 7 more are available for $4.99.

The developers of Audio Widget Pack have also developed a music player, Stellio Player. The basics, with online lyrics and cover retrieval, and the payment of Stellio Player Premium to unlock many of the great player themes remind me of the joy of tossing the player's skin on a computer. Interested friends can also go to the Google Play Store to download the experience.

2 notes · View notes

deehollowaywrites · 5 years ago

Photo

Title: Doomed to Fail: The Incredibly Loud History of Doom, Sludge, and Post-Metal

Author: J.J. Anselmi

Release: February 11, 2020

Genre: music, nonfiction, memoir

Order here!

When I first heard Metallica’s “Battery,” I knew I’d found the real shit, J.J. Anselmi’s newest states in an early chapter. The social alienation, the depression, the anger, and the preoccupation with death: it was the music I needed, right when I needed it. Similar stories abound in volumes like Jon Wiederhorn’s Raising Hell and a recent academic anthology of gender, sexuality, and heavy metal analyses; the typical pathway to extreme music, it seems, is youthful aggression, disaffection, or malaise. It’s not very cool to recall that your teen rage was tempered rather than catalyzed by religion. Even less cool to admit that if you are currently swimming in doom’s murk, you only took the chilly plunge because of boys and men.

A few antecedents, then: The Minutemen. Captain Beefheart. Def Leppard. The Mars Volta.

Edgy enough, weird enough, almost metallic enough, nearly harsh enough. It’s easy to see the slippery slope, to hear my mother’s voice in my head. If that’s what you want to spend your money on, she said of The Mars Volta’s full-length debut, I guess it’s your money. A year or so later, she would be interrogating me about certain media downloads to the family desktop--not because I was infringing copyright via poorly-labeled LimeWire files, but because the music was the sort that drove away the Holy Spirit (to be fair, Master of Puppets didn’t inspire any epiphanies). Mormons are very concerned with the Spirit’s presence. Movies and music are the fastest and most seductive shortcuts to becoming lost in a mire of worldliness, spiritual miasma, and sin. Interestingly, my mother was less perturbed by my weekly emails to a much-older dude I’d “met” on a geek forum, he of the curly beard and Captain Beefheart appreciation. For a suburban teenage girl reading SPIN in 2003, music in particular seemed a clear Point A to ineffable cool’s Point B, as evidenced by--although at the time I wouldn’t have phrased it thus--fuckability. Whiteboy music journalists, from Klosterman with his contrarian hair metal love to Azerrad deifying The Minutemen, had Ideas about what made rock music good. It was a trail of breadcrumbs that could be followed by anyone, so maybe I’d start off as me and end up as Brody Dalle. Of course, wanting to be punk is proof that you're destined to remain square, so the guy in the homemade Leftöver Crack t-shirt likewise stayed a mystery. Meanwhile, I made a fansite about The Mars Volta for my web design class, wrote an AP essay about why filesharing is good, actually, and counted the days ‘til graduation.

Euro-style power metal is romantic. Good make-out tunes. The fine art of getting into something that someone you fancy is into, well, that’s bog-standard for a huge swath of humanity and I’ve never been above it because I do like exploring new things. However, there’s a certain flavor of man who encourages women to listen to music he likes not out of genuine enthusiasm and desire to share, but because filling up a vessel with water from your spring means that you, yourself, will never be thirsty. There’s no rearranging of boundaries necessary for the recommender, no exchange of gifts, no call to reassess your favorites in light of new information. Where things get hairy is when women take what is conferred and make it their own. The vaguely fringe music that had already primed my eardrums led away from flourish-laden prog and high-camp power metal, into weirder and uglier places my boyfriend at the time had no interest in traversing. It stings a bit to realize that your heart is big enough to hold all the loves that comprise the person you love, that your desire is malleable and open, and that they have always been enough by themselves, fully-formed, unswerving as a highway through the desert. It hurts to hear that you’re not doing the thing (metal or comics or horse racing) in the way that was shown you, properly. This might be when the rage starts to seep back in, poisoning the spring. But solo concert-going is only lonely until you make it past the venue’s threshold. After that, the Spirit is always with you.

Myself, I’ve seldom found the divine in places it was supposed to inhabit.

The thing about The Mars Volta that embedded itself in my ribcage seventeen years ago wasn’t their tight jeans: it was how they seemed to have misplaced all their fucks. Prior to Sacha Jenkins’ 2003 SPIN review, the ugliest thing I’d sought out of my own volition was an Anti-Flag album, a suitably edgy move in George W. Bush’s America. Deloused in the Comatorium did not care if you understood what it was going for; an impetus existed behind the unexpected time signatures, dog-bothering vocals, and salsa moves that was alluring in its opacity and bloody-mindedness. A bunch of weirdos recorded a fuck-you in album format because they wanted to. Atmosphere, emotion, tension could all be far more important to a song than melody or lyrics. Listenable was up for debate. Art formed its own excuse. In this way, although the two groups couldn’t be further apart sonically, my heart was made ready for Katatonia. Then Oceans of Slumber. Torche. Black Castle, Thou, Bell Witch, Cult of Luna, on and on, an endless sinkhole opening up.

A great and appealing contrast of doom metal lies in the apparent dumbassery of its sound. This is broadly true of all metal, of course; Coal Chamber or Megadeth, Black Sabbath or Pantera, metal was music for drop-outs, stoners, school shooters… the purview not only of miscreants, but of boys and stupid boys at that. Punk seemed the smarter option, if you had anger issues, had heard of feminism, or tended toward hobbies like trying to form a Young Democratic Socialists chapter at your school. For older me, trying to rewrite a religious mind into a liberal and cosmopolitan one, prog metal was defensibly slick and impressive, while power metal seemed less openly hateful toward women. All the while, doom lurked beneath layers of nay-saying. Adult men I’ve known, talented guitarists with good ears and smart hands, have sneered at all the seeming lack populating the slower subgenres--lack of beauty, skill, or even aggression in its most recognizable and masculine forms. Yet, for a listener whose favorite pastime is intellectualizing everything in sight, doom is the other side of the sun.

I don’t… really… understand what a tritone is. I know it’s important, and I could do a bad approximation of the opening of “Black Sabbath,” but definitionally I’m at a loss. Often I have no idea which instrument is making the sound that I like. I don’t know anything about music theory or how to talk with authority about what makes music good, important, or even what differentiates music from other sounds. Maybe a drone metal track is a collection of sounds, rather than a song? My Dream Theater-enthusiast ex figured since I was a nebbishy bespectacled geek, prog would be all I needed. The thinking man’s metal! No one has ever felt threatened by Steven Wilson. You can remain Smart™ while listening to assorted finger-wanky Europeans. In contrast, kicking it with a Texas weed-cult at the skatepark is stupid. Obviously, every genre of metal contains its geniuses, and one of doom’s most lovable qualities is how often unquestionable finesse arrives wrapped in brutal, bizarre, counterintuitive paper. But beyond the plausible deniability of technique and philosophy found in groups like Neurosis is something even more compelling. Sometimes, it just fucking sounds cool.

It sounds like that because someone did it intentionally, gleefully. I wrote a novel like that because I liked how it looked, sounded, felt.

One of the birthrights of normative (white, cis, straight, abled) masculinity is feeling. If you turn out queer, or are socialized as female, or live with the massed connotations of a racist culture written over your skin, overt and violent emotion may be anathema. The power of accessing a fully human emotional spectrum for the first time should not be underrated. The doom bands I grew into loving, independent of the people closest to me who putatively liked similar music, are into feelings. Even, or maybe especially, the ones authority figures wish you didn’t have (and those aren’t always the bad ones. Authority hates it even more if you feel good). If there’s a thing Mormons don’t countenance, it’s feeling bad things and informing people of them, or feeling the wrong good things. Doubt is a big no-no. It’s always better to feel shame when possible. If the Spirit isn’t telling you what you know it should, it’s on you for not listening enough, praying enough, being enough. If the Spirit’s voice isn’t soft and gentle, if it instead materializes in the best growl this side of Obituary, well, Satan quotes scripture too. Meanwhile, doubt--lack of clarity, spiritual and emotional murkiness, bone-deep ambivalence--is doom’s molten heart. Meanwhile, shame--at the self’s fondled hatreds, as C.S. Lewis has it, for things desired and things questioned--is shunned by doomsayers.

The body experiences advance warning. Fury, fear, arousal. Sure, I attribute my openness toward weird music to frustrated teen lust. Sure, I owe Roy Khan and Tony Kakko for first love and redrawn horizons. When fire dies, what’s left is not absence but ash, fertile and generative. Doomed to Fail recognizes that continual plumbing and revolving in uncertainty for its beauty and possibility. Whatever formed my rage and love, those two sides of the same forbidden coin, they belong to me now.

#Doomed to Fail #J.J. Anselmi #diana reads

5 notes · View notes