January 21st, 2007

  • evan

legality of decryption

Yesterday xaosenkosmos, danerat, and brad came by for some .PUZ format hacking. We figured out some new bits and also hacked my JS viewer into a multiplayer state (with a lot of Gobby's help), but now we've got an interesting side project:

PUZ files typically (always?) have the solution contained within them. Newer .PUZ files have the solution, but it's been "scrambled" (encrypted?) and have associated keys to decrypt them. It seems like figuring out this algorithm would be fun -- using the above multiplayer game we painstakingly "gathered" some plaintext versions of puzzles (their encryption scheme has a side channel attack in that the cyphertext is accompanied by clues as to what the plaintext is :P) and we also have the keys (which are in a fairly limited space: almost always in (1000,10000)). We poked around a bit and found it's not a simple substitution cypher (character distribution of cyphertext is nearly random) but it can't be that bad. Surely someone on LJ would love to take a crack at it!

So here are some problems:
  1. The puzzles are surely copyrighted. Is posting plaintext+cyphertext+key a problem? It's not like you can play them without the clues...
  2. Is it violating the DMCA to do this? We're not circumventing copy protection, and it's all just for hobbyist fun anyway...
  • evan

releasing ruby software sucks

I like releasing the software I write because other people sometimes find it useful, but the overhead of going through the release process is killing me. I have a simple (single-file) Ruby module, but actually publishing it entails installing Rake (a gratuitous rewrite of make in Ruby) so I can create a Ruby gem (an annoying packaging format I've grumbled about before) and then I have to go through agonizing RubyForge (sourceforge, but somehow even worse?) and its endless web forms to actually publish my stuff. (And don't even get me started on how annoying rdoc is...)

Now, it surely isn't as bad as I've just made it out to be -- surely people have automated this? But as far as I can tell that process is not documented anywhere, and every popular Ruby project I've checked has its own complicated Rakefile that requires even more software installs to make this stuff work.

It occurs to me now that the simpler approach is to just tell users "download this file and stick it in your directory if you wanna use it". But that isn't sufficient for more complicated, multi-file stuff like ljrb.

Mysteriously, the only programming language that seems to have solved this well is C: if I need a C library I apt-get it, and everything else uses autoconf so the build flags are the same between projects. Don't get me wrong -- autoconf is certainly agonizing but is a single point of pain. (I wish gtk-doc wasn't such a pain to use, too.)