Atari 2600 Emulator IP Stolen in Malicious Cyber Attack

[Mr SQL]

 

My innovative Atari 2600 Emulator for the Commodore 64 has been stolen in a malicious Cyberattack.

 

The cyber thieves hacked the emulator and a recent Arok Party production of Arkanoid AIR DOH to create a broken version,
and created a Facebook page to promote it giving me credit for the broken sourcecode.

 

Arok Party loved the original production calling the game fun and challenging and presented it first in their line-up but the broken version is harsh and unpleasant deliberately making it unplayble and offensive.

 

Worse still the cyber thieves deliberately incorporated a disturbing theme found on AtariAge creating a "DNS" attack on the IP by incorporating the details from my post in response to suicide poster regarding a fake suicide caller attacking my business with a DNS attack consisting of endless calls to my business.  

 

The malicious Cyberattack was successful and people were tricked on multiple forums to think I had produced the bad emu and offensive prod.

 

This type of malicious attack is no different than someone deliberately stealing the Stella emulator to promote a broken version on Facebook crediting the Stella team, or hacking AtariAge and Facebook to create fake sites and promoting them as Albert's work.

 

How would the Stella team feel if this was done to their emulator?

 

How would Al feel if someone did that to AtariAge?

 

This kind of malicious Cyberattack could easily affect a business acquisition by Atari or emulator licensing contracts for Stella.   

 

Copy Steal and Ridicule is the formula used by unethical businesses to appropriate architecture and designs they did not create.

 

Perpetual GRANTS protecting IP

 

RelationalFramework has two Perpetual GRANTS from Microsoft for Technology Innovation; these were achieved by the extended interest of the entire Database and Sofware development teams; literally thousands of people. And then simply turning down multiple offers that looked too much like acquisition; I'm eclectic about my IP having written commercial software since the 80's.

 

Perpetual Motion Machine GRANTS for innovation make RelationalFramework a prime target for acquisition because they stay with the Company forever.

And innovation is always a target for outright theft or can simply influence other design innovations.

 

Here's a closed thread about influencing design innovation for Atari and AtariAge to review that's simply about sharing design credit.

Questions about both are welcome on this thread and everyone is welcome to participate in a civil discussion.

 

@Albert and @TrogdarRobusto please moderate any unfriendly posts or insults, but not an exchange of ideas and perspectives. 

 

 

Here is a link to the latest development on the C64 Atari 2600 emulator adding compatibility with Defender III for the Atari Flashback Portable, I haven't released the updated source yet.
 

[Albert]

2 minutes ago, Mr SQL said:

@Albert and @TrogdarRobusto please moderate any unfriendly posts or insults, but not an exchange of ideas and perspectives. 

Just to be clear, Trogdar is not a moderator. 

 

 ..Al

[+x=usr(1536)]

4 hours ago, Mr SQL said:

This kind of malicious Cyberattack could easily affect a business acquisition by Atari or emulator licensing contracts for Stella.   

While I'm far from unsympathetic towards your situation, this isn't something that affects you, AtariAge, Atari, or Stella uniquely.  Attacks like this are happening everywhere, every minute of the day.

4 hours ago, Mr SQL said:

Worse still the cyber thieves deliberately incorporated a disturbing theme found on AtariAge creating a "DNS" attack on the IP by incorporating the details from my post in response to suicide poster regarding a fake suicide caller attacking my business with a DNS attack consisting of endless calls to my business.

Can you explain what is meant by this?  I have a strong cybersecurity background, but cannot follow what it is that you are describing.

• What is meant by 'disturbing theme'?
• Please describe your understanding of the DNS attack.
• 'Details of your post', 'suicide poster', and 'suicide caller' are not clear in this context.
• When you say 'calls', are you referring to phone calls or something else?

Happy to help as much as is reasonably possible, but the way that the incident is being described makes it impossible to understand.

[Mr SQL]

1 hour ago, x=usr(1536) said:

While I'm far from unsympathetic towards your situation, this isn't something that affects you, AtariAge, Atari, or Stella uniquely.  Attacks like this are happening everywhere, every minute of the day.

Can you explain what is meant by this?  I have a strong cybersecurity background, but cannot follow what it is that you are describing.

• What is meant by 'disturbing theme'?
• Please describe your understanding of the DNS attack.
• 'Details of your post', 'suicide poster', and 'suicide caller' are not clear in this context.
• When you say 'calls', are you referring to phone calls or something else?

Happy to help as much as is reasonably possible, but the way that the incident is being described makes it impossible to understand.

All great questions -

 

Here is my post on AtariAge describing the suicide caller creating a DNS attack on my business.

 

A DNS attack is a denial of service that prevents normal functioning of a system through repetition. In this case the endless fake calls constituted a DNS attack derailing normal business function through my business phone. Telemarketers calling endlessly preventing you from receiving normal phone calls create a similar DNS attack but this was more disturbing and more effective because social networking skills are used cleverly to trick out the business past the duration of the calls, while we know right away to ignore and hang up on telemarketers.

 

Here's the offending DNS crack version breaking both the embedded Atari 2600 emulator and the game. Usually in the C64 scene a crack preserves the original work but in this case presents a deliberately horrible sounding production presented as "my work" complete with it's own promotional Facebook page. If you look at the C64 directory on the crack, you'll see a direct reference to a DNS attack in markup as well as in the filename:

ARKANOIDAIRDOHDNS1338.d64

 

And if you launch the cracked game in VICE or on a real Commodore 64 the game creates a DNS attack on your ears after a few seconds making it impossible to play and does not look or play anything like the real production. Compare it to the video here to see the difference.

 

The emulator and the game are free, but this was done maliciously to make it seem I wrote a bad emu and horrible production.

No one should do that to another programmer, this was likely a paid work for hire to attack my business (innovative IP) or the crack team has a very disturbing sense of humor.

 

More details on the innovation - Arkanoid Air DOH is running cycle precise and pixel perfect on a 1 MHz emulator emulating a 1 MHz platform which is generally thought to be impossible, hence the level of innovation. Even the SID is dynamically emulating the TIA with a melodic but different rendition of the TIA chiptune in real time with no changes to the source code (in the real version). The extra PETSCII Commodore graphical skin on the Atari graphics are manipulated with a few lines of extra code to make it a Super enhanced Atari game with dynamic PETSCII as an extra feature but that is not necessary, the Atari 2600 binary runs with no changes to the source code inside the embedded emu natively on the C64's 6510 processor with a virtual TIA, RIOT and system bus emulated.

 

All of this innovation is lost by the clever DNS attack, in this case literally labeled "DNS Attack" to tease about a suicide caller. The creators of this production are very sick regardless of the reason, monetary or otherwise, to go to these lengths to attack an interesting innovation.

 

I'm interested to hear your thoughts on the cybersecurity reasons someone would do this.

 

Edited September 14, 2023 by Mr SQL

[+x=usr(1536)]

OK, that clears things up a bit.  Thanks.

 

A few comments:

 

2 hours ago, Mr SQL said:

A DNS attack is a denial of service that prevents normal functioning of a system through repetition. In this case the endless fake calls constituted a DNS attack derailing normal business function through my business phone. Telemarketers calling endlessly preventing you from receiving normal phone calls create a similar DNS attack but this was more disturbing and more effective because social networking skills are used cleverly to trick out the business past the duration of the calls, while we know right away to ignore and hang up on telemarketers.

It looks like there's a bit of muddling going on re: terminology, which was part of what was confusing me.  A Denial of Service attack is abbreviated DoS (lowercase 'o' intentional); DNS is completely different and is used to convert domain names to IP addresses.

 

If I'm understanding correctly, you were receiving a high volume of phone calls intended to basically busy out your business number.  Is this correct?

2 hours ago, Mr SQL said:

Here's the offending DNS crack version breaking both the embedded Atari 2600 emulator and the game.  Usually in the C64 scene a crack preserves the original work but in this case presents a deliberately horrible sounding production presented as "my work" complete with it's own promotional Facebook page. If you look at the C64 directory on the crack, you'll see a direct reference to a DNS attack in markup as well as in the filename:

One caveat: I am not a Commodore guy by any stretch of the imagination.  So far, I've managed to get c1541 to attach the disk image and extract arkanoidaird/dns to the local disk for inspection; x64sc has loaded and run the program in question.  Neither of these programs were installed on my machine until about 30 minutes ago, so there's some learn-as-you-go for me here.

 

 

I think I now see where DNS was being used interchangeably with DoS: the 'DNS!' shout-outs shown in the directory structure likely refer to Dinasours1338, who look to be a C64 cracking group.  Their name also appears at the end of the ARKANOIDAIRD/DNS file.  This is about as far as my knowledge goes with respect to this end of things, because I just flat-out don't know enough about the C64 cracking scene.  I realise that this is probably obvious to anyone in the C64 world, but I breathe Atari 

 

Anyway, I ran the executable and it went as far as the screen that I think you were referring to:

There was a pretty solid synth string sound playing on that screen, but hitting space got past it and started the game itself.  The game ran, but the synth string continued playing in the background; it also wasn't clear if the graphics were correct or not.  It is possible that the crack had some knock-on effects on the rest of the game; that has been known to happen.

 

FWIW, the piece of music that initially plays during loading before that screen comes up is taken from an Atari 8-bit game, but I cannot for the life of me remember which one.  From watching videos of a few of Dinasours1338's demos, however, it seems to be something of a signature of theirs.  Here it is being (briefly and incompletely) used in an Atari menu disk:

 

 

Moving on: I haven't found anything referencing a Facebook page, so am not entirely certain where that appeared.

 

As for the caller: I'm still not understanding the suicide aspect.  Was it that the caller was threatening to commit suicide, or was trying to reach a suicide hotline, or something else?  Was there more than one caller?  Either way, it feels like the crack and the calls are unrelated unless there's something I'm not aware of that ties them together.

[Mr SQL]

7 hours ago, x=usr(1536) said:

OK, that clears things up a bit.  Thanks.

 

A few comments:

 

It looks like there's a bit of muddling going on re: terminology, which was part of what was confusing me.  A Denial of Service attack is abbreviated DoS (lowercase 'o' intentional); DNS is completely different and is used to convert domain names to IP addresses.

 

If I'm understanding correctly, you were receiving a high volume of phone calls intended to basically busy out your business number.  Is this correct?

One caveat: I am not a Commodore guy by any stretch of the imagination.  So far, I've managed to get c1541 to attach the disk image and extract arkanoidaird/dns to the local disk for inspection; x64sc has loaded and run the program in question.  Neither of these programs were installed on my machine until about 30 minutes ago, so there's some learn-as-you-go for me here.

 

 

I think I now see where DNS was being used interchangeably with DoS: the 'DNS!' shout-outs shown in the directory structure likely refer to Dinasours1338, who look to be a C64 cracking group.  Their name also appears at the end of the ARKANOIDAIRD/DNS file.  This is about as far as my knowledge goes with respect to this end of things, because I just flat-out don't know enough about the C64 cracking scene.  I realise that this is probably obvious to anyone in the C64 world, but I breathe Atari 

 

Anyway, I ran the executable and it went as far as the screen that I think you were referring to:

There was a pretty solid synth string sound playing on that screen, but hitting space got past it and started the game itself.  The game ran, but the synth string continued playing in the background; it also wasn't clear if the graphics were correct or not.  It is possible that the crack had some knock-on effects on the rest of the game; that has been known to happen.

 

FWIW, the piece of music that initially plays during loading before that screen comes up is taken from an Atari 8-bit game, but I cannot for the life of me remember which one.  From watching videos of a few of Dinasours1338's demos, however, it seems to be something of a signature of theirs.  Here it is being (briefly and incompletely) used in an Atari menu disk:

 

 

Moving on: I haven't found anything referencing a Facebook page, so am not entirely certain where that appeared.

 

As for the caller: I'm still not understanding the suicide aspect.  Was it that the caller was threatening to commit suicide, or was trying to reach a suicide hotline, or something else?  Was there more than one caller?  Either way, it feels like the crack and the calls are unrelated unless there's something I'm not aware of that ties them together.

 

I can see the confusion -

 

DoS is one of the main types of DNS attacks so usually DNS attack refers to a denial of service or DoS as you've specified and is often used interchangeably. in this case the business phone also provides a name service translation for the caller ID and 1338 was not part of the group but part of the attack referencing the suicide caller.

 

Fake suicide calls are a social networking DNS/DoS attack that when successful consume more business time and resources than their call volume, which was still significantly high. The attacks included many faked caller ID's for caller ID translation as well mirroring the more common type of DNS DoS attack on DNS Servers (your phone's caller ID is also a type of name service for providing a translation for the calling number).

 

Yes their intro added had a traditional synth tune like cracks normally do to show off the groups skills, but the audio in the production and the Atari 2600 emulator were specifically damaged to make it unplayable per the theme and also done deliberately. 

 

[+bent_pin]

Can you just correct it and release the proper code along with a statement?

[Mr SQL]

7 minutes ago, bent_pin said:

Can you just correct it and release the proper code along with a statement?

Yes, the CyberAttackers retrieved the disturbing suicide theme to attack with from AtariAge so the correcting thread is here.

I've contacted forum moderators where I have seen the broken IP propagated and presented purposefully as my work.

 

The attack was very thorough and is difficult to contact trace as it also utilizes social networking; the suicide attacker is implicated in aiding to steal technology at a large corporation (more deliberate IP theft) in a high-level Criminal Matter.

 

[Mr SQL]

On 9/14/2023 at 9:25 AM, bent_pin said:

Can you just correct it and release the proper code along with a statement?

 

Here's a statement on the stolen IP as suggested with details on the emulation technology from CSDB:

 

1. DOH is capitalized in my July 16 2023 Release of Arkanoid Air DOH.

2. DOH is capitalized in my thread discussing the game and the emulator.

3. doh is lowercase in the August 6 2023 bad crack breaking the emulators audio layer being presented as my work.

 

 

 

4. The date of the offending production is August 6 2023 matching the date on my discussion thread. 
5. Many insults were thrown on that discussion thread indicating malicious intent to break the emulator.
6. The suicide caller referenced on AtariAge is incorporated into the bad crack breaking the emulator.

Link to a discussion on CSDB with details on the Emulation Technology and an extreme perspective on what constitutes 
emulation is here: 

https://csdb.dk/forums/?roomid=10&topicid=161762

 

Conclusion:
This mirrors IP theft at a large corporation when my business was under contract with Microsoft.

 

Double social networking attack:
The Suicide callers organization and geographic location was referenced to steal my IP, garnering Millions for the Company that stole my code.
The large corporation had hired me specifically because I was under contract with Microsoft for similar technology they suspected the smaller company of faking. 

 

This was indeed the case, but the suicide callers scam and org enabled the thief to "flip the script" and claim I stole my own code.

The large corporation called me last year and was aware the code was stolen, and now aware of the social networking technique aiding the theft.

 

Desired outcome:
The VLC (Very Large Corporation) with the VLDB's and the Company stealing the code, should settle with RelationalFramework for the amount stolen.

 

Recommendation: The Clown helping steal innovative technology using a Suicide-Caller should be handled by their own organization.

Everyone org has clowns, even in the SQL Server community - Ten Ways to Tell if Your SQL Server is a Clown Car - Brent Ozar Unlimited®

 

Here's the game with the C64 Atari emulator released at AROK Party 2023. Compare it to the broken version above to see and hear the difference.

arkanoid-air-doh.prg (DOH converts to upper case on a D64 image file by default).

 

"This game is a lot of fun! The scrolling board and off screen gameplay make it really challenging!" - Arok Party team.

 

The audio layer is dynamically upsized in real time to a melodious harmonic SID tune that you can influence with the game play, not a disturbing blast of horrible sounds designed to keep you from playing the game. Unfortunately the broken emulator version has been downloaded 7:1 over the original.

 I suggest the CSDB moderator place a disclaimer crediting the offending group with producing their own broken port of my emulator and link the real version for comparison so people can draw their own conclusions instead of being fooled.

 

Key dates suggest that production was sponsored by the group with the clown and the suicide-caller.

 

There are many articles online illustrating the difficulties with TIA emulation on the Commodore 64 SID, there is no reason to break a functional emu.

 

[Mr SQL]

Motivation and Incentive for IP Theft - Trust but Verify

The corporation that stole my Innovative Database Technology was motivated to keep their dog and pony show going they had used to fool the larger corporation.

 

the larger corporation that decided in their favor via trust factor went on to verify using Trust but Verify Methodology.

 

How it worked:
They had me continue to work alongside the firm giving me an alternative job addressing trouble tickets for their Databases.

 

When they observed the firm repeatedly soliciting my help with the same code they claimed I had stolen it was clear.

 

"Hey they said you stole their code why do they keep asking you for help now that you're working on another project?"

 

The advanced Database lead for the VLDB's who hired me to determine if they were faking it asked me this question brazenly in front of them.

It was a rhetorical question I didn't need to answer a second time. 

 

Shortly afterward the VLC canned the project and asked the offending corporation to spin a traditional database cube in lieu of the advanced solution they could not deliver.  They were allowed to use in house resources but could no longer expand their already large team. 

 

They had many team members skilled at helping steal my IP but another company had to create the cube.

 

I've been working with cubes since the 80's (published in books) and since that fiasco I have contracted to work continuously for another large company creating Datamart and Data warehousing solutions, including solutions using custom parsers I have written that translate innovative Microsoft languages for creating dimensions and measures into T-SQL for cross compatibility across Enterprise Datamart and Data warehousing technologies.

 

One such very real innovation in cube technology I have created is the ability to flatten the dimensions and measures in Microsoft Mangement Reporter Datamart and compare it to the source Data Lake, the old school Datamart in Microsoft's legacy codebase for Microsoft Dynamics.

Prior to this innovation, there was no way to determine if the new and old Datamart were out of synch to avoid unnecessarily rebuilding the Management Reporter Datamart, a lengthy process during which business systems are unavailable.

 

This technology also allows translation of Management Reporters visual modeling language for dimensions and measures similar to MDX into standard SQL for reuse directly in SQL Server and Analysis Services solutions (Note MDX queries are also translated into SQL on the backend). 

 

Fallout:
The very large corporation having conducted their own internal investigation likely blacklisted the rogue corporation and their lucrative Dog and Pony show business model. They were concerned about me being retaliated against when they called me last year but with working from home per COVID-19 any retaliation would be restricted to stealing IP online per the example in this thread, unless lighting could strike twice in the same place or someone were brazen enough to invade my home.

 

[Mr SQL]

Tripple Play Investigators

 

There is a Tripple Play Investigator on the C64Forum trying to find a parallel instance to possibly rule out IP theft:

The other Tripple Play Investigator is none other than COMCAST, the inventor of Tripple Play Marketing:

 

I had a COMCAST Business package prior to the IP theft at the very large Company and the service included a recorded layer of all business phone calls specifically for investigations.

 

The Suicide Caller and the organization used as a trust factor to steal my IP at a large corporation are caught in this layer.

I have asked the COMCAST Business Class Services to provide this information per the high-level Criminal Determination.   

The Large Client and the firm stealing my IP will remain private.

 

COMCAST Business Phones include McGruff with an audio tape.