As the time of writing, i got an word about NT4 demo being flagged by Microsoft Defender. That is an false positive. You can see results of the scan on Virustotal and Metadefender. As you can see (CTRL+F or CMD+F and search Microsoft) the database which is current (Metadefender had 04.09.2016 and Virustotal 05.09.2016) both came back as negative for viruses. So if you get Windows Defender popping to say "This file is infected", update Defender database. If the issue continues, disable defender and install Malwarebytes/Avast/F-Secure or any other anti-virus software. Some tech talk.... The niteteam4.exe hash values are as follows MD5: 0C8828B9328CF0B61F3DDAD48FADBC0F SHA1: FD6142584B5214F030D6BE20CA6FADB950FE7B87 SHA-256: 05C05A7D78B465B79F4B704AA52DE46D1684E79841AB2473EEEC5EF3D1083678 Nite Team 4 windows.zip hash values MD5: 52E9A53DCC092E85C6674BF2E3D4A315 SHA1: 8D4DECCEEA39B536EAD7969E3A0DEFD3516094EF SHA-256: 2D672C06194BFD36DAAA20A06A8574EE26C73017F96F42E923B1FF6BA4DF8CAD Nite Team 4 mac.zip hash values MD5: 1F24BBAF2D871513DBA3CD803CBED5C9 SHA1: 221B9501BDB679A9034E40404B90D444466DFE07 SHA-256: F617C137220F3E75D077E661574CC0F00B1AE9B634990346A9AD8FBC41D4CA62 How i can check that the values are matching? Go to http://onlinemd5.com/ and upload the file there. Then copy one of the hashes mantioned above and paste it to "Compare with". If they match, file is clean and unaltered. If mis-match, inform developers as soon as possible
Please disregard what the poster above is telling you MD5 was utterly broken in 2009 http://www.iacr.org/conferences/crypto2009/slides/p055-md5shortchosenprefix.pdf ---(this link is a good explanation on how fingerprinting / hashing works) Anyone suggesting the use of MD5 for security purposes was laughed at in 2010. To suggest it in 2016 is beyond dumb There is a saying: "Don't trust security experts that suggest using MD5" I have heard that for years. MD5 was even considered broken in 2005 http://cryptography.hyperlink.cz/md5/MD5_collisions.pdf SHA-1 was deprecated January 2016 by Microsoft, Google and the rest of the serious tech world. An announcement made November 2013 https://technet.microsoft.com/en-us/library/security/2880823.aspx https://groups.google.com/a/chromium.org/forum/#!msg/security-dev/2-R4XziFc7A/NDI8cOwMGRQJ Be careful and suspicious with any tech guy telling you to use SHA-1 and outright laugh at them for trying to convince you to use MD5. Your smartphone can make a fake / forge MD5 fingerprints in a few minutes. Some "security experts" stagnate. They do not follow the latest trends and hence suggest things that sounds fancy, but are not at all secure. Hiding it as "Some tech talk...." while it is rather a bunch of rubbish. Never upload files you want to fingerprint even less so to a 3rd party unencrypted website that you do not know. Always use tools that are already on your computer or get those tools from a trusted source. (or don't bother making a fingerprint they are not that important outside of legal contract signing and security tools) Here is how you do it in windows: [windows key] + [R] ---will launch a run menu, type in: cmd ---will open a terminal CertUtil -hashfile %USERPROFILE%\Downloads\NITEteamALPHA.zip sha256 You can use this build in windows tool, no need to upload or download anything. My results from the Windows NITE team 4 zip and exe from 8/11-2016 Here is how it works: CertUtil is the tool -hashfile is the command %USERPROFILE% is a shortcut as I do not know your account name NITEteamALPHA.zip is what you have called the file you downloaded and want to check sha256 is the fingerprinting (hashing) algorithm you want to use, valid parameters are: md2,md3,md4,md5 sha1,sha256,sha384,sha512 CertUtil -hashfile C:\Games\NITEteamALPHA\NITEteamALPHA.zip sha256 works as well As for the fingerprints I get: Windows zip from 8/11-2016: Code: C:\>CertUtil -hashfile %USERPROFILE%\Downloads\NITEteamALPHA.zip sha256 SHA256 hash of file C:\Users\REMOVED\Downloads\NITEteamALPHA.zip: a1 6b 7f f1 1b 55 8f 73 71 2b c3 f2 be d3 a2 b1 aa af 2b 99 2e 3e 19 c3 c9 48 5b 12 e1 c7 4e c2 CertUtil: -hashfile command completed successfully. C:\>CertUtil -hashfile C:\Games\NITEteamALPHA.zip sha256 SHA256 hash of file C:\Games\NITEteamALPHA.zip: a1 6b 7f f1 1b 55 8f 73 71 2b c3 f2 be d3 a2 b1 aa af 2b 99 2e 3e 19 c3 c9 48 5b 12 e1 c7 4e c2 CertUtil: -hashfile command completed successfully. C:\>CertUtil -hashfile C:\Games\NITEteamALPHA\niteteam4.exe sha256 SHA256 hash of file C:\Games\NITEteamALPHA\niteteam4.exe: 05 c0 5a 7d 78 b4 65 b7 9f 4b 70 4a a5 2d e4 6d 16 84 e7 98 41 ab 24 73 ee ec 5e f3 d1 08 36 78 CertUtil: -hashfile command completed successfully. What is fingerprinting / hashing ? Like your fingerprint is supposed to be unique for you. Fingerprints of files, letters, contracts etc. are supposed to be unique. Your fingerprint can be digitized with a series of straight lines. The fewer lines, the more likely it is that two people will have the same. Longer is better Have as long codes as possible (more line segments in the physical fingerprint) It is recommended to use at least 112 bits of entropy NIST SP 800-57 section 5.6.2 https://www.nist.gov/node/786276 NIST SP 800-131A Rev 1 section 1.2.1 https://www.nist.gov/node/789351 Newer is better (when approved by NIST and after years of research) Some methods of digitizing are more error prone than others. MD5 being laughable bad and SHA-1 being deprecated since January 2016 SHA 256 (sha-2 family) is considered safe and SHA-3 (Keccak) was approved in 2015 How does fingerprinting / hashing work? A simple fingerprint / non-cryptographic hash Take each 10th letter: Meaning that our "10th letter fingerprint" would be: uier__t_vtdii_s__uiv_leil_ But with a 138 megabyte file 10% would still be almost 14 megabytes, so it is run again, taking each 10th letter: uier__t_vtdii_s__uiv_leil_ Result: "tv" is a fingerprint of Lorem ipsum. Getting another fingerprint that results in "tv" can easily be done. Either by trying a lot of different small changes at random (brute forcing) or investigating the algorithm (crypto analysis) (continue reading, these next two lines are just to illustrate a point later) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 For a cryptographic hash you should not be able to make another document with the same hash as an existing one. (2nd pre-image attack) eg. change "I buy your company for 10 million" to "I buy your company for 10 thousands" This is a very very short layman term explanation of hashes. I encourage you to look into the first link for a good overview. The other links are very specific and technical. openPGP prefers not to have formatting, hence only this part is signed. But the following is indeed the use of a cryptographic hashing algorithm to verify: This is what I wrote and only I, forum user day (holder of the openPGP encryption key & password) could have done so (non-repudiation) -----BEGIN PGP SIGNATURE----- Version: Mailvelope v1.5.2 Comment: https://www.mailvelope.com wsFcBAEBCAAQBQJYOBrwCRDwOqfGxMNsFQAAUysP/13qR72XZ4o0eJ4puTeK kQnR672IKq5Lia26Psi5MRK4hEIxEK1w7GcDZ2nDexz0GIZ2BSWfnexwGigA ORJqCei1VqaYQbhKcQzx27PONWtSYKSxfatzMwm3yxIVasWfcoIQMj5ycMOb jmIK1Zd2+ZV0l3gMA1hDHrwKdAuKja1uwO4KgggsOgbZonHrZQVt8LKGS5Go UMO/yW2MLZ1QS/KpDXyvBwtJwHIHtcf21GF2ATgTRQxkznIqhbflM2K0iuhe R5YSPscmncC/c9vV6ADp/Atw728MhNe6f5beCT4PV2AYt/8hg+D9IfMDvnx0 iAQETKIfm43TZ0r/KzTSeq55lzO6tizsy+DPKc8iq2uqonsQQwIVR0AoXcMF UiBIgytgAqRyrk6yr/Rtp51ycI0KIHiZKTqIkm0heei9otl8yWpcpxr+NP0l tjo2NP7tjG08OCKP0nAqZ7JgHhwRxJ08uXuktWGw/iO6iWl/0E8CU3KalOg9 as35C/9+0ny5jmvmwjod7gjbu0YsSl6FGmlLarJc6dtUTCYPJr7lP2/7KwkD 1VtBGQnLCX/4v71f+dxSfh/NkKoaZ3iEr578ootHnmxQ4djrLxoS7ThE6aU7 gM3r6juFyMnuZOM9acHnq1DJpsLHoAWxCdDq85TS93CQpMs7x+8csnw2hHzf Y8yF =3f/0 -----END PGP SIGNATURE-----
NITE Team 4 topics are bout the world of cyber warfare and, of course, cyber technology, cyber security, etc... That said, this is, first and foremost a game, aim at entertaining the widest general audience and bring them in our universe. Even if we point toward a general public, we want to do this correctly, using realistic scenario and accurate simulation and terminology. Any topics outside the game universe should be addressed either in Technical Support (if YOU have a technical problem running with the game) or in off topics. If you have technical questions that were reported by a third party or if you have any questions about back-end, security or the operation of the game, the forums and any other Alice & Smith technologies, please contact us directly. ABOUT NETIQUETTE OF THESE FORUMS We have run these forums successfully for two years with no harassment report and little moderation required by us. If you feel that a post has incorrect information, it is polite to contact the player personally in PM and avoid starting long debate. I also encourage that everyone to be friendly with new player and avoid welcoming them with rules and regulation if they post by mistake a spoiler or any other first-time offense. Thank you for helping me making these forums welcoming, fun and full of vibrant and creative content related to The Black Watchmen universe.
