Monday, May 29, 2023

BioShock Infinity 5/29/2023

BioShock Infinite is a first-person shooter video game in the BioShock series, developed by Irrational Games and published by 2K.  Infinite was released worldwide for the PlayStation 3, Windows, Xbox 360, and OS X platforms in 2013.  The game is set in the year 1912 and follows its protagonist, Booker DeWitt, who is sent to the airborne city Columbia to retrieve Elizabeth, a young woman held captive there.  Booker and Elizabeth become involved in a class war between the Nativist Founders that rule Columbia and the rebel Vox Populi, representing the city's underclass.  Elizabeth possesses the ability to manipulate "Tears" in the space-time continuum, and Booker and Elizabeth discover she is central to Columbia's dark secrets.  The player controls Booker Dewitt throughout the game, fighting enemies and scavenging supplies, while the computer-controlled Elizabeth provides assistance.

After the 2007 release of BioShock, Irrational Games and creative director Ken Levine were initially uninterested in creating a sequel, but they later renegotiated with 2K to produce another BioShock game.  Irrational based the game's setting on historical events at the turn of the 20th century, such as the 1893 World's Columbia Exposition, and based the story on the concept of American exceptionalism while also incorporating influences from more recent events at the time such as the 2011 Occupy movement.  The relationship between Booker and Elizabeth became central to the story, with the team working to make Elizabeth feel like a real character rather than a computer-controlled sidekick.

Development took five years to make and involved hundreds of employees at Irrational, in addition to support studios.  The development process was troubled, with Levine's management style resulting in wasted work and missed deadlines.  Outside help was brought in to make sure the game shipped.  BioShock Infinite was supported post-launch with downloadable content, including the story expansion Burial at Sea, which links Infinite's story to that of the original BioShock game.

BioShock Infinite received critical acclaim, with praise particularly directed at its story, setting, visual design, and art direction.  It is often regarded as one of the best video games of the year, of the seventh generation of consoles, and one of the greatest video games ever made.  It has sold more than 11 million copies worldwide.  Infinite was released on PlayStation 4, Xbox One, and Nintendo Switch as part of BioShock: The Collection.

Setting and Characters

BioShock Infinite is set in 1912 and takes place in a floating steampunk city-state in the sky called "Columbia", named for the female personification of the United States.  The city of Columbia was founded by self-proclaimed prophet Zachary Hale Comstock, and funded by the United States government as a floating world's fair and display of American exceptionalism.  Tensions rose between Columbia and the government after the city intervened in the Boxer Rebellion, and Columbia ultimately seceded from the United States and disappeared into the clouds.  Comstock transforms the city into a theocratic police state, with Comstock worshiped as a prophet, and the Founding Fathers of the United States venerated as religious icons.  Institutional racism and elitism are widespread in the city, with minorities serving as a labor underclass of Columbia.  By the events of the game, Columbia is on the verge of civil war; the Founders of Columbia are opposed by the Vox Populi, a resistance group led by Daisy Fitzroy who fight for the rights of the marginalized.

Columbia is home to "Tears" in the fabric of space-time.  These Tears reveal alternate universes.  Some individuals exploit the insight offered by the tears to create new weapons and technologies, while several others replicate futuristic media heard from the Tears, bringing anachronistic elements into Columbia.

The player controls protagonist Booker DeWitt, a disgraced member of the Pinkerton National Detective Agency scarred from a life of violence.  Faced with mounting gambling debts, he is sent to Columbia to find a young woman, Elizabeth, who has the ability to open Tears.  Elizabeth has been confined since childhood in the city and guarded by Songbird, a large, robotic bird-like creature who has been both her friend and her warden.  Two individuals, Robert and Rosalind Lutece, direct Booker to Columbia and appear throughout his travels.  Though they appear as twins, they are revealed to be the same person from two different realities, having figured out how to communicate through and subsequently cross realities.

Plot

In July 1912, Booker DeWitt arrives in Columbia, where he is pursued by authorities, who recognize him as a prophesied "False Shepherd" who will corrupt Elizabeth and overthrow Columbia.  Freeing Elizabeth from her tower, Booker narrowly evades Songbird.  Commandeering an airship, Booker promises to take Elizabeth to Paris; when she realizes they are going to New York City to fulfill Booker's debts, Elizabeth knocks him out and flees.  Booker awakens to find the airship under the control of Daisy Fitzroy, who offers to return the ship if Booker helps her arm the Vox Populi.

Booker and Elizabeth join forces to secure weapons from a local gunsmith.  Traveling through Tears, they arrive in a world where Booker is a Vox Populi martyr and open warfare has erupted in Columbia.  Elizabeth kills Fitzroy to prevent her from executing a Founder boy.  Songbird attacks the duo as they try to flee Columbia, and their airship crashes back to the city.  Elizabeth and Booker discover a conspiracy behind the city's founding: Elizabeth is Comstock's adopted daughter, whom he plans to groom into Columbia's leader after his death.  Comstock killed his wife and the Luteces to hide the truth, and installed a siphon in Elizabeth's tower to limit her power.

Elizabeth is recaptured by Songbird.  Pursuing her, Booker is brought forward in time to New Year's Eve of 1983 by an elderly Elizabeth as Columbia attacks New York City.  This Elizabeth returns Booker to 1912 with information on controlling Songbird, in hopes he can save her younger self and erase the torture and brainwashing she suffered.  Booker rescues Elizabeth, and the pair pursue Comstock to his airship.  Comstock demands that Booker explain Elizabeth's past to her, and the two begin to argue; an enraged Booker drowns Comstock in a baptismal font.  Booker denies knowledge of Elizabeth's past, but she asserts that he has simply forgotten.  Booker and Elizabeth direct Songbird to destroy the Siphon, unlocking Elizabeth's full powers.

Elizabeth opens a Tear and transports them to the underwater city of Rapture.  The newly aware Elizabeth explains there are countless alternate lighthouses and versions of Booker and Elizabeth; their reality is one of an infinite number depending on their choices.[20] She shows that Robert Lutece approached Booker on behalf of Comstock to acquire Booker's infant daughter, Anna DeWitt, in exchange for erasing his debts, as Comstock was rendered aged and sterile as a result of exposure to Tears.  Booker attempted to take Anna back from Comstock, but the closing Tear severed Anna's finger.  Comstock raised Anna as his own daughter, Elizabeth; her severed finger, which caused her to exist in two realities simultaneously, is the source of her ability to create Tears.  Robert Lutece, angry at Comstock's actions, convinced Rosalind to help him bring Booker to the reality where Columbia exists to rescue Elizabeth.

Elizabeth explains that Comstock will always remain alive in alternate universes since the Luteces have enlisted the Bookers of numerous different universes to try to end the cycle.  Since stopping Comstock requires intervening in his birth, Elizabeth takes Booker back in time to a baptism he attended, in the hope of atoning for the sins he committed at Wounded Knee; she explains that, while Booker changed his mind, some Bookers in alternate universes accepted the baptism and were reborn as Zachary Comstock.  Booker, joined by other universes' Elizabeths at the baptism, allows them to drown him at the moment of his choice, preventing Comstock's existence.  One by one, the Elizabeths begin to disappear, the screen cutting to black on the last.

In a post-credits scene, a Booker awakens in his apartment on October 8, 1893.  He calls out for Anna and opens the door to her room before the screen cuts to black.

Gameplay

BioShock Infinite is a first-person shooter with role-playing elements.  Infinite adapts the gameplay formula of BioShock, with weapons, powers, and upgrades often functioning similar as those in the earlier game, albeit named differently.  The player may carry only two weapons at a time, and can collect other weapons and ammunition from defeated enemies or the environment.  In addition to guns and melee attacks, the player can use superpower-bestowing Vigors; these include the ability to shoot lightning, disable enemies by launching them into the air, or controlling enemies or machines.  Vigors can also be laid on the ground as traps.: 9–10 Vigors require Salt, the equivalent of magic points, to power the abilities.

Booker has health and a damage-absorbing shield; the shield automatically regenerates out of combat, while health must be replenished with medical kits or food.  If Booker dies, the player revives in a safe area at the cost of money, while local enemies are also partially healed.  Items called Gear grant passive abilities that can improve the player's strength or damage resistance.  A piece of Gear attaches to one of four slots; only one piece of Gear can be affixed to a slot at a time, with extras stored in the player's inventory.  14 Player attributes can also be improved by finding Infusions, which upgrade the players' shield, health, or Salt meters.

The player is opposed by enemies representing the Founders and the Vox Populi.  These foes range from normal infantry to Heavy Hitters, more formidable enemies that act as mini-bosses throughout the game.  Armed automatons scattered throughout Columbia act as a security defense system for the city.  Columbia is filled with large, open spaces that offer players freedom in how to approach enemy encounters.  The city is traversed on foot or via the Sky-Line, a rail system that Booker and enemies ride via special hooks.  Booker can jump on, off, and between Sky-Line tracks at any time and fire one-handed weapons while riding them.  The hook also serves as a melee weapon, capable of performing executions on weakened foes.non-player character.  Elizabeth requires no protection and assists during combat by tossing helpful items to Booker as needed.  She can also be directed to open Tears, bringing in items or pieces of the environment, such as medical kits or a ledge for higher ground.  Elizabeth can pick locks using her hairpin to open doors or find useful items.  Cash, food, medical kits, ammunition and Salts can be found scattered throughout the game's environments.  Vending machines can be used to buy supplies and powerful upgrades for weapons and Vigors.  Optional side-missions are also available, where the player must unlock safes or decode hidden ciphers; completing them rewards Booker with supplies and upgrades.  Audio logs (Voxophones) and film projectors (Kinetoscopes) scattered through Columbia expand on the characters and events of the game.

Infinite has four difficulty levels:  Easy, Normal, and Hard difficulties are available to start.  After beating the game on a lower difficulty level or inputting the Konami Code in the main menu, the hardest "1999 Mode" is unlocked.  Enemies are much tougher, the player's navigational aid and aim assist is removed, resource management is much more crucial to survival, and death is more punishing. - Wikipedia

I had the previous 2 versions of BioShock so it was a 'no-brainer' to buy BioShock InfiniteIMHO it IS a better game.

REF:  Dell G5 5000 Desktop, Intel Core i5 @ 2.90GHz, 64GB RAM, AMD Radeon RX 5300 VRAM 3056MB

 

 



Sons of the Forest 5/29/2023

Sons of the Forest is a survival video game developed by Endnight Games and published by Newnight.  It is the sequel to the 2018 video game The Forest, (do not confuse with Sons of the Forest) and was released via early access on February 23, 2023, for Microsoft Windows on Steam.

Gameplay

Similarly to The Forest, Sons of the Forest puts players in control of a protagonist stranded on an island inhabited by cannibals.  Players can build weapons and buildings to aid in their survival.  New to the game are friendly NPCs.  One is a companion named Kelvin, who is deaf and unable to speak.  Players can give Kelvin written commands on a piece of paper to help with simple tasks such as collecting crafting resources or setting up fires.  Players will also encounter Virginia, a three-legged, three-armed woman who can be equipped with weapons to aid in combat situations.  The map in this game is four times bigger than that of its predecessor.  The game supports up to eight-player cooperative multiplayer, though players can also opt to play the game solo.  Depending on their actions, players can receive different endings.

Synopsis

Many years after the events at Site 1, a team of private military contractors hired by PuffCorp is dispatched to an island called "Site 2" to search for Edward Puffton (PuffCorp's founder and CEO), his wife Barbara, and his 20 years old daughter Virginia, who have gone missing for months now.  The team's helicopters are shot down by unknown assailants.  One of the contractors survives their helicopter crash but is knocked out by a man wearing a silver coat.  The Contractor then awakes with another surviving teammate named Kelvin who was rendered deaf in the crash.

Working together, the Contractor and Kelvin set up camp and obtain resources to survive the wilderness as well as attacks from mutant cannibals.  As the Contractor begins to explore the island, they find various underground bunkers and facilities built by PuffCorp and learns more about the true nature of Site 2 and PuffCorp's intentions for it.  Like Site 1, Site 2 possesses ancient artifacts of unknown power, as well as a previously undiscovered golden ore.  PuffCorp acquired the island under the guise of turning it into a resort, and are in secret competition with the owners of Site 1, Sahara Therapeutics, over control of an artifact known as the "Cube".  The Contractor also finds surveillance footage showing Edward and PuffCorp executives suddenly mutating into cannibals during a dinner party, meaning the cannibals were Site 2's previous inhabitants.

The Contractor also encounters Virginia, who became a mutant though somehow managed to retain her mind and sanity.  Searching another bunker, the Contractor also comes across Tim and Eric LeBlanc, the son and father from The Forest, who were also hired by PuffCorp to search for the Pufftons.  However, the Contractor is separated from them when the man with the silver coat accosts the LeBlancs and the Contractor is knocked unconscious by a mutant.  The Contractor then continues to explore the PuffCorp facilities, eventually discovering research notes on the Cube referencing its potential to travel between alternate dimensions.  The Contractor also learns that the Cube will "activate" every 8 lunar cycles, and the only safe haven is inside the Cube itself.  The Mercenary deduces that the Cube's activation was what caused the mass mutations on the island, and the next activation is due soon.

Along the way to the Cube, they encounter a different type of highly aggressive mutant that shows an aversion to crucifixes.  The Contractor eventually reaches the Cube along with Tim and they both make it inside the Cube before it closes, locking the man with the silver coat outside.  When the Cube activates, Tim has a seizure and briefly splits into multiple versions of himself before the Cube shows them a vision of a futuristic, alien city.  The Cube then deactivates and reopens, showing the man with the silver coat has mutated.  The Contractor and Tim then return to the surface where Eric is waiting in a helicopter, and 2 endings are possible:

  • If the player decides to go retrieve their survival pack or simply waits, the Contractor decides to stay behind on the island, and the LeBlancs leave without them.
  • If the player decides to board the helicopter, the Contractor leaves the island with the LeBlancs.  If Kelvin and Virginia survived and accompanied the Contractor to the Cube, they will leave on the helicopter as well.

- Wikipedia (that is the final goal of the game is to escape the island)

When first released the game had many bugs, but updates since then have fixed most, and more updates are coming.

For Steam users you can post bugs and suggestions on Steam's "Sons Of The Forest" Discussions which is suggested by the publisher.

Highly recommend:  Sons of the Forest IGN Game Guide and especially the Interactive Map.

REF: Dell G5 5000 desktop, Intel Core i5 @ 2.90GHz, Memory 64GB, AMD Radeon RX 5300 VRAM 3056MB

 

 


 


The Last of Us 5/29/2023

The Last of Us is a 2013 action-adventure game developed by Naughty Dog and published by Sony Computer Entertainment.  Players control Joel, a smuggler tasked with escorting a teenage girl, Ellie, across a post-apocalyptic United States.  The Last of Us is played from a third-person perspective.  Players use firearms and improvised weapons and can use stealth to defend against hostile humans and cannibalistic creatures infected by a mutated fungus.  In the online multiplayer mode, up to eight players engage in cooperative and competitive gameplay.

Development of The Last of Us began in 2009, soon after the release of Naughty Dog's previous game, Uncharted 2: Among Thieves.  For the first time in the company's history, Naughty Dog split into two teams; while one team developed Uncharted 3: Drake's Deception, the other half developed The Last of Us.  The relationship between Joel and Ellie became the focus, with all other elements developed around it.  Actors Troy Baker and Ashley Johnson portrayed Joel and Ellie, respectively, through voice and motion capture, and assisted creative director Neil Druckmann with the development of the characters and story.  The original score was composed and performed by Gustavo Santaolalla.

Following its announcement in December 2011, The Last of Us was widely anticipated.  It was released for the PlayStation 3 in June 2013.  It received critical acclaim, with praise for its narrative, gameplay, visuals, sound design, score, characterization, and depiction of female characters.  The Last of Us became one of the best-selling video games, selling over 1.3 million units in its first week and 17 million by April 2018.  The game won year-end accolades, including multiple Game of the Year awards, from several gaming publications, critics, and game award ceremonies.  It has been ranked as one of the greatest video games ever made.

Naughty Dog released several downloadable content additions; The Last of Us: Left Behind adds a single-player campaign following Ellie and her best friend, Riley.  A remastered version, The Last of Us Remastered, was released for the PlayStation 4 in July 2014.  A remake, The Last of Us Part I, was released in September 2022 for PlayStation 5 and in March 2023 for Windows.  A sequel, The Last of Us Part II, was due release in 2020.  Other Last of Us media includes a comic book in 2013, a live show in 2014, a television adaptation by HBO in 2023, a tabletop game by Themeborne in 2023, an untitled multiplayer game and an upcoming tabletop game by CMON.  - Wikipedia

There are two very good things about this game:

  • It is cheep, I mean low cost $30- Early Access Steam
  • Naughty Dog publishes frequent updates
  • You can (and should) setup your graphics to "Full Screen Windowed Mode" this allows you to use normal [Ctrl][Alt] for screen capture

And it is fun to play.

Highly suggest GamePressure's "The Last of Us" Game Guide.

REF:  Dell G5 5000 desktop, Intel Core i5 @ 2.90GHz, Memory 64GB, AMD Radeon RX 5300 VRAM 3056MB

 

 

 



The Callisto Protocol 5/29/2023

The Callisto Protocol is a 2022 survival horror video game developed by Striking Distance Studios and published by Krafton.  It is directed by Dead Space series co-creator Glen Schofield, and is considered a spiritual successor to the series.  The game's story follows Jacob Lee (Josh Duhamel) who is sent to a prison facility set on the Jovian moon Callisto fighting against infected prisoners with an unknown disease while uncovering dark secrets of the facility.  Gameplay has players exploring a series of levels, garnering resources while fighting off infected prisoners.

Development of the game began with the formation of Striking Distance Studios in June 2019.  Originally developed as a game set in the PUBG:  Battlegrounds universe, it later evolved into an original intellectual property.

The game was released for PlayStation 4, PlayStation 5, Windows, Xbox One, and Xbox Series X/S on December 2, 2022.  It received mixed reviews, and failed to meet the sales expectations of Krafton.

Gameplay

In The Callisto Protocol, players assume the role of Jacob Lee from a third-person perspective.  Jacob's health is indicated by an implant on the back of his neck called a "C.O.R.E. Device".  Health can be replenished with injectable packs found throughout levels.  Jacob can use weapons to combat enemies, as well as a melee system to dodge enemy attacks while looking for openings to strike and kill them.  Both combat styles can be mixed up, providing greater variety when facing enemy types.  Jacob can collect and review audio logs during gameplay.

Plot

In 2320, Jacob Lee (Josh Duhamel) and Max Barrow (Jeff Schine) are contract freight transporters working for the United Jupiter Company (UJC).  The two decide to retire after ferrying one last shipment between Europa and the UJC-operated Black Iron Prison on Callisto.  Shortly after leaving Black Iron in their ship, the Charon, they are boarded by the Outer Way, a terrorist group purportedly responsible for a massive biological attack on Europa, and the ship crash-lands back on Callisto.  Max is killed, leaving Jacob and Outer Way leader Dani Nakamura (Karen Fukuhara) as the only survivors.  Both are recovered by Black Iron Prison security head Captain Leon Ferris (Sam Witwer) and incarcerated on the orders of Warden Duncan Cole (James C.  Mathis III).  After an intake process, Jacob awakens to find the prison overrun by hostile "biophages"; inmates afflicted with an unknown disease.  He encounters Elias Porter (Zeke Alton), a prisoner who claims to have an escape plan.  After freeing Elias, Jacob fights and leaves Ferris to die at the hands of biophages.  - Wikipedia

When first released it was very buggy, but the first update fixed over 40bugs.

WARNING:  BUT there IS another problem with the PC game, it has SCRIPTED BOSS fights and the first was impossible (for me) to win.  So I have removed this game from my desktop rig.

It was very enjoyable to play 'till the Boss Fight.

REF:  Dell G5 5000 desktop, Intel Core i5 @ 2.90GHz, Memory 64GB, AMD Radeon RX 5300 VRAM 3056MB

 

 



Wednesday, May 25, 2022

Black Mesa Definitive Edition


An absolutely outstanding update to a classic game.

"Black Mesa is a 2020 first-person shooter game developed and published by Crowbar Collective.  It is a third-party remake of Half-Life (1998) made in the Source game engine.  Originally published as a free mod in September 2012, Black Mesa was approved by Half-Life developers Valve for a commercial release; the first commercial version was published as an early-access version in May 2015, followed by a full release in March 2020 for Microsoft Windows and Linux.

Black Mesa was developed in response to Half-Life: Source (2005), Valve's port of Half-Life to the Source engine, which lacked new features or improvements.  Two teams wanted to improve on the Source remake and eventually merged to become Crowbar Collective.  While they had originally targeted a release by 2009, the team realized they had rushed to this point and reevaluated their efforts to improve the quality of the remake.

Since then, attention to details, adapting the game to an improved version of the Source engine, and completely reworking the oft-derided final chapters of Half-Life (known as Xen) had lengthened the development efforts of the remake.  Due to its long development time, the modification became notable for its delays on the status of its completion.  Major changes include re-skinned collection of textures, models and NPCs, a longer runtime, improved level and puzzle design along with challenging enemy artificial intelligence, and additional dialogue and story elements." - Wikipedia

The game consists of chapters/episodes:  Office Complex, We Have Got Hostiles, Blast Pit, Power Up, On a Rail, Apprehension, Residue Processing, Questionable Ethics, Surface Tension, Forget About Freeman, Lambda Core, Xen, Gonarch's Lair, Interloper, Nihilant, Endgame (high-lighted are the additions to the original Half-Life game)

Game play consists of solving 'puzzles' aka finding objects you need, performing jumps, finding paths to locations, all the while while fending off enemies.  Really, really fun to play.

There are good guides and walkthroughs including "Black Mesa Definitive Edition FULL GAME Gameplay Walkthrough No Commentary (PC)" video.



Saturday, November 20, 2021

RPG - Kingdom Come: Deliverance


Kingdom Come: Deliverance is a 2018 action role-playing video game developed by Warhorse Studios and published by Deep Silver for Microsoft Windows, PlayStation 4, and Xbox One.  It is set in the medieval Kingdom of Bohemia, an Imperial State of the Holy Roman Empire, with a focus on historically accurate content.

The story takes place during a war in Bohemia in 1403, in the times of King Wenceslaus IV.  On the orders of Hungarian King Sgismund, half-brother of Wenceslaus, Cuman mercenaries raid the mining village of Skalitz, a major source of silver.  One of the survivors of the resulting massacre is Henry, the son of a blacksmith.  Destitute and vengeful, Henry joins the service of Lord Radzig Kobyla, who leads a resistance movement against Sigismund's invasion.  As Henry pursues justice for his murdered family, he becomes involved in an effort to restore Bohemia's rightful king and Sigismund's half-brother, Wenceslaus IV, to the throne.  The game features branching quest lines, an open world environment, and period-accurate weapons, clothing, combat techniques, and architecture (recreated with the assistance of architects and historians), which encourages immersive gameplay.  - Wikipedia

I just completed my first full game play-through and found this is an outstanding RPG game.  Especially with the Developer Mode enabled (more later).

A Before You Buy look:

Gameplay

Kingdom Come: Deliverance is an action role-playing game set in an open-world environment and played from a first-person perspective.  It utilizes a classless role-playing system, allowing the player to customize their skills to take on roles such as warrior, bard, thief, or a hybrid of these.  Abilities and stats grow depending on what the player does and says through branched dialogue trees.  During conversations, the time a player takes to make a decision is limited and has an effect on their relationships with others.  Reputation is based on player choices and therefore can bring consequences.

Character bodies and faces are created through the combination of multiple, individual pieces with finishing touches.  The clothing system features 16 item slots and items on many areas of the body that can be layered.  For example, a heavily armored knight may on his upper body wear a Gambeson, followed by mail and plate amour, with a Tabard or Surcoat over top, for a total of four clothing items in the chest slots.  Each clothing type provides different levels of protection against different types of weapons.  Clothing also gets progressively more worn, dirty, or bloody through use, affecting the character's appearance.  The player is able to use a variety of weapons, including swords, knives, axes, hammers, and bows.  Horses are featured heavily in the game, and are designed to act with their own AI while under the player's control, moving or jumping to avoid small obstacles or dangers.  The player can also fight from horseback and use their steed to carry items if they need additional inventory space, but warhorses are also competent combatants with their own AI.  Steeds come with five slots for armor and attachments.

Character bodies and faces are created through the combination of multiple, individual pieces with finishing touches.  The clothing system features 16 item slots and items on many areas of the body that can be layered.  For example, a heavily armored knight may on his upper body wear a Gambeson, followed by mail and plate amour, with a Tabard or Surcoat over top, for a total of four clothing items in the chest slots.  Each clothing type provides different levels of protection against different types of weapons.  Clothing also gets progressively more worn, dirty, or bloody through use, affecting the character's appearance.  The player is able to use a variety of weapons, including swords, knives, axes, hammers, and bows.  Horses are featured heavily in the game, and are designed to act with their own AI while under the player's control, moving or jumping to avoid small obstacles or dangers.  The player can also fight from horseback and use their steed to carry items if they need additional inventory space, but warhorses are also competent combatants with their own AI.  Steeds come with five slots for armor and attachments.

Kingdom Come: Deliverance also features a needs system which requires the player to sleep and eat in order to stay healthy.  Equipment and clothing also degrade and require repair.  Foodstuffs and other perishable items will spoil over time.  The game uses skill/stat-based mini-games for many of these tasks, including weapon and armor repair, as well as for gathering new items by Picking Locks or Pockets, distilling alcohol, or creating medicines.  The game uses long- and short-ranged weapons in combat which is based on a physics system using inverse kinematics to determine the reactions of both combatants based on the speed and weight of a blow.  This system aims to add greater variety and realism to the combat, coupled with a variety of basic combat moves and combination moves, some of which can be unlocked by skill points.  Different weapons have different characteristics, making them useful for different purposes.  For example, a sword is a quick weapon for striking and parrying, but is not very effective against heavy armor.

Character bodies and faces are created through the combination of multiple, individual pieces with finishing touches.  The clothing system features 16 item slots and items on many areas of the body that can be layered.  For example, a heavily armored knight may on his upper body wear a Gambeson, followed by mail and Plate Amour, with a Tabard or Surcoat over top, for a total of four clothing items in the chest slots.  Each clothing type provides different levels of protection against different types of weapons.  Clothing also gets progressively more worn, dirty, or bloody through use, affecting the character's appearance.  The player is able to use a variety of weapons, including Swords, Knives [aka Daggers for stealth kills], Axes, Hammers, and Bows.  Horses are featured heavily in the game, and are designed to act with their own AI while under the player's control, moving or jumping to avoid small obstacles or dangers.  The player can also fight from horseback and use their steed to carry items if they need additional inventory space, but warhorses are also competent combatants with their own AI.  Steeds come with five slots [Inventory (transfers from player Inventory), Tack] for armor and attachments.

Quests are intended to be nonlinear, with multiple ways to complete objectives to allow multiple character types to be viable.  The storyline features some large-scale events such as castle sieges and large battles.  Every non-player character (NPC) has a daily routine, and every routine can be affected by the player.  Characters are able to react to all player actions and adjust their routines to them.  NPCs will report crimes to authorities, who will punish the player accordingly, either with a fine or time in jail.  Crime will affect economics and people will get suspicious or aggressive after unresolved crimes.  - Wikipedia

Quests & Tasks

Main Quests - These are the primary quests that need to be done to complete the game.

Side Quests - These are quest that MAY be need to complete a Main Quest in which case they automatically start, or are standalone quest that can be ignored.

Tasks - These need to be done as needed by a quest and are loaded automatically (steps in a sequence) and sometimes can be skipped.

Inventory/Player/Horse/Questlog/Map/Other Displays


  

Developer Mode - Cheats

The first thing is to go to Nexus Mods Kingdom Come: Deliverance cheat page (current version 1.3.5).

Highly, HIGHLY, suggest printing the full Install & Usage instructions.

Key cheat commands which are case sensitive (lower):

  • cheat[Tab] will list all cheats
  • Enter a cheat code followed by [space]?
  • EXAMPLE: "cheat_add_item ?" (without quotes) will list any parameters required and examples.

Most useful codes:

  • cheat_add_item id: string:{string} amount:# (# default = 1)

Another example using unique string: cheat_add_item id:torch amount:5 - This will add 5 troches to you Inventory, Weapon tab.  Warning you need equip a torch when in a town or you are committing a crime.

  • cheat_add_buff_immortal (no parameters) - This is the equivalent of God Mode and needs reset each game start.
  • cheat_repair_all_items (no parameters) - Does what it says including spoiled food, you need to check you Inventory to re-equip repaired items.
  • cheat_add_money amount:# - Where # = the amount of Groschen (name of money in game) x 0.1 (9000 = 900).
  • cheat_teleport_horse (no parameters) - Will teleport your hose (AFTER you own one Pebbles) to your location IF he is on the map.

 

Most helpful game guide site Game Pressure.

 

CLOSING: For those who like RPG games this one is well worth playing.



Monday, May 24, 2021

HELD FOR RANSOM - Colonial Pipeline and U.S. Infrastructure

"The Colonial Pipeline Ransomware Hackers Had a Secret Weapon: Self-Promoting Cybersecurity Firms" by Renee Dudley and Daniel Golden, ProPublica 5/24/2021

This story was co-published with MIT Technology Review.

On Jan 11, antivirus company Bitdefender said it was “happy to announce” a startling breakthrough.  It had found a flaw in the ransomware that a gang known as DarkSide was using to freeze computer networks of dozens of businesses in the U.S. and Europe.  Companies facing demands from DarkSide could download a free tool from Bitdefender and avoid paying millions of dollars in ransom to the hackers.

But Bitdefender wasn’t the first to identify this flaw.  Two other researchers, Fabian Wosar and Michael Gillespie, had noticed it the month before and had begun discreetly looking for victims to help.  By publicizing its tool, Bitdefender alerted DarkSide to the lapse, which involved reusing the same digital keys to lock and unlock multiple victims.  The next day, DarkSide declared that it had repaired the problem, and that “new companies have nothing to hope for.”

“Special thanks to BitDefender for helping fix our issues,” DarkSide said.  “This will make us even better.”

DarkSide soon proved it wasn’t bluffing, unleashing a string of attacks.  This month, it paralyzed the Colonial Pipeline Co., prompting a shutdown of the 5,500 mile pipeline that carries 45% of the fuel used on the East Coast, quickly followed by a rise in gasoline prices, panic buying of gas across the Southeast and closures of thousands of gas stations.  Absent Bitdefender’s announcement, it’s possible that the crisis might have been contained, and that Colonial might have quietly restored its system with Wosar and Gillespie’s decryption tool.

Instead, Colonial paid DarkSide $4.4 million in Bitcoin for a key to unlock its files.  “I will admit that I wasn’t comfortable seeing money go out the door to people like this,” CEO Joseph Blount told The Wall Street Journal.

The missed opportunity was part of a broader pattern of botched or half-hearted responses to the growing menace of ransomware, which during the pandemic has disabled businesses, schools, hospitals and government agencies across the country.  The incident also shows how antivirus companies eager to make a name for themselves sometimes violate one of the cardinal rules of the cat-and-mouse game of cyber-warfare: Don’t let your opponents know what you’ve figured out.  During World War II, when the British secret service learned from decrypted communications that the Gestapo was planning to abduct and murder a valuable double agent, Johnny Jebsen, his handler wasn’t allowed to warn him for fear of cluing in the enemy that its cipher had been cracked.  Today, ransomware hunters like Wosar and Gillespie try to prolong the attackers’ ignorance, even at the cost of contacting fewer victims.  Sooner or later, as payments drop off, the cybercriminals realize that something has gone wrong.

Whether to tout a decryption tool is a “calculated decision,” said Rob McLeod, senior director of the threat response unit for cybersecurity firm eSentire.  From the marketing perspective, “You are singing that song from the rooftops about how you have come up with a security solution that will decrypt a victim’s data.  And then the security researcher angle says, ‘Don’t disclose any information here.  Keep the ransomware bugs that we’ve found that allow us to decode the data secret, so as not to notify the threat actors.’”


Wosar said that publicly releasing tools, as Bitdefender did, has become riskier as ransoms have soared and the gangs have grown wealthier and more technically adept.  In the early days of ransomware, when hackers froze home computers for a few hundred dollars, they often couldn’t determine how their code was broken unless the flaw was specifically pointed out to them.

Today, the creators of ransomware “have access to reverse engineers and penetration testers who are very very capable,” he said.  “That’s how they gain entrance to these oftentimes highly secured networks in the first place.  They download the decryptor, they disassemble it, they reverse engineer it and they figure out exactly why we were able to decrypt their files.  And 24 hours later, the whole thing is fixed.  Bitdefender should have known better.”

It wasn’t the first time that Bitdefender trumpeted a solution that Wosar or Gillespie had beaten it to.  Gillespie had broken the code of a ransomware strain called GoGoogle and was helping victims without any fanfare, when Bitdefender released a decryption tool in May 2020.  Other companies have also announced breakthroughs publicly, Wosar and Gillespie said.

“People are desperate for a news mention, and big security companies don’t care about victims,” Wosar said.

Bogdan Botezatu, director of threat research at Bucharest, Romania-based Bitdefender, said the company wasn’t aware of the earlier success in unlocking files infected by DarkSide.  Regardless, he said, Bitdefender decided to publish its tool “because most victims who fall for ransomware do not have the right connection with ransomware support groups and won’t know where to ask for help unless they can learn about the existence of tools from media reports or with a simple search.”

Bitdefender has provided free technical support to more than a dozen DarkSide victims, and “we believe many others have successfully used the tool without our intervention,” Botezatu said.  Over the years, Bitdefender has helped individuals and businesses avoid paying more than $100 million in ransom, he said.

Bitdefender recognized that DarkSide might correct the flaw, Botezatu said.  “We are well aware that attackers are agile and adapt to our decryptors.”  But DarkSide might have “spotted the issue” anyway.  “We don’t believe in ransomware decryptors made silently available.  Attackers will learn about their existence by impersonating home users or companies in need, while the vast majority of victims will have no idea that they can get their data back for free.”

The attack on Colonial Pipeline, and the ensuing chaos at the gas pumps throughout the Southeast, appears to have spurred the federal government to be more vigilant.  President Joe Biden issued an executive order to improve cybersecurity and create a blueprint for a federal response to cyberattacks.  DarkSide said it was shutting down under U.S. pressure, although ransomware crews have often disbanded to avoid scrutiny and then re-formed under new names, or their members have launched or joined other groups.

“As sophisticated as they are, these guys will pop up again, and they’ll be that much smarter,” said Aaron Tantleff, a Chicago cybersecurity attorney who has consulted with 10 companies attacked by DarkSide.  “They’ll come back with a vengeance.”

At least until now, private researchers and companies have often been more effective than the government in fighting ransomware.  Last October, Microsoft disrupted the infrastructure of Trickbot, a network of more than 1 million infected computers that disseminated the notorious Ryuk strain of ransomware, by disabling its servers and communications.  That month, ProtonMail, the Swiss-based email service, shut down 20,000 Ryuk-related accounts.

Wosar and Gillespie, who belong to a worldwide volunteer group called the Ransomware Hunting Team, have cracked more than 300 major ransomware strains and variants, saving an estimated 4 million victims from paying billions of dollars.

By contrast, the FBI rarely decrypts ransomware or arrests the attackers, who are typically based in countries like Russia or Iran that lack extradition agreements with the U.S.  DarkSide, for instance, is believed to operate out of Russia.  Far more victims seek help from the Hunting Team, through websites maintained by its members, than from the FBI.

The U.S. Secret Service also investigates ransomware, which falls under its purview of combating financial crimes.  But, especially in election years, it sometimes rotates agents off cyber assignments to carry out its better-known mission of protecting Presidents, Vice Presidents, major party candidates and their families.  European law enforcement, especially the Dutch National Police, has been more successful than the U.S. in arresting attackers and seizing servers.

Similarly, the U.S. government has made only modest headway in pushing private industry, including pipeline companies, to strengthen cybersecurity defenses.  Cybersecurity oversight is divided among an alphabet soup of agencies, hampering coordination.  The Department of Homeland Security conducts “vulnerability assessments” for critical infrastructure, which includes pipelines.

It reviewed Colonial Pipeline in around 2013 as part of a study of places where a cyberattack might cause a catastrophe.  The pipeline was deemed resilient, meaning that it could recover quickly, according to a former DHS official.  The department did not respond to questions about any subsequent reviews.

Five years later, DHS created a pipeline cybersecurity initiative to identify weaknesses in pipeline computer systems and recommend strategies to address them.  Participation is voluntary, and a person familiar with the initiative said that it is more useful for smaller companies with limited in-house IT expertise than for big ones like Colonial.  The National Risk Management Center, which oversees the initiative, also grapples with other thorny issues such as election security.

Ransomware has skyrocketed since 2012, when the advent of Bitcoin made it hard to track or block payments.  The criminals’ tactics have evolved from indiscriminate “spray and pray” campaigns seeking a few hundred dollars apiece to targeting specific businesses, government agencies and nonprofit groups with multimillion-dollar demands.

Attacks on energy businesses in particular have increased during the pandemic — not just in the U.S. but in Canada, Latin America and Europe.  As the companies allowed employees to work from home, they relaxed some security controls, McLeod said.

Since 2019, numerous gangs have ratcheted up pressure with a technique known as “double extortion.”  Upon entering a system, they steal sensitive data before launching ransomware that encodes the files and makes it impossible for hospitals, universities and cities to do their daily work.  If the loss of computer access is not sufficiently intimidating, they threaten to reveal confidential information, often posting samples as leverage.  For instance, when the Washington, D.C., police department didn’t pay the $4 million ransom demanded by a gang called Babuk last month, Babuk published intelligence briefings, names of criminal suspects and witnesses, and personnel files, from medical information to polygraph test results, of officers and job candidates.

DarkSide, which emerged last August, epitomized this new breed.  It chose targets based on a careful financial analysis or information gleaned from corporate emails.  For instance, it attacked one of Tantleff’s clients during a week when the hackers knew the company would be vulnerable because it was transitioning its files to the cloud and didn’t have clean backups.

To infiltrate target networks, the gang used advanced methods such as “zero-day exploits” that immediately take advantage of software vulnerabilities before they can be patched.  Once inside, it moved swiftly, looking not only for sensitive data but also for the victim’s cyber insurance policy, so it could peg its demands to the amount of coverage.  After two to three days of poking around, DarkSide encrypted the files.

“They have a faster attack window,” said Christopher Ballod, associate managing director for cyber risk at Kroll, the business investigations firm, who has advised half a dozen DarkSide victims.  “The longer you dwell in the system, the more likely you are to be caught.”

Typically, DarkSide’s demands were “on the high end of the scale,” $5 million and up, Ballod said.  One scary tactic: If publicly traded companies didn’t pay the ransom, DarkSide threatened to share information stolen from them with short-sellers who would profit if the share price dropped upon publication.

DarkSide’s site on the dark web identified dozens of victims and described the confidential data it claimed to have filched from them.  One was New Orleans law firm Stone Pigman Walther Wittmann.  “A big annoyance is what it was,” attorney Phil Wittmann said, referring to the DarkSide attack in February.  “We paid them nothing,” said Michael Walshe Jr., chair of the firm’s management committee, declining to comment further.

Last November, DarkSide adopted what is known as a “ransomware-as-a-service” model.  Under this model, it partnered with affiliates who launched the attacks.  The affiliates received 75% to 90% of the ransom, with DarkSide keeping the remainder.  As this partnership suggests, the ransomware ecosystem is a distorted mirror of corporate culture, with everything from job interviews to procedures for handling disputes.  After DarkSide shut down, several people who identified themselves as its affiliates complained on a dispute resolution forum that it had stiffed them.  “The target paid, but I did not receive my share,” one wrote.

Together, DarkSide and its affiliates reportedly grossed at least $90 million.  Seven of Tantleff’s clients, including two companies in the energy industry, paid ransoms ranging from $1.25 million to $6 million, reflecting negotiated discounts from initial demands of $7.5 million to $30 million.  His other three clients hit by DarkSide did not pay.  In one of those cases, the hackers demanded $50 million.  Negotiations grew acrimonious, and the two sides couldn’t agree on a price.

DarkSide’s representatives were shrewd bargainers, Tantleff said.  If a victim said it couldn’t afford the ransom because of the pandemic, DarkSide was ready with data showing that the company’s revenue was up, or that COVID-19’s impact was factored into the price.

DarkSide’s grasp of geopolitics was less advanced than its approach to ransomware.  Around the same time that it adopted the affiliate model, it posted that it was planning to safeguard information stolen from victims by storing it in servers in Iran.  DarkSide apparently didn’t realize that an Iranian connection would complicate its collection of ransoms from victims in the U.S., which has economic sanctions restricting financial transactions with Iran.  Although DarkSide later walked back this statement, saying that it had only considered Iran as a possible location, numerous cyber insurers had concerns about covering payments to the group.  Coveware, a Connecticut firm that negotiates with attackers on behalf of victims, stopped dealing with DarkSide.

Ballod said that, with their insurers unwilling to reimburse the ransom, none of his clients paid DarkSide, despite concerns about exposure of their data.  Even if they had caved in to DarkSide, and received assurances from the hackers in return that the data would be shredded, the information might still leak, he said.

During DarkSide’s changeover to the affiliate model, a flaw was introduced into its ransomware.  The vulnerability caught the attention of members of the Ransomware Hunting Team.  Established in 2016, the invitation-only team consists of about a dozen volunteers in the U.S., Spain, Italy, Germany, Hungary and the U.K.  They work in cybersecurity or related fields.  In their spare time, they collaborate in finding and decrypting new ransomware strains.

Several members, including Wosar, have little formal education but an aptitude for coding.  A high school dropout, Wosar grew up in a working-class family near the German port city of Rostock.  In 1992, at the age of 8, he saw a computer for the first time and was entranced.  By 16, he was developing his own antivirus software and making money from it.  Now 37, he has worked for antivirus firm Emsisoft since its inception almost two decades ago and is its chief technology officer.  He moved to the U.K. from Germany in 2018 and lives near London.

He has been battling ransomware hackers since 2012, when he cracked a strain called ACCDFISA, which stood for “Anti Cyber Crime Department of Federal Internet Security Agency.”  This fictional agency was notifying people that child pornography had infected their computers, and so it was blocking access to their files unless they paid $100 to remove the virus.

The ACCDFISA hacker eventually noticed that the strain had been decrypted and released a revised version.  Many of Wosar’s subsequent triumphs were also fleeting.  He and his teammates tried to keep criminals blissfully unaware for as long as possible that their strain was vulnerable.  They left cryptic messages on forums inviting victims to contact them for assistance or sent direct messages to people who posted that they had been attacked.

In the course of protecting against computer intrusions, analysts at antivirus firms sometimes detected ransomware flaws and built decryption tools, though it wasn’t their main focus.  Sometimes they collided with Wosar.

In 2014, Wosar discovered that a ransomware strain called CryptoDefense copied and pasted from Microsoft Windows some of the code it used to lock and unlock files, not realizing that the same code was preserved in a folder on the victim’s own computer.  It was missing the signal, or “flag,” in their program, usually included by ransomware creators to instruct Windows not to save a copy of the key.

Wosar quickly developed a decryption tool to retrieve the key.  “We faced an interesting conundrum,” Sarah White, another Hunting Team member, wrote on Emsisoft’s blog.  “How to get our tool out to the most victims possible without alerting the malware developer of his mistake?”

Wosar discreetly sought out CryptoDefense victims through support forums, volunteer networks and announcements of where to contact for help.  He avoided describing how the tool worked or the blunder it exploited.  When victims came forward, he supplied the fix, scrubbing the ransomware from at least 350 computers.  CryptoDefense eventually “caught on to us ... but he still did not have access to the decrypter we used and had no idea how we were unlocking his victims’ files,” White wrote.

But then an antivirus company, Symantec, uncovered the same problem and bragged about the discovery on a blog post that “contained enough information to help the CryptoDefense developer find and correct the flaw,” White wrote.  Within 24 hours the attackers began spreading a revised version.  They changed its name to CryptoWall and made $325 million.

Symantec “chose quick publicity over helping CryptoDefense victims recover their files,” White wrote.  “Sometimes there are things that are better left unsaid.”

A spokeswoman for Broadcom, which acquired Symantec’s enterprise security business in 2019, declined to comment, saying that “the team members who worked on the tool are no longer with the company.”

Like Wosar, the 29-year-old Gillespie comes from poverty and never went to college.  When he was growing up in central Illinois, his family struggled so much financially that they sometimes had to move in with friends or relatives.  After high school, he worked full time for 10 years at a computer repair chain called Nerds on Call.  Last year, he became a malware and cybersecurity researcher at Coveware.

Last December, he messaged Wosar for help.  Gillespie had been working with a DarkSide victim who had paid a ransom and received a tool to recover the data.  But DarkSide’s decryptor had a reputation for being slow, and the victim hoped that Gillespie could speed up the process.

Gillespie analyzed the software, which contained a key to release the files.  He wanted to extract the key, but because it was stored in an unusually complex way, he couldn’t.  He turned to Wosar, who was able to isolate it.

The teammates then began testing the key on other files infected by DarkSide.  Gillespie checked files uploaded by victims to the website he operates, ID Ransomware, while Wosar used VirusTotal, an online database of suspected malware.

That night, they shared a discovery.

“I have confirmation DarkSide is re-using their RSA keys,” Gillespie wrote to the Hunting Team on its Slack channel.  A type of cryptography, RSA generates two keys: a public key to encode data and a private key to decipher it.  RSA is used legitimately to safeguard many aspects of e-commerce, such as protecting credit numbers.  But it’s also been co-opted by ransomware hackers.

“I noticed the same as I was able to decrypt newly encrypted files using their decrypter,” Wosar replied less than an hour later, at 2:45 a.m. London time.

Their analysis showed that, before adopting the affiliate model, DarkSide had used a different public and private key for each victim.  Wosar suspected that, during this transition, DarkSide introduced a mistake into its affiliate portal used to generate the ransomware for each target.  Wosar and Gillespie could now use the key that Wosar had extracted to retrieve files from Windows machines seized by DarkSide.  The cryptographic blunder didn’t affect Linux operating systems.

“We were scratching our heads,” Wosar said.  “Could they really have fucked up this badly? DarkSide was one of the more professional ransomware-as-a-service schemes out there.  For them to make such a huge mistake is very, very rare.”

The Hunting Team celebrated quietly, without seeking publicity.  White, who is a computer science student at Royal Holloway, part of the University of London, began looking for DarkSide victims.  She contacted firms that handle digital forensics and incident response.

“We told them, ‘Hey listen, if you have any DarkSide victims, tell them to reach out to us, we can help them.  We can recover their files and they don’t have to pay a huge ransom,’” Wosar said.

The DarkSide hackers mostly took the Christmas season off.  Gillespie and Wosar expected that, when the attacks resumed in the new year, their discovery would help dozens of victims.  But then Bitdefender published its post, under the headline “Darkside Ransomware Decryption Tool.”

In a messaging channel with the ransomware response community, someone asked why Bitdefender would tip off the hackers.  “Publicity,” White responded.  “Looks good.  I can guarantee they’ll fix it much faster now though.”

She was right.  The next day, DarkSide acknowledged the error that Wosar and Gillespie had found before Bitdefender.  “Due to the problem with key generation, some companies have the same keys,” the hackers wrote, adding that up to 40% of keys were affected.

DarkSide mocked Bitdefender for releasing the decryptor at “the wrong time…., as the activity of us and our partners during the New Year holidays is the lowest.”

Adding to the team’s frustrations, Wosar discovered that the Bitdefender tool had its own drawbacks.  Using the company’s decryptor, he tried to unlock samples infected by DarkSide and found that they were damaged in the process.  “They actually implemented the decryption wrong,” Wosar said.  “That means if victims did use the Bitdefender tool, there’s a good chance that they damaged the data.”

Asked about Wosar’s criticism, Botezatu said that data recovery is difficult, and that Bitdefender has “taken all precautions to make sure that we’re not compromising user data” including exhaustive testing and “code that evaluates whether the resulting decrypted file is valid.”

Even without Bitdefender, DarkSide might have soon realized its mistake anyway, Wosar and Gillespie said.  For example, as they sifted through compromised networks, the hackers might have come across emails in which victims helped by the Hunting Team discussed the flaw.

“They might figure it out that way — that is always a possibility,” Wosar said.  “But it’s especially painful if a vulnerability is being burned through something stupid like this.”

The incident led the Hunting Team to coin a term for the premature exposure of a weakness in a ransomware strain.  “Internally, we often joke, ‘Yeah, they are probably going to pull a Bitdefender,’” Wosar said.



Tuesday, November 3, 2020

PC GAMING - The Outer Worlds (Updated)


The Outer Worlds is an action role-playing game developed by Obsidian Entertainment and published by Private Division.

The Outer Worlds is an action role-playing video game featuring a first-person perspective.  In the early stages of the game, the player can create their own character and unlock a ship, which acts as the game's central hub space.  Though the player cannot control their ship directly, it serves as a fast travel point to access different areas in the game and acts as the player's persistent inventory space.  The player can encounter and recruit non-player characters as companions who have their own personal missions and stories.  When accompanying the player, the companions act as an aid in combat.  Each companion has its own individual skills and special attacks, and it can also develop its own skill specialization.  When exploring, the player can bring up to two companions alongside them, while the rest stay on the ship.  The player can make numerous dialogue decisions, which can influence the game's branching story.  They can also respond to NPCs in various ways, such as acting heroically, maniacally, or moronically.

During combat situations, the player can use various weapon types such as melee and firearms, which have three ammo types:  light, heavy and energy.  These weapons can be customized to add elemental damage.  The player can use stealth or social skills (persuasion, lying and intimidation) to avoid combat altogether.  As the player progresses, they gain experience points, which the player and their companions can use to level up and unlock new skills.  The player can develop their technical skills, which are further divided into three categories: Science, Medical, and Engineering.  For instance, the player can use a shrink ray to shrink down an enemy.  The player is able to invest points into these skills, which will unlock new perks that enhance combat efficiency.  The player can also enter a "Tactical Time Dilation" state, which slows down time and reveals opponents' health statistics, which grants the player tactical advantages.  As the player leads their companions, they improve their companions' combat strength and resilience.  The player can also gain a "flaw" that occurs when the player fails repeatedly in certain gameplay segments.  Flaws impede the player in some way, but also give additional perks and advantages.  - Wikipedia

 

Best reference: The Outer Worlds Wiki

UPDATE

As of this date there are 2 DLCs:

  1. Peril on Gorgon
  2. Murder on Eridanos

WARNING:  There is a bug in "Peril on Gorgon" (a Preserved Eye is not in Lucky's safe) that will prevent completion.



Saturday, October 24, 2020

RPG GAMING - Vampyr

"Vampyr is an action role-playing game played from a third-person view.  The player controls Jonathan E. Reid, a doctor who was made into a vampire, and whose thirst for blood compels him to kill innocent people.  To do this successfully, he must study and change his targets' habits, collect clues, and maintain relationships with the sixty citizens under his care in London, which serves as a fictionalized semi-open world built around hubs of neighborhoods tethered to other areas.  A skill tree facilitates the improvement of abilities, which is fueled by experience points gained from blood and, alternatively, investigation.  Feeding on human blood provides nourishment in addition to unlocking new vampire powers.  Abilities can be manually activated and passively upgraded.  Active skills afford defensive, aggressive, healing, and tactical measures; passive skills increase health, stamina, the blood gauge and absorption, bite damage and regeneration, and carry capacity." - Wikipedia

 

Before You Buy

I've just started playing this game on my Win7 PRO 64bit Desktop rig with 8GB RAM, Intel Core i5-4690 CPU @ 3.50GHz, NVIDIA Corporation GK104 [GeForce GTX 770] 2048 VRAM, and it is outstanding to play.

All you need is to view the "Before You Buy" video to see if Vampyr is for you.

line

Saturday, September 5, 2020

SIMULATION - Ancestors: The Humankind Odyssey




"Good luck, we will not help you much." (from intro)


Ancestors: The Humankind Odyssey is a survival game developed by Panache Digital Games and published by Private Division.  It was released for Microsoft Windows, PlayStation 4, and Xbox One in late 2019, along with a Steam release in August 2020.  In the game, players control a lineage of primates and are tasked to ensure its survival in prehistoric Africa and facilitate its evolution.  It was directed by Patrice Désilets." - Wikipedia

This title is a simulation of 'Humankind' evolution.  It is not really a game.

Ancestors: The Humankind Odyssey is a survival game played from a third-person perspective.  In the game, players control a member of a primate clan and have to manage the player character's health by eating, drinking, and sleeping.  The game starts in an African jungle, an open world filled with threats including Machairodus, Metridiochoerus, Crocodylus thorbjarnarsoni, Adcrocuta hyenas, African Rock Python, giant Miocene otters, African buffalo, and more.  Players can climb trees, and will suffer injuries if they fall down or are attacked by predators.  As players progress, new areas are opened up for players to explore.  When a primate is exploring new locations or being hunted by predators, it will enter a state of "fear" which can be overcome by finding glowing orbs of light, or else it will descend into a state of hysteria." - Wikipedia

There are only automatic saves but only at critical steps.  After all, there are no quick-saves in real life (you don't have a save before that drive on a freeway where you got into an accident).

I have played this simulation for several weeks and have yet to survive beyond two generations.  So it is hard.  But I will stubbornly stay with it.

There are many walkthroughs and guides available.

Below are two videos that will give you an idea of what Ancestors is.



Tuesday, October 29, 2019

SECURITY - Ransomware Hunting League Hero




"The Ransomware Superhero of Normal, Illinois" by Renee Dudley, ProPublica 10/28/2019

Thanks to Michael Gillespie, an obscure programmer at a Nerds on Call repair store, hundreds of thousands of ransomware victims have recovered their files for free.

This story was co-published with the Chicago Sun-Times and The Pantagraph.

ProPublica is a nonprofit newsroom that investigates abuses of power.  Sign up for ProPublica’s Big Story newsletter to receive stories like this one in your inbox as soon as they are published.


About 10 years ago, Michael Gillespie and several classmates at Pekin Community High School in central Illinois were clicking on links on the school’s website when they discovered a weakness that exposed sensitive information such as students’ Social Security numbers.  They quickly alerted their computer repair and networking teacher, Eric McCann.

“It was a vulnerability that nobody even knew about,” McCann said.  “They did a quick search on passwords and student accounts, and lo and behold, that file is sitting out there.”

A shy, skinny teenager whose hand-me-down clothes didn’t fit him, and who was often ridiculed by schoolmates, Gillespie was already working after school as a computer technician.  “He was full of information all the time,” McCann said.  “We’d bounce ideas off each other.  You could tell his passion for technology, for computers, for figuring out things.  That definitely made him stand out.”

Without crediting the students, school administrators closed the breach and changed everyone’s passwords.  Gillespie’s anonymous protection of the school’s cyberdefenses was a harbinger of his future.  Like a real-life version of Clark Kent or Peter Parker, the self-effacing Gillespie morphs in his spare time into a crime-foiling superhero.  A cancer survivor who works at a Nerds on Call computer repair shop and has been overwhelmed by debt — he and his wife had a car repossessed and their home nearly foreclosed on — the 27-year-old Gillespie has become, with little fanfare or reward, one of the world’s leading conquerors of an especially common and virulent cybercrime: ransomware.  Asked what motivates him, he replied, “I guess it’s just the affinity for challenge and feeling like I am contributing to beating the bad guys.”

Each year, millions of ransomware attacks paralyze computer systems of individuals, businesses, hospitals and medical offices, government agencies, and even police departments.  Often, files cannot be decrypted without paying a ransom, and victims who haven’t saved backup copies and want to retrieve the information have little choice but to pony up.  But those who have recovered their data without enriching criminals frequently owe their escapes to Gillespie.

The FBI and local law enforcement agencies have had little success in curbing ransomware.  Local departments lack the resources to solve cybercrime, and the ransoms demanded have often been below the threshold that triggers federal investigations.  Security researchers like Gillespie have done their best to fill the gap.  There are almost 800 known types of ransomware, and Gillespie, mostly by himself but sometimes collaborating with other ransomware hunters, has cracked more than 100 of them.  Hundreds of thousands of victims have downloaded his decryption tools for free, potentially saving them from paying hundreds of millions of dollars in ransom.

“He took that deep dive into the technical stuff, and he just thrives on it,” said Lawrence Abrams, founder of a ransomware assistance website called BleepingComputer.com.  “Every time a new ransomware comes out, he checks it out.  ‘Can it be decrypted?  Yes, it can be decrypted.  OK, I’ll make the decryptor.’  And it’s just nonstop.  He just keeps pumping them out.”

Gillespie downplays his accomplishments.  “IT [Internet Technology] moves so fast, there’s always something to learn, and there’s always someone better than you,” he said.

Gillespie’s tools are available on BleepingComputer.com, and they can be accessed through a site he created and operates, called ID Ransomware.  There, victims submit about 2,000 ransomware-stricken files every day to find out which strain has hit them and to obtain an antidote, if one exists.

As hackers and their corporate enablers, including cyber insurance providers and data recovery firms whose business models are based on paying ransoms, profit directly or indirectly from cybercrime, one of ransomware’s greatest foes lives paycheck-to-paycheck.  Under his internet alias, demonslay335, Gillespie tackles ransomware either in his downtime at Nerds on Call or at night in the two-story bungalow he shares with his wife, Morgan, and their dog, rabbit and eight cats.  Surrounded by pets, he lies on his living room couch, decoding ransomware on his laptop and corresponding with victims desperate for his help.

Although the FBI honored him in 2017 with an award for his website, it doesn’t systematically recommend ID Ransomware — meaning that some victims may never learn of a resource that could help them avoid paying a ransom.  Many of his friends, relatives and colleagues don’t know the extent of his war on ransomware.  “They do not have a clue because of Michael’s modesty,” said his wife’s grandmother, Rita Blanch.  “Honestly, I don’t think anyone in the family knows what he does for free.  I barely know.”  When he got the FBI award, she added, “I sent out a family text, and they’re like: ‘What?  What?  Our Michael?’”

McCann wasn’t aware of Gillespie’s accomplishments either.  “It kind of gives me goosebumps,” the teacher said.  “He’s sitting here doing all this for free.  That’s incredible.”

On a humid morning in July, Gillespie sat on his covered front porch.  His hair was pulled back into a low ponytail, and he sported scraggly facial hair and a V-neck striped shirt.  Brown leaves left over from the previous autumn and birdseed from a feeder were scattered on the ground.  Gillespie said hello to a cardinal — the Illinois state bird, he pointed out — and a squirrel with a “wonky eye.” He said a family of groundhogs resides under the porch and eats from the front-yard mulberry tree, but they didn’t make an appearance.

He opened his Twitter account.  “Like right now, I have 58 PMs and 120 notifications,” he said.  Most were pleas for help from victims of a ransomware strain, STOP Djvu, which he can sometimes decrypt.

Gillespie’s love of computers and electronics started early.  His paternal grandmother, a video gamer, introduced him to online role-playing games such as RuneScape.  He played Donkey Kong Country on a used Super Nintendo that his uncle gave him.  As emergency services volunteers, his parents communicated with tornado spotters via ham radios.  His father, a land surveyor, taught him how to repair electronics by soldering the radios.

Gillespie gleaned from his mother’s father, a police lieutenant in Florida, the importance of protecting the public.  Reinforcing the message, his parents went out of their way on family trips to pass through Metropolis, Illinois, which proclaims itself to be Superman’s hometown, and pay their respects at the Man of Steel’s bronze statue.  Gillespie was also fascinated by cryptography.  He liked the idea of having secret codes that no one else could figure out — and cracking other people’s.

Struggling financially, his family sometimes had to move in with friends or relatives.  When he was in high school, his parents filed for bankruptcy in the Central District of Illinois, court documents show.

At Pekin High, he helped protect not only the website but also his classmates’ belongings.  One day, noticing that other students were pre-setting codes to the combination locks on their lockers for convenience, he pulled down on every lock in his aisle.  About a quarter of the lockers opened.  He left a Post-it note in each one, admonishing the user to be more careful.

By then, he and Morgan Blanch were becoming close.  They lived down the street from each other but didn’t become friends until their freshman year at Pekin.  They began hanging out at each other’s houses and messaging on Myspace.  They were both in the school show choir and eventually sang in a national competition on the Grand Ole Opry stage in Nashville, Tennessee.

Both sometimes felt like outcasts.  She was overweight.  Gillespie, she said, was “that one kid at school that everybody knows who they are because they’re weird or they’re the butt of people’s jokes.”

But they could rely on each other.  “We’d get annoyed because our other friends were more flighty,” she said.  “They weren’t dependable, whereas if Michael and I made a plan, we stuck to it.  And we liked that about each other.” They started dating during Christmas break of their junior year.

When he graduated in 2010, Gillespie was named a Prairie State Scholar and an Illinois State Scholar, based on his standardized test scores and class rank.  Instead of going to college, he began working full time at the Nerds on Call store in Normal, Illinois.  Even with financial aid, he said, college would have been too expensive, and he already had everything he wanted.  “I got a job, got a car, got a girlfriend.  Boom.  Life together,” he said.

“He just felt that he could learn better on his own than in a classroom setting,” Morgan Gillespie said.  “He doesn’t really like to be restrained by protocol or by doing the ‘typical’ route of things.  He likes to get in there and figure it out and do whatever it is he feels like he wants to do.”

She enrolled at Millikin University in Decatur, Illinois, but missed Gillespie and dropped out after two months.  They moved into a new apartment close to his job and were married in October 2012, with Rita Blanch officiating.  For the bachelor party, Gillespie and his Nerds on Call friends went to a nearby farm and shot up old computers with his father’s firearms.  “Nobody who was too tipsy got to hold the rifles, but we put a few rounds through some old monitors,” said his best man, former co-worker David Jacobs, who organized the party.

The couple honeymooned in Peoria, Illinois.  The next year, with a Federal Housing Administration loan for lower-income borrowers, they purchased their $116,000 bungalow in a working-class neighborhood in Bloomington, Illinois.  There they could hear Amtrak’s Lincoln Service roar by on its way to Chicago.

At Nerds on Call, Gillespie was known as the Swiss Army Knife for his versatility.  So when a client was hit by TeslaCrypt ransomware in 2015, Gillespie was assigned to recover the files.

He embraced the task.  Not only was it an opportunity to expand his skills, but he also objected to the very idea of paying a ransom.  “I say hell no,” he said.  “There’s all the stuff about how it’s funding terrorism, funding bad stuff.  But more so, it’s just encouraging [criminals] to keep going.”

Gillespie “lives so heavily in the tech world, I think having bad actors involved just bothers him,” Jacobs said.  “Sometimes it’s also a little bit of competition.  ‘It’s me versus the bad guys and I want to win.  I want to be able to outdo their schemes.’”

Gillespie immediately consulted BleepingComputer.com.  Established in 2004 by Abrams to provide free advice for any computer problem through tutorials and forums, it had become the go-to site for ransomware assistance.

Sure enough, a BleepingComputer member known as BloodDolly had figured out how to crack TeslaCrypt.  But Gillespie still had to create a key for the client, which required running complex software for hours or days at a time.  “I wanted to post a success story for one of my customer’s systems that was hit this week,” he proudly announced on the forum in August 2015.  “I’ve just successfully decoded a few sample files at home.  … My customer is going to be thrilled we can get her photos back.”

Gillespie realized that Abrams, BloodDolly and other ransomware researchers were overwhelmed with requests for help.  He soaked up everything they could teach him.  Soon he was running software from both his home computer and computers under his desk at work, generating customized keys for scores of TeslaCrypt victims who had posted on BleepingComputer or on social media.

“It was huge, it was insane,” Abrams recalled.  “We were cracking keys left and right.  And Michael got the bug from that.  He came to the site, started cracking keys, starting helping.”

Gillespie also began exchanging private messages on BleepingComputer with U.K.-based ransomware expert Fabian Wosar.  Wosar, now the chief technology officer of antivirus provider Emsisoft, was working to break other strains of ransomware, and he referred TeslaCrypt victims to Gillespie.  Wosar, too, shared his knowledge with Gillespie.

“Sometimes, when people seem genuinely interested, I just ask them if they want to come along,” Wosar said.  “I just open a screen share, and they can watch what I’m doing.  And I explain to them what I am doing and why, and what all this different stuff means.”

Wosar, Gillespie, Abrams and a handful of other volunteers worldwide began communicating over the messaging platform Slack, forming a group they dubbed the Ransomware Hunting Team.  Abrams would hear about a new type of ransomware through users’ posts on his website and send a sample to his teammates.  If they could solve it, they would.

Gillespie creates 90% of the decryptors available on BleepingComputer, Abrams said.  Since May, when Abrams began tracking statistics, decryptors on the site have been downloaded more than 320,000 times.

While BleepingComputer makes money from advertisers, members of the hunting team from time to time have discussed charging for their services.  Each time, “it left a sour taste,” Abrams said.  He recalled a mother who contacted him to say she’d lost photos of her son, a fallen Army veteran, to ransomware.  Abrams helped to decrypt her files.  “I couldn’t charge for that,” he said.

Wosar and Gillespie have each created more free, public decryptors than anybody else in the world.  The two have much in common: neither went to college and both consider themselves autodidacts, learning mostly from internet research.  Both found a home and friendships on BleepingComputer.  And both, Wosar said, suffer from imposter syndrome — feelings of inadequacy that persist despite their success.

“I think we’re all kind of misfits,” Wosar said, referring to members of the team.  “We all have weird quirks that isolate us from the normal world but come in handy when it comes to tracking ransomware and helping people.  That’s why and how we work so well together.  You don’t need credentials, as long as you have the passion and the drive to teach yourself the skills required.  And Michael clearly has it, right?”

As ransomware became increasingly prevalent, the Ransomware Hunting Team had trouble staying abreast of new variants.  “It just got to the point where we just couldn’t keep track any more,” Abrams said.

Gillespie quietly began working on a solution.  “I’m a programmer,” he said.  “What do I do?  I automate.”

At night, on his couch, Gillespie developed a site where victims could upload a ransomware-encrypted file and automatically learn what type it was, whether a decryptor existed and, if so, how to get it.  In March 2016, he launched ID Ransomware with an announcement on Twitter and on BleepingComputer.  “All too often after a ransomware attack, the first question is, ‘what encrypted my files?’, followed by ‘can I decrypt my data?’” he wrote.  “This web service aims to help answer those questions, and guide a victim to the correct information relating to their infection.”

The site took off immediately.  Victims, ransomware recovery firms and other researchers sent encrypted files for analysis.  When they submitted files infected by an unidentified type of ransomware, Gillespie added it to his database.  As before, he and other members of the team worked to create decryptors for newly discovered strains.  ID Ransomware currently can detect more than 780 strains, of which almost 40% have free decryptors, most of them developed by Gillespie or Wosar, and others by cybersecurity firms such as Kaspersky, Avast and Bitdefender.

He’s developed other free applications for victims, which are available on BleepingComputer.  RansomNoteCleaner removes ransom notes left behind after an infection — eliminating the time-consuming task of removing them manually — and CryptoSearch locates encrypted files and makes it easier to back them up, in the hope that a solution may someday be discovered.  ID Ransomware also cross-references the submitter’s IP address with Shodan, a site that can show a computer’s vulnerabilities.  If it detects an open port, which could have allowed the hackers in, ID Ransomware flags the vulnerability — and, like the notes Gillespie stuck in the high school lockers, suggests fixing it.

Gillespie worked nonstop.  “I felt like I never saw him,” his wife said.  “We would be hanging out in the evening, and he would be like, ‘Oh my gosh, I have to go do this.’ And he would just disappear for hours.”

Volunteers around the world have translated ID Ransomware into two dozen languages, from Swedish to Nepali.  Only 26% of submissions to the site have come from the U.S.  “He collects amazing data because so many people use it,” Abrams said.  “He has tons of information.  You can see statistics, trends, what kinds of attacks are happening and when.  Everyone uses it.”

Those users include law enforcement, on both sides of the Atlantic.  Europol and Netherlands police flattered ID Ransomware by imitation, launching a similar but less comprehensive site.  An FBI agent from the Springfield, Illinois, field office asked to meet Gillespie, and they got together with another agent at a local Panera restaurant.

“The first meeting was nerve-wracking for me because, you know, why does the FBI want to talk to me?” Gillespie recalled.  “I was so awkward at that meeting.  I wasn’t thinking, ‘Am I gonna get arrested.’  But I did have in the back of my mind, ‘Am I gonna say something stupid?’”

The FBI needed help.  Victims often don’t report attacks to the bureau because they don’t want investors or the public to learn of their security lapses.  In 2018, the FBI received only 1,493 reports of ransomware — compared with the 2,000 queries daily to Gillespie’s site from about 750 different IP addresses worldwide.

At first, the agents sought information about the origins of a specific ransomware attack, something Gillespie does not investigate.  Then they began requesting lists of IP addresses that had uploaded files to ID Ransomware, which could help identify victims, as well as ransom notes and other material.  Gillespie, who discloses on the ID Ransomware homepage that email or bitcoin addresses uploaded to the site may be shared with “trusted third parties or law enforcement,” complied.

His assistance appears to have paid off.  Gillespie said agents indicated to him that his information may have been instrumental in last year’s indictment of two Iranian hackers wanted in connection with SamSam ransomware, which paralyzed computer networks across North America and the U.K. between 2015 and 2018.  Although the suspects have not been arrested, it was the U.S. government’s first indictment of cyberattackers for deploying a ransomware scheme.

Gillespie continues to meet regularly with FBI agents.  He tips them off, for instance, when a ransom note or extension on a file uploaded to the site identifies the targeted business.  Cooperation from such victims could help law enforcement learn more about the source of the ransomware, he said.

Some other ransomware hunters are warier of the FBI.  Abrams expressed concern that, despite the ID Ransomware acknowledgment, there could be “repercussions” from victims who might be upset that Gillespie identified them to the bureau.  Gillespie “is a little too trusting” of law enforcement, Abrams said.  “I do think that he’s not very worldly and that he sees things a little more black and white than with a lot of shades of gray.  And I think in that case he could be easily manipulated and taken advantage of.”

In 2017, the FBI awarded Gillespie a Community Leadership Award for his “public service, devotion and assistance to victims of ransomware in the United States and Internationally.”  Gillespie prominently displays the award in his home.  In April 2018, he and his wife flew to Washington for the award ceremony, accompanied by his boss at Nerds on Call.  The joke around the office was that the boss “went with him to try to nerf anybody trying to recruit him,” said Gillespie’s former co-worker, Jacobs.  “He would be very difficult to replace.”

Philosophically opposed to charging victims, Gillespie keeps ID Ransomware free.  He put up a link for donations to help cover the costs of running the site, but he didn’t bother to register it as a nonprofit, which would have enabled donors to deduct gifts from their taxes.  Contributions were scarce.  One $3,000 donation through PayPal proved to be a scam — Gillespie speculated that it may have been revenge by hackers whose ransomware he disabled — and PayPal demanded the money back.  He couldn’t repay it and switched to another service.

Gillespie “doesn’t chase money,” Jacobs said.  “If he were chasing money, he would have been living on the East or West Coast by now and doing something for some company that we’d all heard of instead of a little service provider in the Midwest.  But he’s one of those guys, he operates very heavily on principle.”

To make ends meet, Gillespie supplemented his Nerds on Call salary with a 2 a.m. paper route, delivering the local newspaper on his bike.  While he had enjoyed having a paper route in junior high, the job now depressed him.  But the family bills were mounting, especially for health care.  Morgan Gillespie struggled with diabetes and other medical issues.  Over the years, Michael Gillespie noticed blood in his urine, and in the fall of 2017, his wife finally made him see a doctor.  The physician removed a tumor and diagnosed bladder cancer, which rarely affects young adults.  Gillespie took one day off for surgery and one to recover before returning to work.  He underwent immunotherapy treatment weekly for two months, and the cancer has been in remission since.  Although he was insured through Nerds on Call, the costs for his care still added up.

The couple reached a financial breaking point.  They racked up credit card debt and fell behind on payments on Morgan Gillespie’s Nissan.  They rotated which utility bills they would pay; one month their electricity would be turned off, and the next month it would be gas.  They surrendered the car to the bank, which sold it at a loss at auction and forced them to make up the difference.  Last year, around the time his wife lost her job as a nanny, they missed four mortgage payments on their house and began to receive foreclosure notices, Michael Gillespie said.

Gillespie said he’s considering charging other security researchers for the statistics he gathers on the site, but he will always keep the tools free for victims.  Friends and family members nagged Gillespie to collect fees from ID Ransomware users.  Even his wife’s grandmother, whom Gillespie calls “grammy,” brought it up.  “I try to not interfere in that area,” Rita Blanch said.  “Unless, being silly at times, when I would say to him, ‘Babe, you need to charge, you could, like, be rich.’”

Other relatives “have been like: ‘Why isn’t he charging?  Why isn’t he making money off of this?’” said his wife, who recently found a part-time job as a babysitter.  “They think it’s almost dumb, the fact that he does what he does.  But that was just never what the deal was for us.  He just doesn’t want to take advantage of people who are already being taken advantage of.”

Instead, his fellow ransomware hunters stepped in.  Abrams covered the $400 cost of obtaining a certificate that lets users know they’re downloading from a trustworthy site.  Wosar began donating to ID Ransomware, and his employer, Emsisoft, hired Gillespie part-time this year to create Emsisoft-branded decryptors.  The money enabled the Gillespies to catch up on mortgage payments.

“He’s doing so much, how do you not support him if you can?” Abrams said.

After dinner one summer evening, Gillespie took a visitor to the Normal office of Nerds on Call, one of the company’s three locations in central Illinois, nestled in a strip mall between a check-cashing store and a Great Clips hair salon.  Gillespie, who has worked for Nerds on Call for 11 years, has keys, so he was able to open the office and disable the alarm system.  In the back, behind the retail area, is his desk, adorned with framed photos of his cats.

As his wife’s relatives often remind him, he could earn three times as much somewhere else.  But he’s happy at Nerds on Call, which gives him the freedom to work on ransomware in his downtime.  This year, he figured out fixes for the STOP Djvu ransomware, which was infecting files through pirated software.  Victims — who were unlikely to seek law enforcement assistance since they were committing a crime themselves — continue to press Michael for help unceasingly.  “It’s borderline harassment,” he said.

His frustration with the deluge of entreaties occasionally boiled over in his tweets.  “Everything you could possibly need to know is IN THE FUCKING FAQ, and its in BIG BOLD RED LETTERS,” he once responded.  “I’m losing sleep, losing time at my job, losing fucking sanity at this point.”

Some STOP Djvu victims thanked Gillespie.  Adam Hegedus of Szolnok, Hungary, was surfing the internet on his girlfriend's laptop in August when he disabled the anti-virus and firewall protections.  Ransomware crippled the computer, and a text file demanded $1,000 to restore access.  Hegedus' girlfriend is a teacher, and her lesson plans, thesis and other important documents were encrypted.  Hegedus felt so guilty that he couldn't sleep, and he sought assistance from several forums, including BleepingComputer.com.  This month, Gillespie replied with some good news; he had a decryption key.  Hegedus called his girlfriend, who rushed home and was delighted to be able to use her files again.

"You cannot imagine how grateful I am," Hegedus wrote to Gillespie.  "Everything has been decrypted and this is only because of your hard work." Hegedus offered a donation, but Gillespie declined.

Gillespie hopes that someday his services will no longer be needed, because businesses and people will have learned proper cybersecurity.  “If the world had backups, then we wouldn’t have ransomware,” he said.

In the meantime, he said, he plans to keep plugging away, even as hackers and their enablers pile up profits.  “There’s a time in every IT person’s career where they think, ‘I’m on the wrong side,’” he said.  “You start seeing the dollar amounts that are involved.  But nah, I can’t say that I ever have.  I just don’t care to go that way.”

ProPublica research reporter Doris Burke contributed to this article.