All posts by cen

That moment when you need to look up definition of C++ for loop

I was getting a segfault on an old piece of code which I maintain. The culprit was pinpointed to this:

I went through this piece if code at least 10 times without noticing the problem. The snippet is simple enough.. when match is found, set found to true and that breaks the loop since loop condition now evaluates to false. The iterator remains at the position of matched element.


What we are actually getting is iterator+1.

What we don't see directly from the code is that increment happens before the condition is evaluated for the next loop, giving us iterator+1 which causes a segfault if match is found on last element.


Tenant resource authorization in JAX-RS

You have a book REST resource and each book has an owner. Only the owner of the book can access an owned book. JAX-RS specification has no answer to this problem since it only provides a role based security with @RolesAllowed annotation. It is unfortunate JavaEE spec does not offer at last some interfaces which we could then imlement for this purpose.. we need to roll our own. There are many ways this can be achieved, I will present one way of doing it.

Owned JPA entities extend a common class

All owned entities should extend a common class, let's call it OwnedEntity.

Protect owned resources with an interceptor

Create an interceptor which we will use on each owned resource that will check the owner of the entity against the authorized user. We pass the owned entity as a parameter. We will need this information to be able to fetch the correct JPA entity in the interceptor implementation.

We protect an owned resource with this interceptor

Interceptor implementation

Make sure the priority of this interceptor is lower than your security interceptor, since a valid authenticated user should already be present before it.

The limitation of this interceptor is that it can only protect ID based resources of type /resource/:id. For list resources, use seperate logic to insert an additional WHERE filter by owner ID to TypedQuery/Criteria query used for list fetching.

Second limitation is that the entity ID should always be declared first in resource method. Another way would be to enforce the name "id" as the parameter name representing the entity ID, but this requires additional reflection info to get method parameter names.

The example here uses SecurityContext to retreive the authorized user. You might need to inject your own context or parsed JWT token to retreive the needed identificator, depending on what you store in your database as owner ID (user UUID, email etc).

An improvement of this interceptor is to check the roles in security context and skip the owner check if role is an ADMIN or similar, since we probably want to allow admins to access all resources.

So how useful is this?


+protects owned resources with a simple annotation

Not so good:

-only protects ID based resources, you still need a seperate mechanism for lists
-only protects the base entity, not nested owned relations (/book/:id/somethingElse/:id2), which would mean child entity can have different owner than parent and client must be prevented from access of the child. I did not yet stumble upon such a requirement though.
-forcing method parameter position or consistent naming in resource methods


Creating a new torrent and seeding with Transmission

You have setup a Transmission server on your Linux box together with Transmisison Web or something along those lines and now you are wondering.. how can I actually seed a NEW file?

I couldn't find a straightforward answer on the web so here is the short tutorial:

  1. Upload your file to your transmission download directory
  2. cd to that directory and create a torrent file (lets say the file you uploaded was called  myfile.rar):

    Replace tracker1, tracker3, tracker3, …trackerN with a bunch of trackers. Better specify more than one in case they go down. Here is a cool little list of public trackers.
  3. Download the new .torrent file you just created, open Transmission Web and add the torrent. Since the file already exists in download directory, Transmisison will just revalidate the data and start seeding. *mind blown*
  4. Distribute the torrent file to your people or generate a magnet link with


Ubuntu 18.04 on MacBook Pro 11.5 – a sad state of affairs

There was an extra MacBook Pro 11.5 lurking around so I decided to install Ubuntu 18.04 on it and try to setup a usable workstation.

A culmination of several issues prompted me to not pursue this setup further. Linux drivers and MacBook hardware just don't play along very well.

Display flickering/corruption on main display

The bottom part of the HiDPI screen is experiencing some kind of flickering as tracked by this bug. Changing desktop environment, distros and X server configuration did not result in any improvements. For a moment Wayland seemed to have solved the issue only to reappear on next boot.

Since I also connected 3 external monitors this was not a deal breaker. External monitors did not display this issue.

Fan going at 100% most of the time

Even at idle or low load the fans would spin at 100%. Thermald was not doing it's job for whatever reason. It is hard to say why since most temperature sensors seem to be working fine and report acceptable temperatures.

I found a simple but great project called mbpfan which stopped the fans immediately after being started and still kept temperatures seemingly in check. I increased the minimum fan speed in mbpfan config just to avoid any potential overheating problems. With this setup I was getting 70-80 degrees with no overheating problems and a quiet fan.

CPU is in constant low frequency state (dealbreaker)

After installing cpufreq gnome extension I figured out that CPU is always at 800MHz. Mbpfan was not the cause since the same lack of scaling appeared when it was turned off.

First I tried to disable Intel p_state driver but the lack of scaling continued. Using userspace driver in cpufreq, I was unable to change min/max frequencies or force a specific frequency via cpupower.

As per ArchWiki, I gifured out that BIOS was enforcing this state via

After ignoring ppc via

the CPU instantly started to scale as expected. Unfortunately this was not the final solution since the low state  would randomly reappear again for long periods of time with small time windows of scaling working as expected. Therefore, even with ignore_ppc I would still get 800MHz most of the time with temps reported around 70 degrees.

In this state Gnome Shell would lag and everything was half-usable.

Something in hardware was throttling CPU and I wasn't able to overcome it.

Bcmwl driver very spotty

WiFi bcmwl driver is very spotty. It would connect to Android hotspot no problem but it failed to connect to WiFi router. Small sample of 50% reliability.

Display positions not remembered after reboot

I had to rearrange the external monitors on each reboot since Gnome would not remember their positions. I had to come up with xrandr script to run after login to remedy this sad state of affairs.

No per-monitor scaling

Gnome still does not support setting the scale factors per monitor. Again, I had to come up with xrandr script to achieve 200% scaling on HiDPI and regular scaling on external monitors (1900×1200).

Broken scaling under Wayland

Apparently if you set the scale factor to default in Wayland session, things should "just work" across HiDPI and non-HiDPI displays. Don't believe these people, they are liars.

I set the scaling to default but that made HiDPI desktop tiny while external monitors were fine. Increasing the scaling to 200% made HiDPI fine while external monitors scaled also.

There is also no xrandr under Wayland so you can't help yourself with that.

Broken rendering of electron apps on external monitors

If using Postman on an external monitor, parts of the dialog boxes would simply disappear, making the tool unusable. Using Postman on main display did not have this issue. Weird.


The bottom line: get a Dell or a Lenovo for your Linux workstation needs.


Xrandr framebuffer and per-display scaling

Ubuntu 18.04 LTS came out recently with Gnome desktop as default. Unfortunately even in 2018, it won't remember the external monitor positioning after reboot and has no support in display settings to set per-display scaling. Year of the Linux desktop, anyone?

Xrandr is a powerful Linux tool to manipulate displays. Unfortunately, the man page is very sparse on information with badly explained flags and various Linux guides are no better.

This example will create a triple monitor setup with HiDPI laptop display at the bottom of the array.

Xrandr command:


Gnome scaling is set to 200% so our HiDPI native display looks normal. Unfortunately this also means non-HiDPI displays have this scaling applied which is not what we want.

Framebuffer is the full outer rectangle which must be able to contain our display setup as a whole.

Since external displays are scaled 2×2 (zoom out), they take twice the size of their actual resolution in our framebuffer. Meaning their sizes in fb are actually 3840×2400.

Y of the framebuffer is therefore 2400+1800=4200 (HiDPI display is scaled 1×1 so it takes the same amount of space in the framebuffer as it's resolution).

X of the framebuffer is 3*3840=11520.

–fbmm specifies the full framebuffer size

–pos specifies the position of the display in the buffer. 0x0 position starts on top-left corner.

–mode sets the actual display resolution

–output specifies the display output (run xrandr to list all available)

–scale specifies "zooming" in (<1) or out (>1)


The end result has some invisible area on the bottom-left and bottom-right corners so it is not ideal. I have yet to figure out if it is possible to specify fencing around that area.

The HiDPI display is also not perfectly aligned with the top display but that could be corrected with fractional scaling. It didn't really bother me to fiddle with that.

Finally, you should run this command with a startup script so you get the correct monitor positioning and scaling after login.


Running multiple PHP versions and compiling from source

We had a peculiar situation where both PHP5 and PHP7 were needed at the same time on a FreeBSD server. It was also prohibitive to get root or sudo access on the managing account. The solution was to compile PHP from source with fpm, run fpm on a UNIX socket and wire the specific domain which needed PHP7 through Nginx.

Compiling from source

Compiling PHP is pretty straightforward but you can easily forget crucial configure flags. First get the source archive. After trial and error, this appears to be "good enough" for Laravel 5.6 requirements.

Followed by

copy php.ini-development file from source to the –with-config-file-path directory and call it php.ini.  In PREFIX/bin confirm that php binary is loading your ini file by running

If you made a mistake in your configure run, you have to make clean first or the changed options won't be picked up.

Configuring fpm

In your PREFIX/etc folder, check php-fpm.conf. The only lines I bothered to verify and edit were pid, error_log and include, the rest can be left as is.

Inside folder php-fpm.d create a config file like my.subdomain.conf and add something like

You can study fpm config in great details but this is enough to get you going.

Now you can run your PHP7 fpm process in PREFIX/sbin with

Since we don't have any init scripts in this case, we must be able to kill it also. Find it with

and kill with

Make sure it says php-fpm: master process in the ps output, killing children doesn't do anything, just respawns them.

Now you just need to wire up your Nginx to use this fpm instead of the PHP5 system one by specifying

We now have PHP dualstack with some web apps running on system provided PHP5 and some on our own built PHP7. We did not need root for this process, except possibly for configuring Nginx.

One obvious downside is that you now have to take care of updating your PHP version on your own but that is one view we had to sacrifice. Updates should be relatively easy and fast since make install won't remove your config files in existing installation and compiling PHP takes just a few minutes.



Centos Docker unable to unmount on stop/start

Error looks something like

Error response from daemon: driver "overlay" failed to remove root filesystem for 805c245dad451542b44bb1b58c60887fa98a64a61f2f0b8de32fa5b13ccc8ce4: remove /var/lib/docker/overlay/8f666b802f418f4a3dc4a6cafbefa79afc81491a5cb23da8084dd14e33afbea0/merged: device or resource busy

It usually appears when stopping and starting a container. It results in Docker container not being able to start or starts in a weird dead/removed state. Issue is presumably fixed in Centos 7.4 as per this github issue, but a workaround exists:

1. Grep by part of ID:

it shows which process is holding up the mount in busy state


2. Kill the process



Lib packaging for your own repo

This is a note to self about the release procedure and distro packaging of a development library.

This instructions expect aptly and createrepo to be preinstalled on your repo server together with a valid GPG key.

Packaging a .deb

1. Checkout the release tag and build the deb according to README. Each build should be done on the same machine as the target distribution. If I am packaging for Centos 6 I am also building on Centos 6. If CMake and CPack are set up correctly it usually boils down to:

If the project is missing CMake, refuse to package it.

2. Check that deb info is correct:

3. Rename it to distro you are building on, then scp to your repo server

4. If aptly repo does not exist yet, create it

Ideally you only create the repo the first time, for future updates you create a snapshot of it, add a package, then switch the repo to new snapshot. See aptly docs for more.

Alternatively, you can just add more packages and update the repo with


5. Add package to repo

6. Publish repo

7. On target machine, add repo to /etc/apt/sources.list and fetch public key

8. Update and then check if package info is correct

9. If big mistakes were made

..and start over. Repeat for Debian 8 etc.

Packaging an .rpm

1. See the previous #1. The only difference is

2. Check that rpm info is correct

3. Rename it to distro you are building on, then scp to your repo server

4. Make sure you have .rpmmacros file in home dir with uid of gpg signing key (check out your keys with gpg –list-keys). If you don't have one, generate it. Entry in the file should look like:

5. Sign rpm

4. Move to appropriate repo that was created by createrepo earlier (see createrepo docs)

5. Update repo metadata

6. Add your repo on the target machine

Since createrepo is pretty much just an http server you can simply delete an rpm and update the metadata in case things go south.

Repeat for Centos 6 etc.


Analysis of BNETD and Blizzard

This is a Lawmeme article posted by Ernest Miller in 2002 bringing a detailed look in the Blizzard v Bnetd case. Since the original website no longer exists on the web I decided to post it here for preservation. You can view the original on this link.


On February 17th, Vivendi sent a cease and desist letter to the ISP hosting the bnetd project (which had developed a emulator) for alleged copyright infringement of Blizzard's games as well as violations of section 1201 of the DMCA. Slashdot has run two stories on the case the first announcing it (Blizzard Rains on Bnetd Project) and the second looking at the responses from Blizzard and bnetd (Blizzard, Bnetd Respond on Bnetd Shutdown). The Kuro5hin community also discussed the case (DMCA used to shut down bnetd project).'s response has been posted on the web (Emulation FAQ). Anti-DMCA activist Tim Neu has written a Rebuttal to the FAQ. Chilling Effects, the cease and desist website, has the letter as well (Bnetd Project – Chilling Effects). Bnetd has posted its own Case FAQ.

UPDATE (28 Feb 2002): a few technical corrections


Blizzard and

Blizzard is currently a division of Vivendi Universal Games, the gaming component of multinational multimedia conglomerate Vivendi Universal Publishing. Game company legend Sierra Entertainment is also part of Vivendi as are such valuable franchises as The Mummy Returns and Lord of the Rings.

Blizzard's first big success, WarCraft: Orcs and Humans, was released in late 1994 and was one of the pioneering games in a revolutionary new genre known as real time strategy. Real time strategy has since become one of the leading formats for games, especially in multiplayer gaming. In December 1995 the immensely popular sequel, WarCraft II, was released. WarCraft II allowed play by up to eight other people simultaneously via a local area network (LAN) using the IPX protocol. However, not many did because LANs were not readily available to most players. Internet play was not an option because the Internet uses TCP/IP protocols, not IPX. However, a shareware IPX emulator called Kali was available that allowed games with an IPX connection to be played via the Internet. Kali (which is now hosted by I-Lan Game) essentially fooled WarCraft II into thinking it was being played on a LAN when it was actually being played via the Internet.

Internet play via Kali was tremendously popular and Blizzard went so far as to release a patch called "War2kali.exe" to facilitate play via the Kali network, though no formal agreements were made between Kali and Blizzard. Indeed, Blizzard included a full copy of the freely distributable Kali shareware client in the WarCraft II: Battle Chest edition without asking permission from Kali (none was legally required). Since then, every subsequent Blizzard release has included LAN play and was supported by Kali, which has never received a cease and desist order. The success of multiplayer over the Internet obvious, Blizzard introduced with their next product, Diablo, in late November 1996. Like Kali, was a multiplayer meeting place that permitted players of Diablo to easily find opponents for Internet play. Use of was free for the purchasers of Diablo (and every subsequent Blizzard release).

The Bnetd Project

In February 1998, Blizzard published what many consider the best real time strategy game ever released, StarCraft. It was certainly popular, selling more copies than any other game in 1998. For a variety of reasons, in the Spring of 1998 Mark Baysinger, then a student at the University of California San Diego, begin reverse engineering the protocol StarCraft clients used when connecting to In April, Mr. Baysinger posted the first version of a emulator he called "Starhack." One could not actually play StarCraft with this first version it merely had chat capability. One day after posting Starhack on the Internet, Mr. Baysinger received a cease and desist letter (Cease & Desist Letter) from the Software Publishers Association (now known as the Software & Information Industry Association). Although the SPA initiated the cease and desist demand, Blizzard was copied on the letter and presumably authorized it. Unimpressed, Mr. Baysinger asked the SPA to clarify their copyright concerns, but never received any clarification (SPA Cease and Desist Correspondence). In the face of Mr. Baysinger's refusal to shut down his project on the SPA's mere assertion, the SPA apparently dropped the issue. Slashdot noted the controversy at the time (Blizzard, SPA and StarHack site).

The Starhack project quickly became popular in the StarCraft community but, due to time limitations, Mr. Baysinger abandoned the project in December 1998. Starhack had been released under the GPL and, in a classic example of open source development, continued to be developed as the bnetd project (What is the history of bnetd? in the BNETD FAQ). As Newsforge reported (Open Source game server shut down by DMCA), bnetd was an example of a successful open source project, as "the bnetd project had 10 listed developers and was above the 95th percentile of activity at with a stable product." The latest version of bnetd supported most functionality, including clients for StarCraft, StarCraft: Brood War, Diablo 1.05+, WarCraft II Edition and Diablo II. The only major functionality missing was the ability for Diablo II players to host "closed" realms where the server stored the characters created by players (How complete is bnetd right now?).


Diablo II was released to great acclaim in June of 2000 and its expansion set, Diablo II: Lord of Destruction, was published one year later. The next eagerly anticipated release from Blizzard is the third installment in the WarCraft dynasty WarCraft III: Reign of Chaos, which is expected to be released in June 2002. On February 7, 2002, Blizzard shipped out 5,000 beta copies of WarCraft III to selected individuals for playtesting and balancing (WarCraft III – Beta Information Center). Such extensive playtesting is necessary because of the complexities of properly balancing a multiplayer game that includes 4 different races with widely varying abilities (Rock, Paper and Scissors). WarCraft III will, like previous Blizzard games, include single player and LAN play options. However, for purposes of the beta test, only play was enabled in the shipped beta copies.

It wasn't long (February 13th) before beta testers began to provide the bnetd project with packet dumps from the communications between WarCraft III beta client and (WarCraft III Dumps). This was, of course, so the developers could begin work on supporting WarCraft III on bnetd. However, some of the main developers were opposed to working on support while the client was in beta (Tim Jung – Re: WarCraft III Dumps). Consequently, as is occasionally the case in open source projects (Advantages of Open Source Software), a "forked" version of bnetd was developed. The developers of this new version of bnetd called themselves "Warforge."

The Cease and Desist Letter

On February 19, not long after the Warforge WarCraft III beta compatible version of bnetd was released, the ISP hosting the bnetd project, Internet Gateway, Inc., received the cease and desist email. Action was also taken against Net-Games, also known as, which provided another emulator. Net-Games is based in Germany. Unable at this time to contest an expensive lawsuit against Vivendi, the bnetd development team removed the emulator files. Subsequently, and independently, Warforge removed their emulator files. Net-Games has also removed access to the objectionable files while they consider their legal options.

It should also be noted that sometime in 2001, in the late summer or early fall according to one source familiar with the issue, both GameSpy Arcade and Microsoft's MSN Gaming Zone, which had previously served as meeting places for Blizzard games similar to Kali or bnetd, ceased to do so with little publicity. Both had been asked, informally, to no longer support enabled games. As both have close business relationships with Blizzard (such as Gamespy's websites devoted to Blizzard games such as PlanetDiablo and Orc Command "For ALL things WarCraft"), both complied with the request.

The Technology

Blizzard would not comment on the technologies used for, so the following description is based on conversations with members of the bnetd and Warforge development teams.

The protocol is a relatively simple one. is essentially a meeting place for gamers and does not actually host games it merely provides a forum for players to meet to set up a game, which is then hosted on one of the players' own computers. This is known as peer-to-peer gaming and is very efficient as far as the meeting place is concerned since the bulk of the game traffic does not have to pass through or be processed by the meeting place's servers (Salon published a story on the economics of in 1999 Online gaming's store-shelf chains though I doubt ad revenues are as high as they were then). The partial exception to this on is the "closed" realms version of Diablo II, where characters and games are stored on servers. In addition to opponent finding and game launching, meeting places often offer chat, buddy lists, ladders (rankings of players) and other functions. Such meeting places are not particularly difficult to develop or run. In the gaming community there have been numerous implementations of meeting places, including ones already mentioned as well as such defunct examples as (now part of GameSpy), TEN, and HEAT.

The majority of the information sent from a enabled client (such as StarCraft) to is fairly standard for such games and, as such, was not terribly difficult to reverse engineer. The exception being, again, Diablo II closed realms, which is only partially a peer-to-peer game. Moreover, no significant change is required in the client program to enable the program to talk to an alternative bnetd server. All that is required is for the user to edit a configuration file in the Windows Registry. Users can edit the registry using a standard program included with Windows called regedit.exe. Regedit.exe can be difficult to use, and improper use can have serious consequences such as disabling a program or the entire computer. Thus, a small progam was developed that made it simple for users to edit the pertinent elements of the registry.

The non-encryption related elements of the WarCraft III beta are not terribly different from previous Blizzard games. There have been some minor changes to the protocol, but nothing significant. Thus, the developers of Warforge were able to make the appropriate modifications to their version of bnetd within a few days.

The Crypto

For most games there are at least three places in the protocol that are encrypted or hashed there may be more in some unknown fields, but they do not seem to affect functionality. These elements perform the following functions:

  1. CD-Key packets in newer clients,
  2. Client version authentication,
  3. Account creation, login, and changing passwords, and
  4. map authentication

Bnetd does not know how (1) and (4) works. Two (2) is a checksum challenge and (3) uses a pseudo-SHA-1 hash.

The CD-Key performs two functions for games. The first function is to prevent installation of the game from CD without the key. That is, when you attempt to install Diablo II the program will require the user to manually enter a CD-Key before installation will continue. Without the CD-Key the game cannot be installed. The second function takes place when a player attempts to connect to During the initiation sequence, the client will send an encrypted version of the CD-Key to the server which will determine whether the CD-Key is valid or not. If valid, the server will also determine whether another player is currently logged on with the same CD-Key. If the CD-Key is not valid, or another player is currently logged on with the same key, will reject the connection. Since each CD has a unique key, such a policy discourages piracy or the sharing of keys.

Note however, that pirated versions of Blizzard games can be installed with shared keys and that LAN play does not require CD-Key validation.

Bnetd's emulation of does not validate keys. It simply ignores the encrypted packet containing the key. After all, users of bnetd would probably not be happy if bnetd did decrypt the packet, since that could be a means through which the unscrupulous "harvest" valid keys that could then be sold by pirates.

The WarCraft III beta works a little differently than previous Blizzard games. The CD-Key for WarCraft III seems to perform the same function as previous games, but with one addition. Having validated the CD-Key, the server will return an encrypted response to the client (challenge-response). Without this response the client will not function. Warforge surmounted this by creating a program that changed a single byte in one of WarCraft III's Dynamic Linked Libraries (DLL) so that the client no longer expected a response.


The Cease and Desist Letter

The letter sent to Internet Gateway, Inc., the ISP hosting the bnetd project appears to invoke and meet the requirements of a section 512 letter under the Digital Millennium Copyright Act ("This letter is to notify you, pursuant to the provisions of the Digital
Millennium Copyright Act….in order for you to claim a safe harbor under the DMCA."). At first glance, it seems to include all the information required for proper notification under section 512:

  • The name, address, and electronic signature of the complaining party [512(c)(3)(A)(i)]
  • The infringing materials and their Internet location [512(c)(3)(A)(ii-iii)]
  • Sufficient information to identify the copyrighted works [512(c)(3)(A)(iv)]
  • A statement by the owner that it has a good faith belief that there is no legal basis for the use of the materials complained of [512(c)(3)(A)(v)]
  • A statement of the accuracy of the notice and, under penalty of perjury, that the complaining party is authorized to act on the behalf of the owner. [512(c)(3)(A)(vi)]

On closer inspection, however, the letter is problematic on a number of fronts. First, section 512 is only applicable to infringements of copyright. It does not apply to violations of the DMCA. Vivendi claims that some of the offending material "bypasses anti-circumvention technology, thereby infringing upon Blizzard Entertainment copyrights." Bypassing anti-circumvention technology may be a violation of section 1201 of the DMCA. However, violating section 1201 is not an infringement of copyright it is a violation of the DMCA. According to section 501 of the Copyright Act, copyright infringement is a violation of the copyright holder's rights under sections 106-118 or 602, it does not include section 1201.

The letter also claims that software hosted by bnetd "modifies and/or alters Blizzard Entertainment copyrighted software … thereby infringing upon Blizzard Entertainment copyrights." Problematically for Vivendi, no software provided by bnetd altered or modified any Blizzard software. At worst, bnetd provided instructions and a program for individuals to modify Windows registry configuration information. Moreover, it is not readily apparent that software which modifies or alters other software necessarily infringes copyright. Again, copyright infringement exists where rights under sections 106-118 or 602 are violated. Nowhere does the copyright law say that copyright holders have the exclusive right to ensure that their works are free from modification or alteration. In essence then, Vivendi has asserted infringement but has not claimed that any of its exclusive rights as a copyright holder have been violated. How can an ISP identify infringing material when there are no allegations of infringement, only an unsupported assertion? After all, section 512(c)(3)(A)(vi) requires a statement "that the complaining party is authorized to act on behalf of the owner of an exclusive right that is allegedly infringed." But the letter does not identify any exclusive right being infringed.

Finally, the letter did not specifically identify any infringing files whatsoever. Although identifying every file is not always necessary, there is not even a listing of representative files that are to be removed. With the exception of the forum mailing lists, the bnetd website did not change excessively. There is no excuse for Vivendi not to have identified specific files or, at a minimum, representative files.

Does BNETD Violate Blizzard Copyrights?

Unlikely, although it must be stated that Vivendi/Blizzard has yet to claim which exclusive rights are infringed by which programs hosted by bnetd, so this analysis is based on speculation as to likely complaints.

In general, copyright infringement consists in copying or distributing another's work without authorization. In this case, the bnetd server is the original work of its various developers (BNETD Project Credits). The developers have never had access to software, so it would be impossible for them to have copied it. As there is no copying there is no infringement. Indeed, Blizzard's FAQ on the case admits as much since it is called the Emulation FAQ. In computer science, emulators are software designed to imitate the same function as another piece of software. They are not copies. If it was a copy, it would not be "imitating" the function of another piece of software, it would be the same software.

In order to create a emulator, the bnetd developers engaged in a combination of reverse and value engineering. Their method of reverse engineering did not require any decompiling or disassembly of the code of the client (again, they could not have deassembled or decompiled the code since they did not have access to it). It is decompiling of code that frequently gets reverse engineers in copyright trouble that is not a problem for bnetd since it was not required. Bnetd was able to reverse engineer by simply looking at the traffic between server ( and client (game player). For example, a player would start a game as one type of character on in Diablo II (e.g., a Necromancer) capture the packets, then start a game as a different character (e.g., a Barbarian) and capture the packets. By comparing the two packet dumps, one of the bnetd developers would be able to determine which packets identified specific elements of the game. The developer would then make changes to the bnetd server and check his work by performing the same test with client on the bnetd server. Through trial and error, the bnetd server improved.

To my knowledge there is no law that holds that reverse engineering a protocol through packet dumping implicates copyright in any way.

Vivendi might claim that special programs to assist users of bnetd to edit their Windows registry violated copyright. As mentioned above, the Windows registry consists of configuration files that can be modified by the user using regedit.exe which is part of every version of Windows. It is not at all clear how provision of a program to make editing certain portions of the registry easier would violate an exclusive right of the copyright holder. Moreover, it is not clear whether a user who alters the registry is violating copyright. They may be violating the EULA (more below), but that is not a violation of copyright.

Does BNETD Violate Section 1201 of the DMCA?

Unlikely, but the statute in question is quite complicated and the law has not yet been clarified by the courts. It must also be made clear that simply because something may facilitate piracy does not mean it violates section 1201 of the DMCA.

The first issue is whether or not the CD-Key authorization mechanism is an access control device under section 1201(a). Section 1201(a) states that a device controls access to a work, "if the measure, in the ordinary course of its operation, requires the application of information, or a process or a treatment, with the authority of the copyright owner, to gain access to the work." One significant question is access to what work? Bnetd does not facilitate unauthorized access to, it is a substitute. Bnetd does not facilitate access to the single player version of the game. Bnetd does not faciliate access to the LAN multiplayer aspects of the game. Bnetd does not facilitate access to Internet multiplayer, since that is accomplished through LAN emulators such as Kali. At worst, bnetd facilitates access to Internet multiplayer using the client's interface. It is questionable whether access to a particular interface counts as "access to the work." It is questionable whether enabling certain functionality is "access to the work." Even granting that the interface or functionality is a work that can be improperly accessed, does accessing it require tha application of information, or a process or a treatment to gain such access? For every Blizzard game prior to the Warcraft III beta, clearly not. Bnetd servers don't send any "access" information to a client, they simply do not bar a client from accessing them.

This is made clear by the definition of circumvention in 1201(a)(3)(B), which "means to descramble a scrambled work, to decrypt an encrypted work, or otherwise to avoid, bypass, remove, deactivate, or impair a technological measure, without the authority of the copyright owner." Bnetd does not descramble, decrypt, remove or deactivate anything. It does not avoid, bypass or impair, it ignores. Ignoring is not circumventing. Indeed, section 1201(c)(3) states that, "nothing in this section shall require that the design of, or design and selection of parts and components for, a consumer electronics, telecommunications, or computing product provide for a response to any particular technological measure." The reason for this is to prevent copyright holders from forcing copy protection measures onto computer and consumer electronics manufacturers. An example would be a music publisher who releases a CD that has watermarking in the music. The watermark states, "do not rip into MP3 format." There is no obligation for CD manufacturers to build in a system that can detect and obey that watermark.

Moreover, even bnetd did circumvent an access anti-circumvention measure, it would still be legal to distribute it so long as:

  • It was not primarily designed or produced for the purpose of circumvention. A very good case can be made that the primary purpose of producing bnetd was to provide an alternative to the drawbacks and limitations of (About the BNETD Project). One quote from a Review of Diablo II on will provide some idea of the frustrations many feel with regard to "Provided that Battlenet doesn't make you want to pry your eyes out with a grapefruit spoon, you will find that you can go online and play your character in the Diablo Battlenet Realms." Even Blizzard's Senior Director, Bill Roper, admits that's stability left something to be desired in an interview with Eurogamer, "There was certainly a period of time in the history of where the team was constantly playing catch-up. They work on stability, they work on how many people could be online, they work on access and bandwidth issues, they get all those things fixed, and then we get another 25,000 people online concurrently and all [the] new stuff will break."
  • It has more than limited commercially significant purpose. Again, a very good case can be made that bnetd does have significant commercial purposes. Bnetd currently supports a number of features that does not, such as the ability to connect with IRC, create custom ladder games and tournaments, and send broadcast messages.
  • Is not marketed for use in circumventing a technological measure that effectively controls access to a work protected under this title. Although, as an open source project, bnetd has little control over how some individuals may promote it the bnetd and Warforge developers have never promoted piracy of Blizzard's games. Indeed, the developers of bnetd are some of Blizzard's biggest supporters and fans.

The next issue is whether bnetd violates section 1201(b) which prohibits distribution of devices which "effectively protects a right of a copyright owner under" the Copyright Act. To qualify as technological protection measure under section 1201(b), a device must in the ordinary course of its operation, prevent, restrict, or otherwise limit the exercise of a right of a copyright owner." The only right at issue would seem to be the right to copy. But it is difficult to claim that bnetd undermines this as one must already have a copy of a Blizzard game (legitimate or illegitimate) in order to use bnetd. In other words, any copying occurs prior to use of bnetd. It may be that the availability of bnetd encourages some to make illicit copies who wouldn't have without bnetd, but that is not a violation of the DMCA.

It is also strange to claim that the CD-Key system prevents copying since a valid CD-Key is not necessary to connect to and download the latest patches for a warez copy of the game. Using a warez copy one logs into Prior to CD-Key validation, Blizzard conveniently provides the latest patches for the warez copy. Patches are also available via public ftp ( It is hard to claim that the CD-Key system effectively prevents copying when Blizzard itself updates warez copies of its games to the latest version. Most bnetd servers are set up by owners of legitimate copies and the server ensures that those joining have the same version of the game. If Blizzard were truly concerned about piracy they would at least try to make it more difficult to get the latest patches.

Furthermore, under section 1201(f)(2):

Notwithstanding the provisions of subsections (a)(2) and (b), a person may develop and employ technological means to circumvent a technological measure, or to circumvent protection afforded by a technological measure … for the purpose of enabling interoperability of an independently created computer program with other programs, if such means are necessary to achieve such interoperability, to the extent that doing so does not constitute infringement under this title.

It seems pretty clear that even if bnetd is a circumvention device, then it clearly falls under the exemption of 1201(f)(2), since any circumvention is only for the purpose of achieving interoperability between bnetd and the Blizzard game. Such interoperability does not constitute infringement, since it does not violate sections 106-118 or 602.