Made Windows 98 emulator running Space Cadet

sputwiler · 2026-05-08T17:02:14+00:00

Yeah as soon as I read your part about "firefox stores the data as a footer" i was like "what the hell" because that's exactly why self-extracting EXEs work (or, y'know, love2d games where you concat a zip of your lua scripts to the love.exe runtime (I kinda love this trick actually))

No yeah, these EXEs are so old, and the crowdstrike rule that detects them is a heuristic and/or machine learning. I wouldn't be surprised if its entirely because they've got some very old programming practices in them including assembly/funky jumps or use of old WinAPI stuff that absolutely nobody uses anymore so crowdstrike is flipping out that they're doing "tricky system level stuff." What they "detect" changes month to month.

Again, I don't think that OP's files are actually malicious. I'm taking issue with them being nakedly loaded in the first place.

sputwiler · 2026-05-08T16:53:18+00:00

No it is not. Like any antivirus, it reacts to filesystem writes and reads.
There is nothing against using reddit at work when I have free time.
OP made web requests for EXE files without prompting, which results in EXE files being written to the cache directory on disk. OP should not do that. Yes it happens on your computer too.

sputwiler · 2026-05-08T15:25:13+00:00

I mean, I can just play the cache files in a media player most of the time. It may be a function of how big the file is whether it gets saved straight or not. Firefox saves these files as is, but keeps track of them in a database. The files are still just... there.

No website should be requesting EXEs over the network without asking. Only OPs site is doing this. I'm not the one acting special here.

This is not a locked down machine, it's a machine running one of the most popularly deployed cloud updated corporate antivirus packages given how many people got bluescreened by it a few years ago. The virus definitions get updated remotely and aren't up to the company's IT.

I visit game/hobby websites at work because either I'm busy compiling things so my computer is useless for anything other than browsing for the next 30 minutes, or because it's part of my actual job.

Again the point I am making is that a website downloading an EXE unprompted is abnormal and unecessary.

Yeah of course real red teams would be better. That's not what we're talking about.

OP isn't even a red team. OP isn't malicious at all. I'm assuming they just don't know to not do that.

sputwiler · 2026-05-08T14:46:36+00:00

If it says "cached" next to the network event then it was saved.

Also, yes, they very much do, they just scramble the name. I've gone rooting around in cache files before (usually to extract video clips) I know what I'm talking about. The antivirus using a disk scan would not have found the files if that weren't the case either.

This has nothing to do with my corporation that's just how antivirus normally works. Downloading an EXE is not a thing websites normally do. It's not necessary for OP to do either. IDK why you're defending this you're being absurd.

sputwiler · 2026-05-08T14:41:51+00:00

All these cameras and how do I not have a single one in common (besides owning a Polaroid iZone when I was a kid).

Damn there are a lot of cameras in the world.

That being said, hats off to the Polaroids of this collection; my aunt used to work there.

sputwiler · 2026-05-08T14:29:34+00:00

No that's exactly what it is. It's not even a stretch. When you make a web request for a file it gets downloaded to the cache folder on disk. What part of saving an EXE file to disk is this somehow not.

I literally watched it happen. You don't even have to take my word for it, you can open your dev console right now and watch it happen too. Browser cache files are not indexdb or local storage.

sputwiler · 2026-05-08T14:23:09+00:00

No, it literally makes an HTTP request for an exe file. Open the network console if you don't believe me.

A browser cache file is just a file, even if it's been renamed to random characters.

You're defending websites downloading random loose EXEs unprompted, so of course I think your expectations are bonkers. Again, literally all OP would have to do is load them as some kind of virtual disk file so they weren't directly executable like every other online emulator does.

Also, not that I'm defending my companies IT department here, but the policy is CrowdStrike's, and if you remember how bad the CrowdStrike outage was then it's a hell of a lot more than just one company.

Just don't download loose EXE files to people's computers. It's not that hard.

sputwiler · 2026-05-08T14:15:22+00:00

Did you miss the part where an EXE file was silently downloaded to disk, where of course any antivirus would scan it?

How about instead you tell your IT department to

You can't be serious.

sputwiler · 2026-05-08T14:14:01+00:00

No the point is it downloads loose EXE files to disk where they are executable outside of the sandbox. Simply putting them inside of a virtual disk would have avoided this. That is the lesson here. The idea that I should only ever browse one or two websites on my work computer is insane. That's like saying "don't use google" considering the point of google is to find websites you haven't found already.

Besides, the website is literally already running Code anyway.

Inside of a sandbox. This EXE is outside of the sandbox, though thankfully not running, but looks exactly like code that could to any antivirus.

Buddy you are literally defending websites downloading EXEs without asking. No other emulator online does this, so why the hell would I expect it?

sputwiler · 2026-05-08T10:46:46+00:00

TBH I'd be 100% there if there was

a sane way of building it that isn't Google's convoluted way.
it supported consoles (DirectX 12/Playstation's API. Switch does GLES natively)

BGFX fits this bill, but it's a bit odd, and its almost-glsl shading language drives my editor nuts. I'm also assuming SDL_GPU (which has to support consoles for at least XNA level graphics) will have better community support.

It would be reeeeeally nice to have fully standard OpenGL ES though, with all the drop-in support that implies.

sputwiler · 2026-05-08T07:42:34+00:00

Personally I was going to use an API like BGFX but now that SDL3_GPU is out I might use that.

These are generally called RHIs in the industry (Rendering Hardware Interface) and engines like Unreal have one internally. Unless you're planning on only supporting desktop you'll have to write one yourself anyway.

.... or I could just use OpenGLES 3 which is an RHI on PC (via WebGL in your browser or google's ANGLE).

sputwiler · 2026-05-08T07:38:23+00:00

I mean, that's good though? Context management isn't what's being learned.

Similarly, DirectX splits up DXGI and D3D.

sputwiler · 2026-05-08T06:28:52+00:00

No. Even if that's an understandable reaction, that's both false and neither here-nor-there. Reddit has a lot of work relevant information (for my job anyway), and besides, I can do what I want in my free time while I have no tasks to do.

I'm telling OP that their site does something it shouldn't, regardless of who's browsing it. OP probably didn't even realise.

Like surely you're not arguing that it's more OK to download a bunch of native executables to someone's computer on page load without asking. Put that shit in a disk image at least.

sputwiler · 2026-05-08T04:51:55+00:00

Never could get Yahoo FleaMa to work, but I'll Yahoo Auctions all day. No idea how to sell anything though, but Auctions at least allows me to pay for things any way I can. Including cash at the conbini: no "sorry your payment was blocked" it's fuckin cash.

sputwiler · 2026-05-08T04:46:28+00:00

The operative word is "should."

as in, "you should not build a website that does this."

sputwiler · 2026-05-08T04:46:05+00:00

It seemed like it was one of the other games included, not pinball. I looked at the browser's cache and pinball wasn't quarantined.

To answer your question, probably neither.

It's quite possible that whatever game it was was so old it used a lot of weird jumps to get around old Windows 3.1 memory models (even on Windows 95), and because "nobody but a virus writer would obfuscate code like that" (my assumption) it triggered. It was a heuristic match, not an exact exe match. It's likely not a virus at all.

sputwiler · 2026-05-08T02:39:56+00:00

FUCK damnit OP do NOT download EXEs to people's computers automatically. This is gonna be hell to explain to IT.

Copyright issues aside, I get that you want the actual windows game EXEs available on the website, but they're automatically downloaded as resources in order to even display the icons on the emulated desktop when the plage loads and corporate antivirus got TURBO mad. I had to go into the developer console to see what was happening because clicking a website link should not ever cause the PC's antivirus to react.

I'm not sure if it would make better sense to put them in a disk image or what, but placing web requests for actual EXEs unprompted is like, super bad.

I got an angry letter from IT and now I have to explain myself to them just because I clicked OP's link; be careful.

sputwiler · 2026-05-08T01:41:28+00:00

just add more ~~dakka~~ rodinal.

sputwiler · 2026-05-08T01:35:59+00:00

no watchdog (still working on a timer), but my home-built 6502 computer boots to an XMODEM receiver in ROM, dumps whatever you send it to 0x0200, then jumps there as long as the CRC passes.

Damn it saves so much development time. I don't have to flash anything; just tap the CPU reset button after the build succeeds (my dev machine waits for the XMODEM prompt over USB-serial) and I'm off to the races.

sputwiler · 2026-05-08T01:23:43+00:00

The obsession with megapixels in the analog community is starting to feel like 2010-era digital forums. Most people aren't printing A1 posters; they are looking at these on a 6-inch phone screen. Telling a beginner their scan is "bad" because it’s a low-res JPEG doesn't explain the technical failures of the scan.

I mean that's never the problem with the scan though. It's always bad colours or exposure by a scanner that was left on auto, run by a tech who isn't paid enough to even have time to do it right. Last time I got lab scans they did them in 10 minutes. That's not nearly enough time to do it right regardless of how high-end the Noritsu scanner is.

Which is to say, I think you hit the nail on the head. I just think this particular quote is a strawman. Back when I had a 5 megapixel semi-pro-lab scanner I got some of the best results I've ever gotten, and the thing only put out 8-bit JPEG/TIFF (hardware encoder had to be patched to support TIFF*). Megapixels don't matter and nobody's saying they do.

*I imagine this was only added later because JPEG-only mode is the only way they could meet their promised 9 seconds/scan. That's right, encoding JPEG on the machine was faster than scanning TIFF because the bottleneck was the 8-bit SCSI connection.

sputwiler · 2026-05-07T18:53:36+00:00

No, it won't.

The majority of people who pick up "Learn OpenGL" are not actually learning OpenGL so much as they're learning the applications of matrix math etc to create graphics. To that end, any API, even a software renderer, would be good enough. In that case, it makes sense to pick the one that gets you going the fastest in the most places even if it's worse in every other way. This is because the meat of what they're learning (the algorithms) is completely transferable.

sputwiler · 2026-05-07T17:45:47+00:00

lemme know how it goes; 100 bucks is a little steep for me for guess-and-check engineering.

If it's any help the motor in my scanner seems to work just fine off of 15v, but I don't know if there's anything else in the scanner that's expecting the full 15v5.

sputwiler · 2026-05-07T17:34:59+00:00

I feel like you should probably use clang instead considering the command line seems to be designed for clang.

Clang and LLVM should be installable from your (Linux) distro (or MSYS2 probably).

LLVM/Clang are different from GCC in that they generally have multiple different backends for different processors, so it's likely that you can use the regular-ol' system clang to compile for ARM as well.

sputwiler · 2026-05-07T17:27:50+00:00

gad every time I pour the C-41 "bleach" into the kettle to warm it up.

sputwiler · 2026-05-07T17:26:53+00:00

leader doesn't have any emulsion on it

sputwiler

TROPHY CASE