Recherche avancée

Sur d’autres sites (7356)

• Understanding The Dreamcast GD-ROM Layout

  24 mars 2022, par Multimedia Mike — Sega Dreamcast

  I’m finally completing something I set out to comprehend over a decade ago. I wanted to understand how data is actually laid out on a Sega Dreamcast GD-ROM drive. I’m trying to remember why I even still care. There was something about how I wanted to make sure the contents of a set of Dreamcast demo discs was archived for study.

  
  
  

  I eventually figured it out. Read on, if you are interested in the technical details. Or, if you would like to examine the fruits of this effort, check out the Dreamcast demo discs that I took apart and uploaded to the Internet Archive.

  If you care to read some geeky technical details of some of the artifacts on these sampler discs, check out this followup post on Dreamcast Finds.

  Motivation
  Why do I still care about this ? Well, see the original charter of this blog above. It’s mostly about studying multimedia formats, as well as the general operation of games and their non-multimedia data formats. It’s also something that has nagged at me ever since I extracted a bunch of Dreamcast discs years ago and tried to understand why the tracks were arranged the way they were, and how I could systematically split the files out of the filesystem. This turns out not to be as easy as it might sound, even if you can get past the obstacle of getting at the raw data.
  

  CD/CD-ROM Refresher
  As I laid out in my Grand Unified Theory of Compact Disc, every compact disc can be viewed conceptually as a string of sectors, where each sector is 2352 bytes long. The difference among the various CD types (audio CDs, various CD-ROM types) boils down to the format of contents of the 2352-byte sectors. For an audio CD, every sector’s 2352 bytes represents 1/75 of a second of CD-quality audio samples.

  Meanwhile, there are various sector layouts for different CD-ROM modes, useful for storing computer data. This post is most interested in “mode 1/form 1”, which uses 2048 of the 2352 bytes for data, while using the remaining bytes for error detection and correction codes. A filesystem (usually ISO-9660) is overlaid on these 2048-byte sectors in order to create data structures for organizing strings of sectors into files.

  A CD has between 1 and 99 tracks. A pure CD-ROM will have a single data track. Pure audio CDs tend to have numerous audio tracks, usually 1 per song. Mixed CDs are common. For software, this usually manifests as the first track being data and containing an ISO-9660 filesystem, followed by a series of audio tracks, sometimes for in-game music. For audio CDs, there is occasionally a data track at the end of the disc with some extra media types.

  GD-ROM Refresher
  The Dreamcast used optical discs called GD-ROMs, where the GD stands for “gigadisc”. These discs were designed to hold about 1 gigabyte of data, vs. the usual 650-700MB offered by standard CD solutions, while using the same laser unit as is used for CDs. I’m not sure how it achieved this exactly. I always assumed it was some sort of “double density” sector scheme. According to Wikipedia, the drive read the disc at a slower rate which allowed it to read more data (presumably the “pits” vs. “lands” which comprise the surface of an optical disc). This might be equivalent to my theory.

  The GD-ROM discs cannot be read in a standard optical drive. It is necessary to get custom software onto the Dreamcast which will ask the optical hardware to extract the sectors and exfiltrate them off of the unit somehow. There are numerous methods for this. Alternatively, just find rips that are increasingly plentiful around the internet. However, just because you might be able to find the data for a given disc does not mean that you can easily explore the contents.

  Typical Layout Patterns
  Going back to my study of the GD-ROM track layouts, 2 clear patterns emerge :

  All of the game data is packed into track 3 :

  
  
  

  Track 3 has data, the last track has data, and the tracks in between contain standard CD audio :

  
  
  

  Also, the disc is always, always 100% utilized.

  Track 1 always contains an ISO-9660 filesystem and can be read by any standard CD-ROM drive. And it usually has nothing interesting. Track 3 also contains what appears to be an ISO-9660 filesystem. However, if you have a rip of the track and try to mount the image with standard tools, it will not work. In the second layout, the data follows no obvious format.

  Cracking The Filesystem Code
  I figured out quite a few years ago that in the case of the consolidated data track 3, that’s simply a standard ISO-9660 filesystem that would work fine with standard ISO-9660 reading software… if the data track were located beginning at sector 45000. The filesystem data structures contain references to absolute sector numbers. Thus, if it were possible to modify some ISO-9660 software to assume the first sector is 45000, it ought to have no trouble interpreting the data.

  
  
  

  How about the split data track format ? Actually, it works the same way. If all the data were sitting on its original disc, track 3 would have data structures pointing to strings of contiguous sectors (extents) in the final track, and those are the files.

  To express more succinctly : track 3 contains the filesystem root structure and the directory structures, while the final track contains the actual file data. How is the filesystem always 100% full ? Track 3 gets padded out with 0-sectors until the beginning of any audio sectors.

  
  
  

  Why Lay Things Out Like This ?
  Why push the data as far out on the disc as possible ? A reasonable explanation for this would be for read performance. Compact discs operate on Constant Linear Velocity (CLV), vs. Constant Angular Velocity (CAV). The implication of this is that data on the outside of the disc is read faster than data on the inside. I once profiled this characteristic in order to prove it to myself, using both PC CD drives as well as a Dreamcast. By pushing the data to the outer sectors, graphical data gets loaded into RAM faster, and full motion videos, which require a certain minimum bitrate for a good experience, have a better guarantee that playback will be smooth.

  Implications For Repacking
  Once people figured out how to boot burned CDs in the Dreamcast, they had a new problem : Squeeze as much as 1 gigabyte down to around 650 megabytes at the most. It looks like the most straightforward strategy was to simply rework the filesystem to remove the often enormous amount of empty space in track 3.

  My understanding is that another major strategy is to re-encode certain large assets. Full motion video (FMV) assets are a good target here since the prevailing FMV middleware format used on Sega Dreamcast games was Sofdec, which is basically just MPEG-1 video. There is ample opportunity to transcode these files to lower bitrate settings to squeeze some bits (and a lot of visual quality) out of them.

  Further, if you don’t really care about the audio tracks, you could just replace them with brief spurts of silence.

  Making A Tool
  So I could make a tool that would process these collections of files representing a disc. I could also adapt it for various forms that a Dreamcast rip might take (I have found at least 3 so far). I could eventually expand it to handle lots of other disc formats (you know, something like Aaru does these days). And that would have been my modus operandi perhaps 10 or more years ago. And of course, the ambitious tool would have never seen daylight as I got distracted by other ideas.

  I wanted to get a solution up and running as quickly as possible this time. Here was my initial brainstorm : assemble all the tracks into a single, large disc while pretending the audio tracks consist of 2048-byte sectors. In doing so, I ought to be able to use fuseiso to mount the giant image, with a modification to look for the starting sector at a somewhat nonstandard location.

  To achieve the first part I wrote a quick Python script that processed the contents of a GDI file, which was stored alongside the ISO (data) and RAW (audio) track track rips from when I extracted the disc. The GDI is a very matter-of-fact listing of the tracks and their properties, e.g. :

  5
  1 0 4 2048 track01.iso 0
  2 721 0 2352 track02.raw 0
  3 45000 4 2048 track03.iso 0
  4 338449 0 2352 track04.raw 0
  5 349096 4 2048 track05.iso 0
  

  track number / starting sector / track type (4=data, 0=audio) / bytes per sector / filename / ??

  The script skips the first 2 filenames, instead writing 45000 zero sectors in order to simulate the CD-compatible area. Then, for each file, if it’s an ISO, append the data to the final data file ; if it’s audio, compute the number of sectors occupied, and then append that number of 2048-byte zero sectors to the final data file.

  Finally, to interpret the filesystem, I used an old tool that I’ve relied upon for a long time– fuseiso. This is a program that leverages Filesystem in Userspace (FUSE) to mount ISO-9660 filesystems as part of the local filesystem, without needing root privileges. The original source hasn’t been updated for 15 years, but I found a repo that attempts to modernize it slightly. I forked a version which fixes a few build issues.

  Anyway, I just had to update a table to ask it to start looking for the root ISO-9660 filesystem at a different location than normal. Suddenly, after so many years, I was able to freely browse a GD-ROM filesystem directly under Linux !

  Conclusion And Next Steps
  I had to hack the fuseiso3 tool a bit in order to make this work. I don’t think it’s especially valuable to make sure anyone can run with the same modifications since the tool assumes that a GD-ROM rip has been processed through the exact pipeline I described above.

  I have uploaded all of the North American Dreamcast demo discs to archive.org. See this post for a more granular breakdown of what this entails. In the course of this exercise, I also found some European demo discs that could use the same extraction.

  What else ? Should I perform the same extraction experiment for all known Dreamcast games ? Would anyone care ? Maybe if there’s a demand for it.

  Here is a followup on the interesting and weird things I have found on these discs so far.

  The post Understanding The Dreamcast GD-ROM Layout first appeared on Breaking Eggs And Making Omelettes.

• How to Choose a GDPR Compliant Web Analytics Solution

  2 mars 2022, par Matthieu Aubry — Privacy

  Since the launch of GDPR, one big question has lingered around with uncertainty – is Google Analytics GDPR compliant ? The current GDPR enforcement trend happening across the EU is certainly shedding some light on this question.

  Starting with the Austrian Data Protection Authority’s ruling on Google Analytics and more recently, CNIL (the French Data Protection Authority) has followed suit by also ruling Google Analytics illegal to use. Organisations with EU-based web visitors are now scrambling to find a compliant solution.

  The French Data Protection Authority (CNIL) has already started delivering formal notices to websites using Google Analytics, so now is the time to act. According to CNIL, organisations have two options :

  1. Ceasing use of the Google Analytics functionality (under the current conditions) 
  2. Use a compliant web analytics tool that does not transfer data outside the EU

  Getting started 

  For organisations considering migrating to a compliant web analytics tool, I’ve outlined below the things you need to consider when weighing up compliant web analytics tools. Once you’ve made a choice, I’ve also included a step-by-step guide to migrating away from Google Analytics. This guide is useful regardless of which GDPR compliant analytics provider you choose.

  Before getting started, I recommend that you document your findings against the following considerations while reviewing GDPR compliant Google Analytics alternatives. This document can then be shared with your Data Protection Officer (DPO) to get their final recommendation.

  10 key considerations when selecting a GDPR compliant web analytics tools

  Many tools will claim to be GDPR compliant so it’s important that you do your due diligence and review tools against the following considerations. 

  1. Where does the tool store data ? 

  The rulings in France and Austria were based on the fact that Google Analytics stores data in the US, which does not have an adequate level of data protection. Your safest option is to find a tool that legally stores data in the EU.

  You should be able to find out where the data is stored in the organisation’s privacy policy. Generally, data storage information can be found under sections titled “Subprocessors” and “Third-party services”. Check out the Matomo Privacy Policy as an example. 

  If you’re unable to easily find this information or it’s unclear, reach out to the organisation for more information.

  2. Does the tool offer anonymous tracking ?

  Anonymous tracking comes with many benefits, including :

  • The ability to track visitors without a cookie consent screen. Due to the privacy-respecting aspect of cookieless tracking, you don’t need to worry about the extra steps involved with compliant cookie banners.
  • More accurate data. When visitors deny tracking cookies, you lose out on valuable data. With anonymous tracking there is no data lost as you don’t need consent to track.
  • Simplified GDPR compliance. With this enabled, there are fewer steps you need to take to get GDPR compliant and stay GDPR compliant.

  For those reasons, it may be important for you to select a tool that offers anonymous tracking functionalities. The level of anonymous tracking you require will depend on your situation but you should look out for tools that allow you to :

  • Disable fingerprinting 
  • Disable user profiles 
  • Anonymise data
  • Cookieless tracking

  If you want to read more about data anonymization, check out this guide on data anonymization in web analytics.

  3. Does the tool integrate with my existing tech stack ?

  You’ll want to ensure that a new web analytics tool will play well with other tools in your tech stack including things like your CMS (content management system), eCommerce shop, etc. You should list out all the existing tools that currently integrate with your Google Analytics and check that the same integrations can be re-created with the new tool, via integrations or APIs.

  If not, it could become costly trying to connect your existing tech stack to a new solution.

  4. Does the tool offer the same features and insights you are currently using in Google Analytics ? Or more, if necessary ? 

  Just because you are moving to a new web analytics platform, doesn’t mean you have to give up the insights, reports and features you’ve grown accustomed to with Google Analytics. Ensuring that a new platform provides the same features and reports that you value the most will result in a smoother transition away from Google Analytics.

  It’s unlikely that a new tool will have all of the same features as Google Analytics, so I’d recommend listing out and prioritising your business-critical features and reports. 

  If I had to guess, you probably set up Google Analytics years ago because it was the default option. Now is your chance to make the most of this switch from Google Analytics and find a tool that offers additional reports and features that better aligns with your business. If time permits, I’d highly recommend that you consider other features or reports that you might have been missing out on while using Google Analytics.

  Check out this comparison of Google Analytics vs Matomo to see side-by-side feature comparison.

  5. Does the tool accept Google Analytics data imports ? 

  The historical data in Google Analytics is a critical asset for many businesses. Fortunately, some tools accept Google Analytics data imports so you don’t lose all of the data you’ve generated over time.

  However, it’s important to note that any data you import from Google Analytics to a new tool needs to be compliant data. I’ll cover this more below.

  6. Does the tool provide conversion tracking exports ? 

  Do you invest in paid advertising ? If you do, then tracking the conversions from people clicking on these paid ads is critical in assessing your return on investment. Since sending IP addresses or other personal information to the US is illegal under GDPR, we can only assume that this will also apply to advertising pixel/conversion tracking (e.g., Facebook pixel, Google Ads conversion tracking, etc). 

  As an example, Matomo offers conversion tracking exports so you can get a better understanding of ad performance while meeting privacy laws and without requiring consent from users. See how it works with Matomo’s conversion tracking exports. 

  7. How will you train up your in-house team ? Or can you hire a contractor ?

  This is a common concern of many, and rightfully so. You’ll want to confirm what resources are readily available so you can hit the ground running with your new web analytics tool. If you’d prefer to train up your in-house team, check the provider’s site for training resources, videos, guides, etc.

  If you’d rather hire an external contractor, we recommend heading to LinkedIn, reaching out to your community or asking the provider if they have any recommendations for contractors.

  In addition, check that the provider offers technical support or a forum, in case you have specific questions and need help.   

  8. Does the tool offer self-hosting ? (optional)

  For organisations that want full control over their data and storage location, an on-premise web analytics tool will be the preferred option. From a GDPR perspective, this is also the easiest option for compliance.

  Keep in mind that this requires resources, regular maintenance, technical knowledge and/or technical consultants. If you’re unsure which option is best for your organisation, check out our on-premise vs cloud web analytics comparison breakdown.

  Find out more about self-hosting Matomo.

  9. Is the tool approved by the CNIL for tracking without consent ?

  This is an important step for websites with French users. This step will help narrow down your selection of tools. The CNIL offers a programme to identify web analytics solutions that can be used without tracking consent. The CNIL’s list of recommended web analytics tools can act as your starting point for solutions to review.

  While this step is specific to sites with French users, it can also be helpful for websites with visitors from any other EU country.

  Benefits of consent-free tracking

  There are many benefits of tracking without consent.
  

  For one, it simplifies GDPR compliance and reduces the chances of GDPR breaches and fines. Cookie consent screens have recently been the target for EU Data Protection Authorities because many websites are unknowingly serving cookie consent screens that do not meet GDPR requirements. 

  Yet another benefit, and quite possibly the most important is more accurate data. Even if a website displays a user-friendly, lawful consent screen, the majority of users will either ignore or reject cookie consent. Legally website owners can’t track anything unless the visitor gives consent. So not having a cookie consent screen ensures that every visit is tracked and your web analytics data is 100% accurate. 

  Lastly, many visitors have grown fatigued and frustrated with invasive cookie consent screens. Not having one on your site creates a user-friendly experience, which will likely result in longer user sessions and lower bounce rates.

  10. Does the tool offer a Data Processing Agreement (DPA) ? 

  Technically, any GDPR compliant web analytics tool should offer a DPA but for the sake of completeness, I’ve added this as a consideration. Double check that any tools you are looking at provide this legally binding document. This should be located in the Privacy Policy of the web analytics provider, if not reach out to request it.

  As an example, here’s Matomo’s Data Processing Agreement which can be found in our Privacy Policy under Subprocessors. 

  That wraps up the key considerations. When it comes to compliance, privacy and customer data, Matomo leads the way. We are looking forward to helping you achieve GDPR compliance easily. Start your free 21-day trial of Matomo now – no credit card required.

  Try Matomo Cloud

  A step-by-step guide to migrating from Google Analytics

  Once you’ve identified a tool that suits your needs and your Data Protection Officer (DPO) has approved, you’re ready to get started. Here’s a simple step-by-step guide with all the important steps for you to follow :

  1. Before getting started, you should sign or download the Data Processing Agreement (DPA) offered by your new web analytics provider.

  2. Register for the new tool and configure it for compliance. The provider should offer guides on how to configure for GDPR compliance. This will include things like giving your users an easy way to opt-out of all tracking, turning on cookieless tracking or asking users for consent and anonymizing data and IP addresses, for instance.

  3. Inform your organisation about the change. Whether your colleagues use the tool or not, it’s important that you share information about the new tool with your staff. Let them know what the tool will be used for, who will use the tool and how it complies with GDPR. 

  4. Let your DPO know that you’ve removed Google Analytics and have implemented the new tool.

  5. Update your records of processing activities to include the new tool.

  6. Update your privacy policy. You’ll need to include details about the web analytics provider, where the data is stored, what data is being collected, how long the data will be stored and why the data is being collected. The web analytics tool should readily have this information for you.

  As an example, if you decide to use Matomo as your web analytics tool, we provide a Privacy Policy template for you to use on your site and a guide on how to complete your privacy policy under GDPR with Matomo. Note that these are only applicable if you are using Matomo.

  In addition, if the tool has an opt-out feature, you will also need to put the opt-out into the privacy policy (e.g., when using cookieless tracking).

  7. Now, the exciting part. Add the tracking code to your site by following the steps provided by the web analytics tool. 

  If you’re not comfortable with this step, the provider should offer steps to do this and you can share this with your web developer.

  8. Once added, login to your tool and check to see if traffic is being tracked.

  9. If your tool does not offer Google Analytics data imports or you do not need the historical data in your new tool, go to step 11. 

  To plan for your Google Analytics data migration, you’ll first need to establish what historical data is compliant with GDPR.

  For example, you shouldn’t import any data stored beyond the retention period established in your Privacy Policy or any personally identifiable information (PII) like IP addresses that aren’t anonymised. Discuss this further with your DPO.

  10. Once you’ve established what data you can legally import, then you can begin the import. Follow the steps provided by your new web analytics solution provider.

  11. Remove Google Analytics tracking code from your site. This will stop the collection of your visitors data by Google as well as slightly increase the page load speed.

  If you still haven’t made a choice yet, try Matomo free for 21-days and see why over 1 million websites choose Matomo. 

• France rules Google Analytics non-compliant with GDPR

  11 février 2022, par Erin — Privacy

  Breaking news : The French Data Protection Agency, CNIL (Commission nationale de l’informatique et des libertés), has concluded that the use of Google Analytics is illegal under GDPR. The CNIL has begun issuing formal notices to website managers using Google Analytics.

  This follows the January 2022 Austrian Data Protection Authority’s decision to declare Google Analytics illegal to use under GDPR.

  Google Analytics GDPR breaches continue to spread through the EU

  Since the invalidation of the Privacy Shield framework, an agreement between the EU and US that allowed the transfer of data to certified US companies, the CNIL and other EU data protection authorities have received numerous complaints regarding data transfers collected during visits to websites using Google Analytics.

  "It’s interesting to see that the different European Data Protection Authorities all come to the same conclusion : the use of Google Analytics is illegal. There is a European task force and we assume that this action is coordinated and other authorities will decide similarly."

  About the CNIL’s decision

  In this model case, the CNIL has found that an unnamed website’s use of Google Analytics is non-compliant with GDPR because it had breached Article 44 which prohibits the transfer of personal data beyond the EU, unless the recipient country can prove adequate data protection. 

  Under the GDPR, personal data covers a range of identifiers including email address, race, gender, phone number to name a few, but the less obvious identifiers include IP addresses or cookie IDs, for instance. 

  The CNIL’s decision was based on the fact that the US does not meet GDPR sufficient levels of data protection as a result of US surveillance laws. Therefore, the unnamed website’s use of Google Analytics created risks for their website visitors when their personal data was exported to the US. 

  At the time of writing, it is unknown if the CNIL has issued a fine for the GDPR breach. However, the website manager of the unnamed website has been ordered by the CNIL to comply with the GDPR and, if necessary, stop using Google Analytics under the current conditions.

  "One thing we’re certain of is that these decisions will continue to roll out throughout the EU and potentially beyond.

  Other countries are imposing their own privacy regulations that closely mirror the GDPR like Brazil’s General Data Protection Law (LGPD), India’s Data Protection Bill, New Zealand’s Privacy Act and Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) to name a few.”

  The CNIL offers an evaluation programme to help website managers determine whether web analytics solutions are exempt from collecting data prior to users’ agreement to opt-in through consent screens. Matomo, for instance, is a leading Google Analytics alternative that has been recommended by CNIL and is exempt from tracking consent. 

  

  English translation : “This is why I anticipated this announcement, gradually moving the analytics of my sites to @matomo_org since several weeks !

  “The @CNIL believes that the use of @googleanalytics is a violation of #GDPR”

  Immediate action required for Google Analytics users

  The CNIL and other EU-based data protection authorities have made their stance on Google Analytics clear and inaction will likely result in fines, which under the GDPR, can be up to €20 million or 4% of the organisation’s global turnover – whichever is higher.

  Based on the CNIL’s formal notice to the model case’s website manager, Google Analytics users should take immediate action to remove any chances of personal data being transferred to the US or find a Google Analytics alternative that is GDPR compliant. 

  

  English translation : “The CNIL considers that the use of Google Analytics is a violation of the GDPR. I use @matomo_org and I welcome it *winking face* It will squeal tires among growthackers who are slaughtering. Opportunity to look at alternative tools”

  Ready to begin your journey to GDPR compliance with Matomo ? Start your 21-day free trial now (no credit card required) and take advantage of our Google Analytics importer so you don’t lose any of your historical data. 

  Try 21-day free Cloud trial

  What does this mean for Matomo users ?

  As the GDPR continues to evolve, our users can rest assured that Matomo will be at the forefront of these changes. With Matomo Cloud, all data is stored in the EU or in your country of choice when you self-host on your own servers with Matomo On-Premise.

  Conclusion

  Google is in the EU’s crosshairs and organisations that continue to use their tools will be the one’s left to clean up the mess – not Google. Now is the time to act. Search for a Google Analytics alternative and close your compliance gaps today. 

  Join over 1 million other websites using Matomo now. Give Matomo a try with a 21-day free trial – no credit card required. 

  Try 21-day free Cloud trial

  We’d like to also bring attention to the privacy-fighting efforts from noyb and Max Schrems, as this should not go unnoticed. noyb is an independent, non-profit organisation that relies on the support of individuals. Support privacy by supporting noyb – donate or become a member now. 

  Contact details for media :

  For quotes or interviews, please email marketing@matomo.org