Saturday, August 2, 2025

The Crabwood binary source code revisited with AI

The Crabwood binary code refers to a complex crop circle discovered in 2002 near Crabwood Farm in England, which contains a binary message. The message is encoded in ASCII binary code and is believed to contain warnings about deception and the existence of extraterrestrial intelligence. The binary code consists of a detailed humanoid face and a spiral sequence of dots, which some researchers interpret as a warning about false gifts and promises. The message has been analyzed for its meaning, with interpretations suggesting it may relate to advanced technology and the potential presence of extraterrestrial life.

The binary-ASCII code from Crabwood 2002: a second message embedded somewhere? by Red Collie (cropcircleconnector.com)

Grok

Beware the bearers of FALSE gifts & their BROKEN PROMISES.Much PAIN but still time.EELIEVE.THERE is GOOD out there.WE OPPOSE DECEPTION.CONDUIT CLOSING\

ChatGPT

The binary you've provided translates to the following ASCII text:

Beware the bearers of FALSE gifts & their BROKEN PROMISES. Much PAIN but still time. BELIEVE. There is GOOD out there. We Oppose DECEPTION. Conduit CLOSING.

This is a well-known message associated with a **Crop Circle phenomenon**—often called the "Arecibo reply" or the **2002 Crabwood Crop Circle**. The binary message was found encoded in the design of a crop formation near **Winchester, UK**, featuring an alien-like figure and a disc with binary code.

It's widely discussed in UFO and conspiracy circles, but it's almost certainly a human-made artistic hoax. Still, it’s a clever example of binary ASCII encoding used in speculative or fictional communications.

Would you like a breakdown of how the binary was decoded or the history behind the crop circle?

Edited source Crabwood Binary Code

Friday, August 1, 2025

iCloud Phishing email with subject Nous avons bloqu votre compte Le 31 juillet 2025, vos photos et vidos seront supprimes.

For the record, this is a iCloud phishing email attempt that is recently going around, with subject line "Nous avons bloqu votre compte ! Le 31 juillet 2025, vos photos et vidos seront supprimes. Agissez !".

What to do? Report them, goto bottom of page.

From : Paiement refus<newsletter@advancedroadcrafttechniques.com.au>

Subject : Nous avons bloqu votre compte ! Le 31 juillet 2025, vos photos et vidos seront supprimes. Agissez !

PHISHING LINKs;

1. https://4.magnitudenetwork.net/xxxx

How to tell this is a Phishing email ?

Check email address in full, if it's not from originating company then it's phishing.
Hover over all links in email, if it's not from the company's website then forget it.
The best way is to

How to examine Email Message Source ?

Now lets look at message source

Outlook.com->Actions->View Message Source.
Gmail.com->More (down arrow to top right)->Show original.

Check for suspicious links, anything that does not originate from apple.com.

Report Phishing Email (not as Spam)

Outlook.com->Junk (at Top)->Phishing Scam
Gmail.com->More (down-arrow to top right)->Report Phishing

Report Phishing to Google

If you have received this email, take further action by

https://www.google.com/safebrowsing/report_phish/

Report phishing at Microsoft and government agencies

http://www.microsoft.com/security/online-privacy/phishing-faq.aspx

Tuesday, June 17, 2025

CM_PARTIAL_RESOURCE_DESCRIPTOR c# equivalent

Thanks to AI, you can really be productive in dealing with unions in C.

CM_PARTIAL_RESOURCE_DESCRIPTOR (wdm.h) - Windows drivers | Microsoft Learn

using System;
using System.Runtime.InteropServices;

//
// Windows types for clarity
//
using PHYSICAL_ADDRESS = System.Int64;               // LARGE_INTEGER
using KAFFINITY        = System.UIntPtr;             // ULONG_PTR

namespace NativeInterop
{
    /// <summary>
    /// C# equivalent of CM_PARTIAL_RESOURCE_DESCRIPTOR (winnt.h).
    /// </summary>
    [StructLayout(LayoutKind.Explicit, Pack = 1)]
    public struct CM_PARTIAL_RESOURCE_DESCRIPTOR
    {
        // ---- common header -------------------------------------------------
        [FieldOffset(0)] public byte   Type;
        [FieldOffset(1)] public byte   ShareDisposition;
        [FieldOffset(2)] public ushort Flags;

        // ---- union: one of these is valid, chosen by <Type> ---------------
        [FieldOffset(4)] public GENERIC_RESOURCE           Generic;
        [FieldOffset(4)] public PORT_RESOURCE              Port;
        [FieldOffset(4)] public MEMORY_RESOURCE            Memory;
        [FieldOffset(4)] public MEMORY40_RESOURCE          Memory40;
        [FieldOffset(4)] public MEMORY48_RESOURCE          Memory48;
        [FieldOffset(4)] public MEMORY64_RESOURCE          Memory64;
        [FieldOffset(4)] public INTERRUPT_RESOURCE         Interrupt;
        [FieldOffset(4)] public MESSAGE_INTERRUPT_RESOURCE MessageInterrupt;
        [FieldOffset(4)] public DMA_RESOURCE               Dma;
        [FieldOffset(4)] public DMAV3_RESOURCE             DmaV3;
        [FieldOffset(4)] public DEVICE_PRIVATE_RESOURCE    DevicePrivate;
        [FieldOffset(4)] public BUSNUMBER_RESOURCE         BusNumber;
        [FieldOffset(4)] public DEVICESPECIFIC_RESOURCE    DeviceSpecificData;
        [FieldOffset(4)] public CONNECTION_RESOURCE        Connection;
    }

    #region simple (start,length) pairs
    [StructLayout(LayoutKind.Sequential, Pack = 1)]
    public struct GENERIC_RESOURCE  { public PHYSICAL_ADDRESS Start; public uint Length; }

    [StructLayout(LayoutKind.Sequential, Pack = 1)]
    public struct PORT_RESOURCE     { public PHYSICAL_ADDRESS Start; public uint Length; }

    [StructLayout(LayoutKind.Sequential, Pack = 1)]
    public struct MEMORY_RESOURCE   { public PHYSICAL_ADDRESS Start; public uint Length; }

    [StructLayout(LayoutKind.Sequential, Pack = 1)]
    public struct MEMORY40_RESOURCE { public PHYSICAL_ADDRESS Start; public uint Length40; }

    [StructLayout(LayoutKind.Sequential, Pack = 1)]
    public struct MEMORY48_RESOURCE { public PHYSICAL_ADDRESS Start; public uint Length48; }

    [StructLayout(LayoutKind.Sequential, Pack = 1)]
    public struct MEMORY64_RESOURCE { public PHYSICAL_ADDRESS Start; public uint Length64; }
    #endregion

    #region interrupt resources
    [StructLayout(LayoutKind.Sequential, Pack = 1)]
    public struct INTERRUPT_RESOURCE
    {
        public uint      Level;      // ULONG for both x86/x64 builds
        public uint      Vector;
        public KAFFINITY Affinity;
    }

    // Message‑signalled interrupt has an inner union (Raw vs Translated)
    [StructLayout(LayoutKind.Explicit, Pack = 1)]
    public struct MESSAGE_INTERRUPT_RESOURCE
    {
        [FieldOffset(0)] public MESSAGE_INTERRUPT_RAW        Raw;
        [FieldOffset(0)] public MESSAGE_INTERRUPT_TRANSLATED Translated;
    }

    [StructLayout(LayoutKind.Sequential, Pack = 1)]
    public struct MESSAGE_INTERRUPT_RAW
    {
        public ushort    Group;
        public ushort    Reserved;
        public ushort    MessageCount;
        public uint      Vector;
        public KAFFINITY Affinity;
    }

    [StructLayout(LayoutKind.Sequential, Pack = 1)]
    public struct MESSAGE_INTERRUPT_TRANSLATED
    {
        public uint      Level;
        public uint      Vector;
        public KAFFINITY Affinity;
    }
    #endregion

    #region DMA
    [StructLayout(LayoutKind.Sequential, Pack = 1)]
    public struct DMA_RESOURCE
    {
        public uint Channel;
        public uint Port;
        public uint Reserved1;
    }

    [StructLayout(LayoutKind.Sequential, Pack = 1)]
    public struct DMAV3_RESOURCE
    {
        public uint  Channel;
        public uint  RequestLine;
        public byte  TransferWidth;
        public byte  Reserved1;
        public byte  Reserved2;
        public byte  Reserved3;
    }
    #endregion

    #region miscellaneous
    [StructLayout(LayoutKind.Sequential, Pack = 1)]
    public struct DEVICE_PRIVATE_RESOURCE
    {
        public uint Data0;
        public uint Data1;
        public uint Data2;
    }

    [StructLayout(LayoutKind.Sequential, Pack = 1)]
    public struct BUSNUMBER_RESOURCE
    {
        public uint Start;
        public uint Length;
        public uint Reserved;
    }

    [StructLayout(LayoutKind.Sequential, Pack = 1)]
    public struct DEVICESPECIFIC_RESOURCE
    {
        public uint DataSize;
        public uint Reserved1;
        public uint Reserved2;
    }

    [StructLayout(LayoutKind.Sequential, Pack = 1)]
    public struct CONNECTION_RESOURCE
    {
        public byte  Class;
        public byte  Type;
        public byte  Reserved1;
        public byte  Reserved2;
        public uint  IdLowPart;
        public uint  IdHighPart;
    }
    #endregion
}

Declare the two structs in the union as C# structs in the usual way. Then declare a type for the union, using an explicit layout.

[StructLayout(LayoutKind.Explicit)] 
public struct _WAITCHAIN_NODE_INFO_UNION
{
    [FieldOffset(0)]
    _WAITCHAIN_NODE_INFO_LOCK_OBJECT LockObject;
    [FieldOffset(0)]
    _WAITCHAIN_NODE_INFO_THREAD_OBJECT ThreadObject;
}

Then add the union to your struct:

[StructLayout(LayoutKind.Sequential)]
public struct WAITCHAIN_NODE_INFO
{
    public WCT_OBJECT_TYPE ObjectType;
    public WCT_OBJECT_STATUS ObjectStatus;
    public _WAITCHAIN_NODE_INFO_UNION Union;
}

When you overlay objects like this, extra requirements are placed on the types involved. You cannot overlay a type containing a string or an array for instance. So the character array will have to be implemented as a value type, for instance a fixed array. This is inconvenient to operate with but MS did not define the types with C# in mind.