AOL’s Long running messaging service will end on December 15th. Though it’s true that i rarely use it these days and that I actually lost my original account years ago… I have fond memories of this communications protocol. I continue to communicate with people though AIM. Apple had strong links to it at the launch of iChatAV. #nostalgia Well, AOL broke the news with a tweet. ironic?
On this day in 1987 Steve Wilhite while working at CompuServe developed the GIF format. Thanks to the internet and the fact that internet speeds continue to accelerate they have become the defacto animation format. Hooray! It is importent to point out that although the GIF is 30 years old today, the animated version that we are so familiar with did not become available until 1989. Don’t tell me how to pronounce it. Enjoy my collection.
I was very excited to discover this feature listed in my Unifi controller today. You can now repurpose the VOIP port to act as a WAN2. The ironic part is that i don’t believe the VOIP port serves any actual VOIP function as of yet. I’ve been recommending these USG routers since I learned of their existence. Unfortunately a lot of my clients want dual WAN and until now, the Unifi Security Gateway fell short. No longer, Ubiquiti has a really great product line with the Unifi. I am continuously discovering great new innovation with the latest update to their software, firmware, or cloud platform. I have been waiting for this!
You will have to excuse the recent lack of posts. I have been in the process of packing up and moving all my domains to their new host, Site5. This has been a particularly arguious journey, as I have been with my old host for nearly a decade. Many of my sites were custom, undocumented and needed to be moved by hand. This post is itself a test of my syndication.
When I preordered Diablo III, I knew it required an internet connection. I figured this was for additional online content, updates, etc. What i was not prepared for was the harsh reality that if battle.net is down, i cannot play. This is not a MMORPG, this is a single player game and the entire game is stored on my laptop. Years ago, i remember playing Diablo II on my laptop at school, airport terminals, and even in airplanes. (these were the days before in flight wifi) It is unfortunate that Blizzard’s fear of piracy has lead them down a path of poor user experience for their paying customers (in this case prepaying). Better still is the fact that it is very doubtful that this will even stop piracy of the game. Already users of bootlegged versions of this game are able to play without purchase, authorization, or even network connectivity.
The truth is that today is launch day, and there are undoubtably piles of problems to be resolved with the game. Hordes of users log on to play, the servers can get overwhelmed. I just feel that users should be able to enjoy most of the game without connecting to battle.net. Game makers need to understand that sometimes people want to play offline. My favorite example, what can you play when the internet is down? The list is getting shorter every year. Wake up Blizzard. If you cannot provide an excellent user experience with copy protections, you may want to rethink your priorities. Is it more important to continually infuriate customers or temporarily frustrate pirates?
all the ssl blacklists are updates. we can return to thinking we are safe. Apple included the patches in a Security Update, Firefox updated to 6.0.2. Jailbroken iOS users can update or install “sslfix” in Cydia to get the protections that apple has yet to release.
After watching Moxie’s BlackHat talk, we seriously need to fix SSL. It is holding up too many technologies to be this insecure.
In the mist of #antisec and on the heels of the Vegas Hacker/Security conferences, another CA (DigiNotar) was hacked. This time the hackers got Google’s security certificates. With that criminals could use a technique known as a Man in the Middle attack to impersonate google and nothing can stop them. Personally i have heard @ioerror rant about the fundamental flaws of our present SSL system. Perhaps this will help bring about a change more quickly but for now we can blacklist the offending certificates. here is how (on a mac)
To protect Safari, the solution is, apparently, to run Applications/Utilities/Keychain Access, click on “System Root” on the upper-left, and “All items” on the lower-left, then type “DigiNotar” into the upper-right searchbox, then doubleclick on all the certs that show up (you may only have one), open the “Trust” detail area, and change “When using this certificate” to “Never Trust”, then close the dialog box.
For Firefox users, go to Firefox’s Preferences, click on Advanced, then the Encryption tab, then click on “View Certificates”, click on the “Authorities” tab, scroll down to DigiNotar, click on “DigiNotar Root or CA”, then click on “Delete…” or “Delete or Distrust…” below (depends on your version).
Their recents exploits include hacking FBI affiliate Infragard (Atlanta Chapter). They defaced the website, stole account information, and messed with their users. Particularly Karim Hijazi of Unveillance. LulzSec alleges that Karim (in a chat on IRC) offered them money and information to hack and his competition in the security industry. This kind hypocritical behavior is specifically deplored by hackers. Hijazi’s company email was posted online and in LulzSec’s official statement they threaten the release of his personal email as well. LulSec started taking donations with BitCoin. They used some of the money to pay for servers and their “lulzsecurity.com” domain which appears at present to be down.
After 3 straight years of pwn2own invincibility, someone finally bested all of chrome’s mighty security to downloaded and run code. French security research firm @vupen used two exploits to bypass ASLR, DEP, and leave the sandbox to run a calculator (in this demo). The calculator might be innocuous, but method is quite significant. Impressive work by the good guys.
I didn’t get to see The Imaginarium of Doctor Parnassus, but i did complete my home security system and another unnamed Top Secret project.