You will have to excuse the recent lack of posts. I have been in the process of packing up and moving all my domains to their new host, Site5. This has been a particularly arguious journey, as I have been with my old host for nearly a decade. Many of my sites were custom, undocumented and needed to be moved by hand. This post is itself a test of my syndication.
When I preordered Diablo III, I knew it required an internet connection. I figured this was for additional online content, updates, etc. What i was not prepared for was the harsh reality that if battle.net is down, i cannot play. This is not a MMORPG, this is a single player game and the entire game is stored on my laptop. Years ago, i remember playing Diablo II on my laptop at school, airport terminals, and even in airplanes. (these were the days before in flight wifi) It is unfortunate that Blizzard’s fear of piracy has lead them down a path of poor user experience for their paying customers (in this case prepaying). Better still is the fact that it is very doubtful that this will even stop piracy of the game. Already users of bootlegged versions of this game are able to play without purchase, authorization, or even network connectivity.
The truth is that today is launch day, and there are undoubtably piles of problems to be resolved with the game. Hordes of users log on to play, the servers can get overwhelmed. I just feel that users should be able to enjoy most of the game without connecting to battle.net. Game makers need to understand that sometimes people want to play offline. My favorite example, what can you play when the internet is down? The list is getting shorter every year. Wake up Blizzard. If you cannot provide an excellent user experience with copy protections, you may want to rethink your priorities. Is it more important to continually infuriate customers or temporarily frustrate pirates?
all the ssl blacklists are updates. we can return to thinking we are safe. Apple included the patches in a Security Update, Firefox updated to 6.0.2. Jailbroken iOS users can update or install “sslfix” in Cydia to get the protections that apple has yet to release.
After watching Moxie’s BlackHat talk, we seriously need to fix SSL. It is holding up too many technologies to be this insecure.
In the mist of #antisec and on the heels of the Vegas Hacker/Security conferences, another CA (DigiNotar) was hacked. This time the hackers got Google’s security certificates. With that criminals could use a technique known as a Man in the Middle attack to impersonate google and nothing can stop them. Personally i have heard @ioerror rant about the fundamental flaws of our present SSL system. Perhaps this will help bring about a change more quickly but for now we can blacklist the offending certificates. here is how (on a mac)
To protect Safari, the solution is, apparently, to run Applications/Utilities/Keychain Access, click on “System Root” on the upper-left, and “All items” on the lower-left, then type “DigiNotar” into the upper-right searchbox, then doubleclick on all the certs that show up (you may only have one), open the “Trust” detail area, and change “When using this certificate” to “Never Trust”, then close the dialog box.
For Firefox users, go to Firefox’s Preferences, click on Advanced, then the Encryption tab, then click on “View Certificates”, click on the “Authorities” tab, scroll down to DigiNotar, click on “DigiNotar Root or CA”, then click on “Delete…” or “Delete or Distrust…” below (depends on your version).
Their recents exploits include hacking FBI affiliate Infragard (Atlanta Chapter). They defaced the website, stole account information, and messed with their users. Particularly Karim Hijazi of Unveillance. LulzSec alleges that Karim (in a chat on IRC) offered them money and information to hack and his competition in the security industry. This kind hypocritical behavior is specifically deplored by hackers. Hijazi’s company email was posted online and in LulzSec’s official statement they threaten the release of his personal email as well. LulSec started taking donations with BitCoin. They used some of the money to pay for servers and their “lulzsecurity.com” domain which appears at present to be down.
After 3 straight years of pwn2own invincibility, someone finally bested all of chrome’s mighty security to downloaded and run code. French security research firm @vupen used two exploits to bypass ASLR, DEP, and leave the sandbox to run a calculator (in this demo). The calculator might be innocuous, but method is quite significant. Impressive work by the good guys.
I didn’t get to see The Imaginarium of Doctor Parnassus, but i did complete my home security system and another unnamed Top Secret project.
I woke this morning to find that many of my contact’s info such as phone numbers or email address had simply vanished. good thing i keep regular backups. This marks the most recent pitfall in a VERY bumpy MobileMe history.
with a snazzy new interface, hulu integration and a set top box from dlink slated for June! (less then $200)
sign up and download today! boxee.tv
I have finally sorted out the majority of my website issues! Somethingdotsomething.com is ready for general consumption. now all I need is content. That is the easy part, I just need to go off on a rant or two. enjoy.