top Hackers Used Nasty "SMB Worm" Attack Toolkit Against Sony
I haven't seen any evidence that the mechanics of the attack itself is at all noteworthy, yet we keep hearing about how this attack was unstoppable, "nasty", etc. -- not just from Sony's PR guys, but from the FBI. As if it could have targeted literally any company and caused just as unmitigated damage.
To me, a "nasty" worm is Stuxnet: it spread in a very standard innocuous way and seemed like any other worm, but ended up being highly targeted.
This Sony hack just seems like your average trojan worm leaking an admin password back to someone. The only noteworthy part of this hack is that Sony had such horrifyingly moronic security practices that one attack was able to compromise such a large and varying corpus of valuable data.
top Sony Leaks Reveal Hollywood Is Trying To Break DNS
Funny, Microsoft has actually had a P2P DNS system for several years:
top Are the TSA's New Electronic Device Screenings Necessary?
Last flight I took out of LAX, they were randomly handing out "expedited security" slips to people. Keep your shoes on, laptops can stay in bags, no x-rays or pat-downs, etc. and I was through in about 30 seconds. I even found out after I went through the metal detector that I had left keys in my pocket and my belt on.
Basically, it was like security used to be, pre-9/11. It was marvelous.
top Bank Security Software EULA Allows Spying On Users
Let us know which bank. I'm sure some of us would switch!
top BitTorrent Launches Project Maelstrom, the First Torrent-Based Browser
Freenet had some issues. Most of them won't apply to BitTorrent's offering.
The main one is receiving content was dog slow compared to, say, Tor. This is simply an artifact of how it was routing connections and the distributed storage aspect.
Second, but still contributing to the poor experience is that the app itself had some architectural flaws that made it and your PC run dog slow -- the choice was either use hundreds of threads or let the operations stall.
The third, more of a security/philosophical flaw, is that the base protocol was not documented in any significant fashion. To review the protocol's security, you'd need to have an expert understanding of Java and a large part of the codebase. So it never really had many eyes on it looking for flaws.
I haven't used Freenet in around 5 years, so this may have improved. It was pretty clear why it never caught on at the time.
top Microsoft Introduces
Merely needing to convert time zones is a trivial requirement. Work with them any other way and it's a nightmare. My first exposure to it was when implementing a crontab-like scheduling software, which on proper implementations has defined behavior to not fall on its face when daylight savings time wreaks havoc on the world. I couldn't find a way to do this reliably in
.NET, but Noda made it possible.
Don't take my word on why Noda should be used though...
read from it's blog for plenty of examples for why the seemingly great .NET DateTime can be a minefield in far more common situations than mine.
top Microsoft Introduces
Why should I have to use a third party library to get decent date support?
I've questioned that myself while working in
.NET. Ever needed to write time zone aware code?
Date libraries, as it turns out, are rather monstrously difficult to make. While
.NET did a great job for the common stuff, uncommon things can be painful, error prone, or impossible.
The fullest solution I've found so far is
Noda Time, which is actually based on the Joda-Time Java library. It feels out of place with a number of Javaisms still in it, but it provides a much richer functionality and better separation of concerns.
top Microsoft Introduces
.NET Core is the redesign.
.NET Framework (the full big monolithic install like we've got now) remains backwards-compatible and so 4.6 is appropriate.
top Valve Rolls Out Game Broadcasting Service For Steam
Recent video cards support encoding an H.264 stream directly from the screen without ever touching the CPU. If Steam isn't currently using this functionality, I'm sure it will soon.
top Ask Slashdot: Non-Coders, Why Aren't You Contributing To Open Source?
The real question should be:
Why aren't companies paying more people to work on Open Source projects.
top The EU Has a Plan To Break Up Google
The EU seems to have a chip on their shoulders about Google. I get it, they're huge and they need to be kept on a leash.
But when are we going to see them go after other huge companies abusing their market share? We have Amazon regularly putting full-page ads for their latest electronics right on their front page.
top Multi-Process Comes To Firefox Nightly, 64-bit Firefox For Windows 'Soon'
Multi-process is the major reason I use Chrome. One tab freezing up the entire app, or even just making other tabs slower, is unacceptable.
Then this hits general availability I'll definitely be re-evaluating Firefox.
top The Math Behind the Hipster Effect
Hipster culture is like a passive-aggressive punk culture. Both have a distinctive styles of clothing, music, and a strong counter-culture attitude. The main differentiation is that hipsters are less raucous, less extreme.
top YouTube Opens Up 60fps To Everyone
I have the issue, and no other media player does this. Either everyone is working around it and being silent about how, or this is a Chrome bug.
about a month and a half ago
top Car Thieves and Insurers Vote On Keyless Car Security
The implication of this is that it's possible to clone a key based only on the signal it gives off. The implication of that is that they're sending out a static password.
Not only is it possible, but it's in common practice. Aftermarket remote starters need to clone your keys. You can get a remote starter for basically any car. It's not like you need a dealer for it either, because car electronics places that install these things will be the ones cloning the keys.
top Security Company Tries To Hide Flaws By Threatening Infringement Suit
Some software projects like LAME, x264, and libav claim to skirt around patent issues by only distributing source code, not binaries. I've always wondered if this is a valid workaround, or just some clever devs getting their hopes up.
top Direct3D 9.0 Support On Track For Linux's Gallium3D Drivers
Is there a reason why it would be useful to make D3D 9 support more complete?
Games only started using D3D 10/11 *very* recently -- the back catalog this could enable is huge, and D3D 9 games are still coming out today. It'd say it's very important to support.
top Google Releases Android 5.0 Lollipop SDK and Nexus Preview Images
This please. My tablet becoming unusable while automatic updates get installed is mind-boggling.
top Tiny Wireless Device Offers Tor Anonymity
Making Tor dead simple to use is great, but this is such a nice device for three-letter agencies to target inserting a backdoor into.
top Ubisoft Claims CPU Specs a Limiting Factor In Assassin's Creed Unity On Consoles
It's quite possible that he means they have artificially slowed down the graphics rendering to provide more cycles to the AI.
This is how I read it as well. Though, pure rendering and lerping should not eat up much CPU especially on consoles. Unless they've got a really inefficient rendering pipeline. I'm curious exactly how much extra AI this would allow them to run.
PhrostyMcByte has no journal entries.