imunfair (877689) writes "Watching a lot of movies, and being a developer, I felt there wasn't a good option for succinct reviews of movies/tv/music/books, while still providing a good rating system. So, I created a site with friend associations pulled from Facebook/Myspace/Twitter, and a limit of 250 characters per review. This ensures you can scan through quickly, while giving you ratings based on what your friends think." Link to Original Source top
imunfair writes "Designing games we often prototype using placeholder models, such as those created by the Spore creature creator. Normally those models must be replaced — but Spore models created by the user would seem to be the property of that user. However, their EULA claims items you create are their property — to protect EA since they reuse your creations in their game.
Can they legally stop you from using these models in your own game? Are there other instances of content creation tools successfully restricting use of the content users create?" top
imunfair writes "I've been playing around with AIM6/Triton, and managed to replicate their login sequence — it's extremely insecure and I would suggest avoiding it at all costs. Also of note, the AIM6 passwords are stored encoded in the registry under:
Yes, that's right, I said the password is encoded/encrypted there is no hashing involved so it is possible to extract plaintext passwords from the registry! I'm still working on figuring out how it is encoded/encrypted, but I should say it is definitely a block encryption, working on 8 byte blocks. Possibly DES. The whole thing is prefaced with 8 bytes which are not part of the password, and the whole shebang is then base64 encoded and placed in your registry for anyone to grab and decrypt." top
imunfair writes "October 5th I received a warning from LayeredTech (I had a dedicated server with them at the time) telling me that I needed to remove
a website from my server. Of course I didn't happen to see this email in the one hour they gave me before they took the server
I logged into their site and looked at the "support tickets" which revealed that "AOL Operations Security — Investigations &
Countermeasures" had contacted Savvis (LayeredTech is hosted by them) to have the forum taken down as a "phishing site".
Even the tech realized it was not a phishing site (here is an excerpt from one of his responses):
'The content of the site is not a "traditional" phishing site as it is not deceiving the public as AOL. There are posts on the site
bragging about being able to social engineer through AOL.'
So in other words it was a forum where 15 year olds were bragging about social engineering — and yet Savvis continued to insist the
site must be shut down. At the point when I find out about the whole issue the server is down, and after pointing out that it
doesn't violate any policies and is not illegal I am again told that my only recourse is to remove it if I want the server back
online. Needing backups I eventually agree to take it down while switching to a new host (on principle I would never censor a forum
in that way).
Now, after the tech closed the issue I put up an index notifying the forum members what had happened, and that we would be back after
switching servers. I am currently in the middle of that process and received another ticket from them tonight, telling me they will
terminate the server again if I do not remove this index page.
During the process I decided to google Savvis and AOL to see if there was any particular reason they were so keen on complying with a
seemingly unreasonable request from AOL. It seems that Savvis acquired WAMNET back in 2003, and their contract was renewed (and
probably still in effect currently since the relationship between WAMNET and AOL started back in 1997). I don't know if this means
AOL data is the only thing Savvis censors arbitrarily, but if you care about your freedom of speech, or that of other people I highly
suggest switching to a service not related to Savvis/LayeredTech in any way.