Comment Re:My favorite line. (Score 5, Informative) 79
Here's a copy of the judge's order.
http://www.wired.com/images_blogs/threatlevel/2011/06/huntsanctions.pdf
EVE Online Battle Breaks Records (And Servers) 308
captainktainer writes "In one of the largest tests of EVE Online's new player sovereignty system in the Dominion expansion pack, a fleet of ships attempting to retake a lost star system was effectively annihilated amidst controversy. Defenders IT Alliance, a coalition succeeding the infamous Band of Brothers alliance (whose disbanding was covered in a previous story), effectively annihilated the enemy fleet, destroying thousands of dollars' worth of in-game assets. A representative of the alliance claimed to have destroyed a minimum of four, possibly five or more of the game's most expensive and powerful ship class, known as Titans. Both official and unofficial forums are filled with debate about whether the one-sided battle was due to difference in player skill or the well-known network failures after the release of the expansion. One of the attackers, a member of the GoonSwarm alliance, claims that because of bad coding, 'Only 5% of [the attackers] loaded,' meaning that lag prevented the attackers from using their ships, even as the defenders were able to destroy those ships unopposed. Even members of the victorious IT Alliance expressed disappointment at the outcome of the battle. CCP, EVE Online's publisher, has recently acknowledged poor network performance, especially in the advertised 'large fleet battles' that Dominion was supposed to encourage, and has asked players to help them stress test their code on Tuesday. Despite the admitted network failure, leaders of the attacking force do not expect CCP to replace lost ships, claiming that it was their own fault for not accounting for server failures. The incident raises questions about CCP's ability to cope with the increased network use associated with their rapid growth in subscriptions."
Submission + - Why Millions of Home Alarm Systems are Useless
Michael Jagger writes: "Here is link to a post that describes why one of the most popular home alarm systems in North America is a complete waste of money. The post describes why the hardware itself is useless as well as shows a picture showing exactly how an alarm should not be installed.
The system described in the post, which is unfortunately similar to those in millions of North American homes, offers no value to anyone except for the monitoring companies who charge a monthly fee to provide a virtually useless service.
Does your alarm system look like this?"
Submission + - Best Buy Says Dual-Site System 'Human Error'
An anonymous reader writes: eWeek is reporting that Best Buy is in a bit of hot water with the Conneticut Attorney General. Evidently, the issue stems from having an intra-store Web site that has different prices than the Web prices, but guarantees customers to be the same. Best Buy has gone on the record as blaming employees. From the story:
"Best Buy officials, while admitting 'human error' among its workers, denies any evil intent and says the false statements apparently made by store employees were a result of confusion and inadequate employee training... The intrastore version is showcased in store kiosks using Internet Explorer and is intended to show customers information about products available in the store, along with their official prices. The problem stems from Best Buy's price-matching policy, which promises to match the price of other retailers, and it explicitly includes BestBuy.com... The problematic scenario happened when customers saw a low Web price and went into a Best Buy physical location to trigger the price match and get that low price. Employees would agree to match the price and would say they are calling up the Web site to verify the claim. Instead of calling up the Web site, though, employees would access the intrastore version of the site, which looked identical (other than its pricing) to the site, and then used that to 'prove' the online pricing didn't exist."
"Best Buy officials, while admitting 'human error' among its workers, denies any evil intent and says the false statements apparently made by store employees were a result of confusion and inadequate employee training... The intrastore version is showcased in store kiosks using Internet Explorer and is intended to show customers information about products available in the store, along with their official prices. The problem stems from Best Buy's price-matching policy, which promises to match the price of other retailers, and it explicitly includes BestBuy.com... The problematic scenario happened when customers saw a low Web price and went into a Best Buy physical location to trigger the price match and get that low price. Employees would agree to match the price and would say they are calling up the Web site to verify the claim. Instead of calling up the Web site, though, employees would access the intrastore version of the site, which looked identical (other than its pricing) to the site, and then used that to 'prove' the online pricing didn't exist."
MS Promotion Site Flagged By MS Anti-Phishing 279
Stony Stevenson writes "Microsoft has launched a marketing campaign that lets any student at an Australian university buy the Ultimate edition of Office 2007, usual price $1,150, for only $75 — a discount of about 93%. But when students go to the promotion site, Microsoft Live OneCare pops up a warning that the site may be a phishing scam.
The warning reads: 'Phishing filter has determined this might be a phishing website. We recommend that you do not give any of your information to such websites. Phishing websites impersonate trustworthy websites for the purpose of obtaining your personal or financial information.'"
Comment Re:Government backdoor? (Score 1) 788
Seriously. If I REALLY wanted to be paranoid, which I'm not:
Consider that this can come in an image file, linked from any web page.
If a government were using something like this as a backdoor it would be very useful. Say you passed a law (CALEA maybe) that forced telecom providers (backbone providers) to allow you to intercept traffic. Part of the specification could allow for a replacement packet/response. You could insert HTML code into a spoofed response that included a link to an infected image.
Something like,
If I see an IP of interest, hold the responding packets (until I'm sure it's complete).
Parse the returning html, and insert an infected logo at the end from one of our servers.
Voila, instant compromised machine.
Wouldn't this be a lovely (deniable) backdoor?
God, the pain medication must be making me REALLY paranoid tonight.
Consider that this can come in an image file, linked from any web page.
If a government were using something like this as a backdoor it would be very useful. Say you passed a law (CALEA maybe) that forced telecom providers (backbone providers) to allow you to intercept traffic. Part of the specification could allow for a replacement packet/response. You could insert HTML code into a spoofed response that included a link to an infected image.
Something like,
If I see an IP of interest, hold the responding packets (until I'm sure it's complete).
Parse the returning html, and insert an infected logo at the end from one of our servers.
Voila, instant compromised machine.
Wouldn't this be a lovely (deniable) backdoor?
God, the pain medication must be making me REALLY paranoid tonight.
