Forgot your password?
typodupeerror

Comment: Re:Come on Sony! (Score 1) 508

by Moddington (#34853704) Attached to: Sony Files Lawsuit Against PS3 Hacker GeoHot

I never said that. I said that this one attack vector, which is rather easy to defend against, is so far only present in the PS3. Sony screwed up with their encryption implementation, in such a way that the private key used to digitally sign official software was able to be reverse engineered. This means that anyone can now create software that the PS3 thinks is legitimate, and the only way to fix this is to change the keys used, invalidating each and every single game sold for the PS3 to date. And no jailbreaking is necessary for a PS3 to be open to this attack, since with the private key, anyone can make software for the PS3 that is indistinguishable from a trusted, Sony-approved game.

No other company I know has screwed up this badly, or even just let their private key be leaked, and Microsoft is certainly not one of them. The XBox, Windows, Linux, the Wii, etc. and even the PS3 are attackable in a lot more ways, but they'll be trickier, and almost certainly involve jailbreaking.

Comment: Re:Mike (Score 1) 508

by Moddington (#34850836) Attached to: Sony Files Lawsuit Against PS3 Hacker GeoHot
"Produce this for money" What? Are you saying that GeoHot is somehow benefiting financially from this purely software crack that is both released by them for free, and doesn't require any modification to the PS3 itself, software or hardware? "What he does with his PS3 is his right, when he releases that to others it is no longer within his legal rights." So one can hack and pirate and cheat at all the games one wants, so long as one doesn't tell anyone else how one did it? Even Sony disagrees with you on both parts, there.

Comment: Re:Poorly Defended? (Score 1) 508

by Moddington (#34850546) Attached to: Sony Files Lawsuit Against PS3 Hacker GeoHot
As is repeated in many other posts here, it lasted so long because the people who actually had the skills necessary to crack the system weren't trying to until Sony got rid of OtherOS. Even if you don't agree with that premise, the group that found and released the private keys have themselves stated that they didn't start any real efforts to crack the PS3 until OtherOS was removed via firmware update.

Comment: Re:Come on Sony! (Score 1) 508

by Moddington (#34850178) Attached to: Sony Files Lawsuit Against PS3 Hacker GeoHot
Sadly, in all likelihood, no-one will ever be able to do this to the Xbox360 - get the private key for signing software, that is. The only reason they got it on the PS3 was because the Sony developers responsible for the encryption implementation screwed up royally, rendering the PS3's software signing system not much more effective than security by obscurity. And now they're trying to use the law to make up for their monumental failure in implementing a relatively simple system that all their competitors had no problems with...

Comment: Re:What? (Score 1) 257

by Moddington (#34289172) Attached to: Hard-Coded Bias In Google Search Results?
Search for 'GOOG'. Top of the page is the finance service result for GOOG, with links to Google Finance, Yahoo, MSN, and etc., with the fancy graph underneath. The first search result is the Yahoo Finance page for GOOG, and the second is the Google Finance page for GOOG, both of which were linked in the list of sites in the finance service result at the top of the page.

Comment: Re:Not quite (Score 2, Interesting) 203

by Moddington (#33321810) Attached to: <em>Portal</em> On the Booklist At Wabash College
I myself have gotten it working under Ubuntu 9.04 and 10.04 with minimal hassle. Worked straight out of the box aside from sound, but I honestly just experimented with audio output selections in Wine config for a few minutes, and it worked after that. Performance was comparable to that on my Windows machine, to boot. And I'm confident that any students using Linux on their school laptop are comfortable enough with it to figure out most issues they may come across.
Security

Attacking Game Consoles On Corporate Networks 79

Posted by Soulskill
from the waggle-the-wiimote-to-lock-it-down dept.
A pair of security researchers speaking at DefCon demonstrated how video game consoles, which are becoming increasingly common break room or team-building toys, can open vulnerabilities in corporate networks. "[They] found that many companies install Nintendo Wii devices in their work places, even though they don’t let you walk into the company with smartphones or laptops. (Factories and other sensitive work locations don’t allow any devices with cameras). By poisoning the Wii, they could spread a virus over the corporate network. People have a false sense of security about the safety of these game devices, but they can log into computer networks like most other computer devices now. In the demos, the researchers showed they could take compromised code and inject it into the main game file that runs on either a DS or a game console. They could take over the network and pretty much spread malware across it and thereby compromise an entire corporation. The researchers said they can do this with just about any embedded device, from iPhones to internet TVs."

Comment: Re:Just in case you were wondering why... (Score 1) 414

by Moddington (#32943824) Attached to: <em>StarCraft II</em> Cost $100 Million To Develop
And I suppose you'd also recommend against getting Half-Life 2 for the same reasons? It's three games because Starcraft II has three games worth of campaign content. ~30 missions in each case, just like the original SC+BW. It's also been noted that Heart of the Swarm and Legacy of the Void will be priced as expansions, not full games. I'd also suspect that since all three are being developed at once, playing SC2 on Battle.net won't be segregated into groups based on which expansions you have, as compared to the original SC+BW, so if you're only interested in multiplayer, you won't have to ever buy the expansions.
Image

Chinese News Reports the Taliban Are Training Monkey Soldiers 232

Posted by samzenpus
from the I-want-to-shoot-like-you-oo-oo dept.
According to a Chinese news publication, soldiers in Afghanistan may soon come up against a deadly new weapon in the war: monkey soldiers. The report claims that the Taliban are training the monkeys to shoot and kill American soldiers. They also claim to have pictures of monkeys holding AK-47s and Bren light machine guns. From the article: "The New York Magazine has reported about this in jest and stated on Friday, 'No invader has ever conquered Afghanistan, and now we know why. The monkeys will not allow it. It was a good effort, but it's time to pack it in. This is no longer a fight we can win.'”

Comment: Re:This isn't dangerous in the way they claim (Score 2, Insightful) 134

by Moddington (#32801882) Attached to: ATM Vendors Threaten, Stop Research Presentation
It may be pointless now, but there's always the possibility that they're using cards with both the old strip and the new chip as an intermediate step, to try to shift card owners over to using just the chip a little more softly. Of course, it could also just be another example of incompetence in security.

"Pascal is Pascal is Pascal is dog meat." -- M. Devine and P. Larson, Computer Science 340

Working...