Forgot your password?
typodupeerror

Comment: Or look at the GeoEye .5m resolution image (Score 5, Informative) 141

by Tyger (#37330800) Attached to: Satellite Captures Burning Man From Space

http://www.geeked.info/burning-man-2011-geoeye-satellite-image/

I can't believe the 16ft resolution image is getting so much press, when the 0.5m resolution image is so much better, and was announced ahead of time (And scheduled, as you can see from people forming shapes in it).

Networking

Ubisoft DRM Causing More Problems 279

Posted by Soulskill
from the there's-a-lesson-here-that-nobody-will-learn dept.
Joe Helfrich writes "Ubisoft's Settlers 7 servers have been causing problems for over a week for users worldwide, and Australian gamers are hardly able to connect at all. 'The problem reportedly strikes after the game has already confirmed an active Internet connection, and prevents the user from playing even the single-player campaign, returning the error "server not available." But they are available, because other people are logged into them and merrily playing away.' Wonder how they're going to describe this one as an attack."

Comment: Re:2^13? (Score 4, Interesting) 175

by Tyger (#27046917) Attached to: Google NativeClient Security Contest

The PDF was an interesting read, though I agree that the money they are dishing out is pretty paltry for all the free review they are trying to garner. Furthermore, I think they are taking platform neutrality in the wrong direction by locking the idea in to the x86 architecture.

But about how it would work, they are basically enforcing strict limits on how the code can be structured. The limits are designed to make the code easily analyzed. Anything that falls outside the strict requirements is rejected. It doesn't work for antivirus because they have to deal with any code that comes in without restriction.

As to why it doesn't work for OS... There is no reason the basic concept wouldn't, aside from the performance penalty and increased code size. (Though further compiler optimization could minimize or eliminate some of that).

However, if you want to go that route of making an OS do it, you might as well pick up a decent modern RISC architecture, because you're already breaking compatibility with any past program for any OS on the x86 CPU. Most of what they are doing is basically taking something that is standard on RISC and shoehorning it into the CISC architecture of the x86. Namely that instruction boundries can be reliably tested for jumps. They enforce that by requiring jumps only to 32 byte boundries, and then verifying each 32 byte block for correctness. Combined with disallowing self modifying code and eliminating the stack completely, all code that executes can be properly analyzed ahead of time.

The concept looks sound to me (Experience working low level with x86 architecture) but the security still relies on the implementation. Off the top of my head I can think of several ways to break the sandbox depending on how it is implemented. However the PDF is quite short on the details to evaluate the implementation. Namely, what exactly qualifies as an allowed x86 instruction, and for the syscalls that are checked, what the check is, not to mention the potential for bugs in the syscall handler for what would otherwise be valid calls, and even potentially the state of the OS or process when the protected code is executed.

Overall, I don't think this is the right direction for the web platform. Theoretically interpreted byte code should be more secure because it doesn't do anything that the interpreter doesn't explicitly allow (Javascript, Java, Flash, etc) and we see where that got us.

Don't Count Sony Out Yet 172

Posted by Zonk
from the he's-a-fighter dept.
Eurogamer is hosting a GamesIndustry.biz article, an editorial that wants readers to make sure not to write Sony off yet. From the article: "Even if Sony is failing to endear itself to the media, to analysts or to gamers at the moment, that's no reason for the reality of the next generation console battle to be ignored. Judging from reports in the past fortnight, it would be easy for an outside observer to assume that it's all over already; the media paints a picture of Microsoft being victorious before the first shot is even fired, with Sony's overloaded battlecruiser set to sink before it even leaves port."

Don't Go Down Memory Lane? 316

Posted by Zonk
from the rose-colored-hindsight dept.
fieldsofclover writes "Gamers With Jobs is running a piece today about the darker side of gaming nostalgia. From the article: 'Here's an example. Konami's Castlevania had interesting monsters, catchy music, and a great gimmick: a guy with a whip. But if you went back and played it today, chances are you wouldn't bother playing past the second level. Why are the newest games in the series so drastically different from the original? The answer is because gamers demand more from their hobby now, and there's just not a lot of meat on those old bones. But when the fully 3D, story-driven sequel fails, they point at the original on its lofty pedestal and demand an experience that lives up to their memories. It's a double standard that's next to impossible to satisfy.' Are we shooting ourselves in the foot by staying obsessed with the old classics?"

Spore Coming to Consoles? 61

Posted by Zonk
from the spore'd-in-the-living-room dept.
Wowzer writes "EA was previously planning to bring Spore from PC to handhelds. In an interview this week Spore creator Will Wright was quoted as saying they are looking at bringing Spore to all platforms. From the article: 'You might be playing part of the game on a handheld platform, you might be playing the entire game but maybe more avatar-based on a console. The consoles are getting kind of different now, I think there's a really interesting distinction between the Wii and the Xbox 360 and PS3. Something like the Wii offers a lot of interesting creative opportunities for the editors, with the controller.'"

Heisenberg may have been here.

Working...