Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

Check out Videos
×

Comment: Re:Breaking news! (Score 1) 148

by pitchpipe (#49134817) Attached to: Artificial Intelligence Bests Humans At Classic Arcade Games

Seriously, is there any doubt that a computer can easily defeat a human at ___________ that involves _____________?

Of course not. Whenever a computer defeats a human easily, of course it isn't true AI. Computers were better at that all along. Leave that to computers so that humans can do the truly human work.

+ - Hackers Using PowerShell, WMI to Evade Detection->

Submitted by wiredmikey
wiredmikey (1824622) writes "Attackers are doing a better job at hiding by using relatively obscure built in components of Microsoft Windows, according to a new report from Mandiant.

In its M-Trends report, the breach investigations company found that more often than before, APT groups are using Windows Management Instrumentation (WMI) and PowerShell to move laterally, harvest credentials, and search for useful information within Windows environments.

“Attackers are using built in components of Windows that are extremely powerful but relatively obscure in lieu of a lot of the things where attackers needed to previously use specialized tools or malware,” Ryan Kazanciyan, technical director at Mandiant, told SecurityWeek. “They are not necessarily ways to infect a system from scratch, but they are ways that attackers can remain persistent in an environment and evade detection for a much longer period by using some of these advanced techniques,” he said.

Additionally, Mandiant's report found that free credential-stealing tools have made harvesting passwords and escalating privileges in a Windows environment much easier. Mandiant experts found that attackers typically used two techniques: “Pass-the-hash” to authenticate with stolen NTLM hashes, and using the “Mimikatz” tool to recover plaintext passwords from memory. Concerningly, Mandiant said that it did not see a single instance when a victims’ anti-virus software detected or blocked Mimikatz, despite the tool’s popularity."
Link to Original Source

Comment: Re:Software has been replacing coders for decades (Score 2, Interesting) 266

by pitchpipe (#49099529) Attached to: The Robots That Will Put Coders Out of Work

There's so much work to do that I doubt our tools will ever "displace" us.

I find it so strange when otherwise seemingly intelligent people use the word 'never' regarding artificial intelligence. If our brains operate according to the known laws of the universe, then why would you suppose that the piece of meat between our ears could never be improved upon. Really?! Never?

Comment: Re:What about the online use of these cards? (Score 1) 449

by A Friendly Troll (#49093589) Attached to: Credit Card Fraud Could Peak In 2015 As the US Moves To EMV

On an online credit card purchase you get a OTP token generated for that transaction? How is it implemented? Do you need to be logged in to your bank to have access to a generator or some kind of app on your phone?

It depends.

You can get a physical key fob, some new fancy credit cards include a small display and a keypad, or you can get a phone app to generate the token. All are PIN-protected.

Can't login to e-banking without a token, can't do anything inside it without a different token (called APPLI-2 here, whereas the OTP is APPLI-1).

Comment: Re:What about the online use of these cards? (Score 1) 449

by A Friendly Troll (#49085329) Attached to: Credit Card Fraud Could Peak In 2015 As the US Moves To EMV

My bank has an additional layer of security for when you purchase online. When you purchase with the credit card it spawns a page that comes from my bank. I gave it a personal statement that it uses to show that it is real - ie "Your wife's favourite food is potato chips" and then it asks for a password. If I give the correct password the transaction will go through.

Password?

Like, really?

Please don't tell me your bank account uses a password, instead of OTP tokens...?!

Jesus christ...

Comment: Burst Forth, Publish Your Policy Report! (Score 5, Insightful) 213

If you look at this list, the majority of these problems are man-made. Other than a super volcano and an asteroid impact, the solution seems pretty simple. We must abandon all technology and kill all but a small percentage of the population. And those that are left must live in isolated groups. That way there will not be a world wide disease outbreak.

Yep, that's the only option. There's nothing between doing nothing and that option. It's all we have. And if anyone starts to talk about mitigation strategies, planning ahead of time or devoting a single cent of taxpayer money toward preparing for it, we are just all going to have a meltdown and throw a tantrum with teabags on our hats. Thank god we have these strawman arguments for what these ivory tower Oxford elitists are telling us to do: eliminate the human race to protect the human race. I cannot believe they would actually come to that conclusion but there it is, right in the article. Those environmentalists will have us starving in mud huts by the end of the month if we just sit by and let this academic report go unabated and without criticism!

*tortured sigh*

Comment: Send you sensitive information? (Score 1) 809

I should send you very sensitive information?

If I have it, and you don't, and it's very sensitive, then you'll have to supply me with a written and stamped document, signed by multiple Important People (tm), which states that it's okay to give you the data, and also specifies how I'm going to give you the data. I also need to be cleared from issues on your end. Maybe your network is hacked. The data is safe with me; how do I know it'll be safe with you? I need to be waived first.

Papers, please.

+ - Something Resembling "The Wheel of Time" Aired Last Night on FXX->

Submitted by eldavojohn
eldavojohn (898314) writes "If you didn't partake in the DDOS attack on Dragonmount as fans tried to figure out just what the %&#% was going on last night, you should probably prepare yourself for Billy Zane filled disappointment and watch a curious pilot covering the prologue of "Eye of the World" by Robert Jordan that apparently aired around 01:30 AM Eastern time on FXX. The reviews of said pilot are unkind and appear to contain question marks all the way down starting with Jordan's Widow disavowing its authorization. The world of film and TV development is a confusing one but it appears that NBC initially bought options to turn it into a mini series which were then optioned by Universal/Red Eagle Entertainment in conjunction with Red Eagle Games to do a coordinated release. Red Eagle games announced a combined effort with Jet Set games and around 2012 began releasing information on an "Aiel War" project to target mobile gaming platforms. But that appeared to die with its failed kickstarter attempt. It is suspected that Red Eagle Entertainment is behind the odd FXX airing last night. Was this an eleventh hour "use it or lose it" move by Red Eagle Entertainment without Universal's knowledge? In any case, it was a secretive, odd, low-budget, disappointing start to The Wheel of Time in film."
Link to Original Source

+ - Book Review: Core HTML5 2D Game Programming->

Submitted by eldavojohn
eldavojohn (898314) writes "Core HTML5 2D Game Programming details a journey through creating Snail Bait in well defined steps. This simple two dimensional platform game works as a great starting point for anyone interested in making their very first game targeting many desktop and mobile platforms. This incremental process is expertly segmented into logical lessons with the only prerequisite being fluency in JavaScript. One of the most attractive aspects of this book is that the core concepts of this book don’t rely on some flavor of the week JavaScript library or framework.

author David Geary
pages 615 pages
publisher Prentice Hall
rating 9/10
reviewer eldavojohn
ISBN 9780133564242
summary An exercise in 2D game development and mechanics in HTML5 and JavaScript.

First, this book isn't for people who do not recognize HTML5 and JavaScript as a valid development platform for games. I know you’re out there, you can stop reading here and move on to the next article. This book isn't for you. If you have no programming experience this book is likely not for you either. This book dives into concepts faster than Geary’s last book on game development in Canvas. You should also be familiar with JavaScript if you want to effortlessly start on this book. Throughout the book, Geary utilizes object’s JavaScript prototypes to add functions, uses anonymous functions and refers to common programming patterns.

It is worth repeating that the implementation in this book does not rely on a framework or library that could change or go defunct. The game runs entirely on code covered in the book accessing W3C standard specifications like requestAnimationFrame(). As long as JavaScript interpreters don’t change core things like timing control, this book should be relevant to developers for years to come.

The reason this book gets a nine is it accomplishes everything it sets out to do and Geary does a great job dividing up task after incremental task of setting sprite sheets and backgrounds into motion. The reason it doesn't get a ten is that I was personally disappointed with the the author devoting little time to physics and their simulations.

The book is laid out to enable its use as two kinds of resources: cover to cover and chapter specific topics. Reading this straight through, there were only a few times where it felt like I was needlessly being reminded of where I had already read about tangential topics. On the plus side if you ever want to see how Snail Bait implemented something like sound, you need only spend time on the chapter devoted to sound sprites. One mild annoyance I had with the text was that the author seems to always refer to Snail Bait as “Snail Bait” which leads to a Ralph Wiggum-like aversion to pronouns or saying “the game” instead occasionally. It might only be me but it can become tiresome to read “Snail Bait” five or six times on the same page.

You can read a sample chapter here that shows how to implement sprite behaviors.

The first two chapters of the book focus on a set of basic guidelines to follow when doing game development in HTML5 and JavaScript — like keeping certain UI display elements in CSS instead of rendering them as paths or objects in the Canvas. Geary also covers the very absolute simplest concepts of how graphics are going to be displayed and how the background is going to move. He also spends time in Chapter Two showing how to best set up the development environment. It is demonstrated how shortening your cycle of deployment saves you tons of time and the author does a great job on letting you know what tools to use to debug throughout the whole text.

The third chapter delves into draw and rendering graphics in the canvas as well as introducing the reader to the game loop. It spends a good amount of time explaining the use of animation frame control in a browser to keep animations running smoothly. It also begins the auditing of frame rates so that the game can respond to and display things normalized at the rate the user is experiencing them. It also touches on how parallax can be employed to show things closer up moving faster than those further back in the background. This illusion of depth has long been popular and is even finding its way into scrolling on blogs and I wish that Geary would have spent more time on this perhaps in a later chapter but offer the reader more on how to do multiple levels of depth.

The next chapter tackles the core infrastructure of Snail Bait and discusses at length encapsulation of certain functionalities (instead of globals) in the source code as well as Snail Bait’s 2300 line prototype. It bothers me that one file is 2300 lines and I wish there was a better way to do this but as a learning tool, it works even if it is daunting to scroll through. The book adds some helpful pointers about how utterly confusing the “this” keyword can be in JavaScript. Chapter Four really sets the pace for the rest of the book by introducing the use of event listeners and illustrating how the game loop is going to continually be extrapolated.

The next three chapters cover the use of loading screens, sprites and their behaviors. Snail Bait uses all its graphics from an open source game (Replica Island). But if you were to design your own graphics for your game, these chapters do a great job of showing how to construct sprite sheets and how to use tools to construct metadata in the code so that the sprites are usable by the sprite artists. Using the flyweight pattern, Geary sets the stage for more complex behaviors and actions to come in the following chapters.

The next three chapters cover time, stopwatches and their effects on motions and behaviors within the game. The author starts and works from linear motion to non-linear motion and then using transducer functions to affect the time system. The game now has bouncing coins, a jumping player and Geary does a good job of showing the reader how to emulate behaviors in the code.

Naturally what follows next is collision detection and gravity. The collision detection strategies were adequate but I wish that there was more depth at least referenced in the text. This isn't a simple problem and I did like how Geary referenced back to chapter two’s profile and showed how collision detection performance as you implement and refine and optimize your algorithm. The nice thing about this book is that it often tackles problems with a general solution in the code (runner/sprite collision) and then provides the edge case solutions.

In the fourteenth chapter, the author tackles something that has long been a plague in HTML5 games: sound and music. The author doesn't sugarcoat this citing the long history of problems the vendors have had trying to support this in browsers. There’s a great explanation of how to create and handle “sound sprites” (similar to sprite sheets) so that there is only one download for background music and one download for audio sprites.

Next Geary covers the problem of multiple viewport sizes with a focus on mobile devices. Of course this is one of the biggest issues with mobile gaming today. The chapter is lengthy and deals with the many intricacies of scaling, sizing and touch events. This chapter is long but the highly detailed support of multiple platforms and resolutions is a justified discussion point.

In sixteen, the reader gets a treatment of utilizing sprites and their artists to simulate sparks and smoking holes. The book calls this chapter “particle systems” but I don’t think that’s a very good title as the code isn't actually dealing with things at the particle level. Instead this chapter focuses on using sprites to simulate those behaviors via animation. This is completely necessary on a computation inexpensive platform but it is misleading to call these particle systems.

Now that the game looks and functions appropriately, the book covers UI elements like player scores and player lives. The auditing of these metrics are covered in the code as well as warnings when the game begins to run to slowly. It also covers the ‘edge’ condition of winning in the game and the routine that is followed when the user wins the game.

The next chapter introduces the concept of a developer backdoor so that the reader can manually speed up or slow down the game while playing it or even test special cases of the runner sprite interacting with other elements. It’s a useful trick for debugging and playing around but does devote a lot of time to the specialized UI like the speed slider and other things that won’t (or rather shouldn't) be seen by a common player.

Chapter nineteen really felt out of place and very inadequate on important details. It’s a blind rush through using node.js and socket.io to implement server side high scores. The way it’s implemented would make it trivial for someone to submit a high score of MAX_INT or whatever to the server. The metrics reporting is done in a manner that (in my opinion) breaks from long established logging structure one would be familiar with. While it covers important things to record from your users in order to tweak your game, the inadequacy of discussions about shortcomings makes it feel out of place in this text. It's a topic of great depth and I have no problem with an author touching on something briefly in one chapter — this chapter does lack the warnings and caveats found in other chapters though.

Contrary to the previous chapter, the final chapter is a fast application of the entire book’s principles applied to a new game (Bodega’s Revenge). Geary gives a final run through showing how the lengthy prior discussions quickly translate to a new set of sprite sheets and game rules. If this book is ever expanded, I think it would be great to include additional chapters like this although I would pick a more distinct and popular two dimensional game format like a tower defense game or a bejeweled knockoff.

Overall, Core HTML5 2D Game Programming is a great book for a JavaScript developer looking to dabble in game development. You can purchase Core HTML5 2D Game Programming from barnesandnoble.com. Slashdot welcomes readers' book reviews (sci-fi included) — to see your own review here, read the book review guidelines, then visit the submission page. If you'd like to see what books we have available from our review library please let us know."
Link to Original Source

Backed up the system lately?

Close