Follow Slashdot stories on Twitter


Forgot your password?
Slashdot Deals: Deal of the Day - 6 month subscription of Pandora One at 46% off. ×

Submission + - Ubisoft's new DRM system cracked within a day (

mobby_6kl writes: The previous article on this topic got even more attention from slashdot posters than the original confirmation of Ubisoft's new draconian DRM system, but one of the first games to implement this has been released recently, and, perhaps to the surprise of few, was cracked on the very same day, according to Eurogamer and many other sources. Silent Hunter 5: Battle of the Atlantic was supposed to implement the system under which a constant connection to Ubi's servers was required in order to play the game, but contrary to the article linked in the previous submission, it appears to have been much more vulnerable than expected.

So far Ubisoft denies that the game has been really cracked, and while it is indeed too early to tell which part of the protection was circumvented, and whether it was a weakness in the specific implementation, it is hard to argue with the ability to play the game after the rather standard process of installing the game and then overwriting the executable with the one provided. It should also be noted that the patch which was rushed out to address some of the game's technical issues fared no better than the original release.


PHP Security Expert Resigns 386

juct writes "PHP security holes have a name — quite often it was Stefan Esser who found and reported them. Now Esser has quit the PHP security team. He feels that his attempt to make PHP safer "from the inside" is futile. Basic security issues are not addressed sufficiently by the developers. Zeev Suraski, Zend's CTO of course disagrees and urges Stefan to work with the PHP development team instead of working against it. But given the number of remote code execution holes in PHP apps this year, Esser might have a point. And he plans to continue his quest for security holes in PHP. Only that from now on, he will publish them after reasonable time — regardless if a patch is available or not." Update: 10/30 12:57 GMT by KD : Zeev Suraski wrote in to protest: "I'm quoted as if I 'point fingers at inexperienced developers,' and of course, there's no link to that — because it's not true! The two issues — security problems in Web apps written in PHP, and security problems in PHP itself — are two distinct issues. Nobody, including myself, is saying that there are no security problems in PHP — not unlike pretty much any other piece of software. Nobody, I think, argues the fact that there have been many more security problems at the application level, then there were at the language level. I never replied to Stefan's accusations of security problems in PHP saying 'that's bull, it's all the developers' fault,' and I have no intention to do it in the future."

"There are things that are so serious that you can only joke about them" - Heisenberg