Slashback: Highness, Hominess, Hole-ines 285
Sometimes being British means self-flagellation. Ferox writes: "The November Web Site Survey from Netcraft reveals something interesting: 'Two years ago the Queen of England became an unlikely icon for the Linux revolution when her webmaster replaced Solaris as the platform for the Royal Family's site, citing the better price/performance of the Dell/Linux platform over the previous incumbent, Sun/Solaris. The open source community celebrated and speculated on when the Apache web server might receive the "By Royal Appointment" moniker. This week the site has changed platforms again, this time to Microsoft-IIS.'"
Keep your hands and passwords inside the car at all times. Niels Provos passed along word of his ongoing research into network security, with some slightly depressing news about the state of Internet security.
Even though the CRC32 bug has been found over a year ago, over 30% of all servers are still vulnerable today. Graph at http://www.citi.umich.edu/u/provos/ssh/crc32.png.
In February 2001, Razor Bindview released their "Remote vulnerability in SSH daemon crc32 compensation attack detector" advisory, which outlined a gaping hole in deployed SSH servers that can lead to a remote attacker gaining privileged access.
In November 2001, Dave Dittrich published a detailed analysis of the "CRC32 compensation attack detector exploit." This exploit is currently widely in use. CERT released Incident Note IN-2001-12.
At the Center for Information Technology Integration, Niels Provos and Peter Honeyman have been scanning the University of Michigan for vulnerable SSH server software to identify and update vulnerable SSH servers. However, scans of the Internet show that system and security administrators must react and update their SSH servers. At this writing, over 30% of all SSH servers appear to have the CRC32 bug.
A simple solution is to remove support for Version One of the SSH protocol. The majority of servers on the Internet support the SSH v2 protocol. To test whether your network has vulnerable SSH servers, you might use the ScanSSH tool.
References: "ScanSSH - Scanning the Internet for SSH Servers", Niels Provos and Peter Honeyman, 16th USENIX Systems Administration Conference (LISA). San Diego, CA, December 2001. This information is also available at http://www.citi.umich.edu/u/provos/ssh/
Don't play with your food, or your games. janolder writes "In the matter of the Civilization III translation project (articles on slashdot, apolyton and heise), the fans have gotten the short end of the stick. The project web site (translation.civ3.de) has been down for a while. Earlier this week, both the web site operator and Kai Fiebach, the project leader, signed Infogrames' cease and desists out of fear of further legal action. The legal position (not to mention the moral postion) of the fans did not appear to be too weak - EULA's are not binding in Germany and supplying patches to a program is certainly not the same as translating a book and distributing the translated manuscript.
Infogrames Germany has issued another press release (translation and my comments) justifying their legal action and position. It makes for an interesting peek into the mindset of a game publisher.
The good news is that Infogrames is considering a more timely release of Civilzation III in Germany.
The bad news is that the cease and desists apparently forbid any modification of Civ3 in any way, shape or form. So no more custom maps for your friends, custom rules or any such copyright infringing activity, please! Is it just me, or has the world suddenly become a less interesting place?"
Not as if Americans always know where we are, either. ByTor-2112 writes "Hate to be the bearer of bad news so soon after a story is posted, but as I commented on the previous story, it appears that galileo has some funding issues. Honestly, did anyone really expect the EU to go through with it? It took them long enough to agree on a common currency!"
Slashdotted already? (Score:3, Interesting)
Always wanted to Ping the Queen (Score:1)
Re:Slashdotted already? (Score:1, Troll)
Re:Slashdotted already? (Score:4, Funny)
Re:Slashdotted already? (Score:2)
Re:Slashdotted already? (Score:2)
Yes, I realize that one can ping -f -s 65528 hostname and do some simple DoS attacks and such
And this can be handled by rate-limiting icmp at the ISP. The only challenge is convincing their SAs that it's a good idea.
Microsoft PR? (Score:2, Troll)
Re:Microsoft PR? (Score:2, Insightful)
IIS Uptime Record??? (Score:3, Funny)
Is that a World Record for IIS?
Re:IIS Uptime Record??? (Score:1)
Yes, they have had problems in the past, and I curse every time I have to deal with Win95/98/ME. But please stop knocking the product just because of it's predecessors.
Re:IIS Uptime Record??? (Score:2, Funny)
So instead.. (Score:1)
So instead of knocking the product because of its predecessors, you're suggesting we use a more valid reason?
How about security: every time Microsoft releases a bug fix, they introduce a new bug.
Not to mention "Behind the scenes" black magic: whenever my proxy sends an ident request to a Windows box, the box responds with a request for http://windowsupdate.microsoft.com/ident.cab -- filling up the server's
Let's not forget their plans for world domination. I must admit that the Linux community wants world domination too, but it would be an open domination, where anybody can change the source code (then patent it in some obscure country [or the US] and make a billion dollars).
But the world isn't all bad. All these stories about narrowing rights and such can be kind of depressing. I'd like to see Slashdot (and Slashdotters) post more of the non-depressing stuff. There's a lot of good out there too.
Re:So instead.. (Score:1)
Hey, I'd like to be an optimist, but I don't I could do it.
Re:IIS Uptime Record??? (Score:1)
Re:IIS Uptime Record??? (Score:1)
Re:IIS Uptime Record??? (Score:2, Informative)
One of my nt4 file servers here provides file and login for 200 staff and has an uptime of 267 days solid
Uptime discussions are invalid when comparing file app and print servers, availability is how we measure this and that means an uptime is bull - you have to reboot servers of ANY ilk for hotfixes and general maintenance.
Re:IIS Uptime Record??? (Score:1)
Re:IIS Uptime Record??? (Score:1)
Re:IIS Uptime Record??? (Score:1)
Re:IIS Uptime Record??? (Score:1)
Re:IIS Uptime Record??? (Score:1)
Not mine... With 128MB of 266MHz DDR RAM and a 1.13 GHz Athlon, the thing freezes all the time.
Maybe I have something configured incorrectly
Just my personal experience.
Re:IIS Uptime Record??? (Score:2)
FWIW I've had 139 days uptime on NT4SP6a running several servers (ssh, web, mail) as well as std workstation and dev stuff - cygwin, emacs, etc etc. No Outlook, no IE and no IIS. Result, happiness - well, as happy as it's possible to be whilst still sullying one's mind fingers with Microsoft stuff. It's the freedom thing that's important, anyway, not the quality of the code.
Re:IIS Uptime Record??? (Score:2)
Alert! (Score:1)
The operation timed out when attempting to contact www.royal.gov.uk."
*snicker*
Civ III and all (Score:1)
Copyright (Score:3, Interesting)
Re:Copyright (Score:2)
Thats seems to me to be closer to distributing a demo of some sort. And definately a copyright violation.
I think an even better analogy would be distributing free glare-reducing transparencies to lay over the pages and reduce eye strain and a free bookmark to help enjoy your purchase. If patches are being distributed that require the game already be installed, there should be no problem (IMHO). But the entire game with reworked languages should not be distibuted, as that would imply that every user already PAID for the game and thats just not reasonable.
Re:Copyright (Score:4, Insightful)
So, an even better analogy would be a reading translator that would read the Harry Potter book to you in German. Copyright violation? No. Fair use? Definitely.
Good analogy, but... (Score:3, Funny)
Suppose Voldemort Publications sells you an PDF of Black Magic for Beginners on CD. The text is copyrighted, but that's not enough for VP. So they make you accept a license agreement that specifies that you can only read the book directly off the CD and you may not manipulate the text in any way.
You pop the CD in your computer and discover that the text is in Ancient Etruscan. When you call up to complain, they explain that the English translation is licensed to Massively Manipulative Monopolies. No they don't know when it will come out.
No problem. You go to the Hogwarts web site and download a translation spell. But as soon as you begin to incant Logos Anglicia! a VP legal troll appears in a puff of yellow-green smoke. He accuses you of violating the no-manipulation clause in your license agreement. You try to tell him that such a clause is unenforceable, but he just shrugs and says, "We think it will stand up in court. You're welcome to consult your own lawyer, of course."
"This is ridiculous!" you say. "I acquired the book legitimately, and I have a right to read it."
"Well, we have a right to maximize our return on our investment. That's why MMM is handling the English version -- they're much better at marketing to muggles than we are. Now cut it out. This agreement is enforcable in the Court of Giant Warts!"
Re:Good response, but... (Score:2)
German EULAs (Score:2)
Point is that people who sell IP want to control how it's distributed. That's what drives their decision making. And the law, be it copyright, licensing, whatever, is almost always is on their side. Given the way the law is made [opensecrets.org], that's hardly suprising.
From the POV of consumers and artists, the results are often absurd. German gamers who can't play games they've paid for is one example. Another is music and literature that you can't listen to or read because the copyright holder is sitting on it. I myself know a couple of musicians who feel damn frustrated because their work is controlled by publishers who won't release or sell it back. Unfair? Absolutely. But perfectly legal.
Re:Copyright (Score:1)
It's not as though Jesus is endorsing these things. Hell, there are strong arguments against them _here_.
Re:Copyright (Score:1)
Whether suppressing "fan" works is good marketing or not is arguable, but it doesn't seem that Infogrames/Firaxis is going beyond traditional copyright (as we knew it in, say, 1970) here.
Re:Copyright (Score:2)
A better analogy would be to offer a list of new character names and objects and where in the book these names should be inserted. The purpose, of course, would be to localize the book: the book could be cajunized-- Jonny Pottieu would be chompin' on crawfish at a charivari [charivaricajunband.com], instead of whatever harry potter ate...
There is no copyright violation... you are replacing the text from the original program, and not distributing any byte that was in the original. The user must own the original to apply the patches to; otherwise the patches are useless.
Re:Copyright (Score:1)
Things get a bit dodgy when you consider that anybody can translate a work into their own language in order to understand it - however, the distribution of that translation is an infringement of copyright law.
Remember, creativity's not all in the code!
Re:Copyright (Score:2, Insightful)
Translating and distributing Civ3 is exactly what didn't happen. The translation team created new text lookup files and offered them as a patch for the US version of Civ3.
Had they instead offered a complete localized package for download, I'd have to agree with you. As it is, Infogrames have really ruined their reputation in this market.
Re:Copyright (Score:2, Informative)
The difference between Harry Potter and a computer game is simply that with Harry Potter, the text is the product. Period. Whether that text is read on a computer screen, off of a sheet of paper or off of microfilm, the text is the product that is being sold.
In the case of a computer game, the product is the game, which includes the text, the gameplay, the graphics, music, sound effects, what-have-you.
In the case of someone "ripping off" Harry Potter, the "ripped-off" product would be the complete text of the book, and that's what the publisher is trying to sell. In the case of Civ3, a patch to change the language to something else is nowhere near to being the entire product. In fact, it could be argued that the actual wording of the text is not really part of the game at all - for an example of this, does the fact that a football referee calls a game penalty in Spanish make the penalty any different than if he called it in English or used sign language? The language is not the game. Since it's the game that this outfit wants to sell (though they have a funny way of promoting it, I must say) a language patch is not a violation of "their property".
Which brings up an interesting point. If I am paying my money for "their property", then why can't I do what I want to with it? If I pay money for any other kind of property I'm allowed to do what I choose with the product that I've purchased. Computers are about the only industry where the business revolves around "You pay for my product but I still own it."
Re:Copyright (Score:2)
However, software is treated differently. Bad analogy, but still a valid point if they're actually distributed a full translated copy of Civ3. If they're just distributing a patch, as some have said, than I'd say that puts infogrames on shaky ground unless France has a DMCA-type law that prevents reverse-engineering of any sort.
Lame. (Score:1)
Securing OpenSSH (Score:5, Informative)
Protocol 2
This will deny all SSH1 connections and force everyone to use SSH2 to connect.
SSH 2 (Score:2, Interesting)
Re:SSH 2 (Score:2)
But I have to slow down now and not be informative more than once every two minutes...
Re:SSH 2 (Score:3, Interesting)
If you have known incoming IP's, I believe adding them to /etc/hosts fixes the problem. Complaing to your ISP may help, but if your ISP's DNS admin has a clue, he'll probably point out that this is a really stupid test to be performed to begin with so he doesn't consider it a high priority to fix things on his end so it'll work, but he may get around to it eventually...
Re:Securing OpenSSH (Score:2)
Re:Securing OpenSSH (Score:2)
Re:Securing OpenSSH (Score:1)
Re:Securing OpenSSH (Score:4, Informative)
- ssh [openssh.com] - OpenSSH port of BSD's version of ssh that branched off the last free version of ssh put out by ssh's original developers. It has supported ssh protocol version 2 since roughly August of 2000, and versions supporting ssh2 made it into Debian soon there after. Currently version 3.01p is in Debian, and I think its pretty much equivalent to to the non-free ssh3.
- ssh-nonfree [ssh.com] - non-free version of ssh from its original developers. It only supports ssh protocol version 1.
- ssh2 - Version of ssh supporting ssh protocol 2 from the makers of ssh-nonfree. License is more restrictive than ssh-nonfree's license.
- ssh3 - As far as i can tell its not packaged yet. Is the license more restrictive than ssh3? Regardless, there is no ssh protocol version 3.
Anyway, Debian has had ssh protocol version 2 support for a long time,.answering everyone at once.... (Score:2)
Installing "unstable" is *not* an option at many (most?) sites. You install an unstable package on a live server, you die. Or at least you lose all root access on the live servers. The problem isn't any single unstable package, it's their tendency to pull in other unstable packages. This can get out of control real fast.
Even installing from pool is problematic, but usually acceptable since you're compiling it locally and can avoid creeping dependencies... but some Debian tools require Perl 5.5 which breaks stable systems. If you're willing to devote a system to unstable, you might be able to create an installable package... but this is not something Joe User is going to be able to do.
So I stand by my point. If you require SSH protocol 2 (supported by OpenSSH 2.x and 3.x), you will knock out most Debian users until either Woody is released or somebody takes a honking big clue-stick at the appropriate Debian maintainers and openssh 2.x is released as a Potato security bug-fix.
Re:answering everyone at once.... (Score:2)
Re:Securing OpenSSH (Score:3, Informative)
There's also OpenSSH for cygwin and a crappy piece of software called telneat which I used before I installed cygwin. Apparently new versions of telneat are commercial now anyway.
See http://ssh.gatordog.com/ for a bazillion others.
Re:Securing OpenSSH (Score:2, Informative)
OpenSSH under Cygwin (Score:3, Informative)
Re:OpenSSH under Cygwin (Score:2)
The insecurity of Cygwin doesn't stop it being a very useful tool for single user Windows boxes, but it is kinda silly to use it to compile what's meant to be a security-enhancing program like ssh.
quick way to check your openssh (Score:5, Informative)
% telnet 127.0.0.1 22
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
SSH-1.99-OpenSSH_2.9p2
if you see OpenSSH before version 2.3, you may be vulnerable (iff you have fallback to ssh1)
Hacking Civ III is too easy anyway... (Score:1)
Ah, for the days of 0/99/32 settlers...
Queen's web server on IIS (assorted comments) (Score:3, Troll)
The enemy is [at the] Gates!
Is HRH trying to upstage Diana's famous crash?
I'd have thought QE version II wouldn't have this bug.
Wait until they cut her off after three Windows Product Activations.
Already
And finally...
"Your highness, the people have no open source..."
"Well, let them run DRDOS!"
Re:Queen's web server on IIS (assorted comments) (Score:2)
seven steps to fixing ssh on your OS X box (Score:2)
1. log in to Mac OS X as an admin user
2. navigate to the
3. type sudo perl -i.bk -p -e 's/#Protocol 2,1/Protocol 2/g'
4. type sudo perl -i.bk -p -e 's/2,1/2/g'
5. type grep SSH
6. if the response is "YES", type sudo kill -HUP `cat
7. Quit the Terminal program
Uh, ZERO steps to fixing your OSX box (Score:4, Informative)
Slashback: Highness, Hominess, Hole-ines... (Score:1)
I know the joke's been made, but come on, it would have been so easy do add it to the title!
Re:Slashback: Highness, Hominess, Hole-ines... (Score:1)
OK, so a double-double standard? (Score:5, Insightful)
C'mon guys. Either clean up your act or stop being the first ones to throw the stone.
Re:OK, so a double-double standard? (Score:1)
Re:OK, so a double-double standard? (Score:1)
I see no double standard here (if you do, again, please point out which message). I always complain about sysadmins who don't install the latest security patches, regardless of OS. If it appears I complain about IIS sysadmins more than Unix sysadmins, it's only because I get that opportunity more often...
apt-get update && apt-get upgrade regularly (assuming you have security.debian.org in your sources.list, of course -- naturally I'm assuming you use Debian... :)
Re:OK, so a double-double standard? (Score:1)
No, I'm not trolling. And no, you obviously did not get the point I was trying to make. And I wasn't thinking about you specifically, so calm down or you're going to pop a coronary. Or something.
Re:OK, so a double-double standard? (Score:1)
Re:OK, so a double-double standard? (Score:1)
Re:OK, so a double-double standard? (Score:1)
You are one of a very few in a forum crawling with OSS propagandists and knee-jerk M$ bashers.
I don't care for these any more than you, but I care even less for people who constantly complain about it even when it isn't happening. The fact of the matter is, the number of messages complaining about this are actually greater than the number of messages doing it. Thus, the people complaining are in fact far more annoying most of the time...
Re:OK, so a double-double standard? (Score:2, Funny)
repeat after me:
Sysadmins have to patch their systems.
Sysadmins have to patch their systems.
Sysadmins have to patch their systems.
Sysadmins have to patch their systems.
Sysadmins have to patch their systems.
Sysadmins have to patch their systems.
Sysadmins have to patch their systems.
....
(Of course, Microsoft would rather we not know when this has to happen, where as Red Hat has been sending me advisories ever since I installed their distro.)
Re:OK, so a double-double standard? (Score:1)
Re:OK, so a double-double standard? (Score:2)
Yea, I got hit and lost some serious time and money. It was undoubtedly my fault. But it's not entirely black and white. Not all that far off, but not entirely.
Re:Rant (Score:2)
I suppose its like women and shopping. Sure, you're right in saying that they're not ALL shopaholics, but because so many are, the two are often synonymous.
from netcraft: (Score:1)
I like it...
Re:from netcraft: (Score:1)
Not that any of whitehouse.com's visitors care or anything...
Re:from netcraft: (Score:2)
That's interesting, especially when you consider that the Bush campaign ran IIS. Of course they probably just inherited the contract for the Whitehouse server from the previous admin. It's hosted by Akamai, so it's possible that the administration didn't make any decision about the OS at all.
As for the Queen, well... she traded in her fancy Sparc hardware for x86 boxes and got tired of Linux. So, if you are in that situation and you want something that's nothing like Linux, what do you choose? Windows.
That in itself is interesting--if people dump Sparc hardware for Linux x86 boxes and then sour on the OS, what will they do? Install Windows.
So, once again, commercial *NIX vendors are the biggest losers to Linux, not MS.
Civ 2 and Civ 3 (Score:3, Interesting)
Things like rulesets were laid out in simple configuration text files, so that patches could be applied to change the nature and look of the game - right down to individual units and map squares. Civ: CTP 2 (a game I own) also has easily moddable rulesets (the game is so buggy you simply MUST install Apolyton's patch).
Beating down on fans and modding is stupid , the most successful games are those that have been modded (Halflife, StarCraft). Until I see firm evidence of something other than this translation case, I still want Civ III and will enjoy playing it.
BBC Say "Bush to Bomb VALinux" (Score:1)
George W. Bush
Tony Blair
Currency..... (Score:1, Offtopic)
Honestly, did anyone
really expect the EU to go through with it? It took them long enough
to agree on a common currency!
and North America (Canada, Mexico & USA) has
how many currencies.....
Re:Currency..... (Score:1)
and we don't claim to be using the same currancy.
Well.. (Score:2)
However.. ever heard of "manifest destiny"?
IT has long been part of the American culture tha the whole continent should be the United States.
Hole-ines. Like Saltines, without the salt. (Score:1)
Yum.
The Queen's server... (Score:1)
Actually, they have changed ISP. Check out the netblock owner section of the Netcraft survey, the change in operation system happens at the same time as the change in ISP backbone.
Re:The Queen's server... (Score:1)
The reason royal.gov.uk has switched server... (Score:5, Informative)
Netcraft weirdness (Score:3, Funny)
Even more bizarre is that site's history:
Solaris
Microsoft-IIS/4.0
13-Sep-2001
194.60.38.75
Houses of Parliament
NT4/Windows 98
Microsoft-IIS/4.0
2-Apr-2001
194.60.38.75
Houses of Parliament
Solaris
Microsoft-IIS/4.0
4-Jan-2001
194.60.38.75
Houses of Parliament
BSD/OS
Microsoft-IIS/4.0
2-Nov-2000
194.60.38.75
Houses of Parliament
So, not only does Parliament seem to like changing their minds (sometimes radically) every few months, they also like using impossible combinations of OS and server. Hmm....maybe it's symbolic of something...(just kidding!)
Re:Netcraft weirdness (Score:4, Informative)
Re:Netcraft weirdness (Score:3, Funny)
BTW, this nugget is in the Netcraft FAQ [netcraft.com]
Royal Family's web site (Score:2)
Move along, nothing to see here.
-Legion
SSH Vulnerability Overview (Score:2, Informative)
** Vulnerable:
SSH 1.2.24 - 1.2.31 (ssh.com) -- all versions to date of release of this advisory
F-SECURE SSH 1.3.x -- all recent releases
OpenSSH prior to 2.3.0 (unless SSH protocol 1 support is disabled)
OSSH 1.5.7 (by Bjoern Groenvall) and other ssh1/OpenSSH derived daemons
** Not vulnerable:
SSH2 (ssh.com): all 2.x releases NOTE: SSH2 installations with SSH1 fallback support are vulnerable
OpenSSH 2.3.0 (problem fixed)
SSH 1.2.32 (ssh.com, released 10/22/2001)
SSH1 releases prior to 1.2.24 (vulnerable to crc attacks)
Cisco SSH (own implementation)
LSH (SSH protocol 1 not supported)
** Other SSH daemons: not tested
To test your server, do this:
$ ssh -v -l `perl -e '{print "A"x88000}'` localhost
if you get a seg fault like below, you need to upgrade:
Program received signal SIGSEGV, Segmentation fault.
0x806cfbd in detect_attack (
136 for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED;
Now, happily for me, I didn't have this problem. This is good since I'm logging in remotely to my box in California from Spain, VIA SSH!! I'm an idiot as I've also shut off Telnet and if it DID segfault, I would've been completely screwed.
-Russ
Defensive posture (Score:2)
Debian Backports Security Fixes (Score:3, Informative)
Which apparently just checks the version number and will therefor falsely identify Debian stable machines as vulnerable despite their being up to date on security patches.
Re:Debian Backports Security Fixes (Score:2)
translation of Civilization (Score:2)
You may still be able to make other modifications to their software and distribute the patches, whether they like it or not.
Of course, instead of contributing to a commercial game without getting compensated for your work, why not just contribute to FreeCiv or similar games? Civilization itself seems mostly like a clone of older games anyway.
Quick! Someone Hack The Royal Website! (Score:2)
Anyway, I'm sure there are enough vigilantes out there who will be targetting this IIS implementation eh? Hehehehe
(...why do I get this creepy feeling as I write this? Ah well, I'll just take a nap... Oh yeah, disclaimer -- I don't really advocate or invite illegal activities. I'm just saying in my own way that I can see it happening.)
Royal Server changed IP too?! (Score:2)
Disclaimer: I have no idea what I am talking about.
Re:royal.gov.uk (Score:2)
And ours can use the Queen's English properly. :P
-Legion
The Royal Family would like to thank Microsoft (Score:3, Interesting)
Indeed she does still hold that title. I used to know her full grand gitre but it's slipped out of my mind for some reason. The natural place to look it up is on the Royal Family's website, but, oddly enough since they moved to IIS (another fine Microsoft product) it's down right now. Funny, I never can remember it going down before... [royal.gov.uk]
(I think it highly unlikely that it's slashdotted. Government servers designed for worldwide access are generally well able to handle this kind of load.)
OK, so I found it at the alt.talk.royalty FAQ [heraldica.org]. In the UK, she's called "United Kingdom: Elizabeth the Second, by the Grace of God of the United Kingdom of Great Britain and Northern Ireland and Her other Realms and Territories Queen, Head of the Commonwealth, Defender of the Faith". In her other realms and territories, she's styled slightly differently. The full list is rather lengthy, so check the FAQ to see it. Although "Queen of England" isn't found in there, it's certainly not incorrect to call her that.
Re:The Royal Family would like to thank Microsoft (Score:2)
Were diu werlt alle min (Were all the world mine)
Were all the world mine
from the sea to the Rhine,
I would starve myself of it
so that the queen of England
might lie in my arms.
Though obviously he was referring to a different Queen than our present monarch...!!
Re:Civ III mods (Score:2)
Seriously now, the game *comes* with an editor that is quite flexible. The one thing that bothers me is you can't tie down people to their starting locations (i.e. with say the world map, you might play the American civ and end up in the Japanese starting place). But it allows for completely new maps and changes to all the units and and even more sweeping gameplay changes if I recall correctly.
I'm willing to bet this means if you go out and do stuff that actually requires messing with the main executable, you'll likely get a lawsuit knocking at your door. Making a map will not trigger that same reaction.
Re:The White House (Score:2)
As does one of Slashdot readers' favorite sites. [netcraft.com]