Oct 132011

I would assume that most people out there realized that iOS 5 was released yesterday (Wednesday, October 13).  There are plenty of guides out there outlining the new hotness that comes with the update.  We have a couple referenced over in our forum.

What is your most favorite features so far?  I have really taken a liking to the new notification features.  It is pretty slick.  Now, I can see all of them that I missed or accidentally skipped as I unlocked my phone out of habit before reading the notification.

Find My Friends looks interesting, but I have not played with it yet.  Plus, my wife and I use 4square, so I am not sure it offers much more than that.

Jul 242011

For the last few weeks we have have been slogging away at Sanctum. It is developed by Coffee Stain Studios as part of Epic’s Make Something Unreal contest. It is a first person shooter tower defense game.  You can check out a trailer over at YouTube.

I have been playing mostly co-op games lately and CSC added the ability to play co-op on several of the maps.  First off, the game is fun.  It is essentially waved based, monster attacks.  You lay out a maze on the buildable spaces with empty blocks. Then you fill selected blocks up with towers of various types which include guns, mortars, electrical, and anti air type weapons. These weapons can be upgraded throughout the game as you get money to spend on upgrades. You can also select Televators which are blocks that allow you to teleport around as well as elevate you up to the level of the top of the block as you can not jump that high.

You are equipped with three weapons. The first is an assault rifle that has a grenade launcher as its secondary fire.  The second is a sniper rifle with two levels of zoom.  The third is a freeze weapon which can slow enemies down or stop them in their tracks with the secondary fire.  These weapons can be upgraded just like the towers. The weapons essentially overheat, or run out of ammo.  You then have to wait for them to recharge before you can use them.  Weapon switching therefore is essential.  I prefer using my sniper rifle to get some high powered hits in, switch to my assault rifle while the sniper recharges, and then flip back to sniper.  Rinse and repeat.

I do have some issues with the game. First, the only way to really communicate with your teammates is by highlighting one block in the build mode.  So, it is difficult to do any planning.  Essentially, one person has to plan and build out the maze and then communicate what to build after that.  CaGBlight over at the Steam Forums has developed a java based tool that you can use before your game to do some planning.  Unfortunately, it is a little buggy for one of the more interesting maps.  But oh well, it is free. This type of functionality should have been built into the game. The tool outputs images such as this one to show how to build the maze and what towers to build.


Second, the difficulty of the game varies too much from easy to moderate.  On the easy level we can practically win a 30 wave game with our eyes closed.  It is boring actually.  However, on the moderate level, we have won only one time.  We needed three people to do it and it was close. With two of us, we usually only last till wave 12 or 13. I would suggest lowering the difficulty of moderate down a tad and then keeping high where it is.

Third, I would bring out some more maps.  Maps for a game like this are not complicated.  You are not designing gigantic worlds with lush flora or anything like that.  They are essentially grids that you can build on.  In fact, several of the maps are just that. Or they should allow third party development of maps. But having more maps with more possible routes would certainly raise the challenge and creativity of defending the core in the game.

Overall, the game is fun.  It was certainly worth the $3 or so that we paid for it from steam.  I am not sure I would pay much more than that for it.  Currently, it is $15.  I would definitely not pay that. Keep in mind, I have not played the single player version, only the co-op.  So, they may be much more playability in the SP. Another helpful resource for the game is the wiki article over at wikia.com.

What are your thoughts on the game? Any dislikes or likes?

Jul 022011

The infosec world was a buzz (or a tweeting) this morning with news that the popular file service dropbox has changed their legalese. The key paragraph that is now getting attention is as follows:

We sometimes need your permission to do what you ask us to do with your stuff (for example, hosting, making public, or sharing your files). By submitting your stuff to the Services, you grant us (and those we work with to provide the Services) worldwide, non-exclusive, royalty-free, sublicenseable rights to use, copy, distribute, prepare derivative works (such as translations or format conversions) of, perform, or publicly display that stuff to the extent reasonably necessary for the Service. This license is solely to enable us to technically administer, display, and operate the Services. You must ensure you have the rights you need to grant us that permission.

Many professionals have now deleted their accounts.  We will see how the general public reacts to this change in terms of service.  Personally, I never used the service and certainly never will on those terms.

For those of you who need to store data “in the cloud” (in other words, on the Internet), there are some alternatives out there.  Here is a google+ post: https://plus.google.com/u/0/115846783938665223975/posts/LnxqCCTtjVV.  And here is an older article before this issue: http://techpp.com/2010/07/05/dropbox-alternatives-sync-files-online/.

Keep in mind, this is occurring shortly after dropbox had a serious authentication issue which essentially removed any passwords from all accounts for four hours.  There was evidence that that was exploited while the vulnerability existed.

Jun 262011

I know that bucket list is an overused term these days, but I did not know what else to call it.

I have been fortunate enough to be able to take decent vacations in the last 5-7 or so.  My wife and I have gotten in a bit of a rut though between Walt Disney World and cruising.  So, I am rethinking our vacation strategies.  We have been taking approximately two moderate type vacations per year. I am thinking towards one “staycation” and one big vacation.

Both my wife and I have spent some time (before we met) in Western Europe.  I was fortunate to spend a semester in England and was able to visit Wales, Ireland, Scotland, France, and Italy.  That was 15 years ago.  Getting old stinks. So, here is my list of things I would like to see.  Some may be more realistic than others at this time in my life both in cost and time.

  • Galapagos Islands – Thinking of taking a Celebrity cruise on the Xpedition.  It is a 100 passenger cruise ship.  It is all inclusive.  Considering our last cruise ship had 6200 passengers, it would be quite a change.
  • Machu Pichu – It is possible to wrap this in with a Galapagos Islands tour.  However, that may be too much for me at this time.  I would also like to see some of the lesser known ancient cities that are away from the tourists.
  • The Great Pyramids and cruise the Nile – I think that this one will have to wait with the unrest in the Middle East currently.
  • The Great Wall of China – I would also try to tie in a cruise down the Yangtze river.
  • River cruise through Europe – I would love to do a barge, but that is way out of my price range.  I would like to see part of Eastern Europe and Germany.
  • Grand Canyon – I have flown over it and visited some minor canyons as well as Monument Valley.  I would really love to white water raft it.
  • New Zealand – The Lord of the Rings movies really showcased some beautiful scenery.
  • The French Polynesian – Whether it is a small cruise ship or just doing a little island hopping, I do not think it matters.
  • Angkor Wat – Looks pretty amazing.  I would try to tie this in with other Eastern items such as Thailand.
  • India and the Taj Mahal – It would be pretty hard to go to India and not see the Taj Mahal while there.
  • The Panama Canal – This one is relatively easy to do.  I am just fascinated by the idea of the engineering of it.

So what say you?  What is on your list to see and do? What else should I add?

Ultimately, I am a bargain shopper.  So, I will go where I can get a great deal.  However, I am certainly expanding my horizons in the future.  Of course, if I win the lottery than I will hit all of the above plus more.

Jun 252011

If you have been living under a rock and had not heard the news yet, TF2 is now free to play.  You can download it at the TF2 website for both Macintosh and Windows.

The free to play will now be supported by microtransactions within the steam store.  You will be able to purchase new weapons and items.  Valve also claims that they will continue to offer free items as well.

Valve also seems to be taking a pragmatic approach to supporting the community:

“It’s a belief of ours that in multiplayer games it’s generally true that the more people playing the game, the higher value the game has for each individual customer.

“The more players, the more available servers in your area, the wider variety of other players you’ll find, the greater the opportunity for new experiences, and so on.”

This would be bucking the trend of AAA titles coming out at $50-$60 range and support disappearing.  It also seems to be a lesson that some companies *cough* Epic *cough* could relearn.

According to Steam, I only have 2.8 hours played in TF2.  Unfortunately, the Orange Box came out at the same time as CoD4.  CoD4 got a bit more playing time.  However, if more people pick up on TF2, I could certainly see myself devoting more time to it.

Mar 172011

RSA just announced that they were cracked. It is unclear what exactly has been put at risk.

Our investigation also revealed that the attack resulted in certain information being extracted from RSA’s systems. Some of that information is specifically related to RSA’s SecurID two-factor authentication products. While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack.

So, it looks like RSA’s SecurID is immediately at risk. Who knows what else the crackers got. This crack is more significant the crack against HBGary that happened several months ago. This shows how difficult information security is when even the experts are having trouble keeping their doors locked.

Mar 142011

Multiple sources are reporting that Microsoft is winding down the Zune physical media device. They are planning on continuing with the Zune software, presumably on Windows 7 phone.  This allows them to still sell music & subscriptions through their online store.

The Zune has never gotten a whole lot of love.  One of my favorite references was when it was mocked in the popular with geek television show, Chuck episode Chuck vs. Tom Sawyer.

Mar 102011

Fortinet has recently posted a blog post on the history of computer viruses at 40th Anniversary of the Computer Virus | Fortinet Security Blog. From a historical perspective it is a fascinating read. A couple of ones from a personal note:

Creeper: Catch me if you can. This was an experimental virus developed in 1971. It is the grand daddy of viruses. It was a relatively benign virus. And, it was actually a demonstration of mobile code. It would pick itself up and move to the next computer, vs. replicating like today’s viruses.

The article does not deal with The Morris Worm. However, I feel it needs to be mentioned in any discussion about malware. The worm utilized known vulnerabilities in a variety of UNIX services. Unfortunately, it got out of control and ended up performing a Denial of Service attack across the young Internet in 1988. The CERT was created by DARPA as a result of this worm.

When I was a UNIX administrator back in the mid 1990s, we would laugh about all of the forwards people would send about warning of viruses from email. After all, how could you get a virus from reading an email in Pine or Elm. The I Love You virus in 2000 changed all of that with help from Microsoft’s desktop security model. This was one of the first full scale viruses to affect normal users.

In 2001, IIS, Microsoft’s web server was attacked via Code Red. This is different than the traditional virus or worm which attacks the desktop. It exploited a buffer overflow in the indexing system of IIS. I remember being on the front end of the fight of this battle. Our Internet connection was acting slow. While troubleshooting, we decided to reboot our firewalls. When this happened our IIS servers crashed. Funny coincidence we thought. An hour later, we did it again. They crashed again. It was not until the chatter on the security mailing lists picked up late that afternoon that we figured out what was going on. At that point, we were able to take the appropriate action.

Just last year, Stuxnet appeared and targeted Iran’s nuclear industrial machines in a very subtle way. I am not going to get into the details of Stuxnet, as there are plenty of sources out there who can explain it better than I. What is fascinating about it is that it appears to be the start of nations writing malware to directly attack another nation’s specific resources. The effort, skill, and knowledge needed to implement this malware successfully is quite amazing… and scary.

Mar 082011

Google releases stable version of Chrome 10 – TechSpot.  I have recently moved from my long favorite web browser Firefox to Chrome.  Originally, it was going to be a week long trial.  But quite frankly, after a day or so, it was obvious that Chrome had better performance than Firefox.

Google upped the browser war 2.0 again by releasing Chrome 10 today.

Some of the key highlights of today’s upgrade involve security & speed:

  • 23 Security Vulnerabilites fixed
  • Faster JavaScript engine
  • Better malware reporting
  • Sandboxing Adobe Flash on Windows (because someone has to)

As Firefox marches towards its long awaited 4 release, we will see if it can keep up with Google’s development pace. As Chrome uses WebKit, Safari should also benefit from Google’s code.