Slashdot Mirror

← Back to Stories (view on slashdot.org)

Slashback: Subterfuge, Rejoinder, Caution

Posted by ryuzaki0 on from the computers-suck dept.

A desire for information on Code Red and full disclosure, steganography, old game music, and an interesting bit on software patents are the reason you're reading tonight's Slashback.

Good things come in hidden pictures. Intrepid strongman Dug Song writes, in reaction to the "fairly thin" piece earlier today on Steganographic anlysis:

"The only cutting edge, practical work being done today in steganalysis and steganography is by Niels Provos, who gave a talk at HAL2001, and is also presenting at the USENIX security symposium tomorrow: He's been developing several interesting tools to do steganalysis during the course of his universal stego engine development: (http://www.outguess.org/) including stegbreak (which can detect images produced by all popular stego tools -- except outguess), crawl (which he's used to download 2 million jpeg's from eBay to analyze), discern (his distributed computing platform), etc."

Hushing up is not such a good answer sometimes ... Reader Brian McWilliams <brian@pc-radio.com< notes regarding the thread on Slashdot about the costs of full disclosure, "you might want to add an update linking to this story Newsbytes did a couple days ago about the Richard Smith posting. Contains responses from eEye & full disclosure advocates, as well as some more ammo from Smith."

Smith doesn't take kindly to being blamed for damages caused by security holes he publically aired.

So you want to patent "bacon and eggs"? I guess that's OK then. You recently read about the McAffee patent on a seemingly overbroad stretch of computing transactions. Well, it's raised quite a few eyebrows among people interested in a fair computing marketplace. geoa points to this article in which "Neil McAllister in The Gate takes too long to say we shouldn't let another monopoly in the playpen."

It was soooo old ... For everyone enjoying the recent upswing in retro computing interest, Silicon Avatar writes with another tidbit: "Although not necessarily new news, I found a link today when someone mentioned Roland MT-32 to me. Starting with Space Quest IV, Sierra games were written to use either the Adlib soundcard or the Roland MT-32 'soundcard.' Quest Studios seems to have repository of MANY of those songs, including the 'lounge tape' I once had but lost!"

Put that in your souped up underclocked emulator and smoke it.

8 of 174 comments (clear)

  1. If you're looking for more than Sierra game music by mikey573 · · Score: 5, Informative

    If you're looking for more than Sierra game music, check out the Videogame Music Archive for other 8,000 midis for NES, SNES, Genesis, and more. :-) Now that is nostalgia!

  2. It was soooo old ... by DuranDuran · · Score: 3, Informative
    Incidentally, if you're after mobile phone ringtones of themes from your fave older C64, Amiga, and PC computer games, you can check out:

    Arcade Tones

    I'm not related to it, but it was the only place I could find the Megablast by Bomb the Bass from Xenon 2. Now all I need is someone to call me. Call, damnit!!

    DD

    --
    "You can justify anything by putting it in quotes, adding a famous name and making it a sig" - Albert Einstein
  3. Steganography by bentini · · Score: 5, Informative
    I happen to be a researcher in steganography at the moment. I fear that all this work, while "practical" is not as comprehensive as you might make it sound. If you read IEEE Transactions on Information Theory, you might remember the article a couple months ago: "Quantization Index Modulation" by B. Chen and... umm... Cornwell? Sorry, I don't have it in front of me.

    The point is, this article and others have been doning some amazing work on provably good steganography and making some strides in really making stego fit to the information theory model in good ways.

    A lot of the papers cited are less "practical" experiments in steganography but rather information theory which has similar issues. The two most interesting were "writing on dirty paper" and "capacity of memory with errors". These were all about similar problems in VERY different areas.

    The great thing about theory is that it finds connections you'd never imagine.

    If you want to talk about this, my email is dbentley at stanford (it's a university, guess what the TLD is)

  4. Gameboy stream by *deadend42* · · Score: 2, Informative

    Funny this should be brought up, I just finished getting my shoutcast stream working that plays exclusively Gameboy MIDIs. Tune in.

    --
    Watashi wa Amerika-jin desu.
  5. AT&T Block blocking port 80 due to Code Red by Anonymous Coward · · Score: 1, Informative

    Last week AT&T Broadband's solution to stopping port 80 was just to completely block all incomming packet going to port 80. See the 7/30 accouncement. Its to bad they had to cop out and filter this network wide. Its to bad I can't get speakeasy dsl in my area yet because I would have switch over in an instant.

  6. Game Music by $uperjay · · Score: 2, Informative
    The problem I have with a lot of old game music is that the volume isn't tapered at the end, so it just drops off. Even better than the original music, however, are some remixes; Overclocked Remix has quite a few good ones, and they've just redone the layout on their site to make things easier to find (although the downloads can be a bit slow). I recommend the c64vibe remix of the good ole Arkanoid music, myself.

    Most of the later Squaresoft rpgs were released with full soundtracks, as well, most of which you can probably find on ebay.

    ---

  7. Re:Argument for Full Disclosure by Anonymous Coward · · Score: 2, Informative

    "Full disclosure" is what your scenario 2 is. Ish. I don't think you'll find many people arguing for scenario 1.
    eEye discovers a vulnerability and tells MS; then, assuming MS comes up with a patch in a timely manner, eEye and MS make the vulnerability and the patch public at the same time. The question is, do they release the full details of the hole, or just that it exists.

  8. Hackwatch by tagishsimon · · Score: 4, Informative
    Good to see that "Reader Brian McWilliam" was also the author of the Newsbytes story he asked you to link to.

    Odd for me to have seen much of the bones of his story already discussed at length in The Register, on the day before McWilliam's posted his Newsbytes contribution.

    Still; I'm sure the slashdot effect will please his employers & increase his marketability.

    Here, meanwhile, is what TheReg thinks of mcWilliams and his half-assed understanding of things technical.