A: Online. Same which DivX did. People didn't like.
B: Self-oxidizing disks. Been done, unadopted.
C: Overwrite the block upon insertion. When the disk is inserted, the player will overwrite part of the disk (with a DVD-R laser). Probably serial # the disk too, and specify time & date.
Probably C. Doesn't change that it isn't significantly cheaper or more convenient than Netflix or the local DVD rental place. So why would anyone BOTHER. Especially with the Borg involved?
The annoyance is: There ARE nice scratch-resistant coats for polycarbonate lenses. They are SOP on polycarbonate glasses (very light and strong, quite common for sports-goggles).
Fortunatly, polycarbonate can be polished well. So I'm planning on just polishing mine out once the cases are available.
1.) Economic Monitoring... by nweaver How much economic monitoring do you do? Both in-game and on the secondary market (eBay)? Have you considered working with an economist (Steven D. Levitt comes to mind, but there are dozens of others as well) to study some of these phenomenon?
Response - We monitor the economics of the game very closely. We watch the in-game economy on a regular basis and have personnel that monitor game logs every day. When we see irregularities, we take action. This can range from exploring the account further, finding and removing exploits, or even possible suspension and bans. We also look closely at out-of-game transactions involving real-world cash for in-game items. Some of those transactions occur over eBay, some do not. But in many cases, the involved parties are warned or suspended, and some accounts are also banned.
Marketing droid just didn't get it. I'm interested in ACADEMIC modeling. EG, Star Wars galaxies has published interesting flows. People have done economic models of Evercrack's secondary market trying to estimate the GDP assuming a convertable currency. And Freakonomics is a GOOD BOOK damnit.
Stupid marketing droid. Needs to have his memory core wiped and reprogrammed over at Hammerhead.
However, said Froshling is SCUM. To buy a $2000+ laptop ($2500, but how old?) (X40 IBM) laptop for $300? He KNEW it was stolen. He's being nothing more than a fence with an EBay account. And he'll get off with just a misdemenor. SCUM!
A good compute cluster can be had for $2500 a dual-CPU node. Assuming another $500/node/year for operating costs/upkeep, thats still
$1250 for a CPU-year. Compared with $8000/cpu/year for Sun's solution. So you better need BURSTS of CPU but not sustained CPU. And you better not be able to smooth out the burst demands with a batch-job system.
A: Captchas are a necessary evil. Without it, many services can be horribly, horribly abused.
B: ITs how lazy cryptographers do AI: The goal of a captcha is to get someone else to solve a hard vision/learning problem, and then you change the Captcha.
How much economic monitoring do you do? Both in-game and on the secondary market (eBay)? Have you considered working with an economist ( Steven D. Levitt comes to mind, but there are dozens of others as well) to study some of these phenomenon?
A: Tor is a documented protocol. If you really REALLY want to block Tor on your network, configure your IDS to recognise the protocol setup, and kill THAT.
B: You can't quake through Tor. Tor only supports TCP, and it adds a fair bit of latency to boot.
On items, its a simple matter. For every item, put it in a hash table by serial #. Every duplicate seen, add it (and the original) to a list. Then nuke every item in the list. After all, WHICH was the duplicate?:)
For gold, yeah, they probably have enough logging to figure it out:
For every character which the following happened in a short time (~1 minute): a: Gave >X gold to friend b: Entered instance c: Was kicked out do to failure
Well, remove all gold from character and friend, and any purchases done between the time it occured and the great server reset.
Yeah, slighly punative form (nuke ALL gold rather than just created gold, nuke ALL duped items including source of duping), but easy enough to do, effective, and FUN.
Who wants to be that Blizzard's Database servers are grinding these queries now?
On a heavily loaded server: You give your gold/item to a friend. You then enter an instance area. If you load, fine, no bug. If not, and it kicks you out after 1 minute (due to load), you still have your gold.
So obviously what is happening is that the "Failed to load" instance response is going back to some character checkpoint previously created, with this checkpoint being somewhat older.
The fix (which will probably be put in place by now) is to checkpoint the character when he/she attempts to enter an instance. So you aren't gonna be able to exploit this bug anymore. Sorry, 1AM3 CH3373RZ!
Also, if blizzard DID serial # all items, then it will be a pretty simple script to prune the duplicated items. But as they probably don't serial # gold, it might still have some economic disruption.
The previous cybersecurity position in the DHS (where the directors had the job expectation of a Drummer in Spinal Tap) was several rungs lower on the totem pole.
Making it an assistant secretary position is a big increase in authority, which should (hopefully) translate into some significant action.
This vulnerability, in order to discover that it exists, requires exploitation. A system will NOT reply with any information about it being vulnerable unless the scan contains an exploit code which generates a response.
Thus, because of this restriction (you need to exploit to scan, and you need to know the exploit to create a scanner), you wouldn't scan to create a hitlist, you would either know the hitlist in advance through some other means (an insider?) or just release the worm without a hitlist.
You can't really scan for this vulnerability. Any scanner for the vulnerability has to be scan & exploit, as it is only when the personal firewall receives and interprets the packet that you know if it is vulnerable. There is no response sent back which tells you that it is vulnerable, UNLESS you actually send an exploit packet.
In which case, why hitlist? You just write the whole worm.
Thus in order to create the hitlist, specialized knowledge (the customers in the hitlist) would be needed.
The attacker could have just as easily protected himself by patching or removing ISS, so he didn't need self protection.
And the flaw was the case of the attacker being too subtle and proper. If you read Knuth, it says to use only the lower 16 bits of a 32 bit linear congruential pRNG, as only the lower 16 bits are reasonably random.
So the attacker called the pRNG twice, concating together the lower 16 bits of each try to create the target address.
The problem is, the linear congruential generator is a 32 bit permutation: if you just take the value it will cover the whole address space,which is what you want in a worm (but not necessarily in a random number). But concating the two 16 bit values together doesnt' cover the whole space. So its a very subtle bug, caused by the attacker being a bit TOO sophisticated.
And some of the 10% still got infected: eg, if they were snooping the wire to protect other systems.
At the time, Dan and I did not know it was a Hitlist, we thought it was a botnet.
Knowing that it WAS a hitlist (that the author couldn't have scanned for in advance), makes it seem more likely that the author was an insider, someone with a relationship to ISS, rather than an outsider who worked fast, as the attacker had to know, in advance, the vulnerable systems needed to create the hitlist.
Unlike most other vulnerabilities, you really couldn't scan for the ISS vulnerability WITHOUT actually exploiting it. Thus the hitlist had to be based on a-priori knowledge rather than reconnisance.
LCG gives a 32 bit number, but only the lower 16 really look good for "random". So, following the Knuth recommendation, LCG was called twice, to create the upper and lower halves of the address.
This is the bug: For a worm you don't want random, you want random COVERAGE. By doing the concatination, about 10% of the 32 bit address space is never generated.
The flaw for patient 0 was different: It was simply running different code, so it produced different random numbers.
Slashdot Mirror
It's not like the Register doesn't have accuracy issues either.
A: Online. Same which DivX did. People didn't like.
B: Self-oxidizing disks. Been done, unadopted.
C: Overwrite the block upon insertion. When the disk is inserted, the player will overwrite part of the disk (with a DVD-R laser). Probably serial # the disk too, and specify time & date.
Probably C. Doesn't change that it isn't significantly cheaper or more convenient than Netflix or the local DVD rental place. So why would anyone BOTHER. Especially with the Borg involved?
People didn't like online, interactive, DRM'ed DVDs 5 years ago, why would it change today?
I want to go see Mirrormask, Serenity, and Corpse Bride. Who cares about Star Bores?
The annoyance is: There ARE nice scratch-resistant coats for polycarbonate lenses. They are SOP on polycarbonate glasses (very light and strong, quite common for sports-goggles).
Fortunatly, polycarbonate can be polished well. So I'm planning on just polishing mine out once the cases are available.
Strider Ghostbuster,, a Microsoft developed technique for detecting all persistant and stealthy rootkits .
Just convince Microsoft to make it available.
There is also SysInternal's Rootkit Revealer, which although not quite as general, is still hard to fool.
1.) Economic Monitoring... by nweaver
How much economic monitoring do you do? Both in-game and on the secondary market (eBay)? Have you considered working with an economist (Steven D. Levitt comes to mind, but there are dozens of others as well) to study some of these phenomenon?
Response -
We monitor the economics of the game very closely. We watch the in-game economy on a regular basis and have personnel that monitor game logs every day. When we see irregularities, we take action. This can range from exploring the account further, finding and removing exploits, or even possible suspension and bans. We also look closely at out-of-game transactions involving real-world cash for in-game items. Some of those transactions occur over eBay, some do not. But in many cases, the involved parties are warned or suspended, and some accounts are also banned.
Marketing droid just didn't get it. I'm interested in ACADEMIC modeling. EG, Star Wars galaxies has published interesting flows. People have done economic models of Evercrack's secondary market trying to estimate the GDP assuming a convertable currency. And Freakonomics is a GOOD BOOK damnit.
Stupid marketing droid. Needs to have his memory core wiped and reprogrammed over at Hammerhead.
San Francisco Chronicle
However, said Froshling is SCUM. To buy a $2000+ laptop ($2500, but how old?) (X40 IBM) laptop for $300? He KNEW it was stolen. He's being nothing more than a fence with an EBay account. And he'll get off with just a misdemenor. SCUM!
A good compute cluster can be had for $2500 a dual-CPU node. Assuming another $500/node/year for operating costs/upkeep, thats still
$1250 for a CPU-year. Compared with $8000/cpu/year for Sun's solution. So you better need BURSTS of CPU but not sustained CPU. And you better not be able to smooth out the burst demands with a batch-job system.
A: Captchas are a necessary evil. Without it, many services can be horribly, horribly abused.
B: ITs how lazy cryptographers do AI: The goal of a captcha is to get someone else to solve a hard vision/learning problem, and then you change the Captcha.
How much economic monitoring do you do? Both in-game and on the secondary market (eBay)? Have you considered working with an economist ( Steven D. Levitt comes to mind, but there are dozens of others as well) to study some of these phenomenon?
How much does the selection come down to cost vs customization?
On one hand, renderfarms of ~5k machines get pretty expensive already, and adding another $500k for windows liscences is no small change.
On the other, how much of the software is custom/gets customized, and Linux is a better platform for doing custom software and customization?
A: Tor is a documented protocol. If you really REALLY want to block Tor on your network, configure your IDS to recognise the protocol setup, and kill THAT.
B: You can't quake through Tor. Tor only supports TCP, and it adds a fair bit of latency to boot.
It is a Dvorak story. Dvorak himself should have a perminant -10 Troll moderation tattoed to his forehead.
Based on the other comments:
:)
On items, its a simple matter. For every item, put it in a hash table by serial #. Every duplicate seen, add it (and the original) to a list. Then nuke every item in the list. After all, WHICH was the duplicate?
For gold, yeah, they probably have enough logging to figure it out:
For every character which the following happened in a short time (~1 minute):
a: Gave >X gold to friend
b: Entered instance
c: Was kicked out do to failure
Well, remove all gold from character and friend, and any purchases done between the time it occured and the great server reset.
Yeah, slighly punative form (nuke ALL gold rather than just created gold, nuke ALL duped items including source of duping), but easy enough to do, effective, and FUN.
Who wants to be that Blizzard's Database servers are grinding these queries now?
The reported bug:
On a heavily loaded server: You give your gold/item to a friend. You then enter an instance area. If you load, fine, no bug. If not, and it kicks you out after 1 minute (due to load), you still have your gold.
So obviously what is happening is that the "Failed to load" instance response is going back to some character checkpoint previously created, with this checkpoint being somewhat older.
The fix (which will probably be put in place by now) is to checkpoint the character when he/she attempts to enter an instance. So you aren't gonna be able to exploit this bug anymore. Sorry, 1AM3 CH3373RZ!
Also, if blizzard DID serial # all items, then it will be a pretty simple script to prune the duplicated items. But as they probably don't serial # gold, it might still have some economic disruption.
The previous cybersecurity position in the DHS (where the directors had the job expectation of a Drummer in Spinal Tap) was several rungs lower on the totem pole.
Making it an assistant secretary position is a big increase in authority, which should (hopefully) translate into some significant action.
So you can hack a software player to store the stream. In other news, Water is Wet.
My My, what a shocking change....
I guess it means that with the new DRM technology, it really IS no longer your computer.
This vulnerability, in order to discover that it exists, requires exploitation. A system will NOT reply with any information about it being vulnerable unless the scan contains an exploit code which generates a response.
Thus, because of this restriction (you need to exploit to scan, and you need to know the exploit to create a scanner), you wouldn't scan to create a hitlist, you would either know the hitlist in advance through some other means (an insider?) or just release the worm without a hitlist.
You can't really scan for this vulnerability. Any scanner for the vulnerability has to be scan & exploit, as it is only when the personal firewall receives and interprets the packet that you know if it is vulnerable. There is no response sent back which tells you that it is vulnerable, UNLESS you actually send an exploit packet.
In which case, why hitlist? You just write the whole worm.
Thus in order to create the hitlist, specialized knowledge (the customers in the hitlist) would be needed.
The pRNG bug was really subtle:
,which is what you want in a worm (but not necessarily in a random number). But concating the two 16 bit values together doesnt' cover the whole space. So its a very subtle bug, caused by the attacker being a bit TOO sophisticated.
The attacker could have just as easily protected himself by patching or removing ISS, so he didn't need self protection.
And the flaw was the case of the attacker being too subtle and proper. If you read Knuth, it says to use only the lower 16 bits of a 32 bit linear congruential pRNG, as only the lower 16 bits are reasonably random.
So the attacker called the pRNG twice, concating together the lower 16 bits of each try to create the target address.
The problem is, the linear congruential generator is a 32 bit permutation: if you just take the value it will cover the whole address space
And some of the 10% still got infected: eg, if they were snooping the wire to protect other systems.
At the time, Dan and I did not know it was a Hitlist, we thought it was a botnet.
Knowing that it WAS a hitlist (that the author couldn't have scanned for in advance), makes it seem more likely that the author was an insider, someone with a relationship to ISS, rather than an outsider who worked fast, as the attacker had to know, in advance, the vulnerable systems needed to create the hitlist.
Unlike most other vulnerabilities, you really couldn't scan for the ISS vulnerability WITHOUT actually exploiting it. Thus the hitlist had to be based on a-priori knowledge rather than reconnisance.
LCG gives a 32 bit number, but only the lower 16 really look good for "random". So, following the Knuth recommendation, LCG was called twice, to create the upper and lower halves of the address.
This is the bug: For a worm you don't want random, you want random COVERAGE. By doing the concatination, about 10% of the 32 bit address space is never generated.
The flaw for patient 0 was different: It was simply running different code, so it produced different random numbers.