I may be mistaken, but the ESRB ratings are not mandatory, they are voluntary. The article seems to suggest that:
The U.S. video gaming industry submits to ratings on a voluntary basis, and the system is similar to movie ratings
There are very few details in the article, but it seems to me it just makes ratings such as the ESRB mandatory, as well as parental controls in consoles. So nothing new, just requiring what is already being done.
Yes, but a parent might be okay buying a game for a child with bad language, but not want to buy a game with realistic violence and nudity. I see this as a way of helping parents make informed decisions.
We received 134 submissions for the Pwnie Awards, of which we've
selected 37 nominees. Please select an award category from the list
above to see the nominees.
The winners of the Pwnie Awards will be anounced on August 6, 2008 at a
ceremony at the BlackHat USA conference in Las Vegas.
Pwnie for Best Server-Side Bug
Awarded to the person who discovered the most technically sophisticated
and interesting server-side bug. This includes any software that is
accessible remotely without using user interaction.
Not only did Alex Wheeler and Ryan Smith lay claim to a lucky CVE
number, they also laid down the law with a remote kernel code execution
vulnerability that was
exploitable in the default firewall configuration on Windows XP, 2003
and Vista. Despite the SWI team's claim
that its exploitation is "unlikely in real-world conditions", Kostya
Kortchinsky was able to develop a highly reliable exploit
for this vulnerability.
NetWare kernel DCERPC stack buffer overflow
Discovered by: Nicolas Pouvesle
At REcon 2008, Nicolas Pouvesle demonstrated some amazing NetWare-Fu
with his kernel exploitation techniques and staged payloads for a stack
overflow in the DCERPC stack in the NetWare kernel. Besides impressing
everyone at the conference (not to mention all of the Quebecois women
around Montreal), he also struck fear into the hearts of NetWare
administrators everywhere. All three of them.
This vulnerability also shows how there can often be similar
vulnerabilities in different implementations of the same functionality.
And when a vulnerability in one implementation is found and fixed,
similar bugs in other implementations may go unnoticed for a while.
What does it take to make a vendor like Novell audit their DCERPC code
for simple vulnerabilities? A widespread worm exploiting a stack
overflow in the Microsoft DCERPC stack, crippling large portions of the
Internet, and supposedly causing a blackout of the entire East Coast of
the USA? Apparently not.
This vulnerability was a remote command injection in the recipient
e-mail address of an e-mail message examined by the ClamAV open-source
AntiVirus scanner. In a nod to 1993, ClamAV called sendmail with
popen(), placing the recipient e-mail address right there in the
command. With open source anti-virus products, Linus's Law
clearly does hold: "Given enough eyeballs, all bugs shallow", even the
ones that we knew about fifteen years ago.
Developers are a relatively small subset of users. Arguably, they should be somewhat more aware of the risks/vulnerabilities in the browsers they are using.
Jury-rigged wifi extenders typically aren't the most reliable things in the world. They also tend to be unidirectional, though omni-direction is possible, you don't get as much gain. You also need to power them, as well as connect them back to the Internet at some point. In the end it all costs money, and someone needs to pay for it.
In fact, telecommunications outside the few large cities that Canada has is limited to the most basic of service levels.
You are generalizing quite a bit. Cellular and high speed internet coverage in some rural areas is amazing. How about a town of http://www.sasktel.com/Store/popups/hsb_communities.htm (see Davidson: http://en.wikipedia.org/wiki/Davidson%2C_Saskatchewan).
It doesn't matter how few security issues have been found in whatever OS you're trying to install. Patching of a newly installed OS should always be done before it is exposed to the Internet.
I check the referrer header for images on some sites, not for security, but for reducing bandwidth thieves doing hotlinking. On more than one occasion folks have linked to images on busy forum sites which costs me bandwidth.
Checking that the referrer is either the local site or blank reduces that bandwidth waste to virtually zero. Yes, some will still get through, but the few minutes it takes to add to the virtual host configuration in Apache is well worth it.
As others have stated, your best bet is to pick up a Linksys or other router and place it in between your system and the Internet. If your Ubuntu crashes, you're in the same boat.
It's not about the hardware. Most companies don't care about the $2000-$3000 replacement cost. Its the data, or worse yet, having to disclose that you have potentially exposed customer data that they really want to avoid.
Normally, you would think buying the bulkier item would result in greater savings. That's not always the case anymore. I've noticed this a few times, especially at Walmart. Picked up some new blades for my razor. 4 Pack was about $14. 8 Pack was over $31. No difference otherwise. Does this mean Walmart is praying on those who are bad at math?
It sort of depends. If you're using the battery in the cold, it will discharge more quickly. If you're storing the battery, it will last longer in the cold. That's why those of us in a cold climate sometimes use a battery blanket (electric warmer) to keep the battery warm on those cold mornings.
http://chemistry.about.com/od/howthingsworkfaqs/f/coldbattery.htm
Apparently I should have quoted the entire paragraph since you still didn't read the article: If the companies violate any of these new restrictions, they could face civil and criminal penalties of up to $2 million, and aggrieved citizens (those who have suffered from the companies' violations, like the Chinese dissidents discussed above) are free to pursue punitive damages and other legal remedies from the offenders.
So, "aggrieved citizens" can still go after whatever they want in punitive damages. Sue for whatever you want. The FINE is capped at $2,000,000.
Slashdot Mirror
Yes, this is a simple way: https://www.dns-oarc.net/oarc/services/porttest
Who says they'll be two warnings? This is just forcing a warning be on the box... to the best of my knowledge, the warnings today are voluntary.
I may be mistaken, but the ESRB ratings are not mandatory, they are voluntary. The article seems to suggest that:
The U.S. video gaming industry submits to ratings on a voluntary basis, and the system is similar to movie ratings
There are very few details in the article, but it seems to me it just makes ratings such as the ESRB mandatory, as well as parental controls in consoles. So nothing new, just requiring what is already being done.
Yes, but a parent might be okay buying a game for a child with bad language, but not want to buy a game with realistic violence and nudity. I see this as a way of helping parents make informed decisions.
I really don't see what the problem is with clearly identifying what may be considered to some as objectionable content.
Nominees
We received 134 submissions for the Pwnie Awards, of which we've selected 37 nominees. Please select an award category from the list above to see the nominees.
The winners of the Pwnie Awards will be anounced on August 6, 2008 at a ceremony at the BlackHat USA conference in Las Vegas.
Pwnie for Best Server-Side Bug
Awarded to the person who discovered the most technically sophisticated and interesting server-side bug. This includes any software that is accessible remotely without using user interaction.
Windows IGMP kernel vulnerability (CVE-2007-0069)
Discovered by: Alex Wheeler and Ryan Smith
Not only did Alex Wheeler and Ryan Smith lay claim to a lucky CVE number, they also laid down the law with a remote kernel code execution vulnerability that was exploitable in the default firewall configuration on Windows XP, 2003 and Vista. Despite the SWI team's claim that its exploitation is "unlikely in real-world conditions", Kostya Kortchinsky was able to develop a highly reliable exploit for this vulnerability.
NetWare kernel DCERPC stack buffer overflow
Discovered by: Nicolas Pouvesle
At REcon 2008, Nicolas Pouvesle demonstrated some amazing NetWare-Fu with his kernel exploitation techniques and staged payloads for a stack overflow in the DCERPC stack in the NetWare kernel. Besides impressing everyone at the conference (not to mention all of the Quebecois women around Montreal), he also struck fear into the hearts of NetWare administrators everywhere. All three of them.
This vulnerability also shows how there can often be similar vulnerabilities in different implementations of the same functionality. And when a vulnerability in one implementation is found and fixed, similar bugs in other implementations may go unnoticed for a while. What does it take to make a vendor like Novell audit their DCERPC code for simple vulnerabilities? A widespread worm exploiting a stack overflow in the Microsoft DCERPC stack, crippling large portions of the Internet, and supposedly causing a blackout of the entire East Coast of the USA? Apparently not.
ClamAV Remote Command Execution (CVE-2007-4560)
Discovered by: Nikolaos Rangos
This vulnerability was a remote command injection in the recipient e-mail address of an e-mail message examined by the ClamAV open-source AntiVirus scanner. In a nod to 1993, ClamAV called sendmail with popen(), placing the recipient e-mail address right there in the command. With open source anti-virus products, Linus's Law clearly does hold: "Given enough eyeballs, all bugs shallow", even the ones that we knew about fifteen years ago.
SQL Server 200
You mean like Bitlocker or EFS?
No, its jury rigged http://en.wikipedia.org/wiki/Jury_rigged
Developers are a relatively small subset of users. Arguably, they should be somewhat more aware of the risks/vulnerabilities in the browsers they are using.
Jury-rigged wifi extenders typically aren't the most reliable things in the world. They also tend to be unidirectional, though omni-direction is possible, you don't get as much gain. You also need to power them, as well as connect them back to the Internet at some point. In the end it all costs money, and someone needs to pay for it.
cell phone coverage in rural Canada is a joke.
I didn't refute that point specifically, but here you go, its not a joke: http://www.sasktel.com/personal/mobility/coverage/coverage.html
In fact, telecommunications outside the few large cities that Canada has is limited to the most basic of service levels.
So do you consider 958 people to be a large Canadian city?
cell phone coverage in rural Canada is a joke.
In fact, telecommunications outside the few large cities that Canada has is limited to the most basic of service levels.
You are generalizing quite a bit. Cellular and high speed internet coverage in some rural areas is amazing. How about a town of http://www.sasktel.com/Store/popups/hsb_communities.htm (see Davidson: http://en.wikipedia.org/wiki/Davidson%2C_Saskatchewan).
The far north however, is a different story
If you don't like giving out Halloween candy, don't answer the door.
Its more like my neighbour handing out the candy I bought. He gets the "credit" while I paid for the goodies.
It doesn't matter how few security issues have been found in whatever OS you're trying to install. Patching of a newly installed OS should always be done before it is exposed to the Internet.
I check the referrer header for images on some sites, not for security, but for reducing bandwidth thieves doing hotlinking. On more than one occasion folks have linked to images on busy forum sites which costs me bandwidth. Checking that the referrer is either the local site or blank reduces that bandwidth waste to virtually zero. Yes, some will still get through, but the few minutes it takes to add to the virtual host configuration in Apache is well worth it.
Come to think of it, I'd guess that only U.S. geeks are aware of this "OpenMoko" phone.
You'd be wrong.
As others have stated, your best bet is to pick up a Linksys or other router and place it in between your system and the Internet. If your Ubuntu crashes, you're in the same boat.
Except your Unix/Linux server is probably using BIND , and ISC has released a patch (and lots more information): http://www.isc.org/index.pl?/sw/bind/bind-security.php
It's not about the hardware. Most companies don't care about the $2000-$3000 replacement cost. Its the data, or worse yet, having to disclose that you have potentially exposed customer data that they really want to avoid.
Truecrypt or similar commercial offerings are available and reliable. Protect your data and ours.
Nibbler?
Normally, you would think buying the bulkier item would result in greater savings. That's not always the case anymore. I've noticed this a few times, especially at Walmart. Picked up some new blades for my razor. 4 Pack was about $14. 8 Pack was over $31. No difference otherwise. Does this mean Walmart is praying on those who are bad at math?
It sort of depends. If you're using the battery in the cold, it will discharge more quickly. If you're storing the battery, it will last longer in the cold. That's why those of us in a cold climate sometimes use a battery blanket (electric warmer) to keep the battery warm on those cold mornings. http://chemistry.about.com/od/howthingsworkfaqs/f/coldbattery.htm
1. Fedora is not a production OS
2. FF3 is due out in the near future, so F9 will have the current release then, as opposed to the old version 2.
Apparently I should have quoted the entire paragraph since you still didn't read the article:
If the companies violate any of these new restrictions, they could face civil and criminal penalties of up to $2 million, and aggrieved citizens (those who have suffered from the companies' violations, like the Chinese dissidents discussed above) are free to pursue punitive damages and other legal remedies from the offenders.
So, "aggrieved citizens" can still go after whatever they want in punitive damages. Sue for whatever you want. The FINE is capped at $2,000,000.