Slashdot Mirror


User: WNight

WNight's activity in the archive.

Stories
0
Comments
6,024
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 6,024

  1. Re:+5 insightful on What is Wrong With Game Development? · · Score: 1

    Oh yeah, yet another mario or zelda clone! Wow, Nintendo is so much fun.

    Playing Nintendo games is the intellectual equivalent of being a co-driver in NASCAR. "Left. Left. Straight. Left. Left. Straight."

    It's trivial to shit hit games when the bar is so low.

  2. No need to byzantine systems on ISP Operator Barry Shein Answers Spam Questions · · Score: 3, Insightful

    I advocate simple responsibility and ostrasizing offenders.

    We need to sign backbone providers up for a blackhole systems. Then blackhole open relays and spam-friendly ISPs.

    If an ISP's client's email doesn't reach 5% of the net, the client's going to blame the target systems. If that client can't email anyone who isn't on his ISP, he's going to blame his ISP. This is why we need a large percentage of backbone providers signed up. We need to make it look like a serious problem, not a normal glitch.

    ISPs would probably want to have an account type of people who send more than 100 messages per day, or more than ten copies (non-CCs) of a single message. People with these accounts can be more closely monitored and if someone with a regular account sends out a few hundred spam before being caught, it's not that big of a deal.

    We've shown that companies won't disconnect a paying customer until everyone else complains. We need a way to make complaints heard, and an above-reproach spam-listing service to direct the complaints. The service needs to be run by a wide sampling of people and all spam submitted needs to be publicly visible. Anything less opens it up to charges of discrimination. Also, having a strictly documented procedure helps if they're sued by a spammer for defamation.

    It needs to be established that while you paid for the pipe for the ability to send data, I am free to choose if I want to listen to you. It's not censorship if everyone decides to ignore you.

  3. Re:A simple solution on Getting Hacked Through Your Terminal · · Score: 1

    I know this is a joke, but it's really worth thinking about for a second.

    In a true stateless protocol people need to send a request that ammounts to "send me /etc/passwd" or "echo foo > /etc/...". You're unlikely to honor this and some simple checks can make sure you don't write to the wrong place.

    Many bugs are in the user-identification and verification routines. Web sites let you do, if you've got the right cookie, nasty things that they shouldn't let you do. Not only does your initial verification need to be secure, but your storing of cookie data in such a way as to let the user back on, with access, needs to be fairly secure. Providing state introduces many bugs you otherwise wouldn't have.

    Now, this isn't to say that everything should be stateless, but that you should think about how much time you save by letting people not enter their password at every use, versus the potential risks. Especially if you're coding the security sections yourself. Trusting .htaccess is pretty easy, Apache gets a lot of testing. Trusting your perl CGI script you coded the night before...

  4. Re:C99 Solves This on Linus Has Harsh Words For Itanium · · Score: 1

    As another guy said, think of it as "GPL Incorporated".

    Until I get my cheque, I'm going to have a hard time thinking of it as a business. It seems a lot like friends helping friends, except for IBM and a few companies.

    I think IBM and Sun should be investigated for dumping, releasing Linux and Open Office is pretty obviously aimed at MS. But, after you've proved that both are completely guilty, slap them on the wrist, fine them $100M each, and let them pay the fine with copies of their software. If you're applying the same laws it's only fair that you apply the same penalties...

    you say that BeOS didn't compete with Linux because they were in different markets

    You yourself claimed that geeks don't pay for software. And to some degree it's true, not because they need to pirate, but because so much good software is free. So which OS is going to compete more with BeOS? BeOS costs money, and was largely about their new intuitive interface. It was made by Mac people. Without Linux I might have been a BeOS user, but probably not. The only thing drawing me away from windows games is Free-as-in-Freedom software. But, if Windows didn't exist and the only choices on x86 were Linux and BeOS (both circa '99) almost all of the non-geeks (a much larger crowd) would be on BeOS. MS also has the larger market by far.

    Therefore, if you were to remove one of the competitors to help BeOS, I think MS would have been the one to go.

    Nuking an entire city is no different than shooting the enemy with a rifle, except in scale.

    I agree. If you scaled up the rifle analogy until everyone in the city was dead, nuking them would have had little practical difference. Dead is dead.

  5. Re:Misleading title on Nethack 3.4.1 Released · · Score: 1

    Very clever of you to obfuscate Dnabgna's true name to prevent the unwary falling into the shadows of blue.

  6. Re:Modern 3D-Accellerated Version! on Nethack 3.4.1 Released · · Score: 1

    Read the message under your parent post. It's not a joke.

  7. Re:A double-edged sword... on Open Source Code And War · · Score: 1

    You have plenty of claim, it is your software, and you hold the copyright. Ever heard of EULA's, GPL, etc.?

    If you sell your software you lose all control over it except where laws dictate someone's behaviour with it. You don't have to tell someone not to copy it, federal law handles that. You don't have to tell someone not to break into a bank with it, federal law handles that too.

    You can't regain any control with an EULA. Contracts much be consensual and must offer consideration to both parties. EULAs aren't consensual because there's no way to refuse and still use the product you own. They don't offer consideration because all they can offer is the use of the software you already own, a $0 value now that you paid for it.

    And, the first sale doctrine means you can't exert any control on your product after-sale, such as to forbid later sales, etc.

  8. Re:"One Linux operator can manage 45 computers whi on Linux in High School Labs · · Score: 1

    I thought anyone that used purely binary packages was a clueless n00b.

    Nobody knowledgable recompiles without a reason. Doing so is superstitious.

    As far as securing IIS, you d/l a patch, big deal.

    Unless that patch has bundled features you don't want. Then you're hooped. Microsoft is notorious for bundling "features" that users don't want (DRM is the latest) with patches. Sometimes individual patches are available, if you really want to do things the hard way, sometimes not.

    Apache you patch the source, recompile, and then you're done.

    You have the option of downloading the newest version, or a binary patch for it, if you wish. Just like with IIS.

    But you *also* have the option to keep exactly the same setup as before, yet fix the bug by patching. You can inspect the contents of the patch if you wish to make sure nothing else was changed.

    when I set up certain PHP apps that require --enable-track-vars

    There are usually kitchen-sink builds of things available. Even if not, you can build once and share binaries.

    You're complaining that Linux gives you choices, but you don't have to compile packages. You're complaining that it's powerful, but you don't have to install and tweak PHP. If you want a simple website you can use out-of-the-box Apache and even out-of-the-box PHP in as little time as it takes to setup IIS.

    You made ridiculous claims about administering a unix server that makes it clear you've either never done it, or you're at the clueless n00b stage, to use your phrase.

  9. Re:C99 Solves This on Linus Has Harsh Words For Itanium · · Score: 1

    If volunteers can't produce a better a better product than the industry, they don't deserve immunity from laws against product-dumping and anti-trust.

    So if someone in my neighborhood owns a lawn-care service I shouldn't be able to do this free for my inlaws?

    If there's a consultant willing to debug windows problems I should be required to bill my grandmother a competitive rate?

    If there's a portable-seat vendor at a concert I shouldn't be able to sit on the grass?

    Those propositions are ridiculous, yet they're a direct and obvious extension of not being able to create something for free without being under business laws.

    I think IBM's actions in donating to open source projects should be investigated as possibly being dumping, but applying these rules to non-businesses is nuts.

    [I] blame MSFT for the death of BeOS
    "can you burn me a copy?" - Hypothetical Geek

    If geeks aren't willing to pay for anything, a proposition of yours, then Linux wouldn't cut into the market share for BeOS. Only non-free operating systems are in this market, and as such, Linux couldn't possibly be to blame.

    every geek who cares will still be "can you burn me a copy?" to their friends. No sale.

    And let's return to this... You make it sound as if the software business is futile because some copying equates to everyone copying. How is Microsoft making money now? The answer is that people pay for their software despite cheaper and free alternatives, including warez copies, and there's no reason to think that customers would all stop paying if Microsoft released Linux software.

    please explain how a variety of hardware companies bundling Linux for free is more fair and beneficial to consumers than one software company bundling IE.

    Quality of products aside, bundling Linux with a computer makes it a usable product, much like shipping cars with tires and gas. And there's no attempted lock-in where Linux depends on undocumented hardware to function; those systems don't produce intentional error messages when used with a non-Linux OS as a form of FUD.

    And, fundamentally, things done for free must be evaluated differently than those done for profit. Providing helpful instructions to a stranger is no different, except in scale, from providing an operating system to allow them to use their computer.

  10. Re:"One Linux operator can manage 45 computers whi on Linux in High School Labs · · Score: 1

    Look at my sig sucka!

    "Zero Mag"? Never heard of it.

    Why wouldn't you patch IIS for code red before you put it in your networks DMZ?

    I didn't say you would. I was making a joke about the only way an install gets easier than Apache is for the app to already be there. Setting up Apache for static web serving takes perhaps ten minutes, including downloading the latest package.

    I'm sure you can secure IIS fairly well, but by the time you do, you've put in enough work you can't claim it's "out of the box" anymore.

    How closely have you worked with the windows registry?

    Not relevant. I wasn't claiming you can't do things in Windows, or that the only way to install IIS is by typing in its registry keys by hand.

    You made wild claims about Apache being hard and slow to install and talked about compile-time as one of the factors. You don't have to compile it, so it's a red herring. I was pointing that out. Were you 1) lying or 2) really clueless?

  11. Re:C99 Solves This on Linus Has Harsh Words For Itanium · · Score: 1

    No, MSFT would not benefit. They would have to exchange a highly lucrative business model for one that's dubious at best.
    For Microsoft it hurts because for them software is a product.

    MSFT could easily benefit. They've proven that people don't care what they buy, as long as it has an MS label on it. If they ripped half their OS out and replaced it with LGPL'd components they'd still be able to charge just as much but their maintenance costs on that software would be lower.

    Even if they switched over night to Linux, and just sold a .NET framework and a WinXP theme for X, they could legitimately sell it for what they sell XP for now. How is that not benefit? (And theoretically it's value-added, so the consumer would benefit too.)

    show me hard statistical analysis to indicate ...

    There's no "hard statistical evidence" for most things we know. GNU/Linux improved the diversity of operating systems. Everything that was there before, is still there, and now there's Linux as well. How does that not improve diversity?

    There is nothing that can prevent a GPL'd software from dominating a sector.

    If a company can't actually innovate and find a way to improve their product over the current state of the art, then sure, GPL'd software will win out. Microsoft talks about how they need to be free to innovate, surely their product is better than everything else because of this... Any company providing anything of value (something that can't be cloned in ten minutes) can sell it, companies not provide any value above what the free tools provide, will go away.

    We treat "industry" these days like a fragile and whiny child. God forbid anything "hurts the industry". It's crap. If "the industry" can't produce a better product than a bunch of volunteers, they don't deserve to be in business.

    Your sig talks about how work on GPL'd software helps businesses, but your message talks about how it hurts them. Which is it?

  12. Re:"One Linux operator can manage 45 computers whi on Linux in High School Labs · · Score: 1

    It takes you forever to install Apache because, quite frankly, you sound like you don't have a clue.

    Why bother compiling Apache? No binary packages available for your platform? You're lucky you're using Linux/Apache because nothing MS makes would work then. Or are you just spewing FUD? You have the option to compile Apache, you don't have to.

    How hard would it be to install IIS on Win2k Pro, where it's not installed by default? Harder than downloading a .rpm, I'm sure.

    You want Apache to come on at run levels 3,4, and 5?

    # chkconfig --level 345 httpd on

    That was hard. The only thing easier is installing 2k Server and having IIS running in Code-Red-Reception mode by default.

    The configuration is all in one file. Want to configure a backup server? It takes only seconds to scp the config file over and it's working.

    Apache *can* get difficult, but that's like blaming Oracle for being overly complex because it offers those annoying transactions. If you're trying to configure a bunch of aliases, to silently pass .html files to PHP in certain directories, and other non-standard things you will have to read and edit a config file. Really though, it's easier to type commands than click on checkboxes and fill in data fields.

    Windows is friendlier, but you can't seriously say its configuration interface is more powerful or faster.

  13. Re:C99 Solves This on Linus Has Harsh Words For Itanium · · Score: 1

    > Think free as in "working for IBM without getting paid".

    The misconception here is caused by not realizing that while IBM benefits from GNU/Linux, the GPL means that it's not exclusively IBM who benefits. Hell, even Microsoft could benefit if they pulled their collective head out of their ass.

    Having a popular, free, multi-platform OS doesn't help one company, or hurt another, it helps the consumers by ensuring that there's a healthy selection of companies to work with. IBM might be benefitting now (good for them) but they're also ensuring that neither they, nor any other computer company, will be so dominant again.

  14. Re:Linus too Harsh on Linus Has Harsh Words For Itanium · · Score: 1

    No, the point is that you can throw in features that will slow some things down 64bit as long as you're on a general upward curve because the average consumer will buy the machine and it'll still be faster than their last one. Not as fast, perhaps, as if they'd bought a 32bit machine, but fast enough they won't notice.

    If gas prices were dropping 25% a year, your compact would always be cheaper to operate than his SUV, but in two years or so, his SUV would be cheaper than your compact is now, and if those were the two points in his budget, his SUV is now as cheap as it needs to be. In other words, that 64bit computer may be 5% slower on most tasks, but as long as the 25% (or whatever) useful speed increase you see per year means that it's fast enough to play Doom3, nobody will notice.

    As for how much slower a 64bit machine is, it's debatable. If you do nothing but manipulate 64bit pointers, it might be half the speed. In high-performance code that chews through a lot of data, it's unlikely to be measurable because you're going to set a single pointer and read data linearly for a while. I suspect that except for a few unrealistic benchmarks the difference will be 2% or less.

    I wonder, in any given snapshot of L1 or L2 cache, how much consists of pointers?

  15. Re:An odd request on A 1974 Review of D&D · · Score: 1

    You're serious aren't you?

    That's tragic. Do you believe in Superman too? How about Uri Geller and his spoon bending?

    Be reasonable. Ditch the religion, ditch the primitive fear of magic. The world is a lot more exciting if you don't try to explain everything with a god and evil spells.

  16. Re:$10, Cheap! on A 1974 Review of D&D · · Score: 1

    Why not use cardboard with pictures of the unit glued onto it? You can easily fold the base so it'll stand up, and it might cost $40 for a huge army, not $400 for a small one.

    It's not as pretty, but this way you can get down to playing the game.

  17. Re:Don't blame the people, blame the two parties on Bookseller Purges Records to Avoid PATRIOT Act · · Score: 1

    As ChristTrekker pointed out, IRV has the same issues as Plurality Voting, you end up voting strategically. Approval Voting is another method. Not as good as Condorcet, but easier to explain in a bar.

    The problem with presidential elections is that once you fairly count all the votes, you still can only have one president. If this guy gets ten more votes than the other, you've got to elect him. It can still come down to very close races. Approval/Condorcet voting just make the process more accurate.

    If we had proportional representation the EC wouldn't be so bad for congress/senate elections. We'd use the numbers of voters for each party to determine which party gets seats, and we'd use the relative popularity in each district to determine which representative from that party gets in. The only problem with the EC is that districts are drawn with a political agenda and they aren't required to vote the same as the people.

    Districts can be drawn to magnify or marginalize a minority opinion. If you've got a polarized situation where you can be quite sure how someone will vote (perhaps racially in racist areas) you can draw a district to include 40% black, 60% whites, so that the black votes are lost. Alternatively, you draw the district to have 60% blacks and their votes control the district. Sometimes you combine the two. Let's say the area is 50/50 black/white, but you want to make sure the black voices aren't heard. You lump many black voices into a few 100% black districts, then you draw 45% black/55% white districts for the rest. You've sacrificed a few districts to control the majority.

    The districts were intended to magnify minority votes. A 5% black population would be lost in the crowd if their state voted together. If you divide it into areas though and one of those areas included many blacks, they've got a good chance at getting a representative.

    Now these lines tend to be drawn around economic and population density lines. Poor-to-middle city dwellers vote strongly Dem, Rich and urban residents vote strongly GOP. If you lump a rich area in with a larger poor area, you've drowned out the vote for the Republicans. If you divide the city into pie slices, each encompasing a larger urban area, you drown out the Democrats.

    With some oversight, making sure that these districts weren't created with a motive, the system helps produce fair results. The Electoral college does have a valid purpose...

  18. Re:Actually, how it works: on Linux Xbox Project Seeks Microsoft Signature · · Score: 1

    This whole tactic didn't work well in court. You can't copyright non-creative works and the simplest way to make something work is never creative. This means, if you must put a given string into the boot code, it's now just a way to make a sega dreamcast boot, not a copyrighted string, at least for those purposes.

    Ditto with trademarks. You can't trademark anything functional, if your company makes cars you can't trademark a picture of a car, you have to trademark a brand name that isn't "Car" or "Vehicle", something like "Ford" or "GM" is okay.

    If your name is the only way to make something work, it's functional, and doesn't have much trademark protection. In other words, if I can show a court that I *must* use your trademark to make something work, it's a defense against unauthorized use of that trademark.

    Anyways, the long and short of this is, if you wish to lose your corporate trademark, feel free to put it in your boot code. It won't stop anything because courts aren't fond of anti-competitive practices, and it could end up invalidating your trademark if you're not careful.

    Of course, a big company like Sega/Sony/Microsoft/Nintendo can afford to crush a little company, regardless of the "right" outcome, but if your opponent can afford a legal battle, you've already lost.

  19. Re:Hmm.. on Symantec Claims They Knew About Slammer In Advance · · Score: 1

    Not just data loss.. Almost every component in your computer has a flashable BIOS. Even HDs (at least IBM's) can be field upgraded. Once the virus finished infecting, and distributing your files, it could wipe the drive, install itself in the boot sector, and reboot. Once it's out of protected mode it can start flashing BIOSes, most equipment only uses the flash-ROM at boot so it'd keep running even after you'd sabotaged it. Then, start a low-level wipe of the drive and when that's done, up the CPU and RAM voltage as high as the board will go and overclock everything that can be software overclocked. (Video cards, CPUs, etc)

    It's all too easy. Nobody uses digital signing for bios upgrades (and if they do, it's the flashing program that checks, not the device itself, before accepting the upgrade).

    The question then it, if you want to spread confidential files as far as possible, what do you do with them to ensure they spread? Email them to random people? Post them on a newsgroup? Combine this with those kiddy-porn scanners. If you find illegal pictures, make sure you email them (from that person's account) to the authorities. Maybe email any large spread-sheets to the SEC just in case.

    We should think about these things. Ignoring them isn't going to keep them from happening, so we need to have an idea of what to do about it.

  20. Re:Hmm.. on Symantec Claims They Knew About Slammer In Advance · · Score: 1

    Slammer could have included a payload. Send the intrusion section ahead in a small UDP packet, have it contact its parent system as ask for the full executable after infection.

    Then, after your small payload virus has claimed millions of hosts, it switches to probing for more complex holes once it downloads the main executable. Scanning for more vulnerabilities, or with larger packets, slows you down so you don't want to do it as your first wave, but once you have a large base of operations you could scan the whole net in minutes. It could also try to penetrate firewalled segments. Perhaps by taking over web servers and using IE exploits, or getting people to download it. Or switch to being an email virus. Then once it detects being on a private segment it switches back to worm mode and hunts for more systems to infect.

  21. Re:So? on Symantec Claims They Knew About Slammer In Advance · · Score: 1

    In a science course, or something requiring actual skill? Oh, no. A *business* degree. They give those out in a box of wheaties.

    And did he get rich from scratch by building a company or something? Oh, no again. His daddy essentially bankrolled his aquisitions and even with that his track record isn't good.

    Here's a tip. "Getting Wealthy" doesn't count when you start wealthy. It's pretty easy to invest and make money, making enough money to be able to invest (beyond retirement savings) is where the difficulty is. Bill Gates's success isn't as impressive as Jobs', Jobs having started out in a garage with Woz. Gates went to Harvard for free, and was bankrolled by his parents with a interest free loan.

    I'm not saying he's a moron, but it doesn't take much for a rich kid to get a degree from a university and "succeed" in business.

  22. Re:So? on Symantec Claims They Knew About Slammer In Advance · · Score: 2, Interesting

    If Microsoft was better at releasing bug fixes in small packages, so that you could keep your server do exactly that it does now, but without a buffer overflow, people would update more often.

    Most admins are pretty trusting with Apache patches. Give them ten minutes of testing, mainly insure you didn't overwrite something during the install, and you're ready to go live. MS patches are larger and unwieldly. MS software also tends to have more unpredictable interactions than unix software. As a consequence, Unix admins who patch at all, tend to trust updates and patch more quickly. Of course not everyone will patch, many people have toy webservers they don't really admin, but that's beyond the scope of this.

    Unix software also tends to be smaller and call other programs instead of doing everything in one executable. As long as the interface between the two works, you can keep your bug testing isolated to the segment you're patching. (Upgrade PHP, run PHP tests, not full webserver-and-CGI tests.)

    Don't forget that MS themselves weren't in full compliance with this patch. There's the ability to auto-install updates, but they didn't for some reason. You'd think their admins would be the best, that they'd know all the tricks.

  23. Re:I love this on Opera Releases "Bork" Edition · · Score: 3, Insightful

    Fraud is all about intent and the honesty with which things are presented.

    If Bill wrote code that kept Oracle from running on Windows and publicized this, he'd be able to sell it (except for that monopoly thing, but run with this) because his product is still working as advertised. But when he writes secret code that makes Oracle appear broken, it's fraud. When other programs work properly, and one breaks, the natural assumption is that the broken program is at fault. If you intentionally break a program, and let people come to that conclusion, it's pretty much as dishonest as claiming outright that the program is broken.

    DR-DOS sued and won (well, whoever owned the husk of the company at that point, won) because of MS's quiet sabotage of their product. Likely Opera could, if this keeps happening, because it's essentially the same actions. And provably, Microsoft did detect Opera 7 specifically, and send it broken code. It's not just that they sent NS4.7 compatible code and Opera didn't like it. Opera faithfully rendered a badly layed out page, that microsoft designed to make it look like a sloppy browser error. It's pretty hard to claim that they intentionally detected Opera 7, created code just for it (not the same as sent to any other browser), and did it by accident. Especially as Opera 7 renders essentially identically to IE, there wasn't a reason for them to even have an Opera specific page, it's not like they can claim it was needed and they just screwed it up.

    Well, MS's just made another enemy, one who'll have an opportunity to present evidence against them at the trial in the EU. It's actually likely to cost MS a lot. The MS corporate line is that they have done stuff they aren't proud of, but that they're past that now. A nice current example of their dishonesty will really hurt in the judgement phase by showing that small judgements at teaching them.

  24. Re:Google has done similar things lately... on Opera Releases "Bork" Edition · · Score: 1

    I think this shows that they don't fiddle with the results. If they wanted to, those spamming companies would be blocked and you'd never find them. They're still returning honest results, more honest in fact, because when you search for those companies you are searching for spam, or a spammer, and they're returning relevant hits.

    Google has never claimed that searches are based only on page content, they're also based on links to a page, and other secret properties. So while lahostnet doesn't get ranked down, they do rank other things up near it to provide more accurate overall results.

  25. Re:One time pad w/man-in-middle and known plaintex on Israeli Firm Claims Unbreakable Encryption · · Score: 1

    Okay, back to MITMs then. :)

    Transmission = (Plaintext ^ OTP-bits) + MD5( Plaintext + 16bytes-of-OTP )

    Ok, we're both on the same wavelength. You can't let the attacker know everything that's being transmitted because then they can forge up a message digest for it.

    My idea was, if I may borrow your diagram ...
    Transmission = (OTP Bits ^ OTP Bits) + (Plaintext ^ OTP-bits) + md5(Plaintext + OTP Bits)

    Your transmission is smaller, uses less OTP material, and is a touch simpler to implement, yet should be just as secure. Congrats.

    Actually, to digress to key management for a sec, the "real" OTP never exists outside your encryption device because it's always derived from three completely random streams. This way for secure key creation you have Bob, Fred, and Joe each supply a CD (to each end) that they made themselves. This way multiple organizations can be sure there's no key-creator who can evesdrop, if they only pretended to destroy the key. Also, for inter-agency struggles, it's a good way to ensure that your agency is still involved later. As long as you contribue to the creation process, you are required to read the results, you can't be cut out.

    XOR and Modulus Addition (and thus subtraction) have the neat property that if any of the independent inputs (ie, yours isn't chosen based on mine) is random, the results are random. If we collaborate on keys I can't possible sabotage the process, as long as your keys are random. (And if we're all sabotaging it, it's doomed. :)

    If you're interested, I'm working on a project involving multi-party encryption.

    The idea is to allow secure, and secret, generation of verifiable random numbers. In short, shuffling a deck (or rolling dice) and being able to "show" them to specified players, and after the game, prove that the process was fair without having to reveal any non-public data (ie, what your face-down cards were). There's obviously no way to prevent collusion, in that I tell you what my card is, despite you not being able to "see" it yourself. But in that, it's just as secure as any physical game of cards; colluding gamblers can covertly signal each other in many ways yet people still play these games.