The music industry isn't going anywhere. Remember that they're "on their last" $200B leg.... Lots of change is coming, change that should have come long ago. That's the nature of business. The industry isn't going anywhere.
If you RTFA, there's expressed what I think is a very valid point.
If youtube forbids vids containing graphical violence, then why aren't all those people uploading videos of people getting tasered by police officers (for example) getting their accounts banned. You're dealing with cultural definitions and tolerances for graphic violence. My guess would be that Google is drawing the line at what is illegal for display in the UK (a much narrower range than the U.S. where graphic violence appears every night on network TV). Blame Google if you want, but I'm not sure that you are standing on solid ground. Then again, I don't know the specifics, and I'm guessing as to their rationale.
Now, if your point is that the men in nice dark suits can't accurately put a dollar figure on an ephemeral crime like hijacking CPU time and turning computers into spambots, I agree with you. That is exactly my point. More generally, you should always be highly skeptical when you see a dollar value assigned to any crime that isn't the physical theft of physical currency or items with direct, well-known, and stable cash value.
Dollar values are introduced in stories about crimes to make their impact more digestible for the masses. The problem is that, most crimes don't have a simple relationship to money. Bot net hijacking for example is a crime which, for the most part, involves the invasion of personal property. There's no dollar value to be assigned there, just as you don't assign a dollar value to breaking and entering (e.g. the cost of the window). Instead, you say, "this criminal broke into 100,000 people's homes." That has its own weight which does not relate to money at all. When you say, "this kid aided a gang of criminals in hijacking the computers of 100,000 people, you don't need money to understand the invasion of privacy and property, and in fact, any use of money to describe that crime probably devalues its impact.
Being Republican myself, I do not like censorship, which I guess is an oddity perhaps?
It only seems like an oddity because you think a single name can sum up your political orientation, especially one that doesn't really define any. It is actually little more than the name of a football team that has a high player turnover rate. I'm glad someone else notices the sports mentality of the arbitrarily polar U.S. party system.
As for the idea that reviews are somehow sacrosanct... it's a great idea. I've been ignoring review sites (other than my own) for years because of this. The only shocking thing here is that someone at Gamespot managed to get a negative review published before they were fired. It was really the publisher that was, I'm sure, taking the heat.
that figure comes from estimates of "economic losses" so are probably inflated or meaningless depending on where the sources come from.
What would be realistic? Lets say that he stole the use of 100,000 computers in his botnet. At 2Mil, each computer would have $20 in economic losses. And you've proven the point more eloquently than any of us could.
You're simply making up what you imagine to be his activities, and then making up figures to assign to that.
In reality, the number given is usually the combined salaries of everyone that the government and private organizations decided to put on the case. Thus, if a company has an IT security dept. of 3 and there are 3 government officials dealing with the case, then the "impact" is typically the salaries of all 6 times the amount of time that the case was ongoing. This is, of course, just as arbitrary as any other metric and most notably does not measure anything which can be reasonably termed "loss".
This Google search idea is kind of moot if the user uses some very basic password construction Step 1: visit (site might be down... service provider issues, grrr)
Step 2: download the source code
Step 3: come up with a decent password pattern (e.g. x3-4/x3-4/*/* which means two pseudo-words and two of any characters arranged in any order).
Step 4: Run the program a few times and pick a password you'll remember.
If you understand this, it should be obvious that digestion can be a fairly complex process, not all food is equal, and you can't measure the "calories" in a food as if you had a gas gauge. The part that kills me is that this isn't painfully obvious. If I eat cardboard, I can have all I like, but I won't gain weight, yet cardboard is a high-calorie substance. It's not as if the idea that different materials have different properties is new. What happened to make nutritionists think that the world *could* be that simple?
No, just no. There is no basis for that statement in fact.
That has been completely obliterated as a valid result with years of research. People who eat a high protein and fat diet, may lose weight or stay the same weight, but it isn't because you get free calories. It's because the body can't keep muscles on without sufficient protein, and nearly all of the protein ends up being broken down to make up for the fuel that isn't being absorbed from carbohydrates. This doesn't match my experience. Of course, I'm only one data point, and perhaps I'm a mutant, but I'm a very muscular person in my lower body. I've had no problems putting on muscle while on a low carb diet. What I have a problem with is coping with an influx of carbs. Sugar and simple starches can make me VERY unhappy in many ways (nervousness, diarrhea, etc.) Other than that, I've not seen the concerns you mention.
Not more of this low-carb propaganda bullshit. Calories make you fat, regardless of whether they come from fat, sugars, or starches. Hi.
me 4 years ago = 265lbs. me today = 235lbs. minimum wt. = 215lbs.
I've lost exactly as much as I needed to in order to fix a health problem (apnea), and kept that weight off for a number of years. How? I cut my carb intake by about 50-75% over the long haul. Before that I was gaining about 5-10lbs. per year over the course of my 20s and early 30s.
Do I still eat a high calorie diet? Yep. I'm a compulsive eater, and on a diet that involved eating less, I would fail. On a diet that involves eating differently I succeed. If you're interested in looking into this further, I suggest "The Carbohydrate Addict's Diet" as a starting place. I don't use that diet, but it's got some excellent info including an analysis of the endocrine response to carbohydrate-rich foods that's really a must for anyone who likes to eat, IMHO.
That said, no medicine hasn't been science for a long time. It's hopelessly corrupted by money-making enterprises that don't give a rat's petard about health or science.
A rootkit provides either control or access via external software that gains access to the system (as a trojan, worm, virus or manually planted). Wrong.
I wish you people would actually look up the definition of "rootkit" before expounding. I wish just once that someone would fail to lump me in with "you people". I've been in the security business for a long time (I'm mostly out of it now, but still do work on the side from time to time), and the definition that I used is one that most security professionals will use.
What's really scary is that your definition, "a rootkit is any piece of software that is specifically designed to hide its existence from the OS," is one that's been slowly creeping into the parlance and confusing people about what a rootkit really is. Malicious rootkits traditionally try to conceal themselves because it only makes sense to do so, however, that's not their purpose, and rootkits have existed which do not try to conceal themselves. There are also benign rootkits (typically tools of the security auditor's trade).
The purpose of a rootkit is to bundle the previously manual steps required to "root" a system (gain administrator privileges or otherwise subvert the system's security). That's it. Any program which does this is, in one way or another, a rootkit. Many viruses are also rootkits. Many worms are also rootkits. Many tools used by security professionals are also rootkits.
The terminology comes from the long history of Unix administration in which a single user, "root," has the keys to the kingdom, and gaining access to that user account gains you access to the system as a whole. Linux, being a Unix/POSIX clone adopted this monolithic security model, though there are modern tools (such as SE/Linux) which attempt to implement finer grained controls for Linux. Windows also has finer grained controls available, though they are rarely used. However, we still call tools that attempt to subvert system security, "rootkits."
I hope this helps to explain, and I hope that in the future you'll think before you assume that you're talking to just "you people."
The content industry (music, film etc) still seems to have no idea what the consumers want No... they know exactly what the consumers want, what the consumers say they want and what the analysts say the consumers say they want. They even know that all three of those are different things.
What they also know is that they're sitting on top of the world's most rigged market with stockholders demanding increasing profits. They're literally staring down the gun-barrel at their own extinction and trying desperately to figure out how they can dodge the bullet. They can't. They know they can't. That makes them desperate.
Now perhaps bizarre DRM and rootkits will start to make sense to you. They don't think these are reasonable actions that come without gobs of risk. They're just out of options.
Holy crap! - I can read all the words, but none of it makes any sense. It's like the took regular English words and gave them all different meanings. I haven't felt this uncomprehending in a loooong time - and even the dumbness felt from quantum chemistry pales to this. Well, a lot of it falls out of this:
What you described is a backdoor. Rootkit is an OS-level subversion program. Nope. A backdoor is something that passively allows access. A rootkit provides either control or access via external software that gains access to the system (as a trojan, worm, virus or manually planted).
Many rootkits consist of a means of installing a backdoor and not much else. In the Windows world, rootkits are essentially just ways of circumventing login, since true user security is rarely implemented. It's true that you *could* configure a Windows system so that a program running as the primary user would have no way to subvert the system's security, but typically "rootkits" under Windows just ignore such systems as not being worth the effort. They're typically interested in creating legions of zombied systems or installing keyloggers as widely as possible, and ignore the small fraction of well configured systems.
Much as I would love to be Windows free, there are still many games that WINE simply cannot run, and more still that it cannot run with acceptable performance. If it doesn't run under wine, it's not a game, it's a waste of plastic and aluminum film.
Wine is my platform of choice and it behave just fine for me when running software from companies that take the time to treat their users well. Specifically, I've yet to see a game from Blizzard not run. Heck, even most Microsoft games run just fine. What doesn't run well is games from little companies that don't have the resources to write their own code, so they buy someone's hackish garbage game development platform.
Smart people don't just throw caution to the wind and say "well, they already have avenues of attack, so I just won't prevent new ones from springing up". Ah... no.
No one is saying that. What we're saying is that Warden (what a horrible choice for a name) is that, in response to one specific "what if" question about some third party with access to your machine making Warden do something naughty, "if they have access to your machine, then the fact that they can modify Warden to do something naughty is moot... they can modify ANY program on your system to do something naughty."
Well, they could use a better design. This whole problem is cause because gold is so important to the game.
They could minimize these problems with a number of basic fixes. 1) Don't allow the AH to sell anything for more then 5 times the vendor cost. Which results in artificial control of the market, which primarily impacts those who don't have enough gold to exploit the system, and results in anything that's unreasonably capped being sold player-to-player outside the auction house. Turns out economies (virtual or not) are quite resilient to this kind of ham-handed attempt at control.
2) Lower the cost of items. How you can charge 5000 Gold to learn to use a mount and not expect a spike in Gold selling and farming is beyond me. Actually, they did the reverse, and it's worked VERY well. The only people buying gold now are typically the newbies who need 10-100 gold to get started. 5000g costs an astronomical amount of money because it takes so long for a low-level player to get.
It's a root kit in that it can gain access to anything on your computer and send it to Blizzard. So can the World of Warcraft game itself. That's a rootkit too? Oh PS: rootkit != any invasion of privacy. Rootkits are specifically those programs that subvert the security of your system. This simply doesn't do that.
To trust warden is to trust that: they will never hire a bad dishonest employee, You can replace "warden" in that sentence with the name of any software you've ever run.
Maybe it's just the blogger's spin, but it seems this has the possibility to be a much more dangerous exploit. Well, 1) there's no exploit. They're not doing anything unusual other than obfuscating their scan for bots so that the bot authors don't immediately know how to avoid it. It's a short-lived arms race, but they can ban thousands of goldfarmer accounts with just a narrow window of technical superiority.
2) Any program can be more malicious and dangerous than it currently is. We don't judge a company based on what they might do tomorrow, we judge them on the basis of what they did today. Blizzard has yet to compromise the security of these end-user systems or their privacy. That's the bottom line.
Does the thing hide itself? No.
Can't you just uninstall WoW? Sure.
Ya, you don't know what it is doing Actually you know pretty well what it's been doing because with minor refinements, it's been doing just about the same thing for 3 years.
I think this is just the cheaters getting their panties in a twist. Ding!
Especially because it means the end to a real source of income for those who harvest gold Gold harvesting is easy. What's hard is maintaining your account for more than a week once you start trying to sell it online. This is why the pro gold farmers/sellers are all using level 1 accounts. At level 1 gold farming is a bit more difficult, so they have to abuse the game in order to profit. This program detects that kind of abuse, and THAT is why they're upset.
I canceled when they started adding things to their detection kit. When I saw it reading registry keys (regmon) it had NO business reading, I canceled. Did it need to read the activation keys for Windows? Absolutely not. I'm sorry to hear that.
Out of curiosity, how would you go about detecting keyloggers and/or bots without reading the registry? Or do you just feel that Blizzard shouldn't attempt to detect abuse? Myself, I'm a player and I WANT Blizzard to look for such abuse. If someone finds that Blizzard's bot is doing something that's actually wrong (e.g. sending personal data back to home base, not just reading the registry), then I'll be the first to pressure them to fix it. However, if they're just scanning for malicious software that doesn't actually seem like a problem.
It is CERTAINLY not a rootkit according to any definition I've ever heard.
If i had a WoW account i would be cancelling it this second, no videogame has the right to violate the privacy of my computer I recommend not canceling accounts that you pay money for on the basis of Slashdot articles... especially in this case, you'd be acting on horrible misinformation. There's no rootkit here, just a bot/keylogger scanner. That's it. Blizzard's malicious rampage to detect abuse and keep their game fun to play continues....
Given the fact that the randomly generated hash algorithm can be replaced at Blizzard's sole discretion with any other algorithm, including ones that retrieve and use personal, private and/or otherwise confidential information, with only their server to be required to know about the changes, this should be considered a very scary thing for the rest of us. I'm not a WoW player and don't particularly know the ins and outs of it EULA, but I can't imagine that that is covered at all in the license. Would a class-action suit be possible for this? I would certainly hope so. A class-action suit for what? Blizzard has written a program that checks to see if the user running the game a) has a keylogger installed (a HUGE problem with WoW) or b) is using a bot to control the game. Neither of these is malicious or harmful. People are freaking out over nothing because the gold farmers are actively seeking to put pressure on Blizzard to relax their efforts to curb automatic control over the game. Let em whine.
It's just an analyzer that's part of WoW. It checks for malicious software in the environments where WoW runs and reports back to Blizzard when you log in to their service. Malicious in this context being defined as malicious vs. the user (keyloggers are a major concern in the wow playerbase) and malicious vs. Blizzard (e.g. bots and such controlling the UI while the game is running).
So, now a "rootkit" is any program that does something we're not sure of?
I thought a rootkit was a program designed to take control of a system remotely or offer access to that system? This is just an obfuscated program (encrypted is a bit strong for something that is "decrypted" on your own system where you can watch its behavior).
Seriously, if this is the worst that Blizzard does, I'm a happy camper. They really do have serious problems with their users being exploited, and detecting these problems early is all good. In my case, they'll see everything that's in my virtual Windows environment under Wine.
Now, if someone proves that they're reading personal files out side of the Windows system directory or the WoW installation, then we can talk. Until then, this is a non-issue.
Slashdot Mirror
The music industry isn't going anywhere. Remember that they're "on their last" $200B leg.... Lots of change is coming, change that should have come long ago. That's the nature of business. The industry isn't going anywhere.
If youtube forbids vids containing graphical violence, then why aren't all those people uploading videos of people getting tasered by police officers (for example) getting their accounts banned. You're dealing with cultural definitions and tolerances for graphic violence. My guess would be that Google is drawing the line at what is illegal for display in the UK (a much narrower range than the U.S. where graphic violence appears every night on network TV). Blame Google if you want, but I'm not sure that you are standing on solid ground. Then again, I don't know the specifics, and I'm guessing as to their rationale.
Dollar values are introduced in stories about crimes to make their impact more digestible for the masses. The problem is that, most crimes don't have a simple relationship to money. Bot net hijacking for example is a crime which, for the most part, involves the invasion of personal property. There's no dollar value to be assigned there, just as you don't assign a dollar value to breaking and entering (e.g. the cost of the window). Instead, you say, "this criminal broke into 100,000 people's homes." That has its own weight which does not relate to money at all. When you say, "this kid aided a gang of criminals in hijacking the computers of 100,000 people, you don't need money to understand the invasion of privacy and property, and in fact, any use of money to describe that crime probably devalues its impact.
It only seems like an oddity because you think a single name can sum up your political orientation, especially one that doesn't really define any. It is actually little more than the name of a football team that has a high player turnover rate. I'm glad someone else notices the sports mentality of the arbitrarily polar U.S. party system.
As for the idea that reviews are somehow sacrosanct... it's a great idea. I've been ignoring review sites (other than my own) for years because of this. The only shocking thing here is that someone at Gamespot managed to get a negative review published before they were fired. It was really the publisher that was, I'm sure, taking the heat.
What would be realistic? Lets say that he stole the use of 100,000 computers in his botnet. At 2Mil, each computer would have $20 in economic losses. And you've proven the point more eloquently than any of us could.
You're simply making up what you imagine to be his activities, and then making up figures to assign to that.
In reality, the number given is usually the combined salaries of everyone that the government and private organizations decided to put on the case. Thus, if a company has an IT security dept. of 3 and there are 3 government officials dealing with the case, then the "impact" is typically the salaries of all 6 times the amount of time that the case was ongoing. This is, of course, just as arbitrary as any other metric and most notably does not measure anything which can be reasonably termed "loss".
Step 2: download the source code
Step 3: come up with a decent password pattern (e.g. x3-4/x3-4/*/* which means two pseudo-words and two of any characters arranged in any order).
Step 4: Run the program a few times and pick a password you'll remember.
Step 5: Profit?
That has been completely obliterated as a valid result with years of research. People who eat a high protein and fat diet, may lose weight or stay the same weight, but it isn't because you get free calories. It's because the body can't keep muscles on without sufficient protein, and nearly all of the protein ends up being broken down to make up for the fuel that isn't being absorbed from carbohydrates. This doesn't match my experience. Of course, I'm only one data point, and perhaps I'm a mutant, but I'm a very muscular person in my lower body. I've had no problems putting on muscle while on a low carb diet. What I have a problem with is coping with an influx of carbs. Sugar and simple starches can make me VERY unhappy in many ways (nervousness, diarrhea, etc.) Other than that, I've not seen the concerns you mention.
Do I still eat a high calorie diet? Yep. I'm a compulsive eater, and on a diet that involved eating less, I would fail. On a diet that involves eating differently I succeed. If you're interested in looking into this further, I suggest "The Carbohydrate Addict's Diet" as a starting place. I don't use that diet, but it's got some excellent info including an analysis of the endocrine response to carbohydrate-rich foods that's really a must for anyone who likes to eat, IMHO.
That said, no medicine hasn't been science for a long time. It's hopelessly corrupted by money-making enterprises that don't give a rat's petard about health or science.
I wish you people would actually look up the definition of "rootkit" before expounding. I wish just once that someone would fail to lump me in with "you people". I've been in the security business for a long time (I'm mostly out of it now, but still do work on the side from time to time), and the definition that I used is one that most security professionals will use.
What's really scary is that your definition, "a rootkit is any piece of software that is specifically designed to hide its existence from the OS," is one that's been slowly creeping into the parlance and confusing people about what a rootkit really is. Malicious rootkits traditionally try to conceal themselves because it only makes sense to do so, however, that's not their purpose, and rootkits have existed which do not try to conceal themselves. There are also benign rootkits (typically tools of the security auditor's trade).
The purpose of a rootkit is to bundle the previously manual steps required to "root" a system (gain administrator privileges or otherwise subvert the system's security). That's it. Any program which does this is, in one way or another, a rootkit. Many viruses are also rootkits. Many worms are also rootkits. Many tools used by security professionals are also rootkits.
The terminology comes from the long history of Unix administration in which a single user, "root," has the keys to the kingdom, and gaining access to that user account gains you access to the system as a whole. Linux, being a Unix/POSIX clone adopted this monolithic security model, though there are modern tools (such as SE/Linux) which attempt to implement finer grained controls for Linux. Windows also has finer grained controls available, though they are rarely used. However, we still call tools that attempt to subvert system security, "rootkits."
I hope this helps to explain, and I hope that in the future you'll think before you assume that you're talking to just "you people."
What they also know is that they're sitting on top of the world's most rigged market with stockholders demanding increasing profits. They're literally staring down the gun-barrel at their own extinction and trying desperately to figure out how they can dodge the bullet. They can't. They know they can't. That makes them desperate.
Now perhaps bizarre DRM and rootkits will start to make sense to you. They don't think these are reasonable actions that come without gobs of risk. They're just out of options.
Holy crap! - I can read all the words, but none of it makes any sense. It's like the took regular English words and gave them all different meanings. I haven't felt this uncomprehending in a loooong time - and even the dumbness felt from quantum chemistry pales to this. Well, a lot of it falls out of this:
http://en.wikipedia.org/wiki/Group_theory
Which then gets you here:
http://en.wikipedia.org/wiki/Symmetry_group
Once you get those two, you can hit:
http://en.wikipedia.org/wiki/Differentiable_manifold
and you're very close to a general understanding of the shape (no pun intended) of what E8 is all about, and can dive into:
http://en.wikipedia.org/wiki/Lie_group
Rootkit is an OS-level subversion program. Nope. A backdoor is something that passively allows access. A rootkit provides either control or access via external software that gains access to the system (as a trojan, worm, virus or manually planted).
Many rootkits consist of a means of installing a backdoor and not much else. In the Windows world, rootkits are essentially just ways of circumventing login, since true user security is rarely implemented. It's true that you *could* configure a Windows system so that a program running as the primary user would have no way to subvert the system's security, but typically "rootkits" under Windows just ignore such systems as not being worth the effort. They're typically interested in creating legions of zombied systems or installing keyloggers as widely as possible, and ignore the small fraction of well configured systems.
Wine is my platform of choice and it behave just fine for me when running software from companies that take the time to treat their users well. Specifically, I've yet to see a game from Blizzard not run. Heck, even most Microsoft games run just fine. What doesn't run well is games from little companies that don't have the resources to write their own code, so they buy someone's hackish garbage game development platform.
I ignore these games.
No one is saying that. What we're saying is that Warden (what a horrible choice for a name) is that, in response to one specific "what if" question about some third party with access to your machine making Warden do something naughty, "if they have access to your machine, then the fact that they can modify Warden to do something naughty is moot... they can modify ANY program on your system to do something naughty."
Your straw man needs to go see the Wizard....
This whole problem is cause because gold is so important to the game.
They could minimize these problems with a number of basic fixes.
1) Don't allow the AH to sell anything for more then 5 times the vendor cost. Which results in artificial control of the market, which primarily impacts those who don't have enough gold to exploit the system, and results in anything that's unreasonably capped being sold player-to-player outside the auction house. Turns out economies (virtual or not) are quite resilient to this kind of ham-handed attempt at control. 2) Lower the cost of items. How you can charge 5000 Gold to learn to use a mount and not expect a spike in Gold selling and farming is beyond me. Actually, they did the reverse, and it's worked VERY well. The only people buying gold now are typically the newbies who need 10-100 gold to get started. 5000g costs an astronomical amount of money because it takes so long for a low-level player to get. It's a root kit in that it can gain access to anything on your computer and send it to Blizzard. So can the World of Warcraft game itself. That's a rootkit too? Oh PS: rootkit != any invasion of privacy. Rootkits are specifically those programs that subvert the security of your system. This simply doesn't do that. To trust warden is to trust that:
they will never hire a bad dishonest employee, You can replace "warden" in that sentence with the name of any software you've ever run.
2) Any program can be more malicious and dangerous than it currently is. We don't judge a company based on what they might do tomorrow, we judge them on the basis of what they did today. Blizzard has yet to compromise the security of these end-user systems or their privacy. That's the bottom line.
Out of curiosity, how would you go about detecting keyloggers and/or bots without reading the registry? Or do you just feel that Blizzard shouldn't attempt to detect abuse? Myself, I'm a player and I WANT Blizzard to look for such abuse. If someone finds that Blizzard's bot is doing something that's actually wrong (e.g. sending personal data back to home base, not just reading the registry), then I'll be the first to pressure them to fix it. However, if they're just scanning for malicious software that doesn't actually seem like a problem.
It is CERTAINLY not a rootkit according to any definition I've ever heard.
It's not a rootkit, so it doesn't work anywhere.
It's just an analyzer that's part of WoW. It checks for malicious software in the environments where WoW runs and reports back to Blizzard when you log in to their service. Malicious in this context being defined as malicious vs. the user (keyloggers are a major concern in the wow playerbase) and malicious vs. Blizzard (e.g. bots and such controlling the UI while the game is running).
So, now a "rootkit" is any program that does something we're not sure of?
I thought a rootkit was a program designed to take control of a system remotely or offer access to that system? This is just an obfuscated program (encrypted is a bit strong for something that is "decrypted" on your own system where you can watch its behavior).
Seriously, if this is the worst that Blizzard does, I'm a happy camper. They really do have serious problems with their users being exploited, and detecting these problems early is all good. In my case, they'll see everything that's in my virtual Windows environment under Wine.
Now, if someone proves that they're reading personal files out side of the Windows system directory or the WoW installation, then we can talk. Until then, this is a non-issue.