There are two ways Warden could get comprimised: on your computer or on the server end.
If something on your computer modifies Warden for its own nefarious purposes, well then obviously your computer is already comprised and all bets are off. Hacking Warden on the server end is far less likely, though not completely impossible. It would probably have to be an inside job, as an outside hacker would need an awful lot of knowledge of the inner working of the server environment to pull that off, even assuming they could break into the server in the first place. I for one trust Blizzard enough to assume they have sufficient internal QA and oversight that a single programmer could not pull off such a major feat, especially considering how many programmers are no doubt involved with the project.
Unless of course, WoW is written by one guy in a black trench coat who talks like a robot.:)
Why does a node of gold always have to appear at the exact same location?
Because it's actually very difficult to pick a random location on the map and actually insure that it's in a spot player can actually reach. Sometimes it's fairly obvious (like inside a hill), but often it's very subtle, like on the side of a hill with no climbable path up to it. Since you want to cap the maximum number of active nodes on the map at any given time (a controlled supply) a node that can't be mined is effectively a DoS; it reduces the number of usable nodes on the map because that one will never get mined and have a chance to respawn somewhere else.
If you look at the game in fact you'll notice that NOTHING is truly random other than loot drops. All those wandering mobs? They're pre-pathed by the game designers, which is why when you get aggro and then lose it the mob will dart back to its previous path.
I think the bigger complaint was not that the Warden can do that. It is that it does do that. It examines files that Blizzard software neither installed nor created on the system.
Well, some people play WoW on Linux, and the constant upgrades to Warden make that harder and harder. So, those trying to play the game on Linux are not doing anything wrong but do indeed have to worry about Warden.
Having played WoW on Linux for the past two years I can recall only one incident where the game broke because of Warden, and Blizz fixed it pretty fast. It was about this time last year if I recall correctly. A few players got temporarily flagged as cheaters and banned. Thne problem was acknowledged and fixed, and the players who were banned got play time credit.
The WoW developers have stated that while they do not officially support Linux there is some effort made in-house to insure that WoW works under Wine. When things do break it's almost always because a change in WoW triggers a bug or unimplemented feature in Wine's emulation of a certain ABI (usually D3D), and you can't really blame Blizzard for that. Those kind of things generally get fixed pretty fast by the Wine developers. But even those problems seem to be few and far between lately; I can't remember the last time a patch broke WoW for me.
Well, having the ability to send any file (even the ones they didn't install or create) back to Blizzard certainly qualifies
But it doesn't do that. It's been suggested that they COULD do that if they wanted to, but nobody has shown any evidence of that happening. It's just paranoia. If we're going to classify things by what they COULD POSSIBLY do, well you might as well delete everything on your computer, unless you've hand checked all that software. Any of it could be reading arbitrary files and sending the data to a server somewhere. Do you trust your web browser? How about your AV software? How about your operating system?
Unless you keep confidential issue somehow in your registry, or in the names of open windows or in the names of running processes, I don't see how it's spyware. That's just paranoia.
Do you use anti-virus software? Because that's a lot closer to being a 'rootkit' than Warden. Warden isn't running when you close WoW, and if you uninstall it it's gone.
Works fine under Wine, which is how I play. This just goes to show you it really isn't a rootkit despite what the sensational headlines are claiming. Yes it peaks at the registry, and the process list and the window list. It's looking for key loggers and bot software. These things hide themselves well so there is no way to find them without doing some semi-invasive digging around.
I suspect a lot of the fuss over this is coming indirectly from the writers of bot software and from the gold farmers...and they can go to hell for all I care. First they started spamming people in-game with constant ads for gold and power leveling, and then when Blizz implemented anti-spam filtering they started creating dozens of level 1 trial characters and randomly inviting people to party, hoping you'll accept so that they can talk to you in party chat and bypass the spam filters. It's annoying as hell.
Uhh, where the hell did you get the idea that they are keen on it? If they are 'keen' on it, then why did Verizon hit me up for an extra $5/mo to have DSL without dialtone in spite of the fact that I had a Verizon Wireless account?
The long answer: It was one of the little presents the telcos managed to get themselves when the telco laws were rewritten. If they're not going to get the $20/mo out of your for dialtone they're going to make damn sure they get something out of you.
I work in the business, and I have no idea why people want to watch videos on those teeny tiny screens. But they do, and the networks have to be modified as a result.
Out of genuine curiosity is it REALLY what people wanted or just some new idea from marketing that they're now telling us is what we want? I've asked friends and family (many of whom are non-technical types so it's not just the geek demographic talking here) and everyone thinks it's silly. It seems like instead of winning customers with better service or better prices all the carriers are just settling in to the same crappy service/price levels and trying to win over customers with useless bells & whistles instead.
There are CLECs which are owned by companies who do not provide cellular service. True, the baby Bells own the infrastructure, but switching to an independent CLEC alleviates many if not all of the problems discussed in the article.
I used to work for one, and it really isn't any better. Here in Michigan SBC screwed the CLECs hard a few years back, jacking up the price of resold copper so much the CLECs couldn't come close to providing competitive rates (thanks FCC!). And heaven help you if you have service issues: you'll probably end up in a finger pointing match between the CLEC and the ILEC. It was good while it lasted though.:/
Landlines ARE the lesser of two evils though, because they still aren't allowed to screw you quite as hard in that market since it's more heavily regulated. For example they can't force you to sign a contract if you want service. That's why the telcos are so keen on the idea of everyone going cellular and dropping their land lines.
Using VoIP for telephone service would also alleviate many of the problems listed in the article
I agree, and this has the big guys running scared. Look at the sheer ruthlessness with which one major carrier after another has pounced on Vonage with patent lawsuits like predators on a wounded animal They're trying real, real hard to either kill them or beat them up so badly they can buy them for next to nothing and kill the whole thing...or just replace it with their own crappy VoIP service so they can say "see, that whole VoIP thing sucks, you should stick with our landline/cell service instead. Here, take this shiny new cell phone. Ooohh, see, it blinks!"
I run a gaming website, many game publishers have animated ads. Why is this block-worthy?
Because animation is distracting and because it tends to slow down page scrolling. If it animates only when you click on it that's fine, but until then an ad should try remain as unobtrusive as possible.
Having read a great deal of the posts on this topic today I don't see all THAT many people claiming "all ads are bad." The majority seem to feel ads are OK if they are static, quiet and stay within their defined borders until clicked upon. Sure there are zealots who think all ads are a pact with Satan, but they're just a small though somewhat vocal minority.
1. The ad servers didn't overload all the time and slow the page load to a crawl. I can't count the number of times I've had to block an ad server just to get a page to LOAD.
2. The ads weren't so obnoxious. Sound is an absolute no-no. Animation is almost as bad, but at least doesn't startle you half to death at 3am when you aren't expecting it. It does however tend to slow the page down, especially if there are multiple animated ads all dancing around and asking you to punch the monkey.
If they toned down the ads a couple of notches, and made sure their infrastructure could handle the number of ads they are serving I think a lot of people would be more than happy to put up with the ads in exchange for the free content. But it seems like no matter how much you say this the advertisers don't want to listen. They're stuck in the old TV mentality where they try to push as much dazzling crap at you as they can. The problem is Internet users aren't TV viewers; we don't want things shoved in our faces constantly. If we did, we'd watch TV. Instead of getting "mind share" they're just pissing everyone off.
(and speaking of TV will someone please bitchslap the people who compress the audio of TV commercials to make it sound obnoxiously loud?)
I agree there is definitely user error here, although I think we on slashdot are a bit biased because most of us understand the technology enough to know that "sleep" is not "off." However, Apple could help here by simply adding an option that says something like "when roaming, do not perform data transfers without asking first." Lots of people no doubt turn on the automated email check and forget about it, because within the US it doesn't matter due to the availability of unlimited data usage plans and the fact that many users will probably never roam off AT&T's network. Disabling these automated data transfers while roaming will save a lot of future headaches.
Email addresses don't have a 1:1 mapping with users. I use sitename@example.com when I register on a website, and everything@example.com gets sent through to my account. So how am I going to determine whether foo@example.com is valid or not? You suggest manually setting up a redirect for each and every website I visit? No thanks.
Actually in this case it doesn't matter. If all email addresses @example.com are indeed mapped to your (valid) real email address, then foo@example.com IS valid, as far as the mail server is concerned, because they will all be deliverable and thus no NDRs will be generated.
Here's an idea for someone who knows Firefox and has some spare time: make an extension that lets you right click on an email address on a page or in a form field and generate an HTTP request to a user-defined URL. You then put up a simple CGI that takes requests and adds them to your mail server's mappings table. Then people could make up email addresses on the fly as you are doing while providing a convenient way to add them to your mail server so that you don't need to use wildcard mappings like that.
This is a great point and one I've experienced first hand. I used to use inkjet, but I don't really print that much and would often find that when i DID want to print one or more of the dots in the head was dried and my printouts would look like crap. Sometimes cleaning helped, sometimes it didn't. Then back in '02 I spent about $650 on a nice B&W Brother laser printer and five years later I'm still using it with its original toner cartridge. As a bonus it has built-in Ethernet and supports Postscript Level 3 too, so all my computers can print to it with no hassle, even the Linux boxes.
As someone who has a personal domain parked on the free version of Google Apps I can say that yes, they do allow you to add/modify/suspend/whatever the accounts under your domain. You can even bulk create accounts by upload a spreadsheet of user information. I imagine the Partner Edition provides even more tools.
Slashdot Mirror
Wow, you might need a couple extra layers of tin foil. And try laying off the lead paint. :)
So what happens when warden is rooted?
:)
There are two ways Warden could get comprimised: on your computer or on the server end.
If something on your computer modifies Warden for its own nefarious purposes, well then obviously your computer is already comprised and all bets are off. Hacking Warden on the server end is far less likely, though not completely impossible. It would probably have to be an inside job, as an outside hacker would need an awful lot of knowledge of the inner working of the server environment to pull that off, even assuming they could break into the server in the first place. I for one trust Blizzard enough to assume they have sufficient internal QA and oversight that a single programmer could not pull off such a major feat, especially considering how many programmers are no doubt involved with the project.
Unless of course, WoW is written by one guy in a black trench coat who talks like a robot.
Why does a node of gold always have to appear at the exact same location?
Because it's actually very difficult to pick a random location on the map and actually insure that it's in a spot player can actually reach. Sometimes it's fairly obvious (like inside a hill), but often it's very subtle, like on the side of a hill with no climbable path up to it. Since you want to cap the maximum number of active nodes on the map at any given time (a controlled supply) a node that can't be mined is effectively a DoS; it reduces the number of usable nodes on the map because that one will never get mined and have a chance to respawn somewhere else.
If you look at the game in fact you'll notice that NOTHING is truly random other than loot drops. All those wandering mobs? They're pre-pathed by the game designers, which is why when you get aggro and then lose it the mob will dart back to its previous path.
I think the bigger complaint was not that the Warden can do that. It is that it does do that. It examines files that Blizzard software neither installed nor created on the system.
Flip that statement around and you'll be correct.
Well, some people play WoW on Linux, and the constant upgrades to Warden make that harder and harder. So, those trying to play the game on Linux are not doing anything wrong but do indeed have to worry about Warden.
Having played WoW on Linux for the past two years I can recall only one incident where the game broke because of Warden, and Blizz fixed it pretty fast. It was about this time last year if I recall correctly. A few players got temporarily flagged as cheaters and banned. Thne problem was acknowledged and fixed, and the players who were banned got play time credit.
The WoW developers have stated that while they do not officially support Linux there is some effort made in-house to insure that WoW works under Wine. When things do break it's almost always because a change in WoW triggers a bug or unimplemented feature in Wine's emulation of a certain ABI (usually D3D), and you can't really blame Blizzard for that. Those kind of things generally get fixed pretty fast by the Wine developers. But even those problems seem to be few and far between lately; I can't remember the last time a patch broke WoW for me.
Well, having the ability to send any file (even the ones they didn't install or create) back to Blizzard certainly qualifies
But it doesn't do that. It's been suggested that they COULD do that if they wanted to, but nobody has shown any evidence of that happening. It's just paranoia. If we're going to classify things by what they COULD POSSIBLY do, well you might as well delete everything on your computer, unless you've hand checked all that software. Any of it could be reading arbitrary files and sending the data to a server somewhere. Do you trust your web browser? How about your AV software? How about your operating system?
Unless you keep confidential issue somehow in your registry, or in the names of open windows or in the names of running processes, I don't see how it's spyware. That's just paranoia.
Do you use anti-virus software? Because that's a lot closer to being a 'rootkit' than Warden. Warden isn't running when you close WoW, and if you uninstall it it's gone.
Works fine under Wine, which is how I play. This just goes to show you it really isn't a rootkit despite what the sensational headlines are claiming. Yes it peaks at the registry, and the process list and the window list. It's looking for key loggers and bot software. These things hide themselves well so there is no way to find them without doing some semi-invasive digging around.
I suspect a lot of the fuss over this is coming indirectly from the writers of bot software and from the gold farmers...and they can go to hell for all I care. First they started spamming people in-game with constant ads for gold and power leveling, and then when Blizz implemented anti-spam filtering they started creating dozens of level 1 trial characters and randomly inviting people to party, hoping you'll accept so that they can talk to you in party chat and bypass the spam filters. It's annoying as hell.
An Adventurer is You!
:-)
I've been addicted to KoL on and off for a couple of years now. It's a great way to kill time at work when nobody is looking.
Uhh, where the hell did you get the idea that they are keen on it? If they are 'keen' on it, then why did Verizon hit me up for an extra $5/mo to have DSL without dialtone in spite of the fact that I had a Verizon Wireless account?
The long answer: It was one of the little presents the telcos managed to get themselves when the telco laws were rewritten. If they're not going to get the $20/mo out of your for dialtone they're going to make damn sure they get something out of you.
The short answer: because they can.
I work in the business, and I have no idea why people want to watch videos on those teeny tiny screens. But they do, and the networks have to be modified as a result.
Out of genuine curiosity is it REALLY what people wanted or just some new idea from marketing that they're now telling us is what we want? I've asked friends and family (many of whom are non-technical types so it's not just the geek demographic talking here) and everyone thinks it's silly. It seems like instead of winning customers with better service or better prices all the carriers are just settling in to the same crappy service/price levels and trying to win over customers with useless bells & whistles instead.
There are CLECs which are owned by companies who do not provide cellular service. True, the baby Bells own the infrastructure, but switching to an independent CLEC alleviates many if not all of the problems discussed in the article.
:/
I used to work for one, and it really isn't any better. Here in Michigan SBC screwed the CLECs hard a few years back, jacking up the price of resold copper so much the CLECs couldn't come close to providing competitive rates (thanks FCC!). And heaven help you if you have service issues: you'll probably end up in a finger pointing match between the CLEC and the ILEC. It was good while it lasted though.
Landlines ARE the lesser of two evils though, because they still aren't allowed to screw you quite as hard in that market since it's more heavily regulated. For example they can't force you to sign a contract if you want service. That's why the telcos are so keen on the idea of everyone going cellular and dropping their land lines.
Using VoIP for telephone service would also alleviate many of the problems listed in the article
I agree, and this has the big guys running scared. Look at the sheer ruthlessness with which one major carrier after another has pounced on Vonage with patent lawsuits like predators on a wounded animal They're trying real, real hard to either kill them or beat them up so badly they can buy them for next to nothing and kill the whole thing...or just replace it with their own crappy VoIP service so they can say "see, that whole VoIP thing sucks, you should stick with our landline/cell service instead. Here, take this shiny new cell phone. Ooohh, see, it blinks!"
Just send everyone in Canada a free copy of that video from "The Ring" and then their faces will blur themselves!
"Name That Tube?"
if i grab something off the shelf, and head for the exit, what better way is there to confront me than to ask for a receipt
Isn't that what the anti-theft tags with the sensors at the door are for?
I run a gaming website, many game publishers have animated ads. Why is this block-worthy?
Because animation is distracting and because it tends to slow down page scrolling. If it animates only when you click on it that's fine, but until then an ad should try remain as unobtrusive as possible.
Having read a great deal of the posts on this topic today I don't see all THAT many people claiming "all ads are bad." The majority seem to feel ads are OK if they are static, quiet and stay within their defined borders until clicked upon. Sure there are zealots who think all ads are a pact with Satan, but they're just a small though somewhat vocal minority.
I wouldn't be blocking ads if:
1. The ad servers didn't overload all the time and slow the page load to a crawl. I can't count the number of times I've had to block an ad server just to get a page to LOAD.
2. The ads weren't so obnoxious. Sound is an absolute no-no. Animation is almost as bad, but at least doesn't startle you half to death at 3am when you aren't expecting it. It does however tend to slow the page down, especially if there are multiple animated ads all dancing around and asking you to punch the monkey.
If they toned down the ads a couple of notches, and made sure their infrastructure could handle the number of ads they are serving I think a lot of people would be more than happy to put up with the ads in exchange for the free content. But it seems like no matter how much you say this the advertisers don't want to listen. They're stuck in the old TV mentality where they try to push as much dazzling crap at you as they can. The problem is Internet users aren't TV viewers; we don't want things shoved in our faces constantly. If we did, we'd watch TV. Instead of getting "mind share" they're just pissing everyone off.
(and speaking of TV will someone please bitchslap the people who compress the audio of TV commercials to make it sound obnoxiously loud?)
I agree there is definitely user error here, although I think we on slashdot are a bit biased because most of us understand the technology enough to know that "sleep" is not "off." However, Apple could help here by simply adding an option that says something like "when roaming, do not perform data transfers without asking first." Lots of people no doubt turn on the automated email check and forget about it, because within the US it doesn't matter due to the availability of unlimited data usage plans and the fact that many users will probably never roam off AT&T's network. Disabling these automated data transfers while roaming will save a lot of future headaches.
Email addresses don't have a 1:1 mapping with users. I use sitename@example.com when I register on a website, and everything@example.com gets sent through to my account. So how am I going to determine whether foo@example.com is valid or not? You suggest manually setting up a redirect for each and every website I visit? No thanks.
Actually in this case it doesn't matter. If all email addresses @example.com are indeed mapped to your (valid) real email address, then foo@example.com IS valid, as far as the mail server is concerned, because they will all be deliverable and thus no NDRs will be generated.
Here's an idea for someone who knows Firefox and has some spare time: make an extension that lets you right click on an email address on a page or in a form field and generate an HTTP request to a user-defined URL. You then put up a simple CGI that takes requests and adds them to your mail server's mappings table. Then people could make up email addresses on the fly as you are doing while providing a convenient way to add them to your mail server so that you don't need to use wildcard mappings like that.
This is a great point and one I've experienced first hand. I used to use inkjet, but I don't really print that much and would often find that when i DID want to print one or more of the dots in the head was dried and my printouts would look like crap. Sometimes cleaning helped, sometimes it didn't. Then back in '02 I spent about $650 on a nice B&W Brother laser printer and five years later I'm still using it with its original toner cartridge. As a bonus it has built-in Ethernet and supports Postscript Level 3 too, so all my computers can print to it with no hassle, even the Linux boxes.
Dot matrix man! Simple, reliable, and you can make them play music as they print. My old Apple ImageWriter II could even print a whole seven colors. :)
As someone who has a personal domain parked on the free version of Google Apps I can say that yes, they do allow you to add/modify/suspend/whatever the accounts under your domain. You can even bulk create accounts by upload a spreadsheet of user information. I imagine the Partner Edition provides even more tools.
It was a joke. Sheesh. I'm not an idiot you know.
Those freakin' elves...they came out of the trees man...they came out of the TREES.
:)
With apologies to Family Guy because I no doubt have butchered the quote a bit. It's still early here.