I don't know if it's even a "flaw". If the crooked site opened up a window for the link to the innocent site, then the crooked site "owns" the child window (this is in accordance with the Javascript security model, right?). So the crooked site can name the child window anything it wants ("spoof") and can enter it and walk the document object ("spoof".document.whatever). It can wait for the child window to open a new window, and (if you've gone to the innocent site and know what they name their windows) access THAT window and redirect it.
My question is, SO WHAT? This is how Javascript works. It's a user education issue: don't open links to your bank from other websites -- type the URL in yourself.
Anyway, what does this give a phisher that he didn't have before? If he's got you at his site, and he's got you clicking a link, it's easy enough for him to just build a spoof site to sucker you.
And if you've got spyware on your machine, I'm sorry, but you're probably having all your keystrokes logged, anyway. Popups are the LEAST of your troubles.
Evil site A helpfully offers a link that opens Good site B. If a user clicks the link and opens Good site B, Evil site A waits for the user to open a predictably named popup from Good site B, then reaches down through the DOM (using code on Evil site A) and alters the URL of the popup, bouncing you to their Evil popup.
Big whoop -- this is permitted by Javascript's security model, you know -- the parent window "owns" the child window, thus it can access it and do weird things. Theoretically, it could change the source of images, and do other arty things too.
I don't understand why any of this is considered a big deal. Who's going to go to some hacking site and open a link to their bank? Any scenario in which this sequence of events could happen seems pretty farfetched to me.
I dunno... I guess they could try and send you a phishing mail or something, and a really dopey user could click on a link to the phishing site and get screwed, but then, wouldn't it be easier to just phish from the crooked site linked from the email? Why would you need to worry about popups at all?
Nah... I don't see this as an issue. Nothing much here.
OK, I've read through a bunch of Slashdot posts, and I've considered my experience with this thing, and here's my web developer's opinion of this "vulnerability":
In Javascript, if (and only if) your web page opens a new window, it "owns" that window. In other words, you have access to the whole DOM in that window. You can step through the document object, alter things, and so forth. This is how things are supposed to work; it's what enables us to open new windows and interact with the user. For example, maybe you want to pop up a window, ask a couple of questions, get the results, and close the window. Something I did recently at work was code an informational popup this way, because we had to kind of shock the user a little, to prevent them from just clicking "OK" to close all the alerts we were sending them. We made the popup very pretty and noticeable. OK?
So, the guys at Secunia decided that was a vulnerability and they set up this little test to scare everybody. So...
IF you went to a crooked website, and IF you clicked a link to pop up a site like Citibanks FROM THE CROOKED WEBSITE, and IF you went about your business on Citibank's site and clicked their crooked CSS overlay or popup (or whatever, you can probably do it in a couple of ways) THEN and ONLY THEN would you be sent to a crooked popup window with which they could phish you.
In other words, in order to really make use of this, a phisher would have to:
1. Get his code onto an actual commercial website so that people would find it and unsuspectingly click a banking link;
2. Evade capture for long enough to collect a bunch of credit card numbers (or whatever), with the commercial site's security team coming after him with knives sharpened;
3. Avoid having the crooked popup's web URL or IP address traced back to him by the FBI or Interpol within a day or so;
4. Figure out a way around the bank (or whatever) putting a huge banner on their site saying in bright red flashing letters "DO NOT APPROACH THIS SITE VIA A WEB LINK! TYPE THE SITE ADDRESS IN YOU SCHMUCK!" (or just putting a parent.close(); line of code in their existing Javascript, plus some code to refresh the page from the bank's server, clearing out anything from the crooked site -- would this work? I haven't tested it yet -- but I'm sure there are other ways to do it and the bank's developers are smarter than phishers, generally).
BUT, even if the phisher DOES figure all this out, it won't do him any good, because
WHEN PEOPLE GO TO THEIR BANK'S WEBSITE, THEY USUALLY JUST TYPE IN THE URL OR USE A BOOKMARK!
So, in short, I think this is nothing much to worry about.
Results with Konqueror: the popup did NOT point back at Secunia, it pointed at Citibank. Perhaps this is because I have Konqueror configured to open new windows in tabs and have "smart" popup blocking enabled. Would someone try and confirm this? If it is the issue, then we can block the vulnerability in Konqueror, at least.
"Perhaps because women are far more interesting creatures than men..."
HORSEFEATHERS.
I think it's a terrible shame that in our culture, people think the "right" view is that women are the smart ones and guys are a bunch of drunk doofuses. I think it's a national scandal that people have so little respect for males. And women are the worst offenders here -- they always complain about sexism, but they revel in it themselves, constantly treating men contemptuously, ignoring the hypocracy of their attitudes.
Don't buy into it, dude. There's still time. Yank your soul out of that purse!
People who go into hysterics about how the earth is in danger and the apocalypse is upon us because of all of us horrible people with our nasty machines really annoy me.
What arrogance!
Human beings have existed for only a few hundred thousand years in any recognizable form. We will probably only exist for a few hundred thousand more in any recognizable form. To the Earth, which is over four billion years old and which has survived cataclysm after cataclysm, including impacts which caused almost every single species on the planet to go extinct within a several-year timeframe, we're NOTHING. We're a weird little blip in time.
A few million years from now, there won't be any trace we ever existed. The continents will have shifted, our buildings will have been ground into dust by erosion, and whatever species takes our place will be studying our fossils, wondering what we were like.
GET OVER YOURSELVES. Even if we totally fuck up everything, in a few million years it'll all be right back to normal. We have no power whatsoever to ruin things in any permanant way. We just flatter ourselves that we're powerful.
In reality, we're nothing; we came from nothing, and we will return to nothing. So it isn't the EARTH that we should be worried about; the Earth doesn't care WHAT we do, it's just a big, immortal, unkillable rock.
Worry instead about whether we're fucking things up for OURSELVES. Because THAT, my dears, is the REAL issue.
I've found that Slashdot's offical position on a lot of things is "freak out and post a story". Then a core group of Slashdotters follow suit and post their seconding of the primary freak-out. It's unusual to see a voice of reason so high up in the list, though; congratulations, you're an anomaly!
Re:How to screw up a game-movie 101
on
Doom Movie Update
·
· Score: 1
You got me there... Yeah, they did, ah, ALTER a few things, which I thought weren't that cool, but overall, they did a much better job of keeping the general feel of the games than (for instance) the Resident Evil movies. I got the feeling they at least tried.
There was a really funny sendup of AVP on MrCranky (www.mrcranky.com, look for the link for currently playing movies, it's probably in there). He said that what got him was, the director decided that all the predator needed was a BUDDY! So it got turned into a buddy flick. He went off on that aspect of the movie.
Ok, I take it back, AVP wasn't so hot. But at least I didn't think it was *terrible*... You could kind of fit it into the storyline, if you squinted and tilted your head a bit.
How can they have Doom not take place on Mars? And not involve Hell? I mean, to be that bad AVP would have to have had the aliens and the predator turn out to be Boston bluebloods who drank different versions of a fermented Tom Collins...
How to screw up a game-movie 101
on
Doom Movie Update
·
· Score: 4, Interesting
"The monsters aren't from hell, but rather people mutated by some nasty super-virus although the monsters look very similar to those in the game" Oh, and it's not on Mars anymore.
Ok, show of hands: who here is sick and tired of directors or producers who want to do a movie based on a game, but who can't get around their personal preferences and start making major changes to the story? Take this "they're not from Hell" and "it's not on mars" thing.
Whoever made the change is probably thinking "Oh, I don't like religion, and I don't believe in Hell, so let's come up with a pseudo-scientific premise instead... Viruses seem to be pretty popular lately, and 28 Days Later was a big hit... It'll be easier to convince the money people if we're copying a successful franchise... Let's do a virus. Hell is so passe..."
And he's probably thinking "Mars? There is nothing on mars but red dirt. And it isn't sexy enough. Let's make it a planet far, far away. And let's make the Pinky demon a loveable character so people will be conflicted when it attacks! Yes, that will be interesting."
And as far as the armor goes, well, they're probably just being cheap. It's easier to Ebay for used SWAT team armor than to build realistic DOOM armor, isn't it? Course it is. And all movie directors/producers "know" that we're all too stupid to know the difference, anyway. Bastards...
If I could get a few of these boors into a tiny, windowless room and apply a cluebat to them, I would simply say that if you're going to adapt a game, KEEP THE FUCKING STORY. Keep the characters and technology. KEEP THE LOOK OF THE ENVIRONMENT. Keep the main idea intact. You don't have to make the movie a shot-by-shot copy of the game, but for Christ's sake, don't change everything! Tone down the ego, boys, and up the humility.
Not like there's any chance of that. VIdeo-game movies are going to continue to suck forever more because of the immense egos of the people with enough power and money to produce/direct. There's no help for it.
We're better off just playing the games themselves, and letting the movies die out from disappointing box office returns.
NOTE, and COUNTEREXAMPLE: I thought Alien Vs. Predator wasn't bad, because they staged the movie in "the past" (still our future), predating all the games and other movies, and adding in some tasty backstory (how Weyland-Yutani got started, why they're so interested in aliens and predators, etc). So obviously SOME people can get it right.
That movie's only problem was insufficient Predator-Alien whoop-ass. Maybe they had a shortage (only a few cans got delivered?).
Consider that the only thing people used to actually *need* TV for was news and weather information. This they can get much more effectively from the internet, where they can compare a MUCH bigger set of competing viewpoints, search for media files the news organizations won't display, etc... Plus they can read first-hand accounts posted by people while things are happening, without having to put up with the filter applied by network censors.
Then consider that most television is widely accepted to be garbage. I think the term "vast wasteland" was bandied about for a while. Everything on TV that isn't informational or a movie is generally crap, and almost everyone you will ever talk to will tell you this is patently obvious to them, has always been patently obvious...
Finally consider that if we want to watch movies, we can rent them on DVD, so we don't even need television for THAT anymore. And the rise of videogames as a form of entertainment which is INFINITELY more interesting and engaging than the boring, predictable, passive entertainment TV has been killing us with for years. And the fact that TV is infested with annoying, incredibly stupid advertising that takes turns insulting and condescending to us.
The question isn't why people are watching LESS TV. It's why they still watch TV at ALL.
Here's another idea I just had: Build a plywood enclosure for the server and insulate it. Rig a small space heater so that it blows into an air tube leading into the enclosure (like the tubes they sell as replacement parts for dryers, you can get them at Sears). This way the garage can be freezing cold, but the computer will probably be up around 60 degrees. More efficient, too.
First, try and seal the garage as well as you can. Nothing expensive, just a little caulk on cracks, some weatherstripping for the doors, etc. Trap an air pocket in the garage and minimize the amount of air that comes in from outside.
Next, get one of those little fifty-dollar electric space heaters and set it up so it blows on the backup server. It doesn't have to warm the whole garage, just the area around the server. If you can keep the area around the server up around fifty degrees, you're probably good to go. Actually a good heater will probably keep the whole garage above freezing, which solves your problem for you.
I'm not talking about a nuclear blast furnace or anything. Just a little space heater with a fan to blow hot air on the machine. That's all you need.:)
Item: continuing advancement in technology eventually tends to make all jobs obsolete, with the actual work being focused on a smaller and smaller technological priesthood. Manufacturing, for example, is largely being automated with the remaining staff being caretakers for robotic production lines. Now, IT is gradually becoming more streamlined with the majority of work being able to be done by smaller and smaller teams.
WHY THIS IS BAD:
It's a social catastrophe. As we move towards a society in which only a few people are needed to work, those few people aren't going to want to support all the rest with their taxes. The result isn't going to be a techno-utopia in which everyone enjoys lives of education and leisure -- it'll be a hell in which the vast majority of people are dirt-poor and a few are very rich.
The result of this is predictable, because it's happened before, in France a couple of hundred years ago (though for different reasons, the overall effect was the same). If you recall, people like Marie Antoinette said (of her starving countrymen) "let them eat cake" -- and they cut off her head. Every situation in which all the wealth is in the hands of a few and the majority is unhappy results in rebellion and the removal of the few.
At some point in this (and every other) country, we're going to reach a point where we're going to have to make a choice. We will either deliberately introduce some inefficiency into the system to let everybody get a job and be happy, or we'll continue our current path and a violent, bloody revolution will do it for us.
What's this? A slashdotter who doesn't read cyberpunk fiction??? How interesting! "It's not supposed to be like this"... Hmm... Not sure what to make of this guy... He SEEMS okay. Maybe he hit his head???;)
I just downloaded 1.4.2_06 from Sun's website. Go to java.sun.com and look for J2SE. You can get both 1.4.2_06 and 1.5 there, on the page. I didn't use the automagic update, myself, so I don't know what's going on there.
There's an interesting situation in your analysis, and here it is: it isn't open source itself that is more secure, but rather the operating system most people running open source are using. Most open-source advocates use Linux or a *BSD, which are more secure than Windows because of their inherently multiuser, networked architecture. So most people who use open source enjoy a more secure operating environment. This leads to the misconception that it is open source that is more secure -- which you are debunking.
My theorem is this: most open source users are more secure because of their operating system, not because they're using an open source application. Using open source on a less secure platform is less secure.
So it's platform, not distribution method, that makes a person secure.
The new JDK/JRE is "safe"... I've heard they're faster, too, with some JRE improvements. I just downloaded the whole 1.5 set, and I'm pretty excited, looking forward to it... I install it on my Slackware instance tonight!
If I had a girlfriend, I'd invite her to hang out and share the joy; this'd be way better than a movie as a date... Um... Maybe I should get out more, now that I think about it...
It's pretty obvious: buy your printer at a computer show using cash or on Ebay using a postal service money order, never send in the registration card, and don't tell anyone you have it.
Serial numbers are only as good as the database that tracks them. If you aren't in it... Well...
Why? Let corporations play "whack a mole" until their legal resources run out, and people will STILL be downloading the infringing tool. Stop one site from distributing? Someone in a more sensibly run country will pop up a mirror. Stop them? Someone else will pick it up. Even if you started sending hit squads and Interpol after sites, it'll just go underground -- and people will STILL be using it.
You can't stop a social movement. That's why Bill Gates hates it so much.;)
Microsoft will continue to integrate third-party tools into their Visual Studio suite, demolishing the companies that manufacture them. This will suck for third-party tool builders, but it'll be pretty cool for us developers. Here's what I see them putting in:
* Expansion of their project templates to include a comprehensive set of patterns for just about anything you might want to do in an enterprise. Got a project coming up? Click an icon and you'll be given a complete set of skeleton code for you to modify. Useful, but dangerous: more productive developers = fewer developers.
* expansion of modelling tools as the VB guys get more comfortable with object oriented programming. Integration of UML tools with Visual Studio.
* Expansion of tools that allow managers to directly code business rules using prebuilt code blocks. This is going to be a big deal; everyone's already scrambling to build it.
* Integration of unit test tools with Visual Studio as Microsoft catches on to the whole test-driven development thing. Right now, you've got to hand-build your tests. Not for long...
In the JAVA world, I've got a wish list, but I think it's pretty realistic:
* Sun, under pressure from Microsoft's ease of use, will create a new GUI layer that is simpler than Swing and AWT, works more quickly, and provides 90% of the functionality programmers use the most. Swing and AWT will still be available, of course, but we'll have this easier option and it'll get integrated into IDEs as a project type, making everyone's life easier.
* Java IDEs will continue to embrace visual development, making life easier on everyone.
* One thing I think would be nice would be for IDEs to incorporate patterns as templates that you can drop into a project. So, say, if my main GUI is MVC, I can drop an MVC template into my project, and other templates in for specific parts of the backend... Sort of a quickstart, right?
* And, since Microsoft is going to do it, some of the Java IDEs will too: prebuilt project skeletons for common business needs, and tools to easily build business rules so Managers can handle all the client-meeting shit.
I know, my predictions are boring as always. I'm not a revolutionary, I'm a code monkey!
Yeah, that's true. So, what's going to stop the hackers from, say, tricking the Baptists into thinking the porn is coming from servers owned by the Lutherans, then watching the battle from a few miles away with their Zeiss binoculars?
If there were no immigration, and people stayed put once they got here, your argument would make sense. However, you're not looking at migration and immigration.
The puritans were in these areas hundreds of years ago. They spread out from them, homesteading what was then a wilderness, "taming" the frontier (remember your high school history classes?).
New immigrants from Europe and the Middle East came in through New York and Boston and spread out from there all the way through the 1800s. Chinese, Japanese, and Mexican groups generally came in through San Francisco or Southern California, adding to the already significant Spanish population. Almost all immigrants tended to settle in cities, where the opportunities were greater. A result of this was, cities were vibrant and ever-changing and rural America became calcified and stagnant (yes, I know you don't think it's calcified and stagnant, and your friends will agree -- but an outsider would have a different view, trust me).
Interesting Note: prior to a few decades ago, the two main places where immigrants were permitted to enter the country were Ellis Island (New York) and San Francisco (California).
Now, to your attempt at refuting my point:
Keeping in mind that immigrants tend to gravitate towards large cities, if you look at the composition of the blue states, almost their entire population exists in large cities, many of which have ports (and are traditional points of ingress into the country). Although we do have some descendents of puritans (in a strange coincidence, we call them "blue bloods" and they tend to be rather wealthy) they have long since been influenced by the constant flow of new ideas and are currently quite progressive in their thinking... If a bit elitist.
The "red" areas of the country are the areas which don't seem to get all that much legal immigration (i.e. immigrants who can actually VOTE). What immigration IS happening in the red states is despised there; have you ever heard an Arizonan complain about Mexicans? Try and point out that Arizona used to belong to Mexico, and they get sullen.
Interesting and delightful coincidence: Blue states have a small population of blue bloods, and red states have a large population of rednecks. Isn't that hilarious?
Would you like to keep arguing this point? Because I can keep going as long as you can. History is fun.
Slashdot Mirror
I don't know if it's even a "flaw". If the crooked site opened up a window for the link to the innocent site, then the crooked site "owns" the child window (this is in accordance with the Javascript security model, right?). So the crooked site can name the child window anything it wants ("spoof") and can enter it and walk the document object ("spoof".document.whatever). It can wait for the child window to open a new window, and (if you've gone to the innocent site and know what they name their windows) access THAT window and redirect it.
My question is, SO WHAT? This is how Javascript works. It's a user education issue: don't open links to your bank from other websites -- type the URL in yourself.
Anyway, what does this give a phisher that he didn't have before? If he's got you at his site, and he's got you clicking a link, it's easy enough for him to just build a spoof site to sucker you.
And if you've got spyware on your machine, I'm sorry, but you're probably having all your keystrokes logged, anyway. Popups are the LEAST of your troubles.
Honest. I don't think this is that big a deal.
Is this even a vulnerability?
Evil site A helpfully offers a link that opens Good site B. If a user clicks the link and opens Good site B, Evil site A waits for the user to open a predictably named popup from Good site B, then reaches down through the DOM (using code on Evil site A) and alters the URL of the popup, bouncing you to their Evil popup.
Big whoop -- this is permitted by Javascript's security model, you know -- the parent window "owns" the child window, thus it can access it and do weird things. Theoretically, it could change the source of images, and do other arty things too.
I don't understand why any of this is considered a big deal. Who's going to go to some hacking site and open a link to their bank? Any scenario in which this sequence of events could happen seems pretty farfetched to me.
I dunno... I guess they could try and send you a phishing mail or something, and a really dopey user could click on a link to the phishing site and get screwed, but then, wouldn't it be easier to just phish from the crooked site linked from the email? Why would you need to worry about popups at all?
Nah... I don't see this as an issue. Nothing much here.
OK, I've read through a bunch of Slashdot posts, and I've considered my experience with this thing, and here's my web developer's opinion of this "vulnerability":
;)
In Javascript, if (and only if) your web page opens a new window, it "owns" that window. In other words, you have access to the whole DOM in that window. You can step through the document object, alter things, and so forth. This is how things are supposed to work; it's what enables us to open new windows and interact with the user. For example, maybe you want to pop up a window, ask a couple of questions, get the results, and close the window. Something I did recently at work was code an informational popup this way, because we had to kind of shock the user a little, to prevent them from just clicking "OK" to close all the alerts we were sending them. We made the popup very pretty and noticeable. OK?
So, the guys at Secunia decided that was a vulnerability and they set up this little test to scare everybody. So...
IF you went to a crooked website, and IF you clicked a link to pop up a site like Citibanks FROM THE CROOKED WEBSITE, and IF you went about your business on Citibank's site and clicked their crooked CSS overlay or popup (or whatever, you can probably do it in a couple of ways) THEN and ONLY THEN would you be sent to a crooked popup window with which they could phish you.
In other words, in order to really make use of this, a phisher would have to:
1. Get his code onto an actual commercial website so that people would find it and unsuspectingly click a banking link;
2. Evade capture for long enough to collect a bunch of credit card numbers (or whatever), with the commercial site's security team coming after him with knives sharpened;
3. Avoid having the crooked popup's web URL or IP address traced back to him by the FBI or Interpol within a day or so;
4. Figure out a way around the bank (or whatever) putting a huge banner on their site saying in bright red flashing letters "DO NOT APPROACH THIS SITE VIA A WEB LINK! TYPE THE SITE ADDRESS IN YOU SCHMUCK!" (or just putting a parent.close(); line of code in their existing Javascript, plus some code to refresh the page from the bank's server, clearing out anything from the crooked site -- would this work? I haven't tested it yet -- but I'm sure there are other ways to do it and the bank's developers are smarter than phishers, generally).
BUT, even if the phisher DOES figure all this out, it won't do him any good, because
WHEN PEOPLE GO TO THEIR BANK'S WEBSITE, THEY USUALLY JUST TYPE IN THE URL OR USE A BOOKMARK!
So, in short, I think this is nothing much to worry about.
Discuss!
My system:
Slackware 10, Konqueror, and Mozilla 1.7.3.
Results with Konqueror: the popup did NOT point back at Secunia, it pointed at Citibank. Perhaps this is because I have Konqueror configured to open new windows in tabs and have "smart" popup blocking enabled. Would someone try and confirm this? If it is the issue, then we can block the vulnerability in Konqueror, at least.
In Mozilla, the popup trick worked. Bad Mozilla!
FYI
"Perhaps because women are far more interesting creatures than men..."
HORSEFEATHERS.
I think it's a terrible shame that in our culture, people think the "right" view is that women are the smart ones and guys are a bunch of drunk doofuses. I think it's a national scandal that people have so little respect for males. And women are the worst offenders here -- they always complain about sexism, but they revel in it themselves, constantly treating men contemptuously, ignoring the hypocracy of their attitudes.
Don't buy into it, dude. There's still time. Yank your soul out of that purse!
People who go into hysterics about how the earth is in danger and the apocalypse is upon us because of all of us horrible people with our nasty machines really annoy me.
What arrogance!
Human beings have existed for only a few hundred thousand years in any recognizable form. We will probably only exist for a few hundred thousand more in any recognizable form. To the Earth, which is over four billion years old and which has survived cataclysm after cataclysm, including impacts which caused almost every single species on the planet to go extinct within a several-year timeframe, we're NOTHING. We're a weird little blip in time.
A few million years from now, there won't be any trace we ever existed. The continents will have shifted, our buildings will have been ground into dust by erosion, and whatever species takes our place will be studying our fossils, wondering what we were like.
GET OVER YOURSELVES. Even if we totally fuck up everything, in a few million years it'll all be right back to normal. We have no power whatsoever to ruin things in any permanant way. We just flatter ourselves that we're powerful.
In reality, we're nothing; we came from nothing, and we will return to nothing. So it isn't the EARTH that we should be worried about; the Earth doesn't care WHAT we do, it's just a big, immortal, unkillable rock.
Worry instead about whether we're fucking things up for OURSELVES. Because THAT, my dears, is the REAL issue.
I've found that Slashdot's offical position on a lot of things is "freak out and post a story". Then a core group of Slashdotters follow suit and post their seconding of the primary freak-out. It's unusual to see a voice of reason so high up in the list, though; congratulations, you're an anomaly!
You got me there... Yeah, they did, ah, ALTER a few things, which I thought weren't that cool, but overall, they did a much better job of keeping the general feel of the games than (for instance) the Resident Evil movies. I got the feeling they at least tried.
There was a really funny sendup of AVP on MrCranky (www.mrcranky.com, look for the link for currently playing movies, it's probably in there). He said that what got him was, the director decided that all the predator needed was a BUDDY! So it got turned into a buddy flick. He went off on that aspect of the movie.
Ok, I take it back, AVP wasn't so hot. But at least I didn't think it was *terrible*... You could kind of fit it into the storyline, if you squinted and tilted your head a bit.
How can they have Doom not take place on Mars? And not involve Hell? I mean, to be that bad AVP would have to have had the aliens and the predator turn out to be Boston bluebloods who drank different versions of a fermented Tom Collins...
"The monsters aren't from hell, but rather people mutated by some nasty super-virus although the monsters look very similar to those in the game" Oh, and it's not on Mars anymore.
Ok, show of hands: who here is sick and tired of directors or producers who want to do a movie based on a game, but who can't get around their personal preferences and start making major changes to the story? Take this "they're not from Hell" and "it's not on mars" thing.
Whoever made the change is probably thinking "Oh, I don't like religion, and I don't believe in Hell, so let's come up with a pseudo-scientific premise instead... Viruses seem to be pretty popular lately, and 28 Days Later was a big hit... It'll be easier to convince the money people if we're copying a successful franchise... Let's do a virus. Hell is so passe..."
And he's probably thinking "Mars? There is nothing on mars but red dirt. And it isn't sexy enough. Let's make it a planet far, far away. And let's make the Pinky demon a loveable character so people will be conflicted when it attacks! Yes, that will be interesting."
And as far as the armor goes, well, they're probably just being cheap. It's easier to Ebay for used SWAT team armor than to build realistic DOOM armor, isn't it? Course it is. And all movie directors/producers "know" that we're all too stupid to know the difference, anyway. Bastards...
If I could get a few of these boors into a tiny, windowless room and apply a cluebat to them, I would simply say that if you're going to adapt a game, KEEP THE FUCKING STORY. Keep the characters and technology. KEEP THE LOOK OF THE ENVIRONMENT. Keep the main idea intact. You don't have to make the movie a shot-by-shot copy of the game, but for Christ's sake, don't change everything! Tone down the ego, boys, and up the humility.
Not like there's any chance of that. VIdeo-game movies are going to continue to suck forever more because of the immense egos of the people with enough power and money to produce/direct. There's no help for it.
We're better off just playing the games themselves, and letting the movies die out from disappointing box office returns.
NOTE, and COUNTEREXAMPLE: I thought Alien Vs. Predator wasn't bad, because they staged the movie in "the past" (still our future), predating all the games and other movies, and adding in some tasty backstory (how Weyland-Yutani got started, why they're so interested in aliens and predators, etc). So obviously SOME people can get it right.
That movie's only problem was insufficient Predator-Alien whoop-ass. Maybe they had a shortage (only a few cans got delivered?).
Consider that the only thing people used to actually *need* TV for was news and weather information. This they can get much more effectively from the internet, where they can compare a MUCH bigger set of competing viewpoints, search for media files the news organizations won't display, etc... Plus they can read first-hand accounts posted by people while things are happening, without having to put up with the filter applied by network censors.
Then consider that most television is widely accepted to be garbage. I think the term "vast wasteland" was bandied about for a while. Everything on TV that isn't informational or a movie is generally crap, and almost everyone you will ever talk to will tell you this is patently obvious to them, has always been patently obvious...
Finally consider that if we want to watch movies, we can rent them on DVD, so we don't even need television for THAT anymore. And the rise of videogames as a form of entertainment which is INFINITELY more interesting and engaging than the boring, predictable, passive entertainment TV has been killing us with for years. And the fact that TV is infested with annoying, incredibly stupid advertising that takes turns insulting and condescending to us.
The question isn't why people are watching LESS TV. It's why they still watch TV at ALL.
My iBook is about a year old, and I get four or more hours of battery life out of it. It's a nice machine.
Here's another idea I just had: Build a plywood enclosure for the server and insulate it. Rig a small space heater so that it blows into an air tube leading into the enclosure (like the tubes they sell as replacement parts for dryers, you can get them at Sears). This way the garage can be freezing cold, but the computer will probably be up around 60 degrees. More efficient, too.
First, try and seal the garage as well as you can. Nothing expensive, just a little caulk on cracks, some weatherstripping for the doors, etc. Trap an air pocket in the garage and minimize the amount of air that comes in from outside.
:)
Next, get one of those little fifty-dollar electric space heaters and set it up so it blows on the backup server. It doesn't have to warm the whole garage, just the area around the server. If you can keep the area around the server up around fifty degrees, you're probably good to go. Actually a good heater will probably keep the whole garage above freezing, which solves your problem for you.
I'm not talking about a nuclear blast furnace or anything. Just a little space heater with a fan to blow hot air on the machine. That's all you need.
Item: continuing advancement in technology eventually tends to make all jobs obsolete, with the actual work being focused on a smaller and smaller technological priesthood. Manufacturing, for example, is largely being automated with the remaining staff being caretakers for robotic production lines. Now, IT is gradually becoming more streamlined with the majority of work being able to be done by smaller and smaller teams.
WHY THIS IS BAD:
It's a social catastrophe. As we move towards a society in which only a few people are needed to work, those few people aren't going to want to support all the rest with their taxes. The result isn't going to be a techno-utopia in which everyone enjoys lives of education and leisure -- it'll be a hell in which the vast majority of people are dirt-poor and a few are very rich.
The result of this is predictable, because it's happened before, in France a couple of hundred years ago (though for different reasons, the overall effect was the same). If you recall, people like Marie Antoinette said (of her starving countrymen) "let them eat cake" -- and they cut off her head. Every situation in which all the wealth is in the hands of a few and the majority is unhappy results in rebellion and the removal of the few.
At some point in this (and every other) country, we're going to reach a point where we're going to have to make a choice. We will either deliberately introduce some inefficiency into the system to let everybody get a job and be happy, or we'll continue our current path and a violent, bloody revolution will do it for us.
Believe it.
What's this? A slashdotter who doesn't read cyberpunk fiction??? How interesting! "It's not supposed to be like this"... Hmm... Not sure what to make of this guy... He SEEMS okay. Maybe he hit his head??? ;)
I just downloaded 1.4.2_06 from Sun's website. Go to java.sun.com and look for J2SE. You can get both 1.4.2_06 and 1.5 there, on the page. I didn't use the automagic update, myself, so I don't know what's going on there.
There's an interesting situation in your analysis, and here it is: it isn't open source itself that is more secure, but rather the operating system most people running open source are using. Most open-source advocates use Linux or a *BSD, which are more secure than Windows because of their inherently multiuser, networked architecture. So most people who use open source enjoy a more secure operating environment. This leads to the misconception that it is open source that is more secure -- which you are debunking.
My theorem is this: most open source users are more secure because of their operating system, not because they're using an open source application. Using open source on a less secure platform is less secure.
So it's platform, not distribution method, that makes a person secure.
Discuss?
Aaah, piffle.
Just fetch a newer JVM, they're faster anyway.
The new JDK/JRE is "safe"... I've heard they're faster, too, with some JRE improvements. I just downloaded the whole 1.5 set, and I'm pretty excited, looking forward to it... I install it on my Slackware instance tonight!
If I had a girlfriend, I'd invite her to hang out and share the joy; this'd be way better than a movie as a date... Um... Maybe I should get out more, now that I think about it...
It's pretty obvious: buy your printer at a computer show using cash or on Ebay using a postal service money order, never send in the registration card, and don't tell anyone you have it.
Serial numbers are only as good as the database that tracks them. If you aren't in it... Well...
Really? Then I'll probably get my hands on it next year... Sweet!
:)
Well, MY night just improved...
Why? Let corporations play "whack a mole" until their legal resources run out, and people will STILL be downloading the infringing tool. Stop one site from distributing? Someone in a more sensibly run country will pop up a mirror. Stop them? Someone else will pick it up. Even if you started sending hit squads and Interpol after sites, it'll just go underground -- and people will STILL be using it.
;)
You can't stop a social movement. That's why Bill Gates hates it so much.
This is a combination prediction/wish list:
Microsoft will continue to integrate third-party tools into their Visual Studio suite, demolishing the companies that manufacture them. This will suck for third-party tool builders, but it'll be pretty cool for us developers. Here's what I see them putting in:
* Expansion of their project templates to include a comprehensive set of patterns for just about anything you might want to do in an enterprise. Got a project coming up? Click an icon and you'll be given a complete set of skeleton code for you to modify. Useful, but dangerous: more productive developers = fewer developers.
* expansion of modelling tools as the VB guys get more comfortable with object oriented programming. Integration of UML tools with Visual Studio.
* Expansion of tools that allow managers to directly code business rules using prebuilt code blocks. This is going to be a big deal; everyone's already scrambling to build it.
* Integration of unit test tools with Visual Studio as Microsoft catches on to the whole test-driven development thing. Right now, you've got to hand-build your tests. Not for long...
In the JAVA world, I've got a wish list, but I think it's pretty realistic:
* Sun, under pressure from Microsoft's ease of use, will create a new GUI layer that is simpler than Swing and AWT, works more quickly, and provides 90% of the functionality programmers use the most. Swing and AWT will still be available, of course, but we'll have this easier option and it'll get integrated into IDEs as a project type, making everyone's life easier.
* Java IDEs will continue to embrace visual development, making life easier on everyone.
* One thing I think would be nice would be for IDEs to incorporate patterns as templates that you can drop into a project. So, say, if my main GUI is MVC, I can drop an MVC template into my project, and other templates in for specific parts of the backend... Sort of a quickstart, right?
* And, since Microsoft is going to do it, some of the Java IDEs will too: prebuilt project skeletons for common business needs, and tools to easily build business rules so Managers can handle all the client-meeting shit.
I know, my predictions are boring as always. I'm not a revolutionary, I'm a code monkey!
Yeah, that's true. So, what's going to stop the hackers from, say, tricking the Baptists into thinking the porn is coming from servers owned by the Lutherans, then watching the battle from a few miles away with their Zeiss binoculars?
Intelligence trumps firepower.
If there were no immigration, and people stayed put once they got here, your argument would make sense. However, you're not looking at migration and immigration.
The puritans were in these areas hundreds of years ago. They spread out from them, homesteading what was then a wilderness, "taming" the frontier (remember your high school history classes?).
New immigrants from Europe and the Middle East came in through New York and Boston and spread out from there all the way through the 1800s. Chinese, Japanese, and Mexican groups generally came in through San Francisco or Southern California, adding to the already significant Spanish population. Almost all immigrants tended to settle in cities, where the opportunities were greater. A result of this was, cities were vibrant and ever-changing and rural America became calcified and stagnant (yes, I know you don't think it's calcified and stagnant, and your friends will agree -- but an outsider would have a different view, trust me).
Interesting Note: prior to a few decades ago, the two main places where immigrants were permitted to enter the country were Ellis Island (New York) and San Francisco (California).
Now, to your attempt at refuting my point:
Keeping in mind that immigrants tend to gravitate towards large cities, if you look at the composition of the blue states, almost their entire population exists in large cities, many of which have ports (and are traditional points of ingress into the country). Although we do have some descendents of puritans (in a strange coincidence, we call them "blue bloods" and they tend to be rather wealthy) they have long since been influenced by the constant flow of new ideas and are currently quite progressive in their thinking... If a bit elitist.
The "red" areas of the country are the areas which don't seem to get all that much legal immigration (i.e. immigrants who can actually VOTE). What immigration IS happening in the red states is despised there; have you ever heard an Arizonan complain about Mexicans? Try and point out that Arizona used to belong to Mexico, and they get sullen.
Interesting and delightful coincidence: Blue states have a small population of blue bloods, and red states have a large population of rednecks. Isn't that hilarious?
Would you like to keep arguing this point? Because I can keep going as long as you can. History is fun.