This is very true. I personally got my email and download within seconds from the site, but my brother told me he paid for it, and now a day or so later still doesn't have an email with a link. He ended up downloading the torrent.
I didn't ask him how he paid for it, but I wonder if that is an issue? I paid through PayPal, so maybe that has a better system set up than entering in a credit card.
I take the sides off my computers and use those as lap desks. Very cost efficient and space efficient.
If you have an older computer around, those tend to be slightly smaller than the gaming beasts of today. I have two (one on each side off of a single computer) that are almost 100% exactly the dimensions of my 15.4" laptop, and the side of a bigger case which can fit a 17" or 19" easily.
No mouse room, though. It's generally better to use a desk for gaming IMHO.
No skilled player ever falls for feign death, and disguises in TFC are easy to spot (especially since they still bleed when disguised, while your teammates don't).
Yes you do. You just don't know it.
Most good spies will disguise as their own team and look like they are attacking with them, then have a bind that feigns + drops backpack. Completely convincing and nobody will ever notice the difference in a large firefight.
See, I can appreciate your sentiments, but I really hate to hear people use the phrase "dumbed-down" with respect to games (that said, it is certainly applicable in some cases). In my view, TF2 is a distillation of all that is good about team-based shooters, with very little of the annoying crap. Perhaps TF2 is "dumbed-down" in the same way that WoW is "dumbed-down" in many people's eyes, but in both instances I think these games have tried to simply get rid of a lot of the annoying crap seen in their respective genres.
See, my view is that TFC is a distillation of all that is good about team-based shooters already, and that TF2 removed some elements which took some of the skill out of the game. It's still fun, but it's not quite as difficult.
The big change is that they got rid of grenades. Each class had a standard grenade and a class specific grenade that did different things. This made going outside of your base more like entering a minefield and you had to hurry around know exactly where you wanted to go.
Now for class specific analysis.
Medic: First off, in TFC the class wasn't called a medic, it was a combat medic. The medic had two shotguns, the super needle gun (as they do now), and the health "weapon" was only short range, it didn't have magical homing abilities. Also the lack of concussion grenades is a real bummer. A trained medic could fly across the map with those things, but even so, it didn't seem unbalanced because of the way the maps were designed. You couldn't just fly to the flag and fly back, you still had to get into the base. Just a bunch of walking was taken out and your health took a big hit from the fall.
Spy: This is where my real complaints come in. In TFC the spy couldn't cloak, the cloak replaced what was in TFC as the "feign death". So as a spy, you could pretend to die and you would lay on the ground, defenseless, appearing dead to the casual observer. You couldn't move around, and you had to do it convincingly otherwise people would just shoot your corpse and kill you. Another thing about the spy class is that the disguise time is about 3 seconds now. Before it was about 10-20 seconds, so you had to plan all of your attacks, and execute them without hitch because you couldn't just disappear and run away. No pistol either, just a tranquilizer dart that would slow your enemy down. No instant kill sentry weapon, only 2 grenades (one building destroy, essentially). Despite this, a good player as a spy would probably be on top of the server.
Scout, Sniper, Demoman, Pyro, Soldier, Engineer: Practically identical, with very minor changes
So really, the real changes were the Medic and the Spy. The rest were interface changes (such as the Engineer's build system or the Spy's cloaking system), but those were for the better.
So they took the skill out of two classes that didn't cause any balancing issues in the first place. Watching a spy in TFC would be 100 times better than watching someone play Splinter Cell. Yet now, all I see is people cloaking in the wrong occasions revealing their location, stabbing someone or shooting someone, and cloaking and running away. Cloak and dagger tactics in the literal sense. That's not what the class used to be about. It took considerable effort to pretend to be one of the crowd, then sneak around and destroy a sentry. Stab someone, hide, feign, disguise again. Pretend to die in the right occasion, pop up when nobody is around, kill, etc.
There are only a few differences between TFC and TF2... I'm curious why people are so amazed at TF2 when it is a dumbed down version of TFC.
Not to say I don't like TF2, it's just that as a TFC addict for 8 years it's amazing that people didn't know about this game...
Vista itself is what used to be codenamed Longhorn. I feel weird having to say this because it was only a few months ago that I was still calling it Longhorn.
Going by those definitions, it sounds more and more like the Bible was written by non-believers.
Maybe they were just calling Hell "bad" (not evil), and saying it sucks, almost infinitely, to not be certain about the origins of the universe.
Reminds me of a time back in school. We were reading "Paradise Lost", and the teacher was explaining that the differences between God and Satan were that God said that destiny was determined and that Satan refused to believe it and adamantly believed in free choice, so he started a revolution against God. He lost and was sent to Hell by God.
After the teacher finished saying that I just sort of blurted out, "Makes you kinda want to worship Satan."
Everyone turned and looked at me like I was a freak of nature, even the teacher. All I could think was, are those people seriously Americans?
It didn't affect me for two reasons. One, I use multiple monitors and this only pwned one of them.
Second, I use BB4Win, and it's taskbar was OVER the Java popup. I just closed it.
This is the first time it's been compiled into an automated tool. No it's not, there's another that's better and it's been around for a long while. It was once Ethereal, and now called Wireshark.
Sure, there are a lot of APIs used that are unknown to the public, there are lots of things reverse engineered, but even the most reverse engineered features have stuff in them that are unknown.
For instance, the NTLMv2 response in NT authentication.
This is simply the best place to put a password bypass, a flag in the authentication packet itself. If it's the right value, then just don't check the password and let the person in.
Nobody has ever figured out what this does. All features are implemented in the NT authentication, but there are gaps that don't negatively impact anything.
I have a prepaid cellphone from Cingular (now AT&T), since I don't actually use it very often. It's simple, easy to use, and best of all, cheap: I pay $25 every three months for it. The phone itself cost $30, but there was a free phone that you could choose with the service as well, if I recall correctly.
If they are alien, why would their cellular structure be the same as ours? They might not even have DNA as we know it, so a cell going bonkers and repeating itself might not affect them. If it did affect them, it would probably be much different from our cancer.
Google Maps, Mapquest, and many other tools do not use AJAX. They use Javascript, but not AJAX.
AJAX is "Asynchronous Javascript and XML". For Mapquest and Google Maps, they set "src" attributes through Javascript. No XML is used, and no asynchronicity is used. Even if you search, it submits a form through POST.
It's DHTML, and not an accurate representation whatsoever of AJAX. The data isn't stored in Javascript, but in the browser's cache.
So now there is a sense of social superiority by not using Facebook now, too?
I don't get it. Facebook is like MySpace just because of the social networking aspect, not because of the stupid CSS/Javascript stuff. The entire concept eludes me. What is the point of it, seriously?
It's an over-hyped rehash of the concept of a forum.
I'm the developer of SQLIer (the first tool listed on the site), and I've also developed a (VERY PRE ALPHA STAGE) tool that scans for SQL Injection and XSS.
Page 3's variable of course decoding to "1+1". If page 3 is equal to page 2, and not equal to page 1 or 4, then it's vulnerable. The idea there is that the extra crap "+1" hasn't been stripped off returning the same as Page 1, and it's not causing a MySQL error like Page 4 does.
SQLIer also has a modified form of that integer scan to ensure a real SQL Injection vulnerable site has been entered in by the user. Since there are pages that when requested display different things each time (like if it has a time on the page or has a new forum post on a side menu), instead of comparing if two pages are equal, two pages are diff'd, then a percentage of how much of the pages are the same are calculated. So if 98% (I think, I can't remember what I have this set at) of the page is the same, it's considered "equal".
The string scan works as follows. (this function is done for both ' and ", in the example I'm using ')
If Page 2 and 3 are different, then {randstring} is not needed since it's clear that an error (and/or URL) is being output to the screen. {randstring} is set to null if that is the case.
Then, Page 1 and 3 are compared, if they are different, then obviously an error is being thrown for the quote.
Page 5 is not requested if the quote does not throw an error. This is because the quote is obviously not causing a problem, and can't be closed.
Page 1 is compared against Pages 3 & 4. If Page 1 & 3 and Page 1 & 4 are different, then it continues to Page 5 if necessary. If Page 5 is different than Page 1, then it fails (they should be the same). This step is skipped if Page 5 isn't checked due to quotes not causing an error immediately.
If both Page 6 & 7 are both the same, then finally it's deemed an SQL Injection hole.
Granted, the string check is incredibly complex and also potentially destructive, which is why it's disabled by default. The integer scanner is very quick and gets most vulnerabilities, and is incredibly accurate as well.
As for XSS, that is incredibly easy. It just throws random strings into the query variables and sees if the resulting page contains that string.
Slashdot Mirror
Well technically you ARE talking on the radio when you communicate through wifi.
They add SSL to their existing service and think it requires a "beta" tag? Really?
That's what the feed bag is for!
I just did it myself in Python and it is a rounding issue:
206/3*2 = 136
206./3*2 = 137.333333333334
If you round the division down then do the multiplication, you get 136.
Of course, if you do this, the software will inevitably be only available for Windows.
This is very true. I personally got my email and download within seconds from the site, but my brother told me he paid for it, and now a day or so later still doesn't have an email with a link. He ended up downloading the torrent.
I didn't ask him how he paid for it, but I wonder if that is an issue? I paid through PayPal, so maybe that has a better system set up than entering in a credit card.
If that wasn't their intention before, it will be now since you've told them.
I take the sides off my computers and use those as lap desks. Very cost efficient and space efficient.
If you have an older computer around, those tend to be slightly smaller than the gaming beasts of today. I have two (one on each side off of a single computer) that are almost 100% exactly the dimensions of my 15.4" laptop, and the side of a bigger case which can fit a 17" or 19" easily.
No mouse room, though. It's generally better to use a desk for gaming IMHO.
Yes you do. You just don't know it.
Most good spies will disguise as their own team and look like they are attacking with them, then have a bind that feigns + drops backpack. Completely convincing and nobody will ever notice the difference in a large firefight.
See, my view is that TFC is a distillation of all that is good about team-based shooters already, and that TF2 removed some elements which took some of the skill out of the game. It's still fun, but it's not quite as difficult.
The big change is that they got rid of grenades. Each class had a standard grenade and a class specific grenade that did different things. This made going outside of your base more like entering a minefield and you had to hurry around know exactly where you wanted to go.
Now for class specific analysis.
Medic: First off, in TFC the class wasn't called a medic, it was a combat medic. The medic had two shotguns, the super needle gun (as they do now), and the health "weapon" was only short range, it didn't have magical homing abilities. Also the lack of concussion grenades is a real bummer. A trained medic could fly across the map with those things, but even so, it didn't seem unbalanced because of the way the maps were designed. You couldn't just fly to the flag and fly back, you still had to get into the base. Just a bunch of walking was taken out and your health took a big hit from the fall.
Spy: This is where my real complaints come in. In TFC the spy couldn't cloak, the cloak replaced what was in TFC as the "feign death". So as a spy, you could pretend to die and you would lay on the ground, defenseless, appearing dead to the casual observer. You couldn't move around, and you had to do it convincingly otherwise people would just shoot your corpse and kill you. Another thing about the spy class is that the disguise time is about 3 seconds now. Before it was about 10-20 seconds, so you had to plan all of your attacks, and execute them without hitch because you couldn't just disappear and run away. No pistol either, just a tranquilizer dart that would slow your enemy down. No instant kill sentry weapon, only 2 grenades (one building destroy, essentially). Despite this, a good player as a spy would probably be on top of the server.
Scout, Sniper, Demoman, Pyro, Soldier, Engineer: Practically identical, with very minor changes
So really, the real changes were the Medic and the Spy. The rest were interface changes (such as the Engineer's build system or the Spy's cloaking system), but those were for the better.
So they took the skill out of two classes that didn't cause any balancing issues in the first place. Watching a spy in TFC would be 100 times better than watching someone play Splinter Cell. Yet now, all I see is people cloaking in the wrong occasions revealing their location, stabbing someone or shooting someone, and cloaking and running away. Cloak and dagger tactics in the literal sense. That's not what the class used to be about. It took considerable effort to pretend to be one of the crowd, then sneak around and destroy a sentry. Stab someone, hide, feign, disguise again. Pretend to die in the right occasion, pop up when nobody is around, kill, etc.
There are only a few differences between TFC and TF2... I'm curious why people are so amazed at TF2 when it is a dumbed down version of TFC. Not to say I don't like TF2, it's just that as a TFC addict for 8 years it's amazing that people didn't know about this game...
I've just always used chrootuid, since there's a Debian package for it. Made by Wietse.
ftp://ftp.porcupine.org/pub/security/index.html
http://packages.debian.org/chrootuid
I've been booting from my USB flash drive for 3 years now...
Vista itself is what used to be codenamed Longhorn. I feel weird having to say this because it was only a few months ago that I was still calling it Longhorn.
Going by those definitions, it sounds more and more like the Bible was written by non-believers.
Maybe they were just calling Hell "bad" (not evil), and saying it sucks, almost infinitely, to not be certain about the origins of the universe.
Reminds me of a time back in school. We were reading "Paradise Lost", and the teacher was explaining that the differences between God and Satan were that God said that destiny was determined and that Satan refused to believe it and adamantly believed in free choice, so he started a revolution against God. He lost and was sent to Hell by God.
After the teacher finished saying that I just sort of blurted out, "Makes you kinda want to worship Satan."
Everyone turned and looked at me like I was a freak of nature, even the teacher. All I could think was, are those people seriously Americans?
It didn't affect me for two reasons. One, I use multiple monitors and this only pwned one of them. Second, I use BB4Win, and it's taskbar was OVER the Java popup. I just closed it.
Isn't the entire point of insurance to charge higher for higher risk people, and lower for lower risk people?
Sure, there are a lot of APIs used that are unknown to the public, there are lots of things reverse engineered, but even the most reverse engineered features have stuff in them that are unknown.
For instance, the NTLMv2 response in NT authentication.
NTLMv2 Specs
Scroll down and you'll see:
0x00000000 (unknown, but zero will work)
This is simply the best place to put a password bypass, a flag in the authentication packet itself. If it's the right value, then just don't check the password and let the person in.
Nobody has ever figured out what this does. All features are implemented in the NT authentication, but there are gaps that don't negatively impact anything.
I have a prepaid cellphone from Cingular (now AT&T), since I don't actually use it very often. It's simple, easy to use, and best of all, cheap: I pay $25 every three months for it. The phone itself cost $30, but there was a free phone that you could choose with the service as well, if I recall correctly.
http://www.wireless.att.com/myaccount/prepaid
If they are alien, why would their cellular structure be the same as ours? They might not even have DNA as we know it, so a cell going bonkers and repeating itself might not affect them. If it did affect them, it would probably be much different from our cancer.
Google Maps, Mapquest, and many other tools do not use AJAX. They use Javascript, but not AJAX.
AJAX is "Asynchronous Javascript and XML". For Mapquest and Google Maps, they set "src" attributes through Javascript. No XML is used, and no asynchronicity is used. Even if you search, it submits a form through POST.
It's DHTML, and not an accurate representation whatsoever of AJAX. The data isn't stored in Javascript, but in the browser's cache.
So now there is a sense of social superiority by not using Facebook now, too? I don't get it. Facebook is like MySpace just because of the social networking aspect, not because of the stupid CSS/Javascript stuff. The entire concept eludes me. What is the point of it, seriously? It's an over-hyped rehash of the concept of a forum.
Link?
I'm the developer of SQLIer (the first tool listed on the site), and I've also developed a (VERY PRE ALPHA STAGE) tool that scans for SQL Injection and XSS.
/* /*{randstring}
/* /*
/*
http://bcable.net/project.php?vulndetector
I use two methods, one which is an integer field scan and another which is a string scan.
The integer scan works like so. Four pages are requested from the server:
Page 1: http://www.example.com/asd.php?id=1
Page 2: http://www.example.com/asd.php?id=2
Page 3: http://www.example.com/asd.php?id=1%2B1
Page 4: http://www.example.com/asd.php?id=1'
Page 3's variable of course decoding to "1+1". If page 3 is equal to page 2, and not equal to page 1 or 4, then it's vulnerable. The idea there is that the extra crap "+1" hasn't been stripped off returning the same as Page 1, and it's not causing a MySQL error like Page 4 does.
SQLIer also has a modified form of that integer scan to ensure a real SQL Injection vulnerable site has been entered in by the user. Since there are pages that when requested display different things each time (like if it has a time on the page or has a new forum post on a side menu), instead of comparing if two pages are equal, two pages are diff'd, then a percentage of how much of the pages are the same are calculated. So if 98% (I think, I can't remember what I have this set at) of the page is the same, it's considered "equal".
The string scan works as follows. (this function is done for both ' and ", in the example I'm using ')
Page 1: http://www.example.com/asd.php?id=qwe
Page 2: http://www.example.com/asd.php?id=qwe'
Page 3: http://www.example.com/asd.php?id=qwe'
If Page 2 and 3 are different, then {randstring} is not needed since it's clear that an error (and/or URL) is being output to the screen. {randstring} is set to null if that is the case.
Then, Page 1 and 3 are compared, if they are different, then obviously an error is being thrown for the quote.
Page 3: http://www.example.com/asd.php?id=qwe' and 1=1
Page 4: http://www.example.com/asd.php?id=qwe' order by 1
Page 5: http://www.example.com/asd.php?id=qwe' and '1'='1
Page 5 is not requested if the quote does not throw an error. This is because the quote is obviously not causing a problem, and can't be closed.
Page 1 is compared against Pages 3 & 4. If Page 1 & 3 and Page 1 & 4 are different, then it continues to Page 5 if necessary. If Page 5 is different than Page 1, then it fails (they should be the same). This step is skipped if Page 5 isn't checked due to quotes not causing an error immediately.
Page 6: http://www.example.com/asd.php?id=qwe'"
Page 7: http://www.example.com/asd.php?id=qwe' order by 999
If both Page 6 & 7 are both the same, then finally it's deemed an SQL Injection hole.
Granted, the string check is incredibly complex and also potentially destructive, which is why it's disabled by default. The integer scanner is very quick and gets most vulnerabilities, and is incredibly accurate as well.
As for XSS, that is incredibly easy. It just throws random strings into the query variables and sees if the resulting page contains that string.
Hope this helps some people when trying to auto