As a stopgap perhaps, but you really need to get out of that situation as quickly as possible. A firewall is not a long-term solution in that situation.
If you ever dealt with a somewhat sophisticcated compromise like I have quite a few times, you may have seen situations where a rootkit went to great length to hide itself. Hiding from obvious tools like netstat, ps and top is really just the beginning.
So is getting round a firewall. Of course I don't just trust the tools on the box, I'll nmap it from another one to check there's nothing extra listening. But it's not that hard to have your rootkit periodically connect outwardly, to a server listening on port 80, and even to send traffic that looks like http. If the rootkit's sophisticated enough that I can't detect it without a dedicated firewall, a firewall is unlikely to do any good.
But the port is already closed, so the firewall's just a waste of processing power and/or money, and time and money in terms of setting it up and making rules for new services you add. I suppose defense in depth, but to me they're more of a pain than they're worth.
If you have a good security model, the only processes listening will be the ones that need to be accessible. At that point, what good would a firewall do?
But the point is, if you don't have any listening processes you don't need, then there's no need for a firewall. I do netstat -lnp to find out what's listening on my machine, and all there is is apache, giftd, xinetd just on the ident port, and a few other things, all of which are there because I use them and set them up to be listening. So a firewall would do me no good at all - I'd just have to knock holes in it for those ports, and at that point it's doing nothing different from what I already have. And if you have processes running and listening on ports that you don't want or need, why are you running them?
This is more like the NYT including an x-rated picture in between two stuck-together pages. The content was all there on the discs, it requires patching to access it but it's part of the game.
Frankly I don't care much about the sex. But I do care about the ratings being honest. I want the label to say what's actually in the game. The fact that they basically lied to the ESRB over this is what's wrong, not that they included this content.
The problem is that the ESRB guidelines say it should be AO-18. I don't care about what you think of those guidelines, but the fact is that it says MA-17 games will not have [prolonged] graphic sexual content, so they should not have [prolonged] graphic sexual content.
There's noone with the authority to fine then. The only weapon the ESRB has is to refuse to rate their games and let them use their labels. But if Rockstar can get stores to sell their game anyway (and with a game as big as GTA they probably can) then ESRB will only undermine themselves by doing that. Maybe the ESRB could make them pay out a bit to customers in return for continuing to rate their games.
If you read the post above, the guy who wrote the mod says it's changing a single bit in the main file, the models are all there (Interestingly the voice acting is there too. Which means the company is in on it, the voice actors said those things, the studio people recorded them, etc). Which makes this qualitatively different from my nude UT skins.
I'll believe him when he says "change the 0x51 to 0x59 at offset 27761". Not because I want to do that rather than using the patch, but because I want to know that I could.
The content was apparently there. Would it be possible to play it by opening it (e.g. with a level editor or something), without having to modify anything? In that case, I think it probably should be considered for the ratings.
They should work out some big public compromise. Something like Rockstar publicly apologies to anyone who bought the game under the misapprehension it was only rated 17 and up, perhaps offer refunds, and ESRB says that they're allowing it this once because of the apology and there will be severe repercussions if Rockstar do this again.
I think see if it's leaked through official channels, that's normally the test. If the cheat codes appear in some kind of official statement from the game maker they were meant to be used, if not they weren't. (Do they really expect people to keep trying random words until they find them? I'm betting not)
Those are very different actions. Turning something off is one thing - removing it entirely is another.
Why? The effects are the same. You have to download and install a patch to re-enable it - at that point, it's no easier than downloading and installing a patch that included its own sexual content.
No, I pulled it from my history textbook. It was a sort of offhand thing (the whole Spanish civil war coverage was only a couple of pages) but I assumed it would be accurate. Obviously not.
I can import them personally I think, but if you try and do that large scale it's called parallel importing and against the law. Amazon's divisions in poorer countries (china and india iirc) were recently sued for letting european customers buy the (cheaper) goods from there. I think it's wrong that doing that is illegal but outsourcing the labour over there isn't. Yes I'm British, we believe in socialism because we've seen the effects, e.g. we've lived with and without a national health service, and know which we prefer. Personally I'm very much a commie, but even the purest of capitalists must see that laws against parallel importing are a distortion of the market.
No, England doesn't have national ids. There's a bill currently under discussion in parliament which would introduce them. I agree they wouldn't provide us with anything, but from a conspiracy point of view these attacks are a convenient thing for the UK government to point to and say "there, that's why we need ID cards"
So what? I can use the Compressor VBR MPEG-2 CODEC to compress a 4.5GB DVD to 1GB, and it looks fine. (well, good enough for most people, as good as most DivX I've seen.) Difference is that it is a standard format, and I can burn it to DVD without any hassles or re-conversion.
Then maybe divx gets them down smaller than that. I'm pretty sensitive to artifacts in video/images, always notice the cue marks or blockiness in jpegs, and that 1gb looks flawless. I have a 700mb divx of another dvd that's fine. I have a divx+wma music video that's smaller than my mp3 of the same song. I do think it's about the bandwidth, using the codec with the best compression ratio that still looks acceptable to the person encoding (which will of course depend on the individual). Most of the time, divx comes out on top.
If you're ripping from the output device you won't be getting a perfect copy. At that point it's not really any better than a camcorder in the cinema job, which they can obtain sooner.
As a stopgap perhaps, but you really need to get out of that situation as quickly as possible. A firewall is not a long-term solution in that situation.
True, but that has to be weighed against the inconvenience a firewall causes to people trying to actually use the network.
So is getting round a firewall. Of course I don't just trust the tools on the box, I'll nmap it from another one to check there's nothing extra listening. But it's not that hard to have your rootkit periodically connect outwardly, to a server listening on port 80, and even to send traffic that looks like http. If the rootkit's sophisticated enough that I can't detect it without a dedicated firewall, a firewall is unlikely to do any good.
But the port is already closed, so the firewall's just a waste of processing power and/or money, and time and money in terms of setting it up and making rules for new services you add. I suppose defense in depth, but to me they're more of a pain than they're worth.
If you have a good security model, the only processes listening will be the ones that need to be accessible. At that point, what good would a firewall do?
But the point is, if you don't have any listening processes you don't need, then there's no need for a firewall. I do netstat -lnp to find out what's listening on my machine, and all there is is apache, giftd, xinetd just on the ident port, and a few other things, all of which are there because I use them and set them up to be listening. So a firewall would do me no good at all - I'd just have to knock holes in it for those ports, and at that point it's doing nothing different from what I already have. And if you have processes running and listening on ports that you don't want or need, why are you running them?
Yes, but the more effort we put into putting people on space stations and other planets, the sooner that stops being the case.
This is more like the NYT including an x-rated picture in between two stuck-together pages. The content was all there on the discs, it requires patching to access it but it's part of the game.
Frankly I don't care much about the sex. But I do care about the ratings being honest. I want the label to say what's actually in the game. The fact that they basically lied to the ESRB over this is what's wrong, not that they included this content.
The problem is that the ESRB guidelines say it should be AO-18. I don't care about what you think of those guidelines, but the fact is that it says MA-17 games will not have [prolonged] graphic sexual content, so they should not have [prolonged] graphic sexual content.
The code is in there on the shipped discs. It's available, the modder says they only had to change a single bit.
There's noone with the authority to fine then. The only weapon the ESRB has is to refuse to rate their games and let them use their labels. But if Rockstar can get stores to sell their game anyway (and with a game as big as GTA they probably can) then ESRB will only undermine themselves by doing that. Maybe the ESRB could make them pay out a bit to customers in return for continuing to rate their games.
If you read the post above, the guy who wrote the mod says it's changing a single bit in the main file, the models are all there (Interestingly the voice acting is there too. Which means the company is in on it, the voice actors said those things, the studio people recorded them, etc). Which makes this qualitatively different from my nude UT skins.
I'll believe him when he says "change the 0x51 to 0x59 at offset 27761". Not because I want to do that rather than using the patch, but because I want to know that I could.
The content was apparently there. Would it be possible to play it by opening it (e.g. with a level editor or something), without having to modify anything? In that case, I think it probably should be considered for the ratings.
They should work out some big public compromise. Something like Rockstar publicly apologies to anyone who bought the game under the misapprehension it was only rated 17 and up, perhaps offer refunds, and ESRB says that they're allowing it this once because of the apology and there will be severe repercussions if Rockstar do this again.
I think see if it's leaked through official channels, that's normally the test. If the cheat codes appear in some kind of official statement from the game maker they were meant to be used, if not they weren't. (Do they really expect people to keep trying random words until they find them? I'm betting not)
Why? The effects are the same. You have to download and install a patch to re-enable it - at that point, it's no easier than downloading and installing a patch that included its own sexual content.
It really matters from the point of view of survival of the race. Don't you want humanity to continue after you die?
Will people believe them?
No, I pulled it from my history textbook. It was a sort of offhand thing (the whole Spanish civil war coverage was only a couple of pages) but I assumed it would be accurate. Obviously not.
I can import them personally I think, but if you try and do that large scale it's called parallel importing and against the law. Amazon's divisions in poorer countries (china and india iirc) were recently sued for letting european customers buy the (cheaper) goods from there. I think it's wrong that doing that is illegal but outsourcing the labour over there isn't. Yes I'm British, we believe in socialism because we've seen the effects, e.g. we've lived with and without a national health service, and know which we prefer. Personally I'm very much a commie, but even the purest of capitalists must see that laws against parallel importing are a distortion of the market.
No, England doesn't have national ids. There's a bill currently under discussion in parliament which would introduce them. I agree they wouldn't provide us with anything, but from a conspiracy point of view these attacks are a convenient thing for the UK government to point to and say "there, that's why we need ID cards"
Then maybe divx gets them down smaller than that. I'm pretty sensitive to artifacts in video/images, always notice the cue marks or blockiness in jpegs, and that 1gb looks flawless. I have a 700mb divx of another dvd that's fine. I have a divx+wma music video that's smaller than my mp3 of the same song. I do think it's about the bandwidth, using the codec with the best compression ratio that still looks acceptable to the person encoding (which will of course depend on the individual). Most of the time, divx comes out on top.
If you're ripping from the output device you won't be getting a perfect copy. At that point it's not really any better than a camcorder in the cinema job, which they can obtain sooner.