Everytime a base-2 vs. base-10 debate takes place, I like to demonstrate that, contrary to common belief, even in the computer industry, power-of-10 prefixes (as
used by hard disk manufacturers) are more commonly used than power-of-2
prefixes. As seen in the list below, power-of-10 prefixes apply to things
varying from bytes to bits to Hz to FLOPS to baud. They also apply to many areas
(not "only bitrates", as some claim): storage capacity, clock frequency, stream
bandwidth, baud, pixel numbers, data throughput, processing power, etc.
A 4.7 GB single-layer DVD is 4.7 * 10^9 byte (power of 10)
A 50 GB dual-layer Blu-ray Disc is 50 * 10^9 byte (power of 10)
A 2.5 GHz processor is 2.5 * 10^9 Hz (power of 10)
A PC3200 (as in 3200 MByte/s) memory stick is 3200 * 10^6 byte/s (power of 10)
A 25.6 GFLOPS CPU core is 25.6 * 10^9 FLOPS (power of 10)
A 128 kbit/s audio stream is 128 * 10^3 bit/s (power of 10)
An 8 kbaud V.92 modem is 8 * 10^3 baud (power of 10)
A 6 Mpixel digital camera is 6 * 10^6 pixel (power of 10)
A 4000 MB/s HyperTransport link is 4000 * 10^6 byte/s (power of 10)
A 480 Mbit/s USB2 link is 480 * 10^6 bit/s (power of 10)
A 2.5 Gbit/s PCI-E lane (after 8b/10b encoding) is 2.5 * 10^9 bit/s (power of 10)
A 250 MB/s PCI-E lane (before 8b/10b encoding) is 250 * 10^6 byte/s (power of 10)
A 1 Gbit/s ethernet card is 1 * 10^9 bit/s (power of 10)
A 54 Mbit/s 802.11g network is 54 * 10^6 bit/s (power of 10)
A 3.0 Gbit/s SATA link (after 8b/10b encoding) is 3.0 * 10^9 bit/s (power of 10)
A 300 MB/s SATA link (before 8b/10b encoding) is 300 * 10^6 byte/s (power of 10)
A 6 Mbit/s DSL line is 6 * 10^6 bit/s (power of 10)
A 2 GByte USB flash drive is 2 * 10^9 byte/s (power of 10)
Curiosity: a 1.44 MByte floppy disk is 1.44 * 1000 * 1024 byte (mix of power of 10 and 2)
And of course, a 750 GByte hard disk drive is 750 * 10^9 byte (power of 10)
People have this misconception that binary prefixes "are more common" and
"should be the norm", but the only few places where they are used are to refer
to RAM capacities and file sizes. I am surprised Creative's lawyers weren't
able to explain this.
The "5 Gbps" bottleneck mentioned by the grand parent is due to 10GbE NICs often being installed on a relatively slow 100MHz PCI-X bus, whose practical bandwidth is only: 100 (MT/s) * 64 (bits) * 0.8 (efficiency of a PCI bus) ~= 5.1 Gbps. Fully exploiting the throughput of 10GbE requires at minimum a (1) PCI-X 2.0 266MHz+, or (2) x8 PCI Express 1.0, or (3) x4 PCI Express 2.0 NIC.
This event highlights one of the major flaw of biometrics. This official
had his fingerprint copied. There is nothing he can do.
He can't change it. He can't prevent people from using it. No fingerprint
reader will ever be able to determine with 100% certainty whether a particular
fingerprint is real or fake. Bottom line: when one of your biometric traits gets stolen, you get screwed.
For life.
I hope this convinces governments that using biometrics for anything is
a bad idea (other than perhaps criminal investigations, although what
if this german official's fingerprint was found on a murder scene ?).
Safari hasn't been hacked first because it was easier. Any security researcher knows that:
Mac, Windows, Ubuntu. Whatever. Vulnerabilities have been found in all 3 in the past and will continue to be found. All 3 can be 0wned.
The config of these 3 machines and the list of installed apps was published a couple weeks ago. People had time to research and prepare exploits in advance. This is what Charlie Miller did.
Someone in possession of a Windows exploit would know its value is worth more than the prize of $10k offered in this contest. Some big companies or govt agencies would offer at least $50k+.
However due to the smaller market share of Mac and Ubuntu, the street price of a vuln for these platforms is probably comparable or lower than the $10k contest prize.
Therefore the prize was worth it and Mac or Ubuntu was bound to be the first platform 0wned in this contest.
Charlie Miller chose to attack Mac instead of Ubuntu for no specific reason: randomly, or had a preference for Mac/Safari, or wanted a Mac Book Air, or found first interesting results on the Mac while fuzzing both...
He is likely capable of 0wning the 2 of them anyway.
Although I find the contest fun, it adds some entertainment value to CanSecWest, nothing can be concluded from it. New 0-day in Safari ? Wow big news. Film at eleven.
I keep hearing contradictory claims about the platforms supported or not
supported by Flash Player or Flash Lite... Adobe's website is uninformative.
Even their wikipedia articles are imprecise. AFAIK:
Flash Player,
which is the regular browser plugin, is currently (version 9) only available
for the i386 architecture (
this flash developer
claims the JIT compiler in the Flash VM is delaying the port to x86-64).
Older versions (7 or earlier ?) used to be available for the PPC arch
for Mac OS, but PPC support was dropped approximately when Adobe acquired Macromedia.
Flash Lite is a lightweight
version of Flash Player that runs as a standalone app (as opposed to a browser
plugin) and is available on various smartphone platforms: ARM, MIPS (I
think ?). It is very unclear what features are supported by Flash Lite exactly
(video ? action script 3 ?).
I watch the skating dog video, and the 3 ones you linked to. Is it me or am I the only one to not notice a single difference between the normal-quality and the supposedly high-quality version (&fmt=6) of these videos ? Seriously I wonder... Do you need a special version of the Flash plugin or something ?
In reality, the "free" stuff is not really all that competitive with products that are expensive. [...] There are some exceptions, of course, like apache, and linux is obviously successful in the server market.
All you see is the desktop, but the desktop is the exception. You mentioned Linux being competitive on the server market, yes, and what about Linux on appliances: wireless access points, NAS, network printers, network cameras, mobile phones, etc ? Linux devices probably outnumber Windows devices by far.
The OLPC foundation is going to produce millions of laptops running 100% open source software.
Google built their infrastructure on open source software, just like my of their competitors.
What about Firefox, (Open)Solaris, Perl, Python, PHP, MySQL, PostgreSQL, BIND, Sendmail, Postfix. All of these are open-source.
And Java (now open source), which runs on 1+ billion mobile phones ?
"The free stuff is not really all that competitive" What planet are you living on ?!
One potential future advantage of AMD's technology
on
Is AMD Dead Yet?
·
· Score: 3, Interesting
In terms of manufacturing technology, Intel and AMD are indeed taking different roads. One of the biggest advantage that AMD has yet to realize with their technology (SOI) is to implement Z-RAM for their processor caches. Z-RAM is a type of memory so dense it requires only 1 transistor per bit instead of 6 transistors for traditional SRAM, potentially allowing AMD to have caches about 6 times the size of Intel's caches on the same die area. Of course nobody knows yet for sure if/when Z-RAM will turn out to be doable. But if it is, Intel would have to way to implement the technology without massively reconverting their fabs to the SOI process.
Prediction made 2 months bef. the Opteron release
on
Is AMD Dead Yet?
·
· Score: 5, Informative
It is interesting to note that this article is dated February 17, 2003. In other words IBM made this prediction literally 2 months before AMD introduced their first 64-bit processors, the Opteron, in April 2003. Little did they know the impact the AMD64 architecture would have on the industry (Intel cloned the architecture) and on AMD itself (it helped them stay afloat for the past 5 years).
You are spot on. Mainframes exist simply because throwing money and engineering efforts at the hardware/OS level is cheaper than rewriting the massive amount of legacy applications that have been built on them for the past 3 decades.
At the opposite side, distributed fault-tolerant clusters built on commodity components can arguably achieve the same levels of reliability, at the cost of more engineering complexity at the application level. Overall, I would say clusters are probably more flexibile, if only for the vendor-inpedendance they provide.
I think you are right. After I read the full paper, I now think it might be possible to use this attack against loop-AES with KEYSCRUB=y. The reason I am unsure is because loop-AES appears to XOR the sensitive key with 0xfffffff... instead of random data as I thought (which raises the complexity of the attack somewhat).
This is yet another attack that the developer of
loop-AES
thought about while typically every other disk encryption tool
out there is vulnerable. Loop-AES is the 3rd most popular disk
encryption tool in Linux. See the KEYSCRUB=y option in its
README file:
If you want to enable AES encryption key scrubbing, specify KEYSCRUB=y on
make command line. Loop encryption key scrubbing moves and inverts key bits
in kernel RAM so that the thin oxide which forms the storage capacitor
dielectric of DRAM cells is not permitted to develop detectable property.
For more info, see
Peter Gutmann's paper.
I have used loop-AES as a full disk encryption tool on my laptop for 2+ years.
I am glad I took the time to carefully research which tool would the most
secure before deploying it ! For example even TrueCrypt and dm-crypt are
vulnerable to other (arguably minor) security issues that loop-AES is
impervious to: http://article.gmane.org/gmane.linux.cryptography/2321
Surprisingly, the research paper TFA talks about doesn't even directly
mention loop-AES (its name only happens to be in the title of a webpage
in the reference section describing a safe suspend/resume setup when
using disk encryption).
There's reason to want your encryption done in hardware (less CPU load for example).
Just to put things in perspective for this specific case, full-speed encryption of the I/O traffic of a 2.5" drive would be pretty cheap with today's processors. I happen to have a dev tree of OpenSSL 0.9.9 on my system, and its AES-128 implementation runs at 160 MByte/s (in 64-bit mode) on my dual-core 2.4 GHz Athlon 64. A typical 2.5" drive like the one cracked by Heise has a sequential I/O transfer rate of 50 Mbyte/s. Therefore encrypting at this rate would only require 16% of my CPU time (31% of a core). Or about 7-9% of CPU time of a $270 quad-core 2.4 GHz Intel Core2 Q6600.
Personally I can resolve the wikileaks.org hostname from time to time only.
Their website is still accessible from my network location (SoCal):
http://88.80.13.160/wiki/Wikileaks
$ dig wikileaks.org ;; ANSWER SECTION:
wikileaks.org. 864 IN A 88.80.13.160
wikileaks.org. 864 IN A 87.106.162.82 ;; AUTHORITY SECTION:
wikileaks.org. 198841 IN NS ns3.everydns.net.
wikileaks.org. 198841 IN NS ns2.everydns.net.
wikileaks.org. 198841 IN NS ns4.everydns.net. ;; ADDITIONAL SECTION:
ns2.everydns.net. 101251 IN A 204.152.184.150
ns3.everydns.net. 12596 IN A 208.96.6.134
ns4.everydns.net. 601 IN A 64.158.219.3
(The quadword instructions have 6 cycle latencies.)
If, by quadword instruction, you mean an instruction that operate
on 128-bit registers, this is incorrect.
First of all, 95% of the SPU instructions operate on 128-bit registers.
More than half of them have a latency of only 2 or 4 cycles. And the
vast majority of them have a throughput of 1 per cycle (ie. 0-cycle stall).
The only instructions with a 6-cycle stall are double-precision instructions
and 'fscrrd' (floating-point status control register read). See table B-1
in the Cell Broadband Engine Programming Handbook:
http://www.ibm.com/chips/techlib/techlib.nsf/techdocs/9F820A5FFA3ECE8C8725716A0062585F?Open&S_TACT=105AGX16&S_CMP=LP
This means for example that you can execute 1 'fm' per cycle (4-way
SIMD single-precision floating-point multiply), or 1 'and' per cycle
(4-way SIMD word add).
They are cheap, you could even buy 2 of them if the 1st one is damaged or gets stolen. The OLPC XO-1 laptop + a USB DVD burner really looks like a perfect solution for the OP's needs. FYI there are 3 USB 2.0 ports on the XO-1.
Actually the "network/audio QoS" bug you talk about is not fixed in SP1. More tech details:
As explained in your link to Ed Blott's blog, although SP1
fixes lots of things, it still doesn't fix the MMCSS-related
network throughput drop that was highly publicized 6 months ago
("slow network transfers when running Media Player").
Mark Russinovich, the MS developer who gave a very detailled
explanation of the bug in his blog, never published a follow up
to this bug, as he said he would when it will be fixed. The
unanswered comments in his blog also confirm the issue is
unfixed in SP1 [1].
In fact, the list of notable changes in Vista SP1 [2] mentions
that the only thing they did appears to be a hack to manually
hardcode the throttling behavior:
"""
In SP1, PC administrators are able to modify the network
throttling index value for the MMCSS (Multimedia Class
Scheduling Service), allowing them to determine the appropriate
balance between network performance and audio/video playback
quality.
"""
Since Russinovich said the underlying problem is a high CPU
usage caused by the DPC calls made by the network driver to
receive the network packets, my guess is that they have to work
around all those crappy Windows network drivers that don't
implement standard interrupt mitigation techniques (like NAPI
under Linux).
Meh. Just one more example of why closed proprietary drivers
suck:)
If I were you, I would first recognize that no matter how careful you are, there will always be a chance of someone (the govt, your web host) with the authority to take down the physical server hosting your website. So I would physically host the site in at least 3 different countries. Use DNS to spread the load on the different locations (all are active at any point in time). If one of them get taken down, update the DNS accordingly to redirect traffic to the other locations, and start setting up one more server in another country (have the technical procedure clearly described and easy to follow so multiple people you trust can follow it). Of course you need to have the user content posted to any location automatically replicated to the others. (Notice how this sounds much like NNTP).
If someone succeeds into getting administrative access to your DNS records, register a new domain name and get the word out to communicate it (IRC channel where you guys usually hang out, a post to some other forum, etc). Or just communicate the IP addresses prominently.
Good luck to someone trying to take down something hosted as described above;-) Choose the right 3 countries and, because of red tape, no governments will ever be able to successfully cooperate to take down the 3 physical servers at the same time.
10 years ago, I used to do the same thing on Tomb Raider 1 savegame files, to get more ammunitions for various weapons. I was such a noob at the time that when I discovered the number were stored in little-endian, I thought it was some kind of obfuscation the developers came up with to confuse people trying to hex edit the files.
Of course they do. Sun CEO Jonathan Schwartz encourages Apple to use ZFS (direct from his blog):
"As an example, Apple is including ZFS is in their upcoming "Leopard" OS X release. This is happening without any payment to Sun (that's how truly free software works). Under the license, we've waived all rights to sue them for any of the patents or copyright associated with ZFS. We've let Apple know we will use our patent portfolio to protect them and the Mac ZFS community from Net App. With or without a commercial relationship to Sun."
Slashdot Mirror
Everytime a base-2 vs. base-10 debate takes place, I like to demonstrate that, contrary to common belief, even in the computer industry, power-of-10 prefixes (as used by hard disk manufacturers) are more commonly used than power-of-2 prefixes. As seen in the list below, power-of-10 prefixes apply to things varying from bytes to bits to Hz to FLOPS to baud. They also apply to many areas (not "only bitrates", as some claim): storage capacity, clock frequency, stream bandwidth, baud, pixel numbers, data throughput, processing power, etc.
People have this misconception that binary prefixes "are more common" and "should be the norm", but the only few places where they are used are to refer to RAM capacities and file sizes. I am surprised Creative's lawyers weren't able to explain this.
The parent is correct. Here is one example of a 10GbE card transmitting at wire speed (9.7 - 9.9 Gbps): http://www.myri.com/scs/performance/Myri10GE/
The "5 Gbps" bottleneck mentioned by the grand parent is due to 10GbE NICs often being installed on a relatively slow 100MHz PCI-X bus, whose practical bandwidth is only: 100 (MT/s) * 64 (bits) * 0.8 (efficiency of a PCI bus) ~= 5.1 Gbps. Fully exploiting the throughput of 10GbE requires at minimum a (1) PCI-X 2.0 266MHz+, or (2) x8 PCI Express 1.0, or (3) x4 PCI Express 2.0 NIC.
This event highlights one of the major flaw of biometrics. This official had his fingerprint copied. There is nothing he can do. He can't change it. He can't prevent people from using it. No fingerprint reader will ever be able to determine with 100% certainty whether a particular fingerprint is real or fake. Bottom line: when one of your biometric traits gets stolen, you get screwed. For life.
I hope this convinces governments that using biometrics for anything is a bad idea (other than perhaps criminal investigations, although what if this german official's fingerprint was found on a murder scene ?).
-
Mac, Windows, Ubuntu. Whatever. Vulnerabilities have been found in all 3 in the past and will continue to be found. All 3 can be 0wned.
-
The config of these 3 machines and the list of installed apps was published a couple weeks ago. People had time to research and prepare exploits in advance. This is what Charlie Miller did.
-
Someone in possession of a Windows exploit would know its value is worth more than the prize of $10k offered in this contest. Some big companies or govt agencies would offer at least $50k+.
-
However due to the smaller market share of Mac and Ubuntu, the street price of a vuln for these platforms is probably comparable or lower than the $10k contest prize.
-
Therefore the prize was worth it and Mac or Ubuntu was bound to be the first platform 0wned in this contest.
-
Charlie Miller chose to attack Mac instead of Ubuntu for no specific reason: randomly, or had a preference for Mac/Safari, or wanted a Mac Book Air, or found first interesting results on the Mac while fuzzing both...
He is likely capable of 0wning the 2 of them anyway.
Although I find the contest fun, it adds some entertainment value to CanSecWest, nothing can be concluded from it. New 0-day in Safari ? Wow big news. Film at eleven.I keep hearing contradictory claims about the platforms supported or not supported by Flash Player or Flash Lite... Adobe's website is uninformative. Even their wikipedia articles are imprecise. AFAIK:
Could someone knowledgeable clarify ?
I have better: as a geek, I assigned myself this UUID: e455ce96-4457-4612-bb1e-bea339028446
I watch the skating dog video, and the 3 ones you linked to. Is it me or am I the only one to not notice a single difference between the normal-quality and the supposedly high-quality version (&fmt=6) of these videos ? Seriously I wonder... Do you need a special version of the Flash plugin or something ?
All you see is the desktop, but the desktop is the exception. You mentioned Linux being competitive on the server market, yes, and what about Linux on appliances: wireless access points, NAS, network printers, network cameras, mobile phones, etc ? Linux devices probably outnumber Windows devices by far. The OLPC foundation is going to produce millions of laptops running 100% open source software. Google built their infrastructure on open source software, just like my of their competitors. What about Firefox, (Open)Solaris, Perl, Python, PHP, MySQL, PostgreSQL, BIND, Sendmail, Postfix. All of these are open-source. And Java (now open source), which runs on 1+ billion mobile phones ?
"The free stuff is not really all that competitive" What planet are you living on ?!
In terms of manufacturing technology, Intel and AMD are indeed taking different roads. One of the biggest advantage that AMD has yet to realize with their technology (SOI) is to implement Z-RAM for their processor caches. Z-RAM is a type of memory so dense it requires only 1 transistor per bit instead of 6 transistors for traditional SRAM, potentially allowing AMD to have caches about 6 times the size of Intel's caches on the same die area. Of course nobody knows yet for sure if/when Z-RAM will turn out to be doable. But if it is, Intel would have to way to implement the technology without massively reconverting their fabs to the SOI process.
It is interesting to note that this article is dated February 17, 2003. In other words IBM made this prediction literally 2 months before AMD introduced their first 64-bit processors, the Opteron, in April 2003. Little did they know the impact the AMD64 architecture would have on the industry (Intel cloned the architecture) and on AMD itself (it helped them stay afloat for the past 5 years).
You are spot on. Mainframes exist simply because throwing money and engineering efforts at the hardware/OS level is cheaper than rewriting the massive amount of legacy applications that have been built on them for the past 3 decades.
At the opposite side, distributed fault-tolerant clusters built on commodity components can arguably achieve the same levels of reliability, at the cost of more engineering complexity at the application level. Overall, I would say clusters are probably more flexibile, if only for the vendor-inpedendance they provide.
I think you are right. After I read the full paper, I now think it might be possible to use this attack against loop-AES with KEYSCRUB=y. The reason I am unsure is because loop-AES appears to XOR the sensitive key with 0xfffffff... instead of random data as I thought (which raises the complexity of the attack somewhat).
This is yet another attack that the developer of loop-AES thought about while typically every other disk encryption tool out there is vulnerable. Loop-AES is the 3rd most popular disk encryption tool in Linux. See the KEYSCRUB=y option in its README file:
I have used loop-AES as a full disk encryption tool on my laptop for 2+ years. I am glad I took the time to carefully research which tool would the most secure before deploying it ! For example even TrueCrypt and dm-crypt are vulnerable to other (arguably minor) security issues that loop-AES is impervious to: http://article.gmane.org/gmane.linux.cryptography/2321
Surprisingly, the research paper TFA talks about doesn't even directly mention loop-AES (its name only happens to be in the title of a webpage in the reference section describing a safe suspend/resume setup when using disk encryption).
Just to put things in perspective for this specific case, full-speed encryption of the I/O traffic of a 2.5" drive would be pretty cheap with today's processors. I happen to have a dev tree of OpenSSL 0.9.9 on my system, and its AES-128 implementation runs at 160 MByte/s (in 64-bit mode) on my dual-core 2.4 GHz Athlon 64. A typical 2.5" drive like the one cracked by Heise has a sequential I/O transfer rate of 50 Mbyte/s. Therefore encrypting at this rate would only require 16% of my CPU time (31% of a core). Or about 7-9% of CPU time of a $270 quad-core 2.4 GHz Intel Core2 Q6600.
Personally I can resolve the wikileaks.org hostname from time to time only. Their website is still accessible from my network location (SoCal): http://88.80.13.160/wiki/Wikileaks
$ dig wikileaks.orgwikileaks.org. 864 IN A 88.80.13.160
wikileaks.org. 864 IN A 87.106.162.82
wikileaks.org. 198841 IN NS ns3.everydns.net.
wikileaks.org. 198841 IN NS ns2.everydns.net.
wikileaks.org. 198841 IN NS ns4.everydns.net.
ns2.everydns.net. 101251 IN A 204.152.184.150
ns3.everydns.net. 12596 IN A 208.96.6.134
ns4.everydns.net. 601 IN A 64.158.219.3
(special message dedicated to whoever wrote the slashdot lameness filter: foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar foobar)
If, by quadword instruction, you mean an instruction that operate on 128-bit registers, this is incorrect.
First of all, 95% of the SPU instructions operate on 128-bit registers. More than half of them have a latency of only 2 or 4 cycles. And the vast majority of them have a throughput of 1 per cycle (ie. 0-cycle stall). The only instructions with a 6-cycle stall are double-precision instructions and 'fscrrd' (floating-point status control register read). See table B-1 in the Cell Broadband Engine Programming Handbook: http://www.ibm.com/chips/techlib/techlib.nsf/techdocs/9F820A5FFA3ECE8C8725716A0062585F?Open&S_TACT=105AGX16&S_CMP=LP
This means for example that you can execute 1 'fm' per cycle (4-way SIMD single-precision floating-point multiply), or 1 'and' per cycle (4-way SIMD word add).
Three words: USB DVD burner.
They are cheap, you could even buy 2 of them if the 1st one is damaged or gets stolen. The OLPC XO-1 laptop + a USB DVD burner really looks like a perfect solution for the OP's needs. FYI there are 3 USB 2.0 ports on the XO-1.
Actually the "network/audio QoS" bug you talk about is not fixed in SP1. More tech details:
Here is what they call the "mountain of sodium". This is a frame of the video, 6 min 12 sec in: http://download.yousendit.com/5B82D57A7547637B
If I were you, I would first recognize that no matter how careful you are, there will always be a chance of someone (the govt, your web host) with the authority to take down the physical server hosting your website. So I would physically host the site in at least 3 different countries. Use DNS to spread the load on the different locations (all are active at any point in time). If one of them get taken down, update the DNS accordingly to redirect traffic to the other locations, and start setting up one more server in another country (have the technical procedure clearly described and easy to follow so multiple people you trust can follow it). Of course you need to have the user content posted to any location automatically replicated to the others. (Notice how this sounds much like NNTP).
If someone succeeds into getting administrative access to your DNS records, register a new domain name and get the word out to communicate it (IRC channel where you guys usually hang out, a post to some other forum, etc). Or just communicate the IP addresses prominently.
Good luck to someone trying to take down something hosted as described above ;-) Choose the right 3 countries and, because of red tape, no governments will ever be able to successfully cooperate to take down the 3 physical servers at the same time.
I hope your children will have a different opinion. They will understand it is important to preserve the planet for their own children.
10 years ago, I used to do the same thing on Tomb Raider 1 savegame files, to get more ammunitions for various weapons. I was such a noob at the time that when I discovered the number were stored in little-endian, I thought it was some kind of obfuscation the developers came up with to confuse people trying to hex edit the files.
I believe the original was:
BS - BullShit
MS - More of the Same
PhD - Piled Higher and Deeper...
Planet-of-the-Apes-in-a-Matrix-world movie plot. Anyone ?