While Java/.NET and other modern languages are not without security flaws, I don't see how any of their past vulnerabilities can compare to using a language where every single string operation is a chance for a lack of diligence to open an attack vector. I'm not trying to start some kind of holy war here, but it just seems like most of the time we see one of these flaws it comes down to the language providing insecure ways of handling string operations. No doubt it has libraries that allow for safe manipulation, but it requires constant vigilance by the developers to prevent security holes. Developers should be concentrating on the more sophisticated attacks that are possible against these engines, not worrying about how safely they are handling their strings.
What modern language would have been open to this attack vector. Browsers are important. They should not be written in c/c++, whatever the performance gains. Lets just not do it anymore.
This needs to become about Strong Authentication, not strong passwords.
Changing a password often just frustrates users and doesn't help against base level attacks like keylogging. And if your password only changes every month or two then its still valid for quite a while if it is discovered.
We should instead be using multple password factors for all secure scenarios. Something you know AND something you have (some sort of One Time Password, certificate, or biometric factor). This is less frustrating for the user than having to change their password all the time, and it defeats keyloggers, phishing, etc. Soon the web will have to wake up to this. If some of the big players would start to play ball, and say, support the yubikey token at least, then we might start to get the ball rolling.
At least since the identity field is consolidating a bit with infocard and openid, we'll be in a position where all you need is an identity provider that can support multi factor auth.
hmmm... yeah, I suspected there would be some spec for this, but I hadn't checked into it. Thanks for the info.
Yeah, I could see why there might be rollout and adoption problems though.
Mostly I was just lamenting some of the inadequecies of the internet. Especially ones that seem hard to combat without further bootstrapping by governence bodies.
So much would be solved if we just had a trusted registry, to say, associate a certificate with a domain name, or an ip with a domain name, in a way that would be VERY HARD to spoof. I guess its a failure of DNS (big surprise). Now, if we just had some domain resolution servers that we could trust the identity and data of, then we could at least push the trust problem back further. The internet needs to be simple for consumers to use it properly (i.e. not neglect the s off the http when logging into their email or banking site). So could we simplify and just worry about the problem of how www.amazon.com resolves to some IP address and some public cert? If we have a trusted registry we don't need to worry about these trust chains any more, and it would solve a lot of the problems we have with DNS too, no?
I'm repeating myself, but I cant find a copy of this anywhere in a 20 mile radius of here. If anyone sees one near bridgewater, nj, could you give me a holler? PS3s I see a few of, this movie on BD nuh-uh. Shelves full of BD and HD-DVD titles (Blu-Ray shelves looking like people have actually been buying things off of them), but an empty space where this should be.
Um... Casino Royale is also available on standard def for which everyone and their mother has a player. So for it to see these kinds of numbers its a pretty telling indication of blu-ray penetration so far regardless of the particular title.
Oh and on the note of this being numbers shipped. Its anecdotal, but I've been trying to pick up a copy of this on blu-ray for several days now, and I havent been able to find it in stock anywhere in a 20 mile radius. I've tried best buy, circuit city, borders, all of the usual BD targets.
There are millions of people that have adopted the 360 before the ps3 came to market. Most all of them have a vested interest in seeing the ps3 fail. Does Sony believe this has contributed to the negative press the console has received and if so, what do they plan to do to combat it?
with a pc you have an os contending for you cpu cycles, burning up precious cycles whether it has anything to do at all, killing performance of your game. I don't know the details but I suspect ps3 may bot actually have os loaded while you play. or the game may need to specifically yeild to os functions. don't belive that consoles are direct analogs of pcs just because ms has belabored xb360 with a mini os.
From what I've been reading Sony is instead probably going to transition all PS3 consoles to using the Software based BC. I suspect that other than this being a cost saving measure there are probably 2 other reasons.
1. Sony thought that the hardware BC would be a big selling point of the system, but people have instead still been whining that not every single title is completely compatable (despite the fact that the percentage is probably the same as the percentage of ps1 titles that didnt work on the ps2 (low)). So instead of killing themselves price-wise to continue to support direct hardware compatability for ps2 titles they are opting to follow the same route as the 360, and with the promise of over 1000 titles compatable at the time of European launch, they seem as if they will hit 100% compatability well before XB360 (if they are shooting for 100%).
2. Sony may be planning on including additional features via the software emulation. One complaint about the current compatability is that the games output at 420p. It is unlikely that Sony can easily change this as it is probably mostly governed by the ps2 hardware sitting on the board, but if the emulation is instead done in software sony may have the ability to upscale or uprender (at 1080p?) the ps2, ps1 games. It may be that in a year all ps3s will be using software emulation for these extra features, or maybe that all the early adopters will want to trade in their ps3s for the new software emulated upscaled/anti-aliased BC machines. Who knows.
In any case I think it shows a marked lack in faith in Sony to assume that they are trying to shaft you BC-wise. I'm sure that, especially with the past emphasis on it, that they will want their BC to be at least as good as XB360's. And in the end? They are still supporting all those (matte) shiny ps2s you bought all those games for, instead of just EOLing them and dropping them off the bus, so thats something else they have for them over MS.
The PS3 hardware implemented BC has a compatability rate of about 95% and rising I've heard. The EU PS3s are going to have software implemented compatability and at launch over 1000 titles will be supported. This is in stark contrast to the 100 or so titles that were compatable at the 360 launch.
There is additional confusion in the air because someone with access to a prerelease PS3 released information about the number of titles that didnt work when tested with their hardware. This was a deliberate effort to cloud the issue further as sony has been very specific when discussing EU BC to note that the over 1000 titles will be BC only with a firmware upgrade available the same day as the launch.
Disinformation Abound.
umm... isnt the answer pretty simple? I dont believe Sony has "reserved" the use of any of the SPUs of the system for background tasks while you are in a game. I could be wrong though, if that is the case then those features are probably on the way. BTW, you can play music in the back of a slide show, since day 1 I think...
Blu-Ray supports 1080p.
Games CAN support 1080p, but wont necessarily if they would rather devote the GPU cycles to more complex geometry, shader algorithms. No matter how powerful the system, developers may always choose to implement games to output at 720 rather than 1080, simply because they want to prioritize certain graphical effects over sheer pixel density. Personally I would rather have a better looking 720p game than a worse looking 1080p game. Meanwhile for video? Better rez is always better, so give me 1080p please, and over hdmi, so no-one can yank the ability to play my content out from under me later with certain flags.
To my peer poster-> I think the xbox360 "outputs" all games to 720p, and then the internal scaler hardware scales the content to 1080 or down from, hence I dont believe there are any games that are natively "rendered" in 1080 on the box.
Do you think its important to battle the immense amount of negative press (rather unfairly, IMO) directed at your new console, or are you just chalking All-Things-Sony-Bashing up as the latest Internet Meme?
1) There was talk of PS3 supporting DLNA initiatives, has this fallen by the way-side?
2) With new software based Backwards Compatability for PS2/1 titles, will allow for upscaling the BC titles to HD resolution? Or perhaps just rendering the titles at a higher resolution natively. And if this is the case, will it be an option to select hardware or software emulation of PS2/1 titles for the currently available PS3 models with the Emotion Engine.
Piracy:
The act of doing anything that may harm the profit margins of any company that owes its livelihood to bloating the prices of the intellectual property it distrubutes and meddles with, including, but not limited to, refusing to buy the content.
This kind of excessive security only alienates customers. I don't feel like shopping there anymore. And the benefits that it gains them are probably mostly psychological. Its rather like the TSA and airport security. I would be willing to bet that behaviour like this loses them much more sales than thefts it prevents.
Actually I was offended in Best Buy the other day.
I went in there to buy a piece of software, found the empty box within 3 minutes. Waited 35 minutes for one of the roaming attendants to attend to me, and bumble around "in the back" for a while doing who the hell knows what. And then when I finally recieved the actual box. I wasn't allowed to take it to the register myself. Instead, it was held for me, and I had to ask about it once I got the end of the register line. I'm actually surprised they let me have it after I paid for it. I was half expecting them to call up American express and inquire as to whether my credit was good enough. Anyway... this is all remarkably similar to how DRM makes me feel, so I don't think the analogy is all that laughable.
I've only beaten three so far, I just got it last night, but this game is absolutely breathtaking. I gasped aloud when I jumped on the horse the first time and I wasn't controlling the horse but rather nudging it toward where I wanted to go. It was so much more like riding a real horse than standard video game horse control that it took me a moment to recover from the experience.
An interesting note is that this game must have some very interesting technical underpinnings. It does a lot of motion blur and level of detail changes to try and puch as complex geometry into the scenes as possible. I think when the motion blur is concerned they are pulling neat tricks like not clearing out the entire screen buffer and just redrawing some of the closer objects more often than the distance objects or something. You can see it most when you whip the camera around quickly.
The best part of this game for me though, other than the collosal (literally) enemies, the awesome draw distance, and the excellent concept and play mechanics, is the animation.
The animation is just drop dead excellent. Down to the point where your character has to adjust his gait from a running jump to catch his balance on landing. I wouldn't be at all surprised to learn if a lot of this was AI driven, where his animation is guided by the collisions he is making with the environment, gravity's direction (important when you are scaling a collosus), and the state of all his limbs at the time. In other words, when they were putting this all together, they didn't cut all the usual corners, and it REALLY shows.
Ever notice that when it comes to subjects like this the posted comments are all just preaching to the choir? (The high scoring ones at least) RIAA should take this to heart, if a large group of intelligent people who love to argue with each other unanimously decry the RIAA's strategy as being, on a whole, dumb, then shouldn't they rethink it?
Slashdot Mirror
While Java/.NET and other modern languages are not without security flaws, I don't see how any of their past vulnerabilities can compare to using a language where every single string operation is a chance for a lack of diligence to open an attack vector. I'm not trying to start some kind of holy war here, but it just seems like most of the time we see one of these flaws it comes down to the language providing insecure ways of handling string operations. No doubt it has libraries that allow for safe manipulation, but it requires constant vigilance by the developers to prevent security holes. Developers should be concentrating on the more sophisticated attacks that are possible against these engines, not worrying about how safely they are handling their strings.
What modern language would have been open to this attack vector. Browsers are important. They should not be written in c/c++, whatever the performance gains. Lets just not do it anymore.
This needs to become about Strong Authentication, not strong passwords. Changing a password often just frustrates users and doesn't help against base level attacks like keylogging. And if your password only changes every month or two then its still valid for quite a while if it is discovered. We should instead be using multple password factors for all secure scenarios. Something you know AND something you have (some sort of One Time Password, certificate, or biometric factor). This is less frustrating for the user than having to change their password all the time, and it defeats keyloggers, phishing, etc. Soon the web will have to wake up to this. If some of the big players would start to play ball, and say, support the yubikey token at least, then we might start to get the ball rolling. At least since the identity field is consolidating a bit with infocard and openid, we'll be in a position where all you need is an identity provider that can support multi factor auth.
hmmm... yeah, I suspected there would be some spec for this, but I hadn't checked into it. Thanks for the info.
Yeah, I could see why there might be rollout and adoption problems though.
Mostly I was just lamenting some of the inadequecies of the internet. Especially ones that seem hard to combat without further bootstrapping by governence bodies.
So much would be solved if we just had a trusted registry, to say, associate a certificate with a domain name, or an ip with a domain name, in a way that would be VERY HARD to spoof. I guess its a failure of DNS (big surprise). Now, if we just had some domain resolution servers that we could trust the identity and data of, then we could at least push the trust problem back further. The internet needs to be simple for consumers to use it properly (i.e. not neglect the s off the http when logging into their email or banking site). So could we simplify and just worry about the problem of how www.amazon.com resolves to some IP address and some public cert? If we have a trusted registry we don't need to worry about these trust chains any more, and it would solve a lot of the problems we have with DNS too, no?
not sure how this is OT? Anecdotal evidence sure, but a pretty valid response to "these things are sitting arounds in piles" I would think.
I'm repeating myself, but I cant find a copy of this anywhere in a 20 mile radius of here. If anyone sees one near bridgewater, nj, could you give me a holler? PS3s I see a few of, this movie on BD nuh-uh. Shelves full of BD and HD-DVD titles (Blu-Ray shelves looking like people have actually been buying things off of them), but an empty space where this should be.
Um... Casino Royale is also available on standard def for which everyone and their mother has a player. So for it to see these kinds of numbers its a pretty telling indication of blu-ray penetration so far regardless of the particular title.
Oh and on the note of this being numbers shipped. Its anecdotal, but I've been trying to pick up a copy of this on blu-ray for several days now, and I havent been able to find it in stock anywhere in a 20 mile radius. I've tried best buy, circuit city, borders, all of the usual BD targets.
would suggest that Sony believes more bang for buck with 720p over 1080i. Better fast motion, Some tvs have bad de-interlacers.
There are millions of people that have adopted the 360 before the ps3 came to market. Most all of them have a vested interest in seeing the ps3 fail. Does Sony believe this has contributed to the negative press the console has received and if so, what do they plan to do to combat it?
with a pc you have an os contending for you cpu cycles, burning up precious cycles whether it has anything to do at all, killing performance of your game. I don't know the details but I suspect ps3 may bot actually have os loaded while you play. or the game may need to specifically yeild to os functions. don't belive that consoles are direct analogs of pcs just because ms has belabored xb360 with a mini os.
From what I've been reading Sony is instead probably going to transition all PS3 consoles to using the Software based BC. I suspect that other than this being a cost saving measure there are probably 2 other reasons.
1. Sony thought that the hardware BC would be a big selling point of the system, but people have instead still been whining that not every single title is completely compatable (despite the fact that the percentage is probably the same as the percentage of ps1 titles that didnt work on the ps2 (low)). So instead of killing themselves price-wise to continue to support direct hardware compatability for ps2 titles they are opting to follow the same route as the 360, and with the promise of over 1000 titles compatable at the time of European launch, they seem as if they will hit 100% compatability well before XB360 (if they are shooting for 100%).
2. Sony may be planning on including additional features via the software emulation. One complaint about the current compatability is that the games output at 420p. It is unlikely that Sony can easily change this as it is probably mostly governed by the ps2 hardware sitting on the board, but if the emulation is instead done in software sony may have the ability to upscale or uprender (at 1080p?) the ps2, ps1 games. It may be that in a year all ps3s will be using software emulation for these extra features, or maybe that all the early adopters will want to trade in their ps3s for the new software emulated upscaled/anti-aliased BC machines. Who knows. In any case I think it shows a marked lack in faith in Sony to assume that they are trying to shaft you BC-wise. I'm sure that, especially with the past emphasis on it, that they will want their BC to be at least as good as XB360's. And in the end? They are still supporting all those (matte) shiny ps2s you bought all those games for, instead of just EOLing them and dropping them off the bus, so thats something else they have for them over MS.
I'd imagine this is a developer decision unless there is pressure coming from Sony.
The PS3 hardware implemented BC has a compatability rate of about 95% and rising I've heard. The EU PS3s are going to have software implemented compatability and at launch over 1000 titles will be supported. This is in stark contrast to the 100 or so titles that were compatable at the 360 launch. There is additional confusion in the air because someone with access to a prerelease PS3 released information about the number of titles that didnt work when tested with their hardware. This was a deliberate effort to cloud the issue further as sony has been very specific when discussing EU BC to note that the over 1000 titles will be BC only with a firmware upgrade available the same day as the launch. Disinformation Abound.
I would have to say that I dont appreciate that the XB360 has no opportunity for digital VIDEO output.
umm... isnt the answer pretty simple? I dont believe Sony has "reserved" the use of any of the SPUs of the system for background tasks while you are in a game. I could be wrong though, if that is the case then those features are probably on the way. BTW, you can play music in the back of a slide show, since day 1 I think...
Blu-Ray supports 1080p. Games CAN support 1080p, but wont necessarily if they would rather devote the GPU cycles to more complex geometry, shader algorithms. No matter how powerful the system, developers may always choose to implement games to output at 720 rather than 1080, simply because they want to prioritize certain graphical effects over sheer pixel density. Personally I would rather have a better looking 720p game than a worse looking 1080p game. Meanwhile for video? Better rez is always better, so give me 1080p please, and over hdmi, so no-one can yank the ability to play my content out from under me later with certain flags. To my peer poster-> I think the xbox360 "outputs" all games to 720p, and then the internal scaler hardware scales the content to 1080 or down from, hence I dont believe there are any games that are natively "rendered" in 1080 on the box.
Do you think its important to battle the immense amount of negative press (rather unfairly, IMO) directed at your new console, or are you just chalking All-Things-Sony-Bashing up as the latest Internet Meme?
1) There was talk of PS3 supporting DLNA initiatives, has this fallen by the way-side? 2) With new software based Backwards Compatability for PS2/1 titles, will allow for upscaling the BC titles to HD resolution? Or perhaps just rendering the titles at a higher resolution natively. And if this is the case, will it be an option to select hardware or software emulation of PS2/1 titles for the currently available PS3 models with the Emotion Engine.
A new entry for the redefinition dictionary:
Piracy:
The act of doing anything that may harm the profit margins of any company that owes its livelihood to bloating the prices of the intellectual property it distrubutes and meddles with, including, but not limited to, refusing to buy the content.
This kind of excessive security only alienates customers. I don't feel like shopping there anymore. And the benefits that it gains them are probably mostly psychological. Its rather like the TSA and airport security. I would be willing to bet that behaviour like this loses them much more sales than thefts it prevents.
Actually I was offended in Best Buy the other day.
I went in there to buy a piece of software, found the empty box within 3 minutes. Waited 35 minutes for one of the roaming attendants to attend to me, and bumble around "in the back" for a while doing who the hell knows what. And then when I finally recieved the actual box. I wasn't allowed to take it to the register myself. Instead, it was held for me, and I had to ask about it once I got the end of the register line. I'm actually surprised they let me have it after I paid for it. I was half expecting them to call up American express and inquire as to whether my credit was good enough. Anyway... this is all remarkably similar to how DRM makes me feel, so I don't think the analogy is all that laughable.
I've only beaten three so far, I just got it last night, but this game is absolutely breathtaking. I gasped aloud when I jumped on the horse the first time and I wasn't controlling the horse but rather nudging it toward where I wanted to go. It was so much more like riding a real horse than standard video game horse control that it took me a moment to recover from the experience. An interesting note is that this game must have some very interesting technical underpinnings. It does a lot of motion blur and level of detail changes to try and puch as complex geometry into the scenes as possible. I think when the motion blur is concerned they are pulling neat tricks like not clearing out the entire screen buffer and just redrawing some of the closer objects more often than the distance objects or something. You can see it most when you whip the camera around quickly. The best part of this game for me though, other than the collosal (literally) enemies, the awesome draw distance, and the excellent concept and play mechanics, is the animation. The animation is just drop dead excellent. Down to the point where your character has to adjust his gait from a running jump to catch his balance on landing. I wouldn't be at all surprised to learn if a lot of this was AI driven, where his animation is guided by the collisions he is making with the environment, gravity's direction (important when you are scaling a collosus), and the state of all his limbs at the time. In other words, when they were putting this all together, they didn't cut all the usual corners, and it REALLY shows.
Ever notice that when it comes to subjects like this the posted comments are all just preaching to the choir? (The high scoring ones at least) RIAA should take this to heart, if a large group of intelligent people who love to argue with each other unanimously decry the RIAA's strategy as being, on a whole, dumb, then shouldn't they rethink it?