He might be the king of innovative game concepts, but i can't think of a single game he produced in the last 10 years that was fun, and you wanted to play more than a few hours.
Dungeon Keeper was good for a few laughs. Until you realized all the missions were slightly modified carbon copies. Black & White had you go "wow" for half an hour or so, until you were overcome by sheer boredom. Fable takes the cake at potentially the worst CRPG ever. The whole good/bad thing is neat, but hardly factors into the mechanics of the game. Idem for the whole buy-a-house-get-a-spouse thing. That annoying voice that's always telling you to get your multiplier even higher and whatnot completely demolishes any immersion you might have by pounding the fourth wall with all its might. And last but not least, it's not fun to play.
Peter Molyneux might excel at coming up with innovative ideas to base a game on, but his execution is extremely flawed.
He is dead good at spinning the hype machine though.
Elevators are for the weak/injured, people with large packages, skyscraper-dwellers, and people who hate themselves. People who take elevators down are especially suspect in their common sense; there's a reason they're called "elevators" (or "lifts"), people.
Walking stairs downwards is actually a lot heavier on the knees than walkign them upwards, especially if you have a pre-existing condition (sports injury) or are overweight (larger forces on the joints). I'd therefore tend to reccomend that people that are hopelessly out of shape start out by taking the stairs when going up, and the lift when goign down.
That is not oldschool, that is just plain ignorant.
Historically, the very first batch of pen-and-paper contained a good section of fantasy representation. All from most likely well before you were even born.
Gamma World, RIFTS, the original star wars RPG, all jewels from teh golden age of roleplaying. And by roleplaying i mean rollplaying.
I would just like to take this opportunity on behalf of my great nation to apologise for the Enterprise thing - not sure what we were thinking
Actually, I dont mind watching it. It is a lot more accessible than the usual Trek programs, which is a mixed blessing. On one hand it's definitely less "trek", on the other it seems to appeal to my gf, which is a good thing. Now if only she would stop singing along with the theme song... AARGH!
With all the bad rep this show's been getting, I can't help but feel that it's still better than 90% of the popular pseudo-sci-fi series out there.
ii) Unlike other European countries, they don't need TV companies to dub/subtitle it into a different language.
This is very significant. Even here in the netherlands where most people speak english at an excellent level, the majority of the population is not able to follow a sub-title-less show. I have no idea whether it is due to lazyness (being used to reading subs), actual language problems or unfamiliarity with accents and vocabulary I have no idea. However it is a rather large issue.
BTW, the french have a very active fansubbing community for most mainstream shows. Just search on you favourite P2P netowork for VOST (voix originelle sous-titres francaises).
Well, since US television tends not to make it to Britain for a long time after it airs here, it makes a bit of sense. A lot of shows have a one- or two-season lag time. It makes sense that fans who follow the show online would want to see the show as it comes out.
It is also common for some of the less popular series (including some that we geeks tend to appreciate more than the normal tv-watching person) to get cancelled or postponed by the broadcaster mid-season, or to undergo some intruiging re-arrangements in broadcast schedule etc. For example here in Holland, I have seen the first seaon of Futurama on three different broadcasters, but the final season is just now hitting the cable.
If you really case to watch a whole series properly in order and in a timely manner, downloading is pretty much your only option. If you drop the timely requirement, waiting for the DVD releases is a close second.
Nonsense. I bet you dollars to scones that every Brit in the relevant age group just pays the TV tax without batting an eyelash.
Thre real reason for rampant TV piracy on this side of the pond is that shows are released a lot later around here, sometimes even YEARS. This does encourage people to take their viewing habits into their own hands.
I think WFRP isn't that bad in this regard. Just make sure the DM rolls all the criticals out of view (since he's the only one allowed to cheat for dramatic suspense;), and ensure they have some fate-points at the beginning.
And slap them with insanity points, then have fun giving them lots of minor, but annoying, insanities.
Cyberpunk is very tough though. The system with armour and BTM gives you a safe zone to play where a hit from a weapon will most likely (because of the sharp multi-die distribution) only land a handful of damage on any given character. You need a bit of experience when assessign this though, cause if you mess up your baddies will probably be totally ineffectual.
A big downside however is that if the armour/BTM system goes haywire (embushed in street clothing?) it's gonna hurt like a bitch. Time to break out the trauma team cards. Again, you might have the GM roll the death saves, but here i usually prefer to let the PCs do it themselves. I have fudged (or just not rolled) the TT arrival delay rolls and the reanimation rolls, but they are NPCs so I can do it with a straight face;)
You ought to try Mandrake. It has great GUI tools to manage packages (rpmdrake) and LAN/internet connections (incl NAT and PPPoE).
Personally I prefer the commandline out of habit, but these utilities are certainly not any worse than what you woul dget with windows. A bit less polished perhaps, but full-featured and easy to handle.
That's why it's usually not the way it's done. If you remember the switch between libc5 and glibc (libc6?), the two libraries co-existed on the same system with different filenames for quite a while.
Of course, not every single person maintaining a library is as careful as the glibc people, and screwups do happen. It is the distributor's task to maek sure all the programs that ship with a given distribution work with the libraries included in it.
I'm sorry, but you are starting to get on my nerves.
If you wish further discussion with me, please keep in mind the old debate maxim, "soft to the man, hard to the matter".
Also, you would do well to investigate the "decoy scanning" options, -D, before starting a tirade like that.
-D: Causes a decoy scan to be performed which makes it appear to the
remote host that the host(s) you specify as decoys are scanning
the target network too. [...]
Also note that some "port scan detectors" will firewall/deny
routing to hosts that attempt port scans. The problem is that
many scan types can be forged (as this option demonstrates). So
attackers can cause such a machine to sever connectivity with
important hosts such as its internet gateway, DNS TLD servers,
sites like Windows Update, etc. Most such software offers
whitelist capabilities, but you are unlikely to enumerate all of
the critical machines. For this reason we never recommend tak-
ing action against port scans that can be forged, including SYN
scans, UDP scans, etc. The machine you block could just be a
decoy.
Since the entire argument is right there in the nmap documentation, if you do not take my word for it, take Fyodor's. I assume he is "network savvy" enough for you?
I don't mind being corrected, but beware that arrogance and ignorance make a poor match.
I don't think we are on the same page here, so just to clarify:
1) Determining what is spoofed and what is not (without completing the 3way handshake) is not a solved problem unless you have full knowledge of the routing details. You just get a packet that with a certain return address on an interface which would otherwise also get the packets if they were from the legitimate source, and you are none the wiser. Anti-spoofing measures should be incorporated together with routing at all stages in order to be effective.
The ultimate solution against spoofing is getting everyone to set up their egress filters properly, but people are only now starting to catch on to the fact that this is at least as important as setting up your ingress filters correctly.
Of course, if i'm missing something blindingly obvious about determining what is a spoofed packet and what isn't (aside from the evil bit of course;) feel free to point it out. "Dude you gotta read something" is a bit of a vague reference I'm sure you'll agree.
2) I have no idea what I did to imply that i let any kind of packet from anywhere "into my network". I was assuming we were discussing deployment on a bastion host, that per definition is exposed to all network traffic.
Any packet coming your way? That would include the page google is trying to send to you.
Any packet coming your way with SYN set and ACK cleared? This does not drop anything useful (unless you are a server, which most of us are up to some degree), but it leaves you wide open to tons of other semi-stealth scanning techniques and DoSs.
Frankly, I would not bother. There are too many potential pitfalls for too little benefit. Just make sure you run few and well-patched services visible to the outside and don't worry about the scanners.
Do i have to spell everything out for you guys? Here's how it works:
1) Bad dude does SYN scan.
2) Bad dude gets firewalled off.
3) Bad dude performs another scan with a spoofed IP (conveniently provided as an option by the popular nmap)
4) Good dude is in trouble
Who said anything about blocking a local port? If it's port SCANNING every port will be touched once or twice, and blocking local ports as they are touched is not going to have any meaningful effect. What the OP is talking about is adding a firewall route to ignore whatever comes from the address that is doing the scanning as soon as you detect it, ie. in the case of a "fast" scan, 3 or 4 ports into the thing.
Your "there's a whole lotta IPs in the world" comment is seriously asinine as well. As I mentioned, it is trivial to spoof portscans, and while there may be a whole lotta IPs in the world, once you have accidentally firewalled off the ones belogning to your DNS or your mail server, you are going to have some serious networking issues. Running out of "kernel memory" (whatever that might be) is the last of his worries.
Automated security response is a tricky business, and if you do not carefully consider all implication, you are goign to be worse off than you were, not better.
Don't take my word for it. Set up your PC this way and see how long it takes before someone uses it against you.
1) Tripwire is a file integrity checker. I suppose you mean portsentry or similar.
2) Automatic firewalling a VERY bad idea. Remember that most modern scanning techniques do not require a full TCP connection, and are therefore eminently spoofable. Not imagine someone spoofing a syn scan from the IPs of google.com. BOOM! No more google for you, you just firewalled it off yourself. BOOM! No more slashdot. BOOM! No more quake server. You get the idea.
I checked the link, but I couldn't find an article anywhere. I'm hoping for your sake you do not mean the three lines of text between the screen-shots.
His point was that the U238 used in anti-tank ordenance is not (or not only) obtained directly as a by-product of enrichment, but is also (or mainly or only, according to who you talk to) composed of what remains of spent nuclear fuel (mostly for the purposes of producing weapons-grade Pu, hence "military tream") after re-processing.
It is trivial to see how, in this case, it would end up contaminated with the usual array of more or less radioactive elements that make up the famous "camel hump curve" of U235 fission products.
I'm not saying he's right, mind you. Just pointing out that you two are not arguing about the same thing.
And how exactly would remote authentication work? Chop off your finger and send it via fed-ex? Or would it involve converting your biometric information to a digital representation that is vulnerable to all the usual attacks, with the added problem that you can't "change fingers" like you change passwords?
Biometrics isn't the panacea it's made out to be. Educate your users, it's the only way.
Slashdot Mirror
Dungeon Keeper was good for a few laughs. Until you realized all the missions were slightly modified carbon copies.
Black & White had you go "wow" for half an hour or so, until you were overcome by sheer boredom.
Fable takes the cake at potentially the worst CRPG ever. The whole good/bad thing is neat, but hardly factors into the mechanics of the game. Idem for the whole buy-a-house-get-a-spouse thing. That annoying voice that's always telling you to get your multiplier even higher and whatnot completely demolishes any immersion you might have by pounding the fourth wall with all its might. And last but not least, it's not fun to play.
Peter Molyneux might excel at coming up with innovative ideas to base a game on, but his execution is extremely flawed.
He is dead good at spinning the hype machine though.
Walking stairs downwards is actually a lot heavier on the knees than walkign them upwards, especially if you have a pre-existing condition (sports injury) or are overweight (larger forces on the joints). I'd therefore tend to reccomend that people that are hopelessly out of shape start out by taking the stairs when going up, and the lift when goign down.
Three words: Computational Fluid Dynamics.
Historically, the very first batch of pen-and-paper contained a good section of fantasy representation. All from most likely well before you were even born. Gamma World, RIFTS, the original star wars RPG, all jewels from teh golden age of roleplaying. And by roleplaying i mean rollplaying.
I humbly apologise.
You owe me a coffee. And a keyboard.
Actually, I dont mind watching it. It is a lot more accessible than the usual Trek programs, which is a mixed blessing. On one hand it's definitely less "trek", on the other it seems to appeal to my gf, which is a good thing. Now if only she would stop singing along with the theme song ... AARGH!
With all the bad rep this show's been getting, I can't help but feel that it's still better than 90% of the popular pseudo-sci-fi series out there.
ii) Unlike other European countries, they don't need TV companies to dub/subtitle it into a different language.
This is very significant. Even here in the netherlands where most people speak english at an excellent level, the majority of the population is not able to follow a sub-title-less show. I have no idea whether it is due to lazyness (being used to reading subs), actual language problems or unfamiliarity with accents and vocabulary I have no idea. However it is a rather large issue.
BTW, the french have a very active fansubbing community for most mainstream shows. Just search on you favourite P2P netowork for VOST (voix originelle sous-titres francaises).
It is also common for some of the less popular series (including some that we geeks tend to appreciate more than the normal tv-watching person) to get cancelled or postponed by the broadcaster mid-season, or to undergo some intruiging re-arrangements in broadcast schedule etc. For example here in Holland, I have seen the first seaon of Futurama on three different broadcasters, but the final season is just now hitting the cable.
If you really case to watch a whole series properly in order and in a timely manner, downloading is pretty much your only option. If you drop the timely requirement, waiting for the DVD releases is a close second.
Thre real reason for rampant TV piracy on this side of the pond is that shows are released a lot later around here, sometimes even YEARS. This does encourage people to take their viewing habits into their own hands.
My sarcasm detector must be malfunctioning, I actually had to read that twice before it blipped ...
And slap them with insanity points, then have fun giving them lots of minor, but annoying, insanities.
Cyberpunk is very tough though. The system with armour and BTM gives you a safe zone to play where a hit from a weapon will most likely (because of the sharp multi-die distribution) only land a handful of damage on any given character. You need a bit of experience when assessign this though, cause if you mess up your baddies will probably be totally ineffectual. ;)
A big downside however is that if the armour/BTM system goes haywire (embushed in street clothing?) it's gonna hurt like a bitch. Time to break out the trauma team cards. Again, you might have the GM roll the death saves, but here i usually prefer to let the PCs do it themselves. I have fudged (or just not rolled) the TT arrival delay rolls and the reanimation rolls, but they are NPCs so I can do it with a straight face
"Asterisk" is a little star used for notes.
Personally I prefer the commandline out of habit, but these utilities are certainly not any worse than what you woul dget with windows. A bit less polished perhaps, but full-featured and easy to handle.
Of course, not every single person maintaining a library is as careful as the glibc people, and screwups do happen. It is the distributor's task to maek sure all the programs that ship with a given distribution work with the libraries included in it.
I simply use "apt" or "yum" and let them sort it out. The only times they failed me was with a Fedora test release, but I knew the risk I was taking.
If you wish further discussion with me, please keep in mind the old debate maxim, "soft to the man, hard to the matter".
Also, you would do well to investigate the "decoy scanning" options, -D, before starting a tirade like that.
-D: Causes a decoy scan to be performed which makes it appear to the remote host that the host(s) you specify as decoys are scanning the target network too.
[...]
Also note that some "port scan detectors" will firewall/deny routing to hosts that attempt port scans. The problem is that many scan types can be forged (as this option demonstrates). So attackers can cause such a machine to sever connectivity with important hosts such as its internet gateway, DNS TLD servers, sites like Windows Update, etc. Most such software offers whitelist capabilities, but you are unlikely to enumerate all of the critical machines. For this reason we never recommend tak- ing action against port scans that can be forged, including SYN scans, UDP scans, etc. The machine you block could just be a decoy.
Since the entire argument is right there in the nmap documentation, if you do not take my word for it, take Fyodor's. I assume he is "network savvy" enough for you?
I don't mind being corrected, but beware that arrogance and ignorance make a poor match.
1) Determining what is spoofed and what is not (without completing the 3way handshake) is not a solved problem unless you have full knowledge of the routing details. You just get a packet that with a certain return address on an interface which would otherwise also get the packets if they were from the legitimate source, and you are none the wiser. Anti-spoofing measures should be incorporated together with routing at all stages in order to be effective. ;) feel free to point it out. "Dude you gotta read something" is a bit of a vague reference I'm sure you'll agree.
The ultimate solution against spoofing is getting everyone to set up their egress filters properly, but people are only now starting to catch on to the fact that this is at least as important as setting up your ingress filters correctly.
Of course, if i'm missing something blindingly obvious about determining what is a spoofed packet and what isn't (aside from the evil bit of course
2) I have no idea what I did to imply that i let any kind of packet from anywhere "into my network". I was assuming we were discussing deployment on a bastion host, that per definition is exposed to all network traffic.
Any packet coming your way? That would include the page google is trying to send to you.
Any packet coming your way with SYN set and ACK cleared? This does not drop anything useful (unless you are a server, which most of us are up to some degree), but it leaves you wide open to tons of other semi-stealth scanning techniques and DoSs.
Frankly, I would not bother. There are too many potential pitfalls for too little benefit. Just make sure you run few and well-patched services visible to the outside and don't worry about the scanners.
1) Bad dude does SYN scan.
2) Bad dude gets firewalled off.
3) Bad dude performs another scan with a spoofed IP (conveniently provided as an option by the popular nmap)
4) Good dude is in trouble
Just say no to automatic firewalling.
Your "there's a whole lotta IPs in the world" comment is seriously asinine as well. As I mentioned, it is trivial to spoof portscans, and while there may be a whole lotta IPs in the world, once you have accidentally firewalled off the ones belogning to your DNS or your mail server, you are going to have some serious networking issues. Running out of "kernel memory" (whatever that might be) is the last of his worries.
Automated security response is a tricky business, and if you do not carefully consider all implication, you are goign to be worse off than you were, not better.
Don't take my word for it. Set up your PC this way and see how long it takes before someone uses it against you.
1) Tripwire is a file integrity checker. I suppose you mean portsentry or similar. 2) Automatic firewalling a VERY bad idea. Remember that most modern scanning techniques do not require a full TCP connection, and are therefore eminently spoofable. Not imagine someone spoofing a syn scan from the IPs of google.com. BOOM! No more google for you, you just firewalled it off yourself. BOOM! No more slashdot. BOOM! No more quake server. You get the idea.
I checked the link, but I couldn't find an article anywhere. I'm hoping for your sake you do not mean the three lines of text between the screen-shots.
It is trivial to see how, in this case, it would end up contaminated with the usual array of more or less radioactive elements that make up the famous "camel hump curve" of U235 fission products.
I'm not saying he's right, mind you. Just pointing out that you two are not arguing about the same thing.
Biometrics isn't the panacea it's made out to be. Educate your users, it's the only way.