Friday, December 28, 2012

Nerd Gear: Computer Cases Cosmos II vs Thor 2 vs Obsidian 650D

Still working on ideas for gaming computer for girlfriend, so that we can game together, we only have one machine that can handle much in the way of games at the moment, here are some of the cases I looked at today:

I welcome any additional suggestions, don't have any real preferences at the movement, other than I want a quality case, cause I will probably use it for 10+ years, and it needs to support water cooling & high end GPU's for future upgrades.





Friday, December 21, 2012

Nerd Gear: Anandtech Reviews Thermaltake Level 10 M Gaming Mouse

http://www.anandtech.com/show/6526/capsule-review-thermaltake-level-10-m-gaming-mouse

I am a bit interested, still not convinced high end mice are any better than normal mouse.

But I used to feel that way about keyboards, before I got my DAS Silent.

This mouse is $99 and isn't right hand biased, which is important to me, since I primarily use my left hand for mouse.

I do switch to right hand for some things.

Also when doing mouse intense stuff all day long, I tend to flip between right and left hands on regular basis to avoid fatigue.

But then I have practiced more than just mouse stuff with both hands, in large part of because of my martial arts & weight lifting, try to have equal strength and skill on right and left side of my body.

Nerd News: Sonic Scalpel, so is Sonic Screwdriver next?

http://www.gizmag.com/invisible-scalpel-sound-beam/25534/

As a Nerd, I really like it when Sci Fi becomes Science, or Engineering!

Wednesday, December 19, 2012

Dota 2 fun

Ayesee is streaming some Dota 2 fun http://www.twitch.tv/ayeseetv

Nerd News: "The War Z's Steam debacle...."

http://arstechnica.com/gaming/2012/12/the-war-zs-steam-debacle-highlights-need-for-better-player-communication/

For those not familiar with War Z, it isn't the same as Day Z (Arma 2 mod), nor is it the not yet released stand alone version of Day Z.

I blogged about alpha VOD of War Z http://cliffsesportcorner.blogspot.com/2012/11/war-z-alpha-game-play-multiplayer.html

GGA Starcraft II Finals Event

Global Gaming Alliance by AZiO, AMD & Levetron



Teamliquid linkhttp://www.teamliquid.net/forum/viewmessage.php?topic_id=388723

When:  December 19, 2012 @ 19:00 CET/18:00 UTC/13:00 EST/12:00 CST/10:00am PST (Dec 20 3:00 AM KST)

Streams:

Brackets (believe replays will be available here as well) http://play.gosugamers.net/starcraft2/tournaments/120:global-gaming-alliance-cup/13:global-gaming-alliance/137:gga-cup-grand-finals/bracket

I am cheering for HwangSin in this event!

Sunday, December 16, 2012

Security & Hacking: Samsung Android Vulnerability

http://forum.xda-developers.com/showthread.php?t=2048511

This is beyond my current technical understanding, but from my understanding is something that could be exploited by apps without being obvious.

XDA may be down for maintenance tonight, so if link doesn't work just bookmark and come back to it Monday.

Thursday, December 13, 2012

HwangSin Streaming SC2

Streamhttp://www.own3d.tv/HwangSin


Been to long since I have been able to watch HwangSin stream.

He is singing occasionally tonight as well ^_^

<333 HwangSin

Catz ZvP on Ohana VOD (Nov 23, 2012)





Interesting game, from Catz's Youtube Channel https://www.youtube.com/user/WeAreCatZ/featured

No Spoilers, but this Protoss uses some elements that I normally use in PvZ, so was really interesting to me how Catz dealt with that element.

Though Toss doesn't use Unit Comp I do, so not sure if the response Catz used here would work as well vs my play style, if I was anywhere near Catz level for playing that is ^_^


TLO vs Hero VOD




Great cast by DuckvillelolLiquid TLO vs Liquid Hero

Some amusing banter between Hero and TLo at the beginning as well ^^

Liquid Ret is streaming SC2 (WoL)

Streamhttp://www.twitch.tv/liquidret

Ret hasn't streamed in a long time, glad to see him streaming again!

Security & Hacking: "Unauthorized Access to a New Jersey Company’s Industrial Control System"

http://publicintelligence.net/fbi-antisec-ics/

Some snippets of interest:

"US Business 1 had a controller for the system that was password protected, but was set up for remote/Internet access. By using the link posted by the hacktivist, the published backdoor URL provided the same level of access to the company’s control system as the password-protected administrator login. The backdoor required no password and allowed direct access to the control system."

"The URL that linked to the control system of US Business 1 provided access to a Graphical User Interface (GUI), which provided a floor plan layout of the office, with control fields and feedback for each office and shop area. All areas of the office were clearly labeled with employee names or area names."

As a gamer, I'll note the second snippet matches up with some games, which seems amusing, sad, and ironic to me.

As someone with much deeper background in physical security than computer security, I'll also note that the second snippet above would provide a lot of very useful intel for physical attacks and/or social engineering.

IMHO Social Engineering attacks are on a boundary of Physical & Computer Security, walking in and pretending to be there to fix something is certainly a Physical attack, though you might be placing a physical keylogger or other Pen Testing equipment to attack the computer network.
 

Wednesday, December 12, 2012

Security & Hacking: Chrome & Flash Updates

http://www.livehacking.com/2012/12/12/google-updates-chrome-to-fix-a-critical-vulnerability-and-update-flash/

http://www.livehacking.com/2012/12/12/adobe-releases-security-updates-for-flash-player/

I got the Chrome Update late last night.

Chrome is supposed to update automatically, but I strongly suggest checking all your Auto Updates once a month or so, or at least quarterly.

Personally I don't trust Auto Updates, I use Calender alerts from my Smartphone Calender & computer schedule app (I don't like synching, because by having separate Calender apps I have backup redundancy that synching would destroy) to remind me to check updates on Patch Tuesday for Windows (I check everything on Patch Tuesday, not just Windows).

Part of that is that I used to rely on auto updates, but found that they were missing critical patches sometimes.


Nerd Gear: GE develops Neat Thin, Quiet Cooler




GE Dual Piezoelectric Cooling jets.

These looking interesting from gadget perspective to me.

But I think I would go with Thermoelectric Cooler (aka Peltier), with water cooling for heatsink if I was going for exotic cooling.

Below is a VOD showing Peltier/TEC cooling of a CPU (not the best quality VOD for audio)




Monday, December 10, 2012

Kings of Tin!

Stream http://www.twitch.tv/onemoregametv

Tonight: djWHEAT, WackStevens, & ROOT.LeiYa

Inside Catz Head ZvP VOD (11/23/12)




Latest Inside Catz's Head, his series of Streams & VOD's where he explains his thoughts and gameplay about Starcraft 2

For all of his Youtube VOD's check out Catz's Channel at http://www.youtube.com/user/WeAreCatZ/

Security & Hacking: The not so secret Secret Service

http://nakedsecurity.sophos.com/2012/12/10/secret-service-sensitive-files-metro-train/

Not only was this PII, it was PII for the US Secret Service.

So, if I am understanding this correctly, you could find the addresses and etc of people on protection details for the President and other VIP's!

Probably with a bit of work you could figure out which people were likely to be on protective details from this type of information as well.

Really think they should have been using stronger encryption, and using a secure courier or something far more secure than a new low level employee riding public transport alone.

Sunday, December 9, 2012

Nerd Gear: Battery Life of 10 & 7 inch Tablets compared

http://blogs.which.co.uk/technology/tablets-ebooks/which-tablet-has-the-best-battery-life-infographic/

I'm sure all of you have read individual reviews of most if not all of these Tablets, but this short article shows battery life in minutes of all the main Tablets in two charts/graphs for easy at a glance comparisions.

They measure in minutes, not hour:minutes, which makes sense, but threw me at first glance.

They used 200 nits and running video, so if your browsing your gonna see less time with most of the platforms.

Security & Hacking "Tor network used to command Skynet botnet"

http://www.computerworld.com/s/article/9234468/Tor_network_used_to_command_Skynet_botnet

Interesting, but I wonder if this has been going on for a long time, using Tor for C&C that is, seems like an obvious kinda idea IMHO.

Edited to add: Yep, missed this in first read through, from above second page of above link:
The Tor-based approach is not new, said Marco Preuss, head of the German global research and analysis team at antivirus vendor Kaspersky Lab, via email. "In the past years several presentations and research papers mentioned this method for botnets."

This story also reminds me of this Malware Targeting Windows 8 Uses Google Docs, where they were using Google Docs to obscure C&C path.

Awesome Ironsquid!

Streamhttp://www.twitch.tv/ironsquid

Goswser doing Proxy Hatch with Spinecrawler rush ^_^

Khaldor & Wolf are casting, @Khaldor & @Proxywolf on Twitter.

Friday, December 7, 2012

Nerd News: T Mobile ending phone subsidies!!!

http://gigaom.com/mobile/t-mobile-ceo-confirms-the-iphone-and-the-death-of-phone-subsidies/

They are also getting the iPhone, but that is the minor news.

They are getting rid of subsidies, and going to cheaper plans!

So finally, US cell phone plans are moving more towards EU situation, I am really excited about this, because this should lower prices in general, but also because I have been with T Mobile for last few years.

Really dull & dry VOD below contains confirmation from the T Mobile CEO, is almost hour long, I am only including it as primary source for story.

Nerd News: Archos Gamepad (Android tablet) now available



On sale in EU at least.

Archos company website http://www.archos.com/

Full Tech Specs http://www.archos.com/products/gamepad/specs.html?country=us&lang=en&#a

Key specs from Tech Specs link:

Display • 7’’: 1024x600 capacitive 5 points multitouch screen
Application Framework • Android 4.1 Jelly Bean
Processor • ARM CORTEXTM dual-core A9 @ 1.6GHz
• GPU quad-core Mali 400 MP
• 3D OpenGL (ES 2.0)
Capacity • Flash: 8GB + microSD Slot (SDHC up to 32GB)
RAM • 1GB RAM


Looks real interesting.

Key feature is that you can map the controls easily & quickly http://www.archos.com/products/gamepad/index.html?country=us&lang=en&p=3#a

If I understand correctly, it is a full Android Tablet, with game controls as part of the hardware.

Since I might have to wait till January to get my Christmas present for myself (Galaxy Note 2), I think I will give this a close look.

Might decide to stay with phone I have a bit longer, and get something like this instead.

I don't like touch screens much, much prefer optical trackpad my Blackberry Bold has, or good stylus setup like the Galaxy Note 2 and Microsoft Surface Pro (Jan 2013 release date) have.

Thursday, December 6, 2012

Sacriel & Oshi Streaming Arma 2 Wasteland

Streams:
If your looking for more info on Arma 2, Official site http://www.arma2.com/ or Arma2 Wikipedia link http://en.wikipedia.org/wiki/ARMA_2


For more on Wasteland see http://www.mmogames.com/gamereviews/arma-ii-wasteland-sandbox-preview/ or https://dev-heaven.net/projects/wasteland-survival-sandbox/wiki

HOTS Beta Patch Balance Update #8

http://us.battle.net/sc2/en/forum/topic/7320452320

I don't have have HOTS, and though I have watched as many pros playing HOTS as possible, still haven't seen enough games to have deep or strong conclusions.

Some random thoughts:
  • I like the Dark Shrine price change, but then I have always been a fan of DT's.
  • The medivac speed boost might be useful for drops.
  • Reaper tweaks look interesting.
  • Based on Reaper & Medivac tweaks, looks like they want more harassment from Terran.
  • Mutas really buffed for GM level players IMO, with good technique, think they will be able to serious damage with Muta cloud without taking losses.
  • Wish I had Beta so I could test new Voidray vs Marines, it might be better vs Marines a little (ie in small numbers), but looks to me like they have Nerfed Voidray so much there is really nothing you could use them for anymore.  Unless the tweak makes them perform in game like a baby BC?  They have lost their ability to win vs any other Air unit.

Wednesday, December 5, 2012

Interesting tidbit about Radio Telescope & Solar Flares

http://www.gizmag.com/mwa-radio-telescope-solar-flares/25300/

Might wonder why I am blogging this here, since this is directly related to gaming.

Reason is that it is connected to Cyber Security, though loosely, power grid and communications are very vulnerable to Solar Flares and Solar Storms.

This project will help with some threats, but it can't really do anything to protect power grid from massive Solar Flare.

IMHO the overall security of the Power Grid, Communications, and Internet should consider all hazards or threats.

While striving for integrated solutions.

See these links for more on massive Solar Flares and damage they can do:

Nerd News: Zapping Bread with Lasers Microwaves

http://www.bbc.co.uk/news/science-environment-20540758

Well they could use Microwave Lasers (aka MASER)!

Nerd Gear: "Sub-Zero Weather: Can Your Smartphone Stand The Cold?"

http://www.pcworld.com/article/249134/sub_zero_weather_can_your_smartphone_stand_the_cold_.html

Came across this interesting article, while doing some research, my gf is planning on biking to work all winter, ordering studded tires for her Bike this week, and she was wondering about taking her work laptop back and forth that way when it is really cold.

Told her condensation would probably be biggest problem most days she felt like biking in the winter vs taking car.

Seems like that is probably the case, as long as you let device warm to room temperature before using.

I know I have used Feature Phones (aka Dumb Phones) in the past when it was very cold, approaching -40 Fahrenheit/Celsius (-40 is same in either system).

The phone was in my coat or pants pocket, always worked when I needed it to, but I was in and out of the car, so not sure how cold the phone really got then.

Was delivering News Papers on weekend one Fall/Winter, mainly rural and one small town, also burned out tranny in my car with that job busting snowdrifts over the hood of my car! 

Security & Hacking: Roger Williams' Shorthand from 1600's Cracked

http://www.salon.com/2012/11/30/code_used_by_ri_founding_father_is_finally_cracked/

Roger Williams is a very interesting person from United States history, http://en.wikipedia.org/wiki/Roger_Williams_%28theologian%29, very important in the establishment of Rhode Island (RI), and also the principle of Separation of Church and State.

As an Anthropologist & Historian, definitely adding him to my list of historic people to study, he actually studied Native American languages & culture, and didn't approve of the ways they were treated.

The cracking of his personal Shorthand is an interesting story, if your not familiar with Shorthand see http://en.wikipedia.org/wiki/Shorthand.

Shorthand was used way back in the day, as a way for a skilled person to record spoken words in real time (or near real time).

Then it would normally be converted into standard text by scribes, or after Typewriter was invented,  typed up.

Generally copies would be made as well, either by scribes or typewriters, of conventional text/language, not the Shorthand version.

Learning Shorthand is something that has been on my to do list for a long time, even in modern world, I find writing to be better for some tasks.

For one, with Rite In The Rain Spiral Notebook , and a Pencil or Space Pen
you can easily take notes outside in the rain, or in Shower/Hot Tub for that matter.

Also Shorthand has applications for Low Tech communication methods like Carrier Pigeons, low or even so called "Obsolete" tech can be very useful at times.

Low and/or Obsolete tech often doesn't require power, so can provide limited communications after Natural Disaster or other large disruption to Power Grid and Internet.

Also not vulnerable to same types of intercepts, so if used for regular or frequent communication, requires an attacker to invest in broader amount of attack capability and tools.

Perhaps Peregrine Falcon's to take down the Carrier Pigeons?



Nerd News "FTC bars advertising firm from sniffing browser histories"

http://www.computerworld.com/s/article/9234363/FTC_bars_advertising_firm_from_sniffing_browser_histories

FTC link: http://ftc.gov/opa/2012/12/epic.shtm

Tuesday, December 4, 2012

Sacriel Streaming Arma II

Streamhttp://www.twitch.tv/sacriel

The got an awesome armed Humvee at the moment.

Security & Hacking: "SMS Vulnerability in Twitter, Facebook and Venmo"

http://titanous.com/posts/twitter-facebook-venmo-sms-spoofing

Jonathan Rudenberg found SMS Texting vulnerabilities in Twitter, Facebook, and Venmo, he notified all of them of their respective problems.

Unfortunately Twitter has yet to patch this vulnerabilty, though Facebook and Venmo have reportedly dealt with it.

I suggest you make sure you have Twitter Text messaging turned off, should be under settings, then Mobile.



Security & Hacking: USB Stick Pen Tool that emulates Keyboard

http://www.pcpro.co.uk/blogs/2012/12/04/the-usb-stick-that-turns-into-a-keyboard/

 I find this hardware very interesting, I wonder if they got the idea from Yubikey?

http://www.yubico.com/faq/why-does-the-yubikey-act-as-a-keyboard/

Not mentioned in the PC Pro article, but rather in the Yubikey link, it mentions that even USB ports that are shut down to USB flashdrives will run Yubikey, since it looks like a Keyboard to the computer.

I suspect this USB stick hack would work in the same situations, were USB ports are locked down to USB flashdrives, the computer would see a keyboard.

So the hack would still work.

Giving you remote access.

Think Social Engineering attacks, or working as part of cleaning crew, would allow easy placement of device like this.

 Speaking of Cleaning Crew or Custodians, how many companies care enough about security to pay good wages to keep good, vetted, in house custodians vs using a contractor?

Or even if they use in house custodians, still tends to be a low pay, low status job, with a lot of turnover, and generally low standards for hire.




Security & Hacking: OWASP "Open Web Security Project"

https://www.owasp.org/index.php/Main_Page

If your not already familiar with this resource, and you work in Security and/or Pen Testing, you will want to become familiar with OWASP.

Consider the following, just to start, from https://www.owasp.org/index.php/Category:Principle:

Some proven application security principles

Friday, November 30, 2012

Sacriel Streaming, think it is Arma II of some sort, not DayZ

Streamhttp://www.twitch.tv/sacriel

AnandTech Pod cast, worth listening to

http://www.anandtech.com/show/6487/the-anandtech-podcast-episode-11

I liked the whole podcast!

Think many hardcore Nerds will be most interested in the Nexus 4 LTE section.

They follow an outline & provide a timeline for each point, so you can skip to specific topic.

I suggest listening to the entire podcast though, if your interested in deeper learning.

There are lots of juicy little tidbits you can pick up between the lines.

Example, I am real interested in Windows 8 phones, so was interested in what they had to say about the Lumia 920.

I like the live tiles concept, and I am also looking for a new platform that has comparable security to my Blackberry that I am moving away from, to a Galaxy Note 2, because of my doubts of RIM's future.

Looking at Windows phones as a likely candidate for secure mobile platform, since the only other real choice is iOS, which works and has great device security, but I really don't like the UI and total lack of multi tasking.

So little tidbit I picked up, related to problems battery testing on the Lumia 920, was they hadn't been able to hack the short timer for shutting screen off (ie power saving), like they were for most phones that didn't allow shutting that feature off completely.

Not the same as a detailed examination of the devices security, but a useful bit of data IMO.

Thursday, November 29, 2012

Sacriel is Streaming DayZ

Stream http://www.twitch.tv/sacriel

Nerd Gear: The Difference i5 vs i7

This is the best article I have found for clearly explaning the difference between an i5 cpu and an i7 CPU http://www.pcmag.com/article2/0,2817,2404674,00.asp

I don't know if it will help if your comparing a something like a laptop with  http://ark.intel.com/products/50072/Intel-Core-i5-2540M-Processor-3M-Cache-up-to-3_30-GHz  to one with http://ark.intel.com/products/52231/Intel-Core-i7-2620M-Processor-4M-Cache-up-to-3_40-GHz?

Or similar gap for a desktop.

I think for most people the i5 is going to be a better choice, if you want or need an i7 then by all means get one.

This is something I agonized over for at least 3-4 weeks before getting my newest computer.

I am not a bleeding edge gamer, I don't do video editing, and while I will probably do some video editing sooner or later, it will only be occasionally, not every day.

Based on that, I couldn't think of a situation were I personally would be limited by a fast i5 and not with an i7 CPU.

So I decided to go with i5 quad core that runs at 3.1 GHz, a good but not great GPU, and only 4 GB of RAM.

Except for the RAM, which I am planning on upgrading to 16 GB on my birthday, this has worked out very well

I am using more than 90% of my RAM on a daily basis, so going to upgrade it to 16 GB so I don't have to worry about it.

Additional Links:

2012 DreamHack Winter Finals Replays & VOD's

The replay packs for 2012 Winter DreamHack are out http://files.dreamhack.se/replays/DreamHack_Winter_2012_Replays.zip

They also have the VOD's up at http://www.dreamhack.tv/

To see all the replays I have blogged about, just click this Label replays other Labels can be found in Label cloud at left side of Blog, or at bottom left of every blog post.

If your looking for a specific player's replays or something else specific on my Blog, google is the best tool.

Just cut and past my blog's name Cliff's Esport Corner into Google and add whatever keyword(s) your looking for like TLO and/or replays.

Hope that helps, I have tried the Google widget for Blogger, but it didn't work very good, regular Google is a LOT better.

Nerd News: "3D-printed consumer electronics just became a reality"

http://www.extremetech.com/extreme/141669-3d-printed-consumer-electronics-just-became-a-reality

Really cool!

I am looking forward to 3D printing, though I still plan to have a lathe and milling machine, or a combo machine, eventually.

Milling machines are one of the very few machines that can be used to make a copy of themselves.

Lathes can sorta of do that as well, I suspect 3D printers may be able to do that eventually.

Security & Hacking: International Atomic Energy Agency (IAEA) Hacked

http://nakedsecurity.sophos.com/2012/11/29/atomic-energy-hack/

"The hackers claimed the security breach was in response to what the group said was Israeli aggression, including the Stuxnet worm and the assassination of a senior Iranian nuclear scientist."

The Hackers are claiming to be from Iran, but AFAIK no evidence to support that, it could be an anti Iran group pretending to be Iran in an attempt to provoke more attacks or sanctions against Iran.

Not saying that it is, but that is a factor that always needs to be remembered in situations like these.

I do wonder though if this is one of the first visible signs of fallout of Stuxnet & Flame, something I am concerned about, have blogged about those concerns before http://cliffsesportcorner.blogspot.com/2012/11/security-hacking-chevron-was-victim-of.html

PSA Security & Hacking: Western Connecticut State University possible data breach

"Personal information Western Connecticut State University kept over a 13-year span on students and their families, as well as high school students, might have been exposed to unauthorized access between April 2009 to September 2012, school officials are warning."
~ Source and full story at http://www.nbcconnecticut.com/news/local/WCSU-Data-Vulnerability-Could-Affect-235000-181374021.html


Tuesday, November 27, 2012

Random Wikipedia of the Day (RWotD): Learning Styles

http://en.wikipedia.org/wiki/Learning_styles

I spent more than an hour already, reading this Wikipedia entry, and following the citations.

Also want to mention in this context, one of my favorite quotes from Miyamoto Musashifrom one thing, know ten thousand things."

To see more of my posts about Learning or Learning SC2, just click on those Labels, more Labels can be found in Label cloud at left side of Blog or at bottom left of every post.

Rotterdam aka Rooterdam streaming SC2

Streamhttp://www.twitch.tv/RotterdaM08

Been a month since Rotterdam has streamed, way to long, but even though he is part of ROOT, he still is a fulltime caster.

So we have to settle for what he can do for streaming :/

Sunday, November 25, 2012

Nerd Gear: Anandtech reviews 2 Rosewill Keyboards

http://www.anandtech.com/show/6475/capsule-review-rosewills-illuminated-keyboard-and-rk9000bri-keyboard

I suggest close reading of the last section of that review, where they talk about the differences between Cherry Switches.

I also suggest this from Das on differences between switches http://www.daskeyboard.com/blog/?page_id=1458#keyswitches

Full disclosure, I use & love, a Das Silent, which should have Cherry MX Brown switches on it, though I haven't removed key caps for cleaning yet (what can I say, I would rather game than clean).

I do a lot of typing and more than a little gaming.

I do plan to buy a few different mechanical keyboards to test out various switches, as my budget allows, to compare on a personal level the differences.

I want to have a mechanical spare keyboard, instead of the bluetooth spares I rely on currently.

Plus my girlfriend wants a better keyboard, and she isn't as picky as me, so any extra mechanical keyboard can always be donated to her.

Nerd News: "Congress members ask FBI to shut down Hamas Twitter account"

http://www.theverge.com/2012/11/24/3685616/congress-members-fbi-hamas-twitter-shut-down-idf

Can't say I have clear thoughts on this whole mess.

But it does remind me, a bit, of a movie called Wag the Dog.

Friday, November 23, 2012

"Sacriel livecasting ROCCAT DayZ Deathzone tournament live on location"

Edited to add:  Finals over.



***

Grand Finals starting now!

***
Sacriel streaming/casting from DreamHack:  http://www.twitch.tv/sacriel

Forgot about this with all the SC2 Dreamhack going on, T_T

Still going though!

Security & Hacking: "Hacked Go Daddy sites infecting users with ransomware"

http://nakedsecurity.sophos.com/2012/11/23/hacked-go-daddy-ransomware/

Yet another reason not to use Go Daddy IMO.

No response yet from Go Daddy about the problem, not clear to me how widespread this problem is at the moment.

Will post more if I find out anything useful.

Thursday, November 22, 2012

Scarlett Streaming SC2

http://www.twitch.tv/scarlettm

Best stream for SC2 now that DH is over for the day.


Security & Hacking: Update "Phishing attack, stolen credentials sparked South Carolina breach"

Governor Nikki Haley update on SC Hack of Tax Returns

  

Contrast VOD with spinless details, Phishing attack, stolen credentials sparked South Carolina breach

I blogged about this before, see link here http://cliffsesportcorner.blogspot.com/2012/10/security-hacking-governor-nikki-haley.html with VOD from Governor Haley's (South Carolina) Press Conference about SC Tax Returns being hacked.

Turns out those "sophisticated" "foreign" hackers used a Phishing attack.

And since SC didn't encrypt the data, or use Two Factor, they were totally pwned.

For TWO MONTHS, it was actually the cops that told them there was a problem!!!

Full Story, very much worth reading, http://searchsecurity.techtarget.com/news/2240172466/Phishing-attack-stolen-credentials-sparked-South-Carolina-breach

See also this PDF Public Incident Response Report, http://governor.sc.gov/Documents/MANDIANT%20Public%20IR%20Report%20-%20Department%20of%20Revenue%20-%2011%2020%202012.pdf


Wednesday, November 21, 2012

Security & Hacking: "Security firm finds SCADA software flaws; won't report them to vendors"

http://www.computerworld.com/s/article/9233916/Security_firm_finds_SCADA_software_flaws_won_t_report_them_to_vendors

Snippet:
"Malta-based security start-up firm ReVuln claims to be sitting on a stockpile of vulnerabilities in industrial control software, but prefers to sell the information to governments and other paying customers instead of disclosing it to the affected software vendors."

So why can a company like this see the value of SCADA security, but the companies that use and make SCADA related software not?

Destruction Testing, Lumia 920




Death to the Lumia 920 ^_^

PhoneBuff website http://www.phonebuff.com/

Minigun's announcement on TL Blog "Getting Life Back on Track"

Minigun starts his latest blog post with:
"So I've been playing starcraft for the last three years. And it's been a rough three years for me personally. Actually the last 10 have been pretty rough, some to my own thanks, but some completely out of my control."

Really recommend reading the rest of it, and the comments at http://www.teamliquid.net/blogs/viewblog.php?topic_id=383016

<333 Chad

You can learn more about Minigun at http://wiki.teamliquid.net/starcraft2/Minigun

I'll admit I am biased,  I am a Minigun Fan, and like others have commented, I was also a big fan of Guns N Broaches (Minigun and Destiny team name when they played 2v2 for a while).

Also, I am a Mod of Minigun, which certainly prevents me from being completely objective.

You can see all my previous posts about Minigun by clicking on either of these Labels ColMinigun  or Minigun.

There is a lot of overlap between those two labels, because for a while I was using both when I posted about him.

You can find other Labels in the Label cloud at left side of my blog, or at bottom left of any post.

DreamHack Winter 2012

Replays for DreamHack Winter 2012 http://files.dreamhack.se/replays/DreamHack_Winter_2012_Replays.zip
***
VOD's for all Winter Dreamhack 2012 should be found here http://www.dreamhack.tv/
when they get added, which they haven't yet.

To be clear no 2012 Dreamhack yet T_T but if you bookmark these links, they should have the VOD's when they get around to it AFAIK

***
I have updated Streams, both for SC2 & Dota for Winter DreamHack 2012, with a few links for the other Esports as well.

I will be editing and updating this before, during, and after the event, will add VOD links and such if/when they become available.

SC2 Streams (more will be added as they are announced):
Dota Streams:


When:  DreamHack Winter 2012 Grand Finals starts November 22, 2012 at 13:00 CET/12:00 GMT/10:00 BST/ 07:00 AM EST/ 06:00 AM CST/ 04:00 AM PST ends November 25, 2012
Brackets:


Liquidpedia (best single source IMO):

DreamHack EIZO Open Winter 2012

If your looking for something you don't see here related to DreamHack, please post in the comments,  I'll do my best to find the information or link for you.

Likewise if you have a useful link, please post in the comments, only Spam or BM posts will be deleted.

Note, (this is more relevant if your attending DH in person):
DreamHack Winter 2012 is arranged 22-25 November at the Elmia Fair in Jonkoping, Sweden.
The festival is open 24/7 and we have blazing fast Internet from Telia.

Important times for DreamHack Winter 2012

Doors open: November 22 – 08:00
Opening ceremony: November 22 – 16:00
The network goes down: November 25 – 08:00
The electricity cuts to the table rows: November 25 08:40
All participants must be out of Elmia: November 25 10:00

Tuesday, November 20, 2012

Nerd News: Lumia 920 Brick Fix (try at your own risk)




I have no way to evaluate this, I don't have a Lumia 920 bricked or otherwise.

If you attempt this you might make things worse.  This youtube channel only has one other VOD uploaded, so no way to tell anything from that either.

Link to Youtube http://youtu.be/O4tU4oRkyAs


Twinkies and the Zombie Apocalypse





No more Twinkies?!?

What will we do during the Zombie Apocalypse?

Guess we will start having to make them ourselves.

Full instructions here http://www.instructables.com/id/Homemade-Hostess-Twinkie-Recipe/

Thinking they really should add Twinkies to Dayz!

Nerd Gear: Beer Keyboard!

"Do you know what you get if you combine 44 beer cans with an Arduino board and a Raspberry PI ? I tell you : fantastic user engagement!" from http://arduino.cc/blog/2012/11/19/the-arduino-powered-beer-keyboard/

More information at http://robofun.ro/create/beer-keyboard/

Nerd Gear: Android Controlled LED Lamp



See http://www.myledlamp.net/ for more information.

They offer a free version of the app for Android, and instructions for Arduino, and other information you need to build your own.

Monday, November 19, 2012

Security & Hacking: "Malware Targeting Windows 8 Uses Google Docs"

http://www.symantec.com/connect/blogs/malware-targeting-windows-8-uses-google-docs

Snippet, "The latest version of Makadocs does not connect to a C&C server directly, rather, it uses Google docs as a proxy server."

I have always been leary of Google Docs, not because of Google, but because if you use it, you have to trust everyone that can save or modify the Docs.

You have to trust them to be not only non Malicious, but non Stupid, which is a much higher bar.

Computer Desk of the Week: A Treadmill Desk

This is a little less cool Computer Desk of the Week (CDotW), than a health and nerd level detail based desk.

http://www.npr.org/blogs/health/2012/11/19/165293511/can-you-move-it-and-work-it-on-a-treadmill-desk

The pictures in article linked above come from SALO, http://www.salollc.com/, a company that participated in a study done my Mayo Clinic.


The Treadmill Desk was conceived by James A. Levine, M.D., Ph.D. a doctor with May Clinic,  Youtube presentation by Doctor Levine below.

Keyword or Key Terms:  Magic Underwear,  NEAT, Gruve




Non-exercise Activity Thermogenesis  (NEAT) [Thermogenesis=body generating heat]

There are also, snippet from http://en.wikipedia.org/wiki/Thermogenesis,
  • "Exercise-associated thermogenesis (EAT)"
  • "Non-exercise activity thermogenesis (NEAT)"
  • "Diet-induced thermogenesis (DIT)"


Security & Hacking: FreeBSD Security Warning

http://www5.us.freebsd.org/news/2012-compromise.html

Snippet, read full story at link above,
"On Sunday 11th November 2012, two machines within the FreeBSD.org infrastructure were found to have been compromised. These machines were head nodes for the legacy third-party package building infrastructure. It is believed that the compromise may have occurred as early as the 19th September 2012."

Saturday, November 17, 2012

HwangSin Streaming SC2

Streamhttp://www.own3d.tv/HwangSin

<333 HwangSin

Nerd News: Build your own Firefly Spaceship

Build your own Firefly, out of Legos, lots and lots of Legos.

If I understand correctly, this is over 7 feet long (2.1 meters).

http://www.flickr.com/photos/brickfrenzy/sets/72157630914408000/detail/

http://www.flickr.com/photos/brickfrenzy/sets/72157630914408000/with/7717710438/

I would need a lot of help from Kaylee to build this though.

Even has the shuttles http://www.flickr.com/photos/brickfrenzy/7717663292/in/set-72157630914408000

It is on display at North Canton, Oho location of Sir Troy's Toy Kingdom.

Sacriel's Blacks Ops 2 First Impressions




Sacriel is my favorite DayZ streamer/caster, he has a lot of great DayZ VOD's at http://www.youtube.com/user/sacriel42/featured

TLO Streaming SC2

Streamhttp://www.twitch.tv/liquidtlo

With Battle.net World Championship this weekend, probably not to many people streaming SC2, but TLO started when BWC ended.

Nice timing, course TLO is a pro ^_^

Battlenet World Championship 2012

Battle.net World Championship


Stream Hub:  http://www.twitch.tv/team/bwc

Schedule:  http://us.battle.net/bwc/en/schedule/

Results/Bracket:  http://wiki.teamliquid.net/starcraft2/2012_Battle.net_World_Championship#Results

VOD/Replays:  http://us.battle.net/bwc/en/tournaments/sc2/videos

Day 1


Day 2

Friday, November 16, 2012

Thursday, November 15, 2012

Random Wikipedia of the Day (RWotD): Marian Call

http://en.wikipedia.org/wiki/Marian_Call

Firefly connection & more, her official web page is http://www.mariancall.com/

Security, Hacking, & Politics: "The Hackers of Damascus"

http://www.businessweek.com/articles/2012-11-15/the-hackers-of-damascus

Read the whole article, even if it takes you a couple of days, don't TL:DR it!

A Great Cheese vs Cheese Duel



A TvZ, Game 3 from Clan war mGG vs TCP, that Duckvillelol was casting live.
 
I saw this live, was waiting for Duckvillelol to get it up on his Youtube channel http://www.youtube.com/user/DUCKVILLELOL/featured

Duckvillelol was reading and responding to stream chat while casting this live, that is why this VOD is a bit less refined than most of the ones he puts on his Youtube Chanel, those he casts from replays with no audience.

Hilarious game!

Enjoy!

Liquid TLO vs ExcuseMe



Liquid TLO vs ExcuseMe, Cast by Duckvillelol

Nerd Gear: Anandtech reviews the Google Nexus 4

http://www.anandtech.com/show/6440/google-nexus-4-review

Anandtech is my favorite site for reviews, they tend to provide more depth and objectivity than most other "tech" sites.

Plus, they still come up with stuff that is new to me, and I don't mean devices,  so I keep learning things from them.

Nerd Gear: Phonebuff's "Samsung Galaxy Note 2: Top 10 Features"



The written version of article can be found at http://www.phonebuff.com/2012/11/samsung-galaxy-note-2-top-10-features/

As I have mentioned before, the Galaxy Note 2 is the smartphone that I am planning to upgrade to, though I keep looking for more information, that is just the way I am, I don't assume there isn't something more to learn.

I liked this review, hope you find it useful as well, if you know of any other really good reviews, either Pro or Con, about the Note 2 please leave a reply.




Security & Hacking: Digital Bond on ICS & PLC lack of Security

http://www.digitalbond.com/blog/2012/11/13/two-conversations-last-week/

from link above:
"Our number 1 message – if the bad guys, malware or any other attack code gets to your ICS, he or it will be able to take down or control your process. The PLCs and controllers lack basic security to stop any attack. You have to secure your perimeter to the best degree possible and prevent even legitimate external access to the ICS, because those are attack paths.
Most executives do not understand how vulnerable their ICS are. When you explain it to them they are shocked … wait you mean there is no security at all???  Not even basic security like my ATM card? "


I don't think the public realizes what these things, the Industrial Control Systems and Programmable Logic Controllers, are or what they do.

If your not a specialist in the field, just think about these systems as Remote Controls (like the remote control for your TV) for the machines, switches, and valves used in Utilities and Industry.

Except, instead of infra red laser or radio that a TV Remote usually uses, these Remote Controls use the internet.

And when they were designed and built, no one really considered that anyone that wasn't supposed to play with the settings would even try to, so just like your TV remote control, there is no real security built into these remote controls.

So in very simple terms, what this means, is criminals/terrorist/etc can just use a specialized search engine, think like "Google" but specialized for finding these remote controls, and start messing with the channels on your "TV", turn it off, or maybe even do something like enter so many commands at once it gives the computer in the TV a heart attack and it dies from all the stress it wasn't made to handle.

But in this case the "TV" is actually the electrical substation the delivers power to your neighborhood, or to your hospital, or your kids school and a cold winter day.

Or it could be to the water treatment plant, so there is no clean water for drinking or anything else until the system is fixed, course, the minute the broken parts are fixed, the attacker could just wreck it again.

This is why a lot of security experts are making a lot of noise about this topic, they know there is a problem, and that something needs to be done about  it, but it is a really BIG problem, and they need help from you to put pressure on politicians and such to improve the situation.

Attacks already happen, see this link http://pipelineandgasjournal.com/hacking-industrial-scada-network for full story, snippet:
"It was a Trojan program inserted into SCADA system software that caused a massive natural gas explosion along the Trans-Siberian pipeline in 1982. A newspaper reported the resulting fireball yielded “the most monumental non-nuclear explosion and fire ever seen from space.”"

Wednesday, November 14, 2012

Security & Hacking: Free online Cryptography Courses

Via Bruce Schneier's Blog http://www.schneier.com/blog/archives/2012/11/free_online_cry.html

https://www.coursera.org/course/crypto

https://www.coursera.org/course/crypto2

Positive comments about it on Bruce's blog.

Putting it on my list.

If your not familiar with Coursera, you can start here https://www.coursera.org/about

Wikipedia also has useful information about them, http://en.wikipedia.org/wiki/Coursera

In case you missed it Yesterday was Patch Tuesday for Windows

http://krebsonsecurity.com/2012/11/microsoft-patches-19-security-holes/

Just a reminder, if like me you review updates/patches before downloading and installing them.

Security & Hacking: ICS related Security Issues

Thought this one might connect with a lot of people, Sourcehttp://community.controlglobal.com/content/recent-issues-and-coming-events,

"Last Friday I was made aware of a cyber compromise of an EKG in a Class 1 trauma center."

Nerd News: BBM VOIP WiFi Only Beta

Press Release from RIM:  http://press.rim.com/newsroom/press/2012/bbm-now-lets-you-have-voice-chats-for-free-over-wi-fi.html

RIM has released a Beta of BBM (Blackberry Messenger) that supports VOIP between BBM users over WiFi.

The Beta is available here https://beta.webapps.blackberry.com/login/

From the press release "BBM version 7 with the new BBM Voice feature is currently available in Beta for BlackBerry smartphones running the BlackBerry® 6 OS or higher."

I have a Blackberry Bold 9780, though I am planning on switching to a Samsung Galaxy Note 2 this Christmas, in large part because I don't have a lot of hope that Blackberry will survive their business mistakes.

I would be happy to be wrong about this, because I really like several features that Blackberry phones have, that no one else does.

Their security is a big one, though newer iPhones (iPhone 4S or newer) have good enough security to replace that functionality.

I also really like the optical track pad of newer Blackberry's, for me that works a lot better than touchscreens, this is a big part of the reason I am going to the Galaxy Note II, the Stylus will provide precision, that I can't get otherwise with touchscreens.

BBM is the third big thing I will miss about Blackberry, if your not familiar with it, it works like Skype Chat, though probably a bit more secure than Microsoft's Skype, considering the news about Skype's password reset hack.

I have been looking at PGP (Pretty Good Privacy) to replace that element.


PSA Security & Hacking: Skype Password Reset Exploit

Edited to add:  Skype is Patched now

http://heartbeat.skype.com/2012/11/security_issue.html
[UPDATE:14/11/2012@15:28GMT]
Early this morning we were notified of user concerns surrounding the security of the password reset feature on our website. This issue affected some users where multiple Skype accounts were registered to the same email address. We suspended the password reset feature temporarily this morning as a precaution and have made updates to the password reset process today so that it is now working properly. We are reaching out to a small number of users who may have been impacted to assist as necessary. Skype is committed to providing a safe and secure communications experience to our users and we apologize for the inconvenience.

*****************

This story is breaking all over net now, I like Sophos Naked Security's article the best http://nakedsecurity.sophos.com/2012/11/14/skype-security-hijack/

They refer to this article http://thenextweb.com/microsoft/2012/11/14/security-hole-allows-anyone-to-hijack-your-skype-account-using-only-your-email-address/

Supposedly this has been used in the wild for months, evidently posted about on Russian forums that long ago.

Official Skype statement from http://heartbeat.skype.com/2012/11/security_issue.html:
We have had reports of a new security vulnerability issue. As a precautionary step we have temporarily disabled password reset as we continue to investigate the issue further. We apologize for the inconvenience but user experience and safety is our first priority 

Don't have any other details to provide at the moment.

Tuesday, November 13, 2012

Nerd Gear: Lifeproof Cases for iPhone & iPad





Mentioned these before, but this is a new to me VOD of these cases.

Looks like they finally have the iPhone 5 case in production, but having problems keeping up with demand http://www.lifeproof.com/shop/us_en/iphone-5/iphone-5-black

Hoping they come out with wide selection of colors like they did for iPhone 4, http://www.lifeproof.com/shop/us_en/iphone-4s-4/iphone-4-4s

We are getting my girlfriend a iPhone 5 for Christmas and she really wants a purple case to go with it, what is it with woman and purple anyway?

Their iPad cases http://www.lifeproof.com/shop/us_en/ipad/

We were talking about these the other day, she was thinking after we upgrade her to newer Retina iPad, then she might be willing to test iPad in one of these cases at the pool, beach, or hot tub.

I will certainly post about it if we ever do test any of these cases in the water, though I don't know if she would ever be willing to risk her iOS devices on purpose ^_^

HwangSin Streaming SC2

 Edited to add:  HwangSin is done streaming already T_T

Streamhttp://www.own3d.tv/HwangSin

<3333 HwangSin

Security & Hacking: "CNN: Cyber Security and the Aurora Vulnerability "





Note this Aurora test was done 5 years ago, 2007

Also note the similarities to Stuxnet http://en.wikipedia.org/wiki/Stuxnet

Similar in using software hack to destroy expensive, and not easily replaced hardware.

Security & Hacking: "Chevron was a victim of Stuxnet"

http://www.livehacking.com/2012/11/12/chevron-was-a-victim-of-stuxnet/

In case you missed this news, Chevron has admitted they got Stuxnet on their machines.

This is one of the things I am really concerned about with Nationally Sponsored Cyber Warfare, the Collateral damage.

The other big concern I have is that it provides Blackhat Hackers everywhere, even low skilled ones with little target discrimination, with extremely powerful tools that they would never have had access to otherwise.

Since once an attack like Stuxnet is discovered, it doesn't take very long for people to analyze and incorporate it into Malware programs and other tools that can be bought online.

You can think about it like a Script Kiddie with a little money, being able to get the equivalent in cyber warfare destructive power to eight Fighter Jets, F-15 cost $30 million apiece while the F-16 costs $18.8 million, based on what Israel has done in the past http://www.newyorker.com/reporting/2012/09/17/120917fa_fact_makovsky.

That is what it would have taken to disrupt Iran's Nuclear Enrichment program with conventional means.


Nerd Gear: Dany Qumsiyeh's Linear Book Scanner




For more information http://code.google.com/p/linear-book-scanner/

I might have to build one of these myself, I have a lot of books, really would like to switch to all ebooks, for a couple of reasons.

First, there would be a lot less dust to trigger my allergies and asthma, when I was reading.

Also I really like having multiple backups on me 24/7 (smartphone + USB flashdrive or micro SD card) plus backed up on my HDD's at home, and on the cloud.



Nerd News: "Stanford creates touch-sensitive, conductive, infinitely-self-healing synthetic skin"

http://www.extremetech.com/extreme/140115-stanford-creates-touch-sensitive-infinitely-self-healing-synthetic-skin

WOW!

I think this is a tremendous invention, the team that did this really deserves some attention and awards in my opinion!


Security & Hacking: "Nuclear plant cybersecurity and information disclosure - or lack thereof"

Author's Title "Nuclear plant cybersecurity and information disclosure - or lack thereof" article here http://community.controlglobal.com/content/nuclear-plant-cybersecurity-and-information-disclosure-or-lack-thereof


If you think this is unwarranted exaggeration, instead of a desperate cry to fix a hole in a sinking ship, you might consider this article, http://www.nytimes.com/2012/08/11/science/behind-nuclear-breach-a-nuns-bold-fervor.html?pagewanted=all, about the elite 82 year old Nun that penetrated the security at Oak Ridge nuclear reservation in Tennessee.

While that is about physical security, not Cyber security, I think it still supports the premise that there is a problem, and we need to do something about it, other than pretending it doesn't exist.

Oh yeah, that was a little Nuclear plant, the nation's only site for storing and processing weapons-grade uranium!!!

This article http://www.reuters.com/article/2012/09/29/us-usa-nuclear-gaf-idUSBRE88S0F320120929 shows a picture of that facility.


This article, http://ncronline.org/news/peace-justice/photos-break-nuclear-facility-feature-blood-slogans, has pictures of the graffiti & etc that occurs when Nuns attack Nuclear sites.

Elfi Replay Pack Starcraft 2

Some replays I found today from Elfi.

Replay pack http://drop.sc/replays?player=%23190048


Also this game he uploaded today while streaming  http://www.2shared.com/file/B8XcoXjt/Cloud_Kingdom_LE__60_.html

Thanks Elfi!

For all Replay Packs I have posted just click this replays Label, other Labels can be found in Label cloud at left side of Blog, and also at bottom left of every post.

If your looking for something specific on my Blog, Google is the best way to find it, just cut and past my Blog's name Cliff's Esport Corner, into Google, and add whatever keywords your looking for, I am still looking for better ways to organize data here, it would help a lot if it was possible to build array with Labels, ie "Catz" + "replays"

Unfortunately Blogger doesn't support that yet T_T

Security & Hacking: 2012 ICS Cyber Security Conference & Aurora

http://community.controlglobal.com/content/are-utilities-and-others-still-blinded-real-threat-aurora

You should read and follow that blog if your interested in Security, Hacking, ICS issues, etc.

Snipped from link above [I changed format slightly from original, words are the same]:
"Protective relays are not as secure as NERC or others would have you believe. Protective relays are not just used in electric substations but also protect large electric equipment in many industries. "

Elfi Streaming SC2

Streamhttp://www.twitch.tv/elfi/

Makes me happy, he is one of my favorite Toss, and I have a LOT of work to do, but I like having a good stream going (I don't listen to music normally while working).

Sunday, November 11, 2012

Security & Hacking: "Why David Petraeus’s Gmail account is a national security issue"

http://www.washingtonpost.com/blogs/worldviews/wp/2012/11/10/why-david-petraeuss-gmail-account-is-a-national-security-issue/

Patraeus was head of CIA until he resigned over this issue.  http://www.washingtonpost.com/world/national-security/david-petraeus-resigns-as-cia-director/2012/11/09/636d204e-2aa8-11e2-bab2-eda299503684_story.html

Not clear to me, but it sounds like Paula Broadwell, the woman who did his Biography & who he was having affair with, had some type of access to his personal Gmail account.

Evidently one of his Gmail contacts got threatening emails from Broadwell, and contacted the FBI over it, and there was some concern that his GMail account had been hacked.

Could have been as simple as staying logged in to account while he was out of room where computer or phone was, while she was there.

Honestly though, as someone interested in Cyber Security, that is that part I am most curious about, though I also wonder about the motives of all the parties involved.


Nerd News: "Microsoft Cheapens Windows 8 with Ads"

http://winsupersite.com/windows-8/microsoft-cheapens-windows-8-ads

Now to be clear, since Paul's title makes it sound like the ads are in the OS, they are not, they are in the apps, he shows a couple of examples.

I have to say, I am feeling good about my decision to switch to Mac over Windows 8, though I am gonna use Windows 7 and eventually Linux via Bootcamp.

Though it feels ironic, I went to Apple for computer, but looking at Microsoft Surface Pro for laptop.

A upside down world.

SEA Clan War: mGG vs TCP [Masters and GM]

Duckville is streaming mGG vs TCP clan war, with Masters and GM players, from SEA.

Streamhttp://www.twitch.tv/duckvillelol

More info at http://www.sc2sea.com/showthread.php?t=6306

Clan info at,

GL HF!

PvZ in HOTS Charisma vs Gemini



BOTGemini (P) vs CharismA (Z) in HOTS, cast by Duckvillelol

Duckvillelol isn't as well known in NA as he should be, he is a great caster, and a good player, from Australia.

Well he covers DOTA 2 as well, but I know nothing about that game T_T

You can follow him at

Friday, November 9, 2012

Thundertoss Top 200 KOTH

Streamhttp://www.twitch.tv/top200koth


For those not familiar with Top 200 description and rules:

Thundertoss' weekly Top 200 King of the Hill continues, showing the top players duking it out in a King of the Hill format.

Top 200 Players (Grandmaster priority, top Masters permitted)
$50 for each 5 wins.
$10 for dethroning a 5+ win player.
$10 for "Match of the Night"

To play, join the chat channel "top200koth" on the NA server, and send a message to Thundertoss.

TL Thread: Top 200 KOTH Returns!

Nerd Gear: MMT Monitor2Go slick portable Monitor with USB & HDMI




Monitor2Go

I missed the stories about this from CES 2012, just stumbled on this while researching portable Monitors for laptops and tablets, something I am interested in both for work on the go, but also for disaster preparation.

I am working on blog post for disaster prep & electronics, inspired in part since Hurricane Sandy impacted several nerds that do podcast I listen to, though I have been into disaster preparation for a long time.

The Monitor2Go is made to dock iPad 2 or 3 (and I assume iPad 4) securely underneath, but the 15.6" monitor will work with any device that has HDMI or USB output.

They also make a related monitor, called the Field Monitor Pro, http://www.mmt2.com/products/field-monitor-pro/

If you use spreadsheets or databases a lot, the Field Monitor Pro would be very useful, when your traveling or otherwise having to use a laptop, or a tablet like the Microsoft Surface, either RT or Pro, because it has a 10 key number pad in addition to the screen.

These devices are shipping, if you click on buy button on MMT's website, they offer 3 different retailers.

I am thinking that I will replace my 13" ASUS with a Microsoft Surface Pro, if the hardware is as good as I think it will be based on the Surface RT.

Either of these would work well with my ASUS laptop, and work well with Surface Pro if I do switch to that for mobile computing.

I am really addicted to screens, I would also use something like this in my home office, either connected to my laptop, or my desktop.


Security & Hacking: "Gary McGraw: Proactive defense prudent alternative to cyberwarfare"

http://searchsecurity.techtarget.com/news/2240169976/Gary-McGraw-Proactive-defense-prudent-alternative-to-cyberwarfare

Good, long, article that argues that the US (and I assume this applies equally to other countries) needs to develop much stronger Cyber defenses.

Also questions the utility of offensive Cyber ability, which I agree with, all you really do with that is teach lot of people how to conduct stronger attacks, though reality is politicians will tend to favor Cyber attacks often, because they are "bloodless" and have less negative impact to the politician making the decision than more obvious attacks.

But as this article also points out, with a very nice The Hobbit (novel) reference, that one of the problems with Cyber attacks, is that it isn't easy, or often even possible, to tell for sure who launched a cyber attack.

So Nations or Groups can attack a country like the US in a way that makes some other country or group the likely suspect (ie like framing someone in a crime drama).


Nerd News: "Seven members of the elite Navy SEAL Team 6 have been punished for their role they played in the creation of the videogame Medal of Honor: Warfighter"

http://www.npr.org/blogs/thetwo-way/2012/11/08/164754549/navy-seals-disciplined-for-role-in-videogame

Supposedly they released classified information, wonder if it was actually used in the game?

Thursday, November 8, 2012

Sacriel Streaming DayZ

Streamhttp://www.twitch.tv/sacriel

Don't know how much loner he is streaming tonight, think he has been streaming for hours already today.

Random Wikipedia of the Day (RWotD): Pretty Good Privacy

http://en.wikipedia.org/wiki/Pretty_Good_Privacy#Security_quality

Pretty Good Post ^_^

Couldn't resist, I am a card carrying wise acre after all!

Link to PGP site http://www.openpgp.org/

For those not familiar with this, it is a very useful way to encrypt email & etc, basically you provide people or the public, with your public key.

Doesn't matter if people trying to crack it know that, and people use your public key to encrypt messages they want to send to you, then you use your private key, which you do need to keep private like a password, to decode it.

I will probably play around with this when I get Android phone, I am used to security that my Blackberry provides, and want something secure to replace that, when I switch to Samsung Galaxy Note 2.


Security & Hacking: Sophos Vulnerabilities & Tavis Ornmandy

Sophos comments: http://nakedsecurity.sophos.com/2012/11/05/tavis-ormandy-sophos/

Tavis Ormandy's Full Disclosure on Exploits or Vulnerabilities he found in Sophos:  http://lists.grok.org.uk/pipermail/full-disclosure/2012-November/088813.html

Tavis' Blog http://taviso.decsystem.org/

His Twitter, according to his Full Disclosure paper, published Mon Nov 5 15:14:17 GMT 2012 is http://twitter.com/taviso [but the link on his site doesn't work because he got the period in it "http://twitter.com/taviso." is direct copy and paste, as a blogger I have run into this myself T_T]

It seems to me that a lot of the drama in this situation basically boils down to a good White Hat Hacker being upset at Sophos for not patching vulnerabilities as fast as he thinks they should.


Seems to be a question of Opportunity Cost, http://en.wikipedia.org/wiki/Opportunity_cost, and without full information on all projects and threats Sophos is dealing with currently, really not possible to say they are doing a bad job in that sense.

I suspect based on how Sophos keeps emphasizing that they have not seen any of these exploits in the wild, and that they appreciate Tavis  Ornmandy's work, that they are probably putting more resources to fixing vulnerabilities that are currently being exploited.

Or that for some other reason, are considered a higher threat to them.

But that is mere speculation on my part.

I will note that I currently use Sophos on one of my machines, I have less than a year of personal experience so far with it, but it is what I use and recommend for certain applications currently.

I also want to note, that Security is not EVER about a single unbrakable wall, but rather on multiple layers or strong walls.

We know any defense can be compromised, and must plan accordingly.





Cool Election News "Youth support drives passage of California tax-hike measure"

http://mobile.reuters.com/article/idUSBRE8A706R20121108?irpc=932

Very Cool story IMO, while I dislike taxes as much as anyone, reality of the situation in California is that they really need to increase the State's cash flow, or they will have to make drastic cuts.

So for one thing, it actually shows people voting for something they need, even if they don't like it.

But it also was result of a lot of young voters, which as general rule in the US tend not to vote very much or very often.

While I don't agree with voting being the most important aspect of democracy, I think that participating and being active in politics is the critical factor, this shows a bunch of people actually being active.

They made a difference as well, so they hopefully will be encouraged to stay active in politics.

 I try not to talk politics to much on this blog, other than to encourage people to make their views known to politicians, in a manner fashion.

But I did comment a bit on politics, in the last half of this post http://cliffsesportcorner.blogspot.com/2012/11/nerd-news-election-results-via-google.html