Friday, December 28, 2012

Nerd Gear: Computer Cases Cosmos II vs Thor 2 vs Obsidian 650D

Still working on ideas for gaming computer for girlfriend, so that we can game together, we only have one machine that can handle much in the way of games at the moment, here are some of the cases I looked at today:

I welcome any additional suggestions, don't have any real preferences at the movement, other than I want a quality case, cause I will probably use it for 10+ years, and it needs to support water cooling & high end GPU's for future upgrades.





Friday, December 21, 2012

Nerd Gear: Anandtech Reviews Thermaltake Level 10 M Gaming Mouse

http://www.anandtech.com/show/6526/capsule-review-thermaltake-level-10-m-gaming-mouse

I am a bit interested, still not convinced high end mice are any better than normal mouse.

But I used to feel that way about keyboards, before I got my DAS Silent.

This mouse is $99 and isn't right hand biased, which is important to me, since I primarily use my left hand for mouse.

I do switch to right hand for some things.

Also when doing mouse intense stuff all day long, I tend to flip between right and left hands on regular basis to avoid fatigue.

But then I have practiced more than just mouse stuff with both hands, in large part of because of my martial arts & weight lifting, try to have equal strength and skill on right and left side of my body.

Nerd News: Sonic Scalpel, so is Sonic Screwdriver next?

http://www.gizmag.com/invisible-scalpel-sound-beam/25534/

As a Nerd, I really like it when Sci Fi becomes Science, or Engineering!

Wednesday, December 19, 2012

Dota 2 fun

Ayesee is streaming some Dota 2 fun http://www.twitch.tv/ayeseetv

Nerd News: "The War Z's Steam debacle...."

http://arstechnica.com/gaming/2012/12/the-war-zs-steam-debacle-highlights-need-for-better-player-communication/

For those not familiar with War Z, it isn't the same as Day Z (Arma 2 mod), nor is it the not yet released stand alone version of Day Z.

I blogged about alpha VOD of War Z http://cliffsesportcorner.blogspot.com/2012/11/war-z-alpha-game-play-multiplayer.html

GGA Starcraft II Finals Event

Global Gaming Alliance by AZiO, AMD & Levetron



Teamliquid linkhttp://www.teamliquid.net/forum/viewmessage.php?topic_id=388723

When:  December 19, 2012 @ 19:00 CET/18:00 UTC/13:00 EST/12:00 CST/10:00am PST (Dec 20 3:00 AM KST)

Streams:

Brackets (believe replays will be available here as well) http://play.gosugamers.net/starcraft2/tournaments/120:global-gaming-alliance-cup/13:global-gaming-alliance/137:gga-cup-grand-finals/bracket

I am cheering for HwangSin in this event!

Sunday, December 16, 2012

Security & Hacking: Samsung Android Vulnerability

http://forum.xda-developers.com/showthread.php?t=2048511

This is beyond my current technical understanding, but from my understanding is something that could be exploited by apps without being obvious.

XDA may be down for maintenance tonight, so if link doesn't work just bookmark and come back to it Monday.

Thursday, December 13, 2012

HwangSin Streaming SC2

Streamhttp://www.own3d.tv/HwangSin


Been to long since I have been able to watch HwangSin stream.

He is singing occasionally tonight as well ^_^

<333 HwangSin

Catz ZvP on Ohana VOD (Nov 23, 2012)





Interesting game, from Catz's Youtube Channel https://www.youtube.com/user/WeAreCatZ/featured

No Spoilers, but this Protoss uses some elements that I normally use in PvZ, so was really interesting to me how Catz dealt with that element.

Though Toss doesn't use Unit Comp I do, so not sure if the response Catz used here would work as well vs my play style, if I was anywhere near Catz level for playing that is ^_^


TLO vs Hero VOD




Great cast by DuckvillelolLiquid TLO vs Liquid Hero

Some amusing banter between Hero and TLo at the beginning as well ^^

Liquid Ret is streaming SC2 (WoL)

Streamhttp://www.twitch.tv/liquidret

Ret hasn't streamed in a long time, glad to see him streaming again!

Security & Hacking: "Unauthorized Access to a New Jersey Company’s Industrial Control System"

http://publicintelligence.net/fbi-antisec-ics/

Some snippets of interest:

"US Business 1 had a controller for the system that was password protected, but was set up for remote/Internet access. By using the link posted by the hacktivist, the published backdoor URL provided the same level of access to the company’s control system as the password-protected administrator login. The backdoor required no password and allowed direct access to the control system."

"The URL that linked to the control system of US Business 1 provided access to a Graphical User Interface (GUI), which provided a floor plan layout of the office, with control fields and feedback for each office and shop area. All areas of the office were clearly labeled with employee names or area names."

As a gamer, I'll note the second snippet matches up with some games, which seems amusing, sad, and ironic to me.

As someone with much deeper background in physical security than computer security, I'll also note that the second snippet above would provide a lot of very useful intel for physical attacks and/or social engineering.

IMHO Social Engineering attacks are on a boundary of Physical & Computer Security, walking in and pretending to be there to fix something is certainly a Physical attack, though you might be placing a physical keylogger or other Pen Testing equipment to attack the computer network.
 

Wednesday, December 12, 2012

Security & Hacking: Chrome & Flash Updates

http://www.livehacking.com/2012/12/12/google-updates-chrome-to-fix-a-critical-vulnerability-and-update-flash/

http://www.livehacking.com/2012/12/12/adobe-releases-security-updates-for-flash-player/

I got the Chrome Update late last night.

Chrome is supposed to update automatically, but I strongly suggest checking all your Auto Updates once a month or so, or at least quarterly.

Personally I don't trust Auto Updates, I use Calender alerts from my Smartphone Calender & computer schedule app (I don't like synching, because by having separate Calender apps I have backup redundancy that synching would destroy) to remind me to check updates on Patch Tuesday for Windows (I check everything on Patch Tuesday, not just Windows).

Part of that is that I used to rely on auto updates, but found that they were missing critical patches sometimes.


Nerd Gear: GE develops Neat Thin, Quiet Cooler




GE Dual Piezoelectric Cooling jets.

These looking interesting from gadget perspective to me.

But I think I would go with Thermoelectric Cooler (aka Peltier), with water cooling for heatsink if I was going for exotic cooling.

Below is a VOD showing Peltier/TEC cooling of a CPU (not the best quality VOD for audio)




Monday, December 10, 2012

Kings of Tin!

Stream http://www.twitch.tv/onemoregametv

Tonight: djWHEAT, WackStevens, & ROOT.LeiYa

Inside Catz Head ZvP VOD (11/23/12)




Latest Inside Catz's Head, his series of Streams & VOD's where he explains his thoughts and gameplay about Starcraft 2

For all of his Youtube VOD's check out Catz's Channel at http://www.youtube.com/user/WeAreCatZ/

Security & Hacking: The not so secret Secret Service

http://nakedsecurity.sophos.com/2012/12/10/secret-service-sensitive-files-metro-train/

Not only was this PII, it was PII for the US Secret Service.

So, if I am understanding this correctly, you could find the addresses and etc of people on protection details for the President and other VIP's!

Probably with a bit of work you could figure out which people were likely to be on protective details from this type of information as well.

Really think they should have been using stronger encryption, and using a secure courier or something far more secure than a new low level employee riding public transport alone.

Sunday, December 9, 2012

Nerd Gear: Battery Life of 10 & 7 inch Tablets compared

http://blogs.which.co.uk/technology/tablets-ebooks/which-tablet-has-the-best-battery-life-infographic/

I'm sure all of you have read individual reviews of most if not all of these Tablets, but this short article shows battery life in minutes of all the main Tablets in two charts/graphs for easy at a glance comparisions.

They measure in minutes, not hour:minutes, which makes sense, but threw me at first glance.

They used 200 nits and running video, so if your browsing your gonna see less time with most of the platforms.

Security & Hacking "Tor network used to command Skynet botnet"

http://www.computerworld.com/s/article/9234468/Tor_network_used_to_command_Skynet_botnet

Interesting, but I wonder if this has been going on for a long time, using Tor for C&C that is, seems like an obvious kinda idea IMHO.

Edited to add: Yep, missed this in first read through, from above second page of above link:
The Tor-based approach is not new, said Marco Preuss, head of the German global research and analysis team at antivirus vendor Kaspersky Lab, via email. "In the past years several presentations and research papers mentioned this method for botnets."

This story also reminds me of this Malware Targeting Windows 8 Uses Google Docs, where they were using Google Docs to obscure C&C path.

Awesome Ironsquid!

Streamhttp://www.twitch.tv/ironsquid

Goswser doing Proxy Hatch with Spinecrawler rush ^_^

Khaldor & Wolf are casting, @Khaldor & @Proxywolf on Twitter.

Friday, December 7, 2012

Nerd News: T Mobile ending phone subsidies!!!

http://gigaom.com/mobile/t-mobile-ceo-confirms-the-iphone-and-the-death-of-phone-subsidies/

They are also getting the iPhone, but that is the minor news.

They are getting rid of subsidies, and going to cheaper plans!

So finally, US cell phone plans are moving more towards EU situation, I am really excited about this, because this should lower prices in general, but also because I have been with T Mobile for last few years.

Really dull & dry VOD below contains confirmation from the T Mobile CEO, is almost hour long, I am only including it as primary source for story.

Nerd News: Archos Gamepad (Android tablet) now available



On sale in EU at least.

Archos company website http://www.archos.com/

Full Tech Specs http://www.archos.com/products/gamepad/specs.html?country=us&lang=en&#a

Key specs from Tech Specs link:

Display • 7’’: 1024x600 capacitive 5 points multitouch screen
Application Framework • Android 4.1 Jelly Bean
Processor • ARM CORTEXTM dual-core A9 @ 1.6GHz
• GPU quad-core Mali 400 MP
• 3D OpenGL (ES 2.0)
Capacity • Flash: 8GB + microSD Slot (SDHC up to 32GB)
RAM • 1GB RAM


Looks real interesting.

Key feature is that you can map the controls easily & quickly http://www.archos.com/products/gamepad/index.html?country=us&lang=en&p=3#a

If I understand correctly, it is a full Android Tablet, with game controls as part of the hardware.

Since I might have to wait till January to get my Christmas present for myself (Galaxy Note 2), I think I will give this a close look.

Might decide to stay with phone I have a bit longer, and get something like this instead.

I don't like touch screens much, much prefer optical trackpad my Blackberry Bold has, or good stylus setup like the Galaxy Note 2 and Microsoft Surface Pro (Jan 2013 release date) have.

Thursday, December 6, 2012

Sacriel & Oshi Streaming Arma 2 Wasteland

Streams:
If your looking for more info on Arma 2, Official site http://www.arma2.com/ or Arma2 Wikipedia link http://en.wikipedia.org/wiki/ARMA_2


For more on Wasteland see http://www.mmogames.com/gamereviews/arma-ii-wasteland-sandbox-preview/ or https://dev-heaven.net/projects/wasteland-survival-sandbox/wiki

HOTS Beta Patch Balance Update #8

http://us.battle.net/sc2/en/forum/topic/7320452320

I don't have have HOTS, and though I have watched as many pros playing HOTS as possible, still haven't seen enough games to have deep or strong conclusions.

Some random thoughts:
  • I like the Dark Shrine price change, but then I have always been a fan of DT's.
  • The medivac speed boost might be useful for drops.
  • Reaper tweaks look interesting.
  • Based on Reaper & Medivac tweaks, looks like they want more harassment from Terran.
  • Mutas really buffed for GM level players IMO, with good technique, think they will be able to serious damage with Muta cloud without taking losses.
  • Wish I had Beta so I could test new Voidray vs Marines, it might be better vs Marines a little (ie in small numbers), but looks to me like they have Nerfed Voidray so much there is really nothing you could use them for anymore.  Unless the tweak makes them perform in game like a baby BC?  They have lost their ability to win vs any other Air unit.

Wednesday, December 5, 2012

Interesting tidbit about Radio Telescope & Solar Flares

http://www.gizmag.com/mwa-radio-telescope-solar-flares/25300/

Might wonder why I am blogging this here, since this is directly related to gaming.

Reason is that it is connected to Cyber Security, though loosely, power grid and communications are very vulnerable to Solar Flares and Solar Storms.

This project will help with some threats, but it can't really do anything to protect power grid from massive Solar Flare.

IMHO the overall security of the Power Grid, Communications, and Internet should consider all hazards or threats.

While striving for integrated solutions.

See these links for more on massive Solar Flares and damage they can do:

Nerd News: Zapping Bread with Lasers Microwaves

http://www.bbc.co.uk/news/science-environment-20540758

Well they could use Microwave Lasers (aka MASER)!

Nerd Gear: "Sub-Zero Weather: Can Your Smartphone Stand The Cold?"

http://www.pcworld.com/article/249134/sub_zero_weather_can_your_smartphone_stand_the_cold_.html

Came across this interesting article, while doing some research, my gf is planning on biking to work all winter, ordering studded tires for her Bike this week, and she was wondering about taking her work laptop back and forth that way when it is really cold.

Told her condensation would probably be biggest problem most days she felt like biking in the winter vs taking car.

Seems like that is probably the case, as long as you let device warm to room temperature before using.

I know I have used Feature Phones (aka Dumb Phones) in the past when it was very cold, approaching -40 Fahrenheit/Celsius (-40 is same in either system).

The phone was in my coat or pants pocket, always worked when I needed it to, but I was in and out of the car, so not sure how cold the phone really got then.

Was delivering News Papers on weekend one Fall/Winter, mainly rural and one small town, also burned out tranny in my car with that job busting snowdrifts over the hood of my car! 

Security & Hacking: Roger Williams' Shorthand from 1600's Cracked

http://www.salon.com/2012/11/30/code_used_by_ri_founding_father_is_finally_cracked/

Roger Williams is a very interesting person from United States history, http://en.wikipedia.org/wiki/Roger_Williams_%28theologian%29, very important in the establishment of Rhode Island (RI), and also the principle of Separation of Church and State.

As an Anthropologist & Historian, definitely adding him to my list of historic people to study, he actually studied Native American languages & culture, and didn't approve of the ways they were treated.

The cracking of his personal Shorthand is an interesting story, if your not familiar with Shorthand see http://en.wikipedia.org/wiki/Shorthand.

Shorthand was used way back in the day, as a way for a skilled person to record spoken words in real time (or near real time).

Then it would normally be converted into standard text by scribes, or after Typewriter was invented,  typed up.

Generally copies would be made as well, either by scribes or typewriters, of conventional text/language, not the Shorthand version.

Learning Shorthand is something that has been on my to do list for a long time, even in modern world, I find writing to be better for some tasks.

For one, with Rite In The Rain Spiral Notebook , and a Pencil or Space Pen
you can easily take notes outside in the rain, or in Shower/Hot Tub for that matter.

Also Shorthand has applications for Low Tech communication methods like Carrier Pigeons, low or even so called "Obsolete" tech can be very useful at times.

Low and/or Obsolete tech often doesn't require power, so can provide limited communications after Natural Disaster or other large disruption to Power Grid and Internet.

Also not vulnerable to same types of intercepts, so if used for regular or frequent communication, requires an attacker to invest in broader amount of attack capability and tools.

Perhaps Peregrine Falcon's to take down the Carrier Pigeons?



Nerd News "FTC bars advertising firm from sniffing browser histories"

http://www.computerworld.com/s/article/9234363/FTC_bars_advertising_firm_from_sniffing_browser_histories

FTC link: http://ftc.gov/opa/2012/12/epic.shtm

Tuesday, December 4, 2012

Sacriel Streaming Arma II

Streamhttp://www.twitch.tv/sacriel

The got an awesome armed Humvee at the moment.

Security & Hacking: "SMS Vulnerability in Twitter, Facebook and Venmo"

http://titanous.com/posts/twitter-facebook-venmo-sms-spoofing

Jonathan Rudenberg found SMS Texting vulnerabilities in Twitter, Facebook, and Venmo, he notified all of them of their respective problems.

Unfortunately Twitter has yet to patch this vulnerabilty, though Facebook and Venmo have reportedly dealt with it.

I suggest you make sure you have Twitter Text messaging turned off, should be under settings, then Mobile.



Security & Hacking: USB Stick Pen Tool that emulates Keyboard

http://www.pcpro.co.uk/blogs/2012/12/04/the-usb-stick-that-turns-into-a-keyboard/

 I find this hardware very interesting, I wonder if they got the idea from Yubikey?

http://www.yubico.com/faq/why-does-the-yubikey-act-as-a-keyboard/

Not mentioned in the PC Pro article, but rather in the Yubikey link, it mentions that even USB ports that are shut down to USB flashdrives will run Yubikey, since it looks like a Keyboard to the computer.

I suspect this USB stick hack would work in the same situations, were USB ports are locked down to USB flashdrives, the computer would see a keyboard.

So the hack would still work.

Giving you remote access.

Think Social Engineering attacks, or working as part of cleaning crew, would allow easy placement of device like this.

 Speaking of Cleaning Crew or Custodians, how many companies care enough about security to pay good wages to keep good, vetted, in house custodians vs using a contractor?

Or even if they use in house custodians, still tends to be a low pay, low status job, with a lot of turnover, and generally low standards for hire.




Security & Hacking: OWASP "Open Web Security Project"

https://www.owasp.org/index.php/Main_Page

If your not already familiar with this resource, and you work in Security and/or Pen Testing, you will want to become familiar with OWASP.

Consider the following, just to start, from https://www.owasp.org/index.php/Category:Principle:

Some proven application security principles