Thursday, March 28, 2013

Anandtech review of Razer Edge

http://www.anandtech.com/show/6858/the-razer-edge-review

Good review by Vivek Gowri @vivg91

Vivek mentions that hardware wise the Edge is a "monster".

I totally agree with that, one point I would emphasis, is that this is only Windows 8 Tablet I can find that has 8 GB of RAM!

Twice as much as any other tablet.

All that RAM plus SSD mean the Edge should work very well for most mobile business use, unless you need a portable workstation.

I used work with business people that had to travel all the time, I can see people like that, that are into gaming, might well pick the Edge to replace laptop for travel.

Even if their not into gaming, if they need for more than 4 GB of RAM, this would be only tablet available.

Even if work picks up the bill for checked luggage, carry on luggage is only stuff you can count on making it to your destination.

And you can carry a Edge + ARM tablet for same weight as single laptop, while having redundancy for basics like email.


Monday, March 25, 2013

Has Yahoo been hacked again? Lot of users getting "Suspicious activity was detected on your account"

Update 2/26/2013

Found this news story today, http://www.channel4.com/news/yahoos-email-system-hacked-by-criminal-spammers

So it does sound like Yahoo having problems with hackers, but they don't want to admit it?

Yahoo's Twitter https://twitter.com/YahooCare doesn't seem to contain any useful information (nothing you can't find in under a minute with basic Google search).

***
Lot of Yahoo email users are getting "Suspicious activity was detected on your account" message when they try to send email.

I have Yahoo accounts, as well as Google accounts, and I have been seeing that message for two days now.

Some related recent complaints:


Funny thing is when I tried to send a report to Yahoo again today, like I did yesterday, the report failed, couldn't be sent.  LOL

Pretty sure that isn't because of problems on my machine, I am fully patched, use a long random password, run AV, test router security, etc.


Makes me think either they have been hacked, again, or they have some significant bug somewhere in their software.



Sunday, March 24, 2013

Rotterdam is streaming HOTS ladder

Stream http://www.twitch.tv/RotterdaM08

I don't know how much longer he will stream, probably at least couple more hours, he has been streaming for 5-6 hours already.

Noob Hacking "How I became a password cracker"

http://arstechnica.com/security/2013/03/how-i-became-a-password-cracker/

If you know nothing about Password cracking, or your trying to convince friends & family to use password manager + strong random passwords, this article is useful.


Friday, March 22, 2013

Apple adds 2 Step Verification (2 Factor Authentication) for Apple ID

This is big Security News, Apple has finally followed Google and others in having a Two Step (I think of it as 2 Factor) Security option.

Note, this appears to be true Two Factor, even if you are trying to recover lost password, you will still need a minimum of two of the 3 following: 
  • Apple ID password
  • Trusted Device [ SMS capable phone OR iOS device with Find My iPhone enabled]
  • Recovery Key [14 digit Recovery Key Apple provides, they say print and keep in a safe place]


This has both a Pro, since it will be very hard for someone to Hack if your using strong a password.

As well as a Con, if you forget or lose 2 of those 3 things, you will be locked out of your Apple account forever, and would have to get a new one.

You can have multiple Trusted Devices though, and there is no reason you can't have a couple of hard copies of the Recovery Key in safe deposit box and home or office safe.

And if you use a good Password Keeper, also known as Password Manager, like LastPass https://lastpass.com/ you only need to remember one good password.

Reference Links:




Thursday, March 21, 2013

Drewbie Streaming HOTS

Streamhttp://www.twitch.tv/rootdrewbie

Drewbie has started streaming again, but my schedule hasn't matched up until (finally) today.

Nerd News: "2012 Law Enforcement Requests Report"

Microsoft has released a Transparency Report about Law Enforcement requests for information, you can view the report at http://www.microsoft.com/about/corporatecitizenship/en-us/reporting/transparency/

Microsoft introduces the reports with this blog post http://blogs.technet.com/b/microsoft_on_the_issues/archive/2013/03/21/microsoft-releases-2012-law-enforcement-requests-report.aspx, they also state that it will be updated every 6 months.

They also offer a few observations based on the data.

For easy comparison here is link to Google's Transparency Report http://www.google.com/transparencyreport/

Nerd News: SendGrid Response to Adria Richards situation & events at PyCon

Current response outlining SendGrid's thoughts behind their decision http://blog.sendgrid.com/a-difficult-situation/

This link contains SendGrid's initial announcement, http://blog.sendgrid.com/sendgrid-statement/, "SendGrid has terminated the employment of Adria Richards."

Personally I hope everyone involved really learns from this event, unfortunately, often in life the truly difficult lessons, have to be learned the hard way.






Wednesday, March 20, 2013

Security & Hacking: "Microsoft confirms compromise of “high-profile” Xbox Live accounts"

Source & full story at http://arstechnica.com/security/2013/03/hackers-that-took-over-xbox-live-accounts-may-be-behind-ddos-attack-on-ars/ :

"We are aware that a group of attackers are using several stringed social engineering techniques to compromise the accounts of a handful of high-profile Xbox LIVE accounts held by current and former Microsoft employees," Microsoft officials said in a statement sent to Ars. "We are actively working with law enforcement and other affected companies to disable this current method of attack and prevent its further use."

This ties in with Brian Kreb's recent blog post, http://krebsonsecurity.com/2013/03/the-obscurest-epoch-is-today/ were he details what he has learned so far about person(s) that SWATted him.

Oddly those people appear to have been involved in the hack or social engineering attack against Mat Honan, which Honan wrote about http://www.emptyage.com/post/28679875595/yes-i-was-hacked-hard and a later more polished article (link is good, but you may need to refresh sometimes to get it to work) http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all/.

To see all my posts about the Mat Honan Hack click this Mat Honan Label, additional Labels can be found at bottom left of every post, and in Label Cloud at left side of Blog.

Tuesday, March 19, 2013

Kim Dotcom Saga "NZ spies knew Kim Dotcom shouldn’t have been spied on, did it anyway"

http://arstechnica.com/tech-policy/2013/03/nz-spies-knew-kim-dotcom-shouldnt-have-been-spied-on-did-it-anyway/

Get the popcorn out.

More I learn about this story, the more I feel for Kim & his family, also the more I really wonder about the motivations behind the Government Agencies involved.



Security & Hacking (Facepalm edition): "Cisco switches to weaker hashing scheme, passwords cracked wide open"

http://arstechnica.com/security/2013/03/cisco-switches-to-weaker-hashing-scheme-passwords-cracked-wide-open/

TL:DR version:
"It turns out that Cisco's new method for converting passwords into one-way hashes uses a single iteration of the SHA256 function with no cryptographic salt. The revelation came as a shock to many security experts because the technique requires little time and computing resources."

Monday, March 18, 2013

"CatZ Talks About Home-Grown eSports" StarCraft 2 Vlog




This is from some time ago, but Catz & Totalbiscuit were tweeting about it recently.

For the record I agree with Catz on this topic.

Friday, March 15, 2013

Nerd News: "Gagging recipients of National Security Letters found unconstitutional"

http://arstechnica.com/tech-policy/2013/03/gagging-recipients-of-national-security-letters-found-unconstitutional/

A small step forward IMO.

As I have mentioned before, I have a lot in common with research librarians, have several friends that are professional librarians and some that are directors of libraries.

I know they all hate this part of the so called "Patriot Act," since they could be forced to reveal everything people were doing at library.

Fact is, many libraries changed their data collecting practices to limit amount/types of data they kept on patrons, students, and faculty because of the the Patriot Act.

Nerd News: Brian Krebs SWATting & DDoS

http://krebsonsecurity.com/2013/03/the-world-has-no-room-for-cowards/

http://arstechnica.com/security/2013/03/security-reporter-tells-ars-about-hacked-911-call-that-sent-swat-team-to-his-house/

Brian Krebs, from Krebs on Security, seems to be targeted by some criminal types.

Links above provide story.




Saturday, March 9, 2013

EA & SimCity

Saw this comment by alwayswinning on recent Ars thread, direct link http://arstechnica.com/gaming/2013/03/ea-offers-free-catalog-game-to-apologize-for-simcity-server-woes/?comments=1&post=24040939#comment-24040939, cutting and pasting whole thing because it includes tweet posts about problems with the BETA Sim City

IMHO this single post, along with linked Tweets, shows EA had to know there were problems even with Beta.

Below is direct cut and paste of alwayswinning's comment, all bold & etc is from original:

Lucy Bradshaw says, "a lot more people logged on than we expected. More people played and played in ways we never saw in the beta."

This, of course, is total baloney. The servers didn't work during the Beta either! I couldn't connect to a server and neither could any of my friends. EA had to know that this was going to happen because they had major server issues for the entire Beta weekend.

For proof, here are some of our Tweets from the Beta weekend:
https://twitter.com/Telly2Putts/status/ ... 7765583872
https://twitter.com/AlwaysWinning1/stat ... 3136871424
https://twitter.com/AlwaysWinning1/stat ... 5324963841

If my friends and I realized that there would be major issues on March 2nd, EA certainly should have:
https://twitter.com/AlwaysWinning1/stat ... 4873097216
https://twitter.com/ManginiNaBottle/sta ... 3788877824 (obvious sarcasm)

I can't believe EA thinks that they can lie their way out of this. This is the definition of bad PR. They're destroying their long-term value by treating customers, and the media, like dullards. I'm not an EA or Maxis "hater" by any stretch, I'm just trying to set the record straight: they're totally full of it.
Last edited by alwayswinning on Sat Mar 09, 2013 12:47 am

Arma 2 & Arma 3 System Requirements

One of my goals with this Blog, is to make Gaming & Computer/Cyber Security information easier to find. Eventually I hope to have a Wiki section to improve that aspect, till then best way to find information is just use regular Google with Cliff's Esport Corner + search term.

Important note for Arma 2, it is a simulator more than a normal FPS game, 15 FPS is supposed to be playable (per their FAQ), and 30+ FPS is supposed to be good.

Also two great resources from the Arma 2 thread linked below:

Arma 2 System Requirements http://www.arma2.com/customer-support/support_en.html

Thread discussing Arma 2 System Requirements, has been around for years, so early part of thread is bit dated, but means most newer systems should work fine, http://forums.bistudio.com/showthread.php?72181-Will-my-PC-Run-this-What-CPU-GPU-to-get-What-settings-System-Specifications

Arma 2 testing of Hyperthreading impact, or lack, on performance http://forums.bistudio.com/showthread.php?80223-Arma-2-amp-Core-i7-Hyperthreading-Tested

Arma 3 System Requirement http://www.arma3.com/buy#requirements Note HD 4000 (the integrated graphics in Ultrabooks, Macbook Airs & similar) is listed at bottom of Minimum GPU but the CPU minimum of Intel dual core 2.4 GHz/Athlon Dual core 2.5 GHz rules out most if not all of those machines.

But the 13" Macbook Pro with Retina display would meet minimum requirements (running Win 7 in Bootcamp).

Thread on Arma 3 System Requirements, not as good as I would like, http://forums.bistudio.com/showthread.php?147391-Will-my-PC-run-this-What-CPU-GPU-to-get-What-settings-What-System-Specifications

Free Arma 3 Alpha invites see (Note they won't be available till 3/14/2013) http://forums.bistudio.com/showthread.php?147430-Looking-for-Arma-3-Free-Alpha-invites-Look-here!

Main forum for Bohemia Interactive http://forums.bistudio.com/forumdisplay.php?4-BI-MILITARY-GAMES-FORUMS


Friday, March 8, 2013

Nerd News: EA not altering return policy for SimCity buyers

http://arstechnica.com/gaming/2013/03/ea-not-altering-return-policy-for-furious-simcity-buyers/

I can understand why they don't want to refund digital purchases, but think if that is their stand, then they really should be offering something to make up for the frustration.

Call it Customer Service or Public Relations,  also what I have done many times myself in Customer Service situations.

Also had the pleasure of receiving that level of customer service a few times, tend to stick with businesses that provide that level of service, since they usually don't mess up very often (ie they are reliable) and if something goes wrong, I know they will take care of me.





Nerd Gear: "Allwinner A31 Quad Core TV Stick/Mini PC sample Review"

Very interesting looking Mini PC http://blog.geekbuying.com/index.php/2013/03/06/allwinner-a31-quad-core-tv-stickmini-pc-sample-review/

Specs below from link above, does seem like a Beta product, not ready for full production yet based on review:

  • SoC – AllWinner A31 quad core Cortex A7 + PowerVR SGX544MP2 GPU
  • System Memory – 2GB DDR3 RAM
  • Storage – 8GB NAND Flash + microSD
  • Connectivity – WiFi 802.11b/g/n
  • USB – 1x USB 2.0 host port, 2x mini USB ports
  • Reset button-Build in
  • Video Output – HDMIVideo Codecs – Mpeg1/2/4.H.264,VC-1,Divx,Xvid,RM8/9/10,VP6Video Container Formats – MKV, TS, TP, M2TS, RM/RMVB, BD-ISO, AVI, MPG, VOB, DAT, ASF, TRP, FLV etc.
  • Audio Formats – MP3, OGG, WMA, WMAPRO
  • Dimensions – 97*38*12mm
  • Weight – ~32g

Thursday, March 7, 2013

SITREP [Update] from Cliff

Lot of IRL things interfering with normal pace of Blogging, wanted to apologize for that, and assure my regular readers that all is well.

This time of year is usually crazy for me, hoping by next year to have some guest articles to make up for that.

Meanwhile, back at the ranch, one of the IRL items is several bits of new hardware, one of those hardware items I plan to Blog about at least a couple of times.

I don't want to say more at the moment, but I'm sure gamers will be interested in it.  [How was that for a teaser?]

Also looking forward to SC2 HOTS release!

GL HF,

Cliff

Saturday, March 2, 2013

Evernote Hacked forces Password Reset

Articles all over the Net about Evernote Hack:
Evernote is an app I have stayed away from, despite or maybe because of it's great utility, once you start using it, your going to use it for everything.

Which will expose way to much useful information to attacker if the data ever gets compromised, including information that could compromise physical security (my background).

Additionally, with the type of cloud based system used for Evernote, there is no way to make it really secure IMO.


Brian, from Krebs on Security article link at top, mentions this really good interview he did about password encryption http://krebsonsecurity.com/2012/06/how-companies-can-beef-up-password-security/

Explains the difference, in simple terms, between password hash & cryptographic hash.