Posts filed under ‘News’

If you had read the earlier article I posted, you would have know that last Sunday, the 29th, there was an online record attempt to have the most players online in a first person shooter. I myself was sick and woke up only few minutes too late to join in, but I think I would have had to been ready to click the button to join for hours as MuchDifferent filled all their slots fairly quickly, only shy of 1000 players during the duration, but well past the amount needed for a record. The CEO Christian Lönnholm had this to say, “It was amazing. We did not imagine the amount of interest that this game would generate, so the system went down shortly after we had reached the peak of 999 players. Within minutes we were able to adjust it, and the battle continued for about two hours more. Almost until the end we were averaging around 980 players at any given moment. It was a blast! Obviously, this would not have been possible without the players, so I’d like to send a special warm and loving ‘thank you’ to them! Thank you for bringing such creativity to both the battlefield and to the chat. You had me laughing, giggling and spilling coffee throughout the event!” It just goes to show that I missed out on a great event, but I look forward to seeing who picks up and uses their server technology in future games. They say it can be used in any game engine, but I wonder if any console developers would ever plan to use it. Here’s hoping!

While I agree that spreading the word about SOPA and PIPA is a great idea, I definitely do not agree with a complete blackout of the most widely used reference site. If I were running Wikipedia, I would have made it so users would have to click a button to continue to their information. Wikipedia itself has said that this is not a total blackout, as they are still making the site completely accessible to mobile users. Of course, who wants to look up that information on a tiny screen? (Unless you have a tablet of some sort.) Sort of changing information in Firefox to access the mobile version, I stumbled across a much easier way. I found it on a Dropbox users page and the site is HERE. However, here is the jist of it. Wikipedia is just using some CSS to cover the page you need. With a little javascript, that CSS can be blocked. So you just drag the javascript link on the DropBox site into your booklet or bookmarks on Firefox, and when you get to the wiki with a SOPA/PIPA blackout, just click it and it takes care of the hard work for you!
Enjoy, but do not forget the dreadful, evil thing that is hanging over our heads.

If you’re like me you’ve been keeping abreast of the recent developments regarding the fail0verflow team’s reverse engineering of Sony’s root signature key. This feat allows the generation of signed homebrew code which can run natively on the PS3 without the need for an existing jailbreak which bypasses the signature check. However, beyond the implications of this feat how did the fail0verflow team accomplish the impossible task of reverse engineering a private key from publicly available data? The answer lies in Sony’s botched implementation of Elliptic Curve Digital Signature Algorithm (ECDSA).

All code which executes on the PS3 requires a valid signature in order for the hardware to allow its execution. In the case of SELF (Signed Executable and Linkable Format) executable files Sony requires a signature within the file to be present which is an ECDSA signature of the file’s header utilizing Sony’s root signing key as one of the private variables. Sony’s crucial mistake comes in their implementation of the ECDSA algorithm which requires that all signatures be calculated with some unique random number k. Instead Sony used a fixed value for k across all of their application signatures which in turn has rendered the ECDSA algorithm effectively useless.

In the case of ECDSA when the random seed k is constant across more than one signature ECDSA hashing function can be solved for the private key d in the form d = (s*k – z) / r where s, z, and r are either publicly known values or are calculated as part of the ECDSA algorithm from publicly known values.

With the private key d now known SELFs may be generated which pass the security validation on the PS3 hardware and may run as native code without restriction. Furthermore, with this method duplicated across all levels of the PS3′s security layer less scrupulous members of the community may use the same method to trivially generate the private signing keys for game encryption, firmware validation, and even the system’s bootloader.

So with PS3 custom firmwares and native homebrew already starting to show up where does Sony go from here? Only time will tell. However, looking back you can say that you fully understand how it all began.

Now you know!


[Thanks to Armin Tamzarian]

Microsoft has officially released the fall dashboard update for the Xbox 360 today. When you connect to Xbox Live! today, you will be prompted to update your dashboard to the latest version. If you decline the update, you will be unable to connect to Live! – once you do run the update however, here are all the goodies Microsoft has in store for you:

ESPN on Xbox LIVE

• 3,500 Sporting Events A Year – Access more than 3,500 live and on-demand global sporting events from ESPN3.com a year, including college basketball, college football and college bowl games, MLB, NBA, international soccer and more.
• Out of Market Games – Catch your favorite college team games. Check out the huge catalog of out of market games and enjoy them on the big screen.
• The Best Ways to Watch – Enjoy HD programming, DVR controls, plus access to hundreds of clips from ESPN3.com, refreshed daily.
• Games at a Glance – Keep up on real-time score information using ESPN.com’s score feed without leaving the game you’re watching. View scores for leagues and games currently in the ESPN.com feed and select “Watch Live” or “Watch Replay” to jump straight into that game.
• Predict the Winner – Pick what team you think will win. While watching selected games in college football, college basketball, MLB, and NBA, you will be prompted to vote for your team of choice. You’ll also see the percentage of votes among the Xbox LIVE viewing community.
• Voice Chat – Voice chat with up to seven other friends while watching the big game.
• My Sports – To customize your ESPN on Xbox LIVE experience, click on the “Events, Highlights and More” slot on the homepage and browse by sport to pick a specific league that you want to follow for the season. The league that you select will now automatically display in your My Sports Channel.

Zune Music

• Zune Pass – Zune Pass is a monthly subscription service that gives you unlimited, on demand streaming of millions of songs at launch from all the major music labels and thousands of independent labels.
• Enhanced search – Search the broad library to find your favorite artists, albums, songs and playlists.
• Social – Connect with like-minded fans on the Zune online community and get new music recommendations. Zune Social also lets you see friend’s Avatars and listen to their recently played songs or check out their favorite artists.
• Smart DJ – Instantly create customized playlists by selecting an artist and have Smart DJ find songs that complement your selection.

Netflix Search – Experience a streamlined search function making it much easier to find the movies and TV shows you want to watch.

Improved voice chat quality – The audio codec is updated to improve Xbox LIVE Party audio quality. So grab your friends and jump into a multiplayer game or catch a big game with friends via ESPN3.

Improved Gamertag creation – Choosing a new Gamertag? If the Gamertag you’re looking for is already taken, your Avatar will spin a wheel and we will provide five other Gamertag suggestions at a time for you to choose from.

Streamlined in-dashboard virtual keyboard – We’ve taken the existing QWERTY keyboard in-dash and made it easier to use for scenarios that involve repeated text entry, when signing up for LIVE within the dashboard for example.

Improved Xbox LIVE Marketplace UI and browse experience – The Game Marketplace has been re-organized to provide streamlined access to the gaming and video content you want, reducing the number of steps to get to a download.

Easier to get on a wireless network – Trying to connect to a wireless network? Now you can see a list of all the wireless networks within range when you go into network settings. From there, you can select a new network or further configure the network you’re connected to.

Ability to sign-out other controllers in the sign-in UI – We’re adding the ability to sign-out profiles on other controllers in the sign-in UI within the Guide. This is especially useful when playing games like Rock Band.

New browse experience for 100% completed games – You spent a lot of time and effort earning those Achievements, so we’re giving you a new and better way to browse all of them.
Updated Family Settings – Xbox 360 continues to lead the industry in efforts to create tools that help parents and caregivers choose the right play and viewing settings for their families. We are enhancing the core Family Settings tools for all Xbox LIVE members:

Family Programming – When turned on, Family Programming disables display of all mature content on the dashboard and can be turned on or off with a protected password for individual members (per account). It also highlights all family-friendly entertainment.

Intelligent Default Settings – Your Xbox automatically customizes privacy and activity settings for each member, based on age (child, teen and adult). These settings can later be individually customized.

Title Exceptions – Allow your family members to play specific games above the console’s designated ESRB/PEGI (etc.) rating as you deem appropriate.

All in all, there’s not a ton to get excited about, but the improved chat quality, Netflix search, and the new sign-in UI are all welcome changes. Things look a bit cleaner and more polished as well, but it’s nothing groundbreaking.

You can also bet that there are some behind the scenes changes to the anti-piracy protections built in to the dashboard as well. Microsoft likes to up the ante just before a big game drops, so I am sure we will hear of large ban waves in no time, with the impending release of Call of Duty: Black Ops.

What are your thoughts on the new dashboard?

[via MajorNelson]

More often than not, I search with Google at least 100 times per day – it’s a sickness that I am aware of.

Since I use it so much, when something changes in the way Google works, it catches my eye almost immediately. Just a few minutes ago, Google Instant went live on my account.

You might be asking yourself, what is Google Instant? If you haven’t heard about it via the tech blogs over the last few weeks, Google Instant is a new real-time search feature they have been working on for some time. With each letter you type, Google shows you search results in real-time. This not only eliminates the need to hit “enter” after typing a search term, but it allows you to review the search results instantly, and refine them as you enter your query.

I honestly think it’s pretty cool from what I have seen thus far. As far as functionality goes, I am pretty sure that Google sorts through some of my search history and uses geolocation for clues as to what I might be searching for this time around. The results are pretty much dead on, and aside from past searches, relevant local businesses and geographic features are some of the most prominent items listed in the search results.

If you are not experiencing the instant search just yet, don’t panic. Google is rolling the service out a bit at a time, and only to supported browsers (Chrome v5/6, Firefox v3, Safari v5 for Mac and Internet Explorer v8).

Now what I want to see is Firefox and Chrome developers working the instant feature into their search bars. That would really make the feature complete. I envision that if my current tab does not contain a Google search results pane, the browser should open a new tab and display my instant results as I type. Hop to it lads!

Viking Modular Systems has announced the availability of its SATADIMM, an Enterprise Class SATA II Solid State Drive (SSD) in an industry-standard DDR3 240-pin DIMM form factor. The SATADIMM SSD derives its power from the 1.5V supply to the DIMM socket (operates from 1.25 – 3.3 vdc) and data transfer is enabled by using a standard SATA cable. New designs have the option of wiring the SATA through the DIMM socket so no external cable is required. The SATADIMM has built-in ARS-128 encryption for data protection and supports Trim commands. The different models include SLC (single-level cell) versions with a 25GB to 200GB range and MLC (multi-level cell) versions with a 50GB to 400GB range. The SATADIMM supports SATA 3Gb with sustained read/write speeds of 260MB/sec., plus sequential and random performance of 30,000 I/O operations per second.

Metasploit architect HD Moore has let it slip that he has discovered a major vulnerability affecting a wide range of Windows applications. This vulnerability, not unlike one patched in the Windows version of iTunes a few months ago affects around 40 applications including Windows Explorer, which is a major component of Windows.

He says he discovered this exploit while researching the Windows Shortcut bug that was recently the subject of an out of band patch by Microsoft.

Moore suggested a workaround, stating, “Users can block outbound SMB [by blocking TCP ports] 139 and 445, and disable the WebDAV client [in Windows] to prevent these flaws from being exploited from outside of their local network.”

[via ComputerWorld]

BoyGenius is reporting that there is code deep within iOS 4 that suggests the CDMA version of the iPhone and iPad is ready to be tested by carriers very soon.

This code allows certain units to bypass otherwise mandatory activation steps, allowing the use of the phone by partners and carriers for testing purposes without any hassles. The source cited in the article states that this sort of code always precedes the release of a new product and is promptly removed just before launch.

It should be noted that this is not a guarantee that this is the long-awaited Verizon iPhone, as Sprint’s network is also based on CDMA technology. Then again, who are we kidding?

Let’s just hope that this time around, Apple has a tighter grip on their testing units, so we don’t have a leak like the last time around…

[via BoyGeniusReport]

In a fairly hefty Patch Tuesday, Microsoft put out fixes for 34 different Windows vulnerabilities as described in their monthly bulletin found here. There are a total of 14 “critical” patches, 15 if you count this month’s Malicious Software Removal tool.

Many of these vulnerabilities can be exploited by opening specially crafted files, but some are as easy to exploit as using the preview pane in Outlook. It’s better to be safe than sorry, so take a few minutes and run Windows Update when you get a chance.

In a huge victory for fair-use, the EFF and other assorted organizations won several exemptions from the U.S. Copyright Office covering acts that were previously considered violations of the DMCA.

The new ruling allows users to “jailbreak” any mobile device in order to install and manage software of their choosing.  This includes installation of any legally-obtained applications or the uninstallation of  bloatware and other software they do not want on the phone.

This could result in a significant hit to Apple’s iPhone app store, but it’s a long shot:

Now that it is legal, I can imagine more individuals will jailbreak their phones.  How many more is anyone’s guess.   Apple claims this will still void the warranty, but I would not be surprised if someone (or several individuals) tried to sue in order to preserve the warranty on a jailbroken phone.  If there is indeed an influx of new jailbroken phone users,  I would think that other “open” app stores will surface aside from the well-known Cydia since the stigma and risk surrounding jailbreaking  has the potential to quickly vanish.

Secondly, I can see app developers jumping ship from Apple’s store in order to seek out better payment structures or a more relaxed approval process, providing someone can force Apple to keep the warranty intact on a hacked phone.

The ruling also made legal the sampling/ripping/copying small portions of DVDs for non-commercial derivative works such  as remixes, commentary, etc.,  especially in the pursuit of educational goals.   As far as I have seen however, the ruling does not specify what a “small portion” consists of, so that may come into question sometime soon as well.

The final exemption handed down in this ruling is not a new rule, but an extension of an old one.  Previously, the EFF had successfully petitioned the Copyright Office to allow for unlocking of used mobile phones.  This ruling has been extended as a result of the most recent actions of the EFF.

That said, what are you waiting for?  Jailbreak your phone!

[EFF via boingboing]