Blackmoor Vituperative

Another day, another security hole in Internet Explorer.

Are you listening yet? Switch to Firefox.

The phone call is about two things, first that Guild Wars, what NC Soft believes to be the second largest massively multiplayer online game around, is getting a final expansion and that the final expansion will prepare gamers for Guild Wars 2.

(from Kotaku, Guild Wars 2, GW Expansion Unveiled)

You know, from what I have seen of other MMOGs, and what I have seen of Guild Wars, I think the Guild Wars folks are doing a great job. I think it’s reasonable to expect that GW2 will be a great game.

Here’s some other news: I keep hearing rumours that Bioware might be working on a MMO for Knights Of The Old Republic (they are definitely working on a MMO, the rumour part is what that MMO might be). Now that would be a great game. Bioware combined an awesome story with a great user interface with KOTOR, and I am sure they would do a great job with a Knights Of The Old Republic MMO.

I’m not going to hold my breath, though.

An odd, six-sided, honeycomb-shaped feature circling the entire north pole of Saturn has captured the interest of scientists with NASA’s Cassini mission.

NASA’s Voyager 1 and 2 spacecraft imaged the feature over two decades ago. The fact that it has appeared in Cassini images indicates that it is a long-lived feature. A second hexagon, significantly darker than the brighter historical feature, is also visible in the Cassini pictures. The spacecraft’s visual and infrared mapping spectrometer is the first instrument to capture the entire hexagon feature in one image.

(from NASA, NASA – Cassini Images Bizarre Hexagon on Saturn)

Proof that the masters of Saturn are gamers.

Yes, there’s another security hole in Internet Explorer. In other news, water is wet, politicians are dishonest, and teen-agers are horny.

Switch to Firefox, you knuckleheads.

Last month Circuit City announced it was closing 70 stores and separating around 400 employees.

Today they announced that they are separating another 3,400 associates. That by itself seems pretty bad, but look at what they told the people they are letting go:

The company has completed a wage management initiative that will result in the separation of approximately 3,400 store Associates. The separations, which are occurring today, focused on Associates who were paid well above the market-based salary range for their role. New Associates will be hired for these positions and compensated at the current market range for the job.

“We can get cheaper people than you, so we’re firing you and hiring some mooks off the street.”

I can believe that there might be a few people who are overpaid. It’s a pretty big company. But 3,400 people? That’s not an attempt to hire people at the “current market wage”. That’s an unabashed attempt to lower the “current market wage”.

And how does this mesh with the company firing 130 employees in the technology infrastructure division and replacing them with IBM contractors who cost the company two or three times as much? Circuit City has a lot of legacy systems (they never throw anything away, they just bolt on new pieces to what they already have), and it will take months, maybe years for an outsider to come in and get a handle on that. I think it’s crazy.

You may not know the name Kathy Sierra. She wrote one of my favorite Java books, Head First Java (I’ve bought every edition of it that’s been printed). She is also a reasonably popular blogger on technical matters such as usability and “creating passionate users”. Well, for reasons which mystify me (evil always mystifies me), she has been receiving death threats and has therefore cancelled her appearance at a major conference. She may not appear in public again, at least not any time soon.

There is a common perception that the world is more violent, more crazy than it ever has been before. Anyone who reads history knows that this is not true. What is true is that our borders are wider, our news net is cast wider, than ever before. Tragedies that used to reach only to the next county are now broadcast across the world. It also means that when we join this wider world, we are exposed to not only the worst people in our neighborhood, but the worst people in our society.

Click the link and go read her site. It just makes me sad.

A year after its original launch, a U.S. government-backed project that scans open-source code for flaws is expanding.

The effort, supported by a research contract from the U.S. Department of Homeland Security, is now scanning code of 150 open-source projects, up from the original 50.

“This allows open-source developers to find and resolve defects introduced into the project,” David Maxwell, open-source strategist for Coverity, said in a statement. Coverity makes source-code analysis tools and shares the DHS contract with Stanford University and Symantec.

Since the start of the project, 6,000 bugs that were found have been fixed, according to Coverity. About 700 developers are now registered to access the bug data and 35 million lines of code are scanned every day, the company said.

(from ZDNet, Open-source bug hunt project expands)

On the one hand, I don’t think the federal government should be spending money on things like this. But that is because I don’t think the federal government should be spending money on anything other than what it is specifically given authority to spend money on by the US Constitution — and that ain’t much.

On the other hand, if it’s going to unconstitutionally rob Peter to pay Paul, at least Paul is doing something useful with it in this case. I’d much rather it fund debugging open source software than pay to put every American’s personal information on an expensive, insecure ID card where any identity thief who wants it can grab it.

MySpace.com on Tuesday said it has filed suit against Sanford Wallace, seeking to bar the “spam king” and his affiliated companies from the social-networking site.

In the suit, filed Friday in U.S. District Court for the Central District of California in Los Angeles, MySpace accuses Wallace of violating state and federal laws including the federal Can-Spam Act and California’s antispam and antiphishing statutes, the company said in a statement.

MySpace charges that Wallace launched a phishing scam in October to fraudulently access MySpace profiles. He also allegedly created profiles, groups and forums on MySpace, spammed thousands of users with unwanted advertisements and lured MySpace users to his Web sites, according to the complaint.

“Individuals who try to spam or phish our members are not welcome on MySpace,” Hemanshu Nigam, chief security officer for MySpace, said in the statement. The lawsuit seeks a permanent injunction barring Wallace and his affiliated companies from the MySpace site, in addition to unspecified monetary damages.

(from ZDNet, MySpace wants to bar ‘spam king’)

I think MySpace is a colossal waste of time and energy, but at least they are trying to do the right thing here. This guy Wallace is spamming, phishing, spyware-spreading scum.

I am writing this post more or less as a note to myself, but maybe they will be useful to someone else, too. Here are the changes to the standard key bindings to make SWG playable (or least reasonably so).

Mouse Pointer Mode Default — Checked
Jump — CTRL-SPACE
Primary Action — SPACE
Primary Action and Attack — [unset]
Set Intended Target — X, MOUSEBUTTON1
Summon Radial Menu – MOUSEBUTTON2
Toggle Auto Target — T
Toggle Repeat Auto Attack — R

Note 1: you have to hit R (in this setup) to attack with, because a normal attack will just stop after you attack once. Essentially, you have to turn on auto-attack every time you attack something. That means you can’t use the same key to “use” and “attack”. Yes, it’s idiotic, but that’s how it works.

Note 2: you periodically have hit ALT because SWG has a borked user interface that changes “mouse modes”. Yes, there is a very good reason you don’t see this in any other game. It’s idiotic.

Note 3: you periodically have to hit ESC or MOUSEBUTTON2, because SWG has a borked user interface that prevent you from selecting a new target if you examined something else. For example if you looked at a terminal screen ten minutes ago, you won’t be able to click on that Tusken Zealot who’s doing his level best to kill you. Infuriating, but I see no way around it.

Here’s a security tip. Never, ever log into any URL that has been emailed to you. Never.

Always go directly to the URL you have bookmarked (for your bank, let’s say), and log in there.

One of the most common scams I see nowadays is scumbags sending so-called “HTML mail” to their intended victims, and making that so-called “HTML mail” look like an official email from someone the victim does business with (eBay, PayPal, and various banks are the most common spoofed emails). In this so-called “HTML mail” there will be a Login button, or a what appears to be a web address. However, if you look at where this address actually goes, it goes to some scumbag piece of filth’s server, typically in China or Romania but it could just as easily be in Idaho, who then grabs your login and password and rob you of everything you have in that account, and then they sell it online to other scumbag pieces of filth on underground web sites.

There are two things you should learn from this.

1) So-called “HTML mail” is EVIL. Don’t send it. Don’t read it. Disable it in your email client if you can.

2) Never, ever log into a URL that has been emailed to you. Never, ever.