Send News. Want a reply? Read this. More in the FAQ.   News Forum - All Forums - Mobile - PDA - RSS Headlines  RSS Headlines   Twitter  Twitter
Customize
User Settings
Styles:
LAN Parties
Upcoming one-time events:

Regularly scheduled events

User information for Mashiki Amiketo

Real Name Mashiki Amiketo   
Search for:
 
Sort results:   Ascending Descending
Limit results:
 
 
 
Nickname Mashiki Amiketo
Email Concealed by request - Send Mail
ICQ NO-441628*Spam
Description --
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Homepage None given.
Signed On Feb 8, 2000, 21:30
Total Comments 2970 (Senior)
User ID 2669
 
User comment history
< Newer [ 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 ] Older >


News Comments > Sunday Legal Briefs
32. Re: Sunday Legal Briefs Oct 29, 2012, 11:21 Mashiki Amiketo
 
nin wrote on Oct 28, 2012, 20:05:
I'm just going to toss this in here and run.


Oh look, another pretentious Hollywood liberal trying to tell people what's best. Gee, you'd think that people would have learned to ignore them by now, especially when they use DNC talking points.
 
--
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Reply Quote Edit Delete Report
 
News Comments > Evening Metaverse
1. Re: Evening Metaverse Oct 25, 2012, 21:10 Mashiki Amiketo
 
Trumps news was a laughing stock? Well probably, funny enough he ended up dragging gloria allred along with him.  
--
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Reply Quote Edit Delete Report
 
News Comments > Evening Consolidation
1. Re: Evening Consolidation Oct 25, 2012, 20:49 Mashiki Amiketo
 
...really? Oh come off it.  
--
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Reply Quote Edit Delete Report
 
News Comments > Revised Windows Store Policy Allows PEGI-18 Games
1. Re: Revised Windows Store Policy Allows PEGI-18 Games Oct 25, 2012, 20:38 Mashiki Amiketo
 
Microsoft discovers PEGI-18 games sell a lot of money. Now the News at 11 with Katie O'Donnel, who will tell us that people who play PEGI-18 games are vicious psychopaths. Is there a link between Microsoft and their new stance? Check out our online poll at 11:48pm!  
--
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Reply Quote Edit Delete Report
 
News Comments > etc.
48. Re: etc. Oct 20, 2012, 04:10 Mashiki Amiketo
 
Cutter wrote on Oct 20, 2012, 02:30:
Yeah, but there are always gems in the city, Mash. It just takes work to find them. I grew up in East York - Donlands and Cosburn - so I know that area well - always been an east end boy and always will! I have a friend in Leslieville right now with a loft apartment in a house that's gorgeous and she pays $600 a month inclusive. So tack on another $100 for incidentals and the rest is gravy - less food obviously.

...

You in the wife interested in getting into the wine biz? Not making, but just growing grapes. Hell, maybe I'll kickstart a winery.
True enough on that one. There are gems, I grew up down londonish way. If you're lucky then you're lucky on finding stuff, back a few years ago though you were kinda stuck it wasn't a renters market as much as it is today.

I had a few friends out there in the patch a year or so back. Most work for the feds now though, my sister does as well. One of my other buddies works in provincial corrections up peace river way, as he puts it's the asshole of nowhere. Very nice and all that, as long as you don't mind -40C in the winter. Oh nice, PEC is pretty good. I'm not really interested in growing or making(too much of a pita in my book) I have considered beekeeping as a side job. One of my cousins does it now, but I have a friend who was right friendly with the folks at the Inniskillin winery at Niagara on the lake. She was a professional taster for 15 odd years for the LCBO, if I can get a hold of her I'll have her fire you off an email. And maybe she can put you in touch with them if you've got any questions.

Getting ahold of her might be the problem. Last I heard from her she was on her whirl-wind honeymoon tour of the world, and all that. Her and her hubby were planning on a 9mo tour before settling down out in BC. That was about 3 months ago when they left.
 
--
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Reply Quote Edit Delete Report
 
News Comments > etc.
44. Re: etc. Oct 20, 2012, 01:56 Mashiki Amiketo
 
Cutter wrote on Oct 19, 2012, 21:01:
Yeah, but in that case we're talking about what's relative. I have buddies who work in the Yukon, the Oil Sands, etc. and make what most people consider huge bank but their cost of living is also absurdly high. It's not like it's cheap bringing in all those supplies. Take Toronto for example, poverty wage when adjusted for cost of living is $16 an hour. Way off from minimum wage. However, 2-3k per month ain't bad for anyone. You may not be getting ahead, but it's hardly poverty level even in any major city. You may not be living downtown in some sweet pad, but you're doing alright commuting from the burbs. The trick is - as always - finding the best value for your money. Hell, I'd love to live in the country but damn if I know how I could make a living out there.
Yeah, relative is a good point which is what I was trying for in my slightly drug induced state. Ah pain killers for the pain. But Fort Mac really isn't in the middle of nowhere perse, even Grand Cache and Grand Prairie aren't. My sister lives in GC, but milk is $8/4L there, and bread is $6/loaf. So she drives to GP for groceries every month and freezes everything perishable. What drives the cost is the fact that it's a coal mining town and the wages are high, so even if it costs low to bring it in. It's the cost that can be born. And I'm not even sure you can live on $16/hr in Toronto these days. 5ish maybe 6ish years ago when the ex and I were living off of Danforth and Broadview(about a 3min walk from the subway station) we were paying $1300/mo for a basement apt. Though I will say some of the fsking roach traps in that area...ugh. At least the house was nice.

I don't live in the country, but I live in a smallish enough community that it's just close enough to it. Small enough that people know you by face, and reputation but large enough that you've got all the amenities, or they're close by.
 
--
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Reply Quote Edit Delete Report
 
News Comments > etc.
40. Re: etc. Oct 19, 2012, 19:56 Mashiki Amiketo
 
jacobvandy wrote on Oct 19, 2012, 17:53:
What the hell kind of diamond-encrusted palace are you living in if you consider 2-3k a month impoverished? I'm living in a very decent 2-bedroom apartment for $755/mo! If I had an extra 1-2 grand, I could eat whatever I want, finance a brand new car, and have a premium cable package with like 2000 channels! Sheeeit...
I can think of one for sure and that'd be oil patch money. At 2-3k a month unless you're living away from the patch, like in Grande Prairie and commuting in by plane to Fort Mac(fort mcmurray) and living on-site, you'll be living impoverished(there's a few other places away from the patch too). An example of how wacky prices are, the tim-tarts(girls and guys serving at tim hortons) make just under $18/hr which is enough to make ends meet.
 
--
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Reply Quote Edit Delete Report
 
News Comments > Firm Says Steam URLs Exploitable
40. Re: You are wrong again. Oct 17, 2012, 20:30 Mashiki Amiketo
 
hb3d wrote on Oct 17, 2012, 20:26:
They can be. A website can script the URL's to execute in the browser without clicking on anything.

...
I have followed Luigi's work in game hacking for over ten years. When he says something about games and exploits, it is the real deal.
That's two completely different things than what you've said in the last 4 posts. A page running something is not the URL itself being a script. That's remote page execution. So again, disabling the steam:// handler effectively limits this vulnerability. And yes you're fearmongering, when there is a solution right there.
 
--
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Reply Quote Edit Delete Report
 
News Comments > Firm Says Steam URLs Exploitable
38. Re: That is NOT enough. Oct 17, 2012, 20:19 Mashiki Amiketo
 
hb3d wrote on Oct 17, 2012, 19:41:
... Once you can remotely execute code as you can here, the sky is really the limit.
*facepalm* That's what remote code execution is. Glad to see you're good on the fear mongering 101 though.


No, that won't do it because if the Steam url's are scripted, you don't have to click on a thing. And, if your browser doesn't prompt on the URL's as Safari doesn't at all and others won't if set that way, you won't even know if your browser executed these URL's.
Steam url's aren't scripted. Though they can be used to execute commands, like any other API installer. Damn man, have you read the steam api deployment document before? The URL's are handlers for a command, if you don't execute the URL you don't execute the commands. They don't spontaneously start running all on their own.

Even someone from h-online figured that one out. "disabling the steam:// handler will disable or severely limit this vulnerability."
 
--
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Reply Quote Edit Delete Report
 
News Comments > Firm Says Steam URLs Exploitable
30. Re: Firm Says Steam URLs Exploitable Oct 17, 2012, 18:49 Mashiki Amiketo
 
Prez wrote on Oct 17, 2012, 18:30:
Some more non-techie explanation needed if you don't mind. What's the worst case scenario here? Am I looking at someone deleting my saved games or someone hacking the Depart of Defense and making it look like I did it?
Worst case? Remote code execution with them being able to transverse directories.

Meaning that they can basicially get "into" your machine and hop around doing whatever they want, to whatever directory(providing it's not locked by the OS). And depending, using engines such as unreal which have unpatched integer bugs(probably the worst offender out there right now), do code execution. Overall, it's not any worse or better than the Uplay bug.

Just don't click on any random steam url's and you'll be fine.
 
--
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Reply Quote Edit Delete Report
 
News Comments > Firm Says Steam URLs Exploitable
27. Re: This goes way beyond being a browser exploit. Oct 17, 2012, 18:27 Mashiki Amiketo
 
No, you don't because Windows environment variables will tell you that. Plus most users use default installation locations for Windows and Steam.

Well as stated in the article the Source engine will do that for the attacker if a Source engine game is installed. But, hardly anyone plays Source engine games, right?

In order to make this exploit work, you need to be able to cause something to create the file, in order to be able to execute it. The environment variable table will not give you a list of games installed to exploit. The link itself is only an arbitrary step in this process. If you don't know what's installed, you have no attack vector. No attack vector, no exploit. It's even in the paper itself. A link isn't enough, but it is the attack point. Now I suppose you could write something to hit the top 100 games.

Even their unreal engine exploit requires a upk file to exist already, in order to cause it to crash(integer overflow). But unless it's there already you can't do squat, and unless you've already written it, or planted it again you can't do squat.

If you run a formed steam URL without something to execute it, nothing happens. If you run something with the steam engine with specific commands, with a force dump you can make it dance. But in the latter case, you need to know "what" you're running into to make it do something.
 
--
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Reply Quote Edit Delete Report
 
News Comments > Firm Says Steam URLs Exploitable
24. Re: This goes way beyond being a browser exploit. Oct 17, 2012, 17:55 Mashiki Amiketo
 
hb3d wrote on Oct 17, 2012, 17:07:
That is really, really bad. As bad or worse than that Uplay exploit everyone bashed Ubisoft over (but not the researcher who found the exploit, hypocrites), but was fixed in a day or less. At least that exploit only affected IE users. This attack affects all browsers and Steam client users and since it can be scripted with Javascript, it is relatively easy to implement and get past the user especially on some browsers and settings.
I ah...read the "research paper" and I use that term loosely. That Uplay exploit effected everyone too, and everyone that had the game plugin installed, not just IE.

You still need to be able to have knowledge of what's where, to be able to execute this exploit. And before that you need to be able to have access to something to be able to create the batch file, in order to create the exploit in order to be able to create the vulnerability.

The computerworld article is rather meh as it stands anyway. I liked the TF2 exploit, that was rather funny. Because what they did was tell the game to create a specific file with a specific filename, thus creating the batch file from the console. But you see the problem here?
 
--
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Reply Quote Edit Delete Report
 
News Comments > Project Eternity Kickstarter Concludes
14. Re: Project Eternity Kickstarter Concludes Oct 17, 2012, 14:48 Mashiki Amiketo
 
nin wrote on Oct 17, 2012, 13:42:
I'm going into withdrawal w/o a recent update here...

It's the hangovers man...you saw the party, they were sloshing it out in the office then I think it was Tim was taking everyone out with the booze on him.
 
--
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Reply Quote Edit Delete Report
 
News Comments > Firm Says Steam URLs Exploitable
15. Re: Firm Says Steam URLs Exploitable Oct 17, 2012, 13:24 Mashiki Amiketo
 
Looking at this a bit more, it appears that unless you've been able to compromise the machine before hand and lay a batch file(and know what games are installed). This is pretty much useless, so if someone has already compromised the machine that far. You've got other things to worry about than steam urls.

Though I might have missed something.
 
--
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Reply Quote Edit Delete Report
 
News Comments > Firm Says Steam URLs Exploitable
9. Re: Firm Says Steam URLs Exploitable Oct 17, 2012, 12:10 Mashiki Amiketo
 
Jivaro wrote on Oct 17, 2012, 11:50:
Am I the only one that thinks it is bad form to go public with this before telling Valve? Seems odd to me. I am not talking about the website, I am talking about the folks that discovered the vulnerability.
Not these days. Security is through obscurity in 99% of all cases, which means the only way to get a company to patch a vulnerability is to go public and scream loudly. This isn't really the industry of 10 years ago, where you could even get a hold of someone in production and say "hey, I found this bug and it causes x,y,z to happen and when I do that I've got root." They just kinda shuffle you around until you give up.
 
--
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Reply Quote Edit Delete Report
 
News Comments > Final Project Eternity Stretch Goal
113. Re: Final Project Eternity Stretch Goal Oct 17, 2012, 08:31 Mashiki Amiketo
 
Lorcin wrote on Oct 16, 2012, 22:05:
Really polite and not drunk 21 units of alcohol version of saying it. Kickstarter needs to massively improve it's international appeal - there has been a LOT of games I would have supported aside from the fact I couldn't work out couldn't be bothered to find out what they wanted in my monetary terms.
Beh. Just do the conversion yourself, and stop complaining. Welcome to Canada or something, you know we're right next door to the US and have been doing it for decades. Where the currency can flux as much as a nickle or more in a day. Since there are sites like xe.com, it's not exactly difficult, you can plug in the entire amount and it'll tell you the market value--not the bank value of the transaction. Usually that's another 3-8%.

And up until the last 5 years or so, the difference between our two currencies has been at least 30-40c/dollar or more.
 
--
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Reply Quote Edit Delete Report
 
News Comments > Final Project Eternity Stretch Goal
72. Re: Final Project Eternity Stretch Goal Oct 16, 2012, 20:55 Mashiki Amiketo
 
Someone just dropped $10k  
--
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Reply Quote Edit Delete Report
 
News Comments > Final Project Eternity Stretch Goal
57. Re: Final Project Eternity Stretch Goal Oct 16, 2012, 20:01 Mashiki Amiketo
 
ASeven wrote on Oct 16, 2012, 19:56:

Yeah, just counting the KS funds only.

Which are at $3.9M as of now.
Gotcha. They said they'd have to double check but it was 4.3 or 4.35m in total, it was kinda noisy when they said it.
 
--
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Reply Quote Edit Delete Report
 
News Comments > Final Project Eternity Stretch Goal
53. Re: Final Project Eternity Stretch Goal Oct 16, 2012, 19:43 Mashiki Amiketo
 
ASeven wrote on Oct 16, 2012, 19:29:
$3.87M. 90m to go.
It's apparently past $4m now according to the livestream on twitch.

Q was asked: Will they consider doing more kickstarters after this?
Obsidian: Yes.
 
--
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Reply Quote Edit Delete Report
 
News Comments > Final Project Eternity Stretch Goal
29. Re: Final Project Eternity Stretch Goal Oct 16, 2012, 17:46 Mashiki Amiketo
 
John wrote on Oct 16, 2012, 17:29:
No, it's 12 levels at least! Where you see only 8?
About half way down the page. They've got both still up, 8 and 12. Though I'd say 12 sounds aoout right.
 
--
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Reply Quote Edit Delete Report
 
2970 Comments. 149 pages. Viewing page 44.
< Newer [ 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 ] Older >


footer

.. .. ..

Blue's News logo