Archive for the ‘Scrapbook’ Category

Why copy protection is doomed to failure

Saturday, March 6th, 2010

From Slashdot Games Story | Ubisoft’s New DRM Cracked In One Day

Re:Priceless (Score:5, Interesting)

by fuzzyfuzzyfungus (1223518) on Thursday March 04, @11:00PM (#31366974)
Journal

The thing is, “requiring a constant internet connection” isn’t something that you can just tack on in an unhackable way.

You can use the various DRMed binary obfuscation tricks to slow them down; but the hackers will eventually manage to neuter the internet checking stuff, producing a tame version that always returns what the program wants to hear, or a version of the program that doesn’t even care.

The only way to really force the issue is to actually move large chunks of vital game code to the server, and only provide the output of that code to the client. For instance, they could hypothetically ship the game with absolutely no AI code, and have every NPC in the game controlled by AI code on their server, just as if it were a multiplayer game. The trouble with doing that sort of thing is twofold: One is latency. There are only certain parts of a game’s code that can reasonably be moved 100+milliseconds away from the user. AI would be doable, if suboptimal, because of our experience with providing adequate multiplayer FPS results. It’d be worse than doing it locally; but DRM shows a willingness to hurt paying customers, so so what? Second is cost: the more code you move to your server, the more computational capacity you need to maintain for the supported lifespan of the game. The more data you need to transfer back and forth, the higher your bandwidth bills, and the more customers with marginal connections you lose out on.

The problem is, if the internet presence check is purely artificial, hackers will strip it out, just as they stripped out CD presence checks and offline serial key verification checks. If the internet component is vital, the hackers won’t be able to simply strip the checks; because they’ll be left missing whatever pieces are server side; but you run into new issues. If the vital component is static(certain textures or models or something aren’t shipped; but are downloaded when needed) it’ll be extracted and posted on bittorrent inside a week. If the vital component is dynamic(as in the AI example, where the client sends player location data and gets back a series of movement commands for NPCs) it cannot be usefully extracted; but you will take on substantial server load over the lifetime of the game, and whatever that dynamic component is will suffer from latency.

This is where another problem comes in. Since your servers cost money, you want to make the server-side dynamic component as computationally cheap as possible. The simpler it is, though, the easier it will be for hackers to simply write an equivalent version of whatever it is, and make that version, running locally, available in their cracked copies. Unless you can find something that is, simultaneously, computationally cheap to run, very hard to rewrite, and fairly insensitive to latency, you are screwed.

There may, in fact, at least for some games, be an aspect of the game that fulfills these criteria. In that case, anybody who wants to crack the game will, indeed, have to spend weeks or months doing real software engineering to re-implement whatever it was that you left off the disk and on your server(assuming a copy of that doesn’t leak on day two, which would be embarassing) in addition to doing the basic cracking work required to defeat the artificial checks and any SSL style verification of the server the game binary is talking to.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Does being old make you useless in Technology?

Sunday, February 28th, 2010

From Slashdot Developers Story | “Logan’s Run” Syndrome In Programming

Re:Obivous Answer (Score:5, Insightful)

by Angst Badger (8636) on Wednesday February 17, @01:25PM (#31173142)

Eventually people do tend to get promoted beyond programming positions.

Sometimes, though it’s obviously a minority, or managers would soon outnumber their subordinates. I’ve turned down lots of management positions. The narcissism of non-technical managers is such that they think everyone wants to be like them, so they are quite sincere in their attempts to reward good programmers with management positions. The problem is that there is next to no overlap in the skillsets, and most often, what you get is a crappy manager in exchange for a good programmer. There are exceptions, but they are definitely the exceptions, not the rule. Some will accept the promotion with the idea that they’ll run things better, but then they discover that the cluelessness of the non-technical manager they are replacing wasn’t all or even most of the problem: there’s the cluelessness of the next level of management behind it.

As it happens, I actually can do a decent job of managing people. The problem is that I’d rather flip burgers. Consequently, I’ve stuck to programming and kept my skills updated, but at 39, I’m looking at the reality of a career change in the mid-term future. I’m not terribly worried about it — I’ll have the kid through college in four more years, and after that, I can afford to live on a much, much smaller paycheck.

Should it be that way? No, of course not. But absent some kind of organized labor movement — which programmers are notoriously, irrationally averse to — it’s not going to change, as the people making the hiring and firing decisions are getting by just fine with the current system. There is then little choice but to adapt, or at least emigrate.

Re:Obivous Answer (Score:5, Interesting)

by fahrbot-bot (874524) on Wednesday February 17, @01:56PM (#31173680)

Consequently, I’ve stuck to programming and kept my skills updated, but at 39, I’m looking at the reality of a career change in the mid-term future.

I’m not sure a career change is a future reality, unless that’s what you desire. I’m 47 and still highly sought by the various teams where I work. I have a broad background as an application/system programmer *and* system administrator (Unix and Windows) which allows me to develop solutions and, possibly more importantly, debug issues that others with narrower backgrounds simply cannot do. In other words, I get the hard problems – which have to be solved.

I’ve experienced the following…. (Score:4, Interesting)

by ErichTheRed (39327) on Wednesday February 17, @02:24PM (#31174182)

(Disclaimer: I’m a systems guy, not a programmer, but a very similar truth holds for us as well when it comes to age discrimination.)

I’m only 35, and I’m starting to see this creeping in on me also. Here’s a couple of random observations I’ve actually (not anecdotally) experienced:

  • Companies absolutely believe the stereotype that older workers are less productive. Usually, this is because management gets promoted out of the tech ranks, where they were used to younger workers. I’ve heard more than one boss say something like “Oh, so-and-so’s kid is sick AGAIN, what a waste of time.” The deadly spiral of “willing to work longer hours, no committments, and they can be paid less” does not help.
  • A corrolary to the above…younger tech workers tend to have much less of an “out of work” life. This is why you don’t see too many older people working at video game production houses…you just can’t hold a marriage together on nonstop 90-hour weeks. If you’re single, and have nothing but a one bedroom apartment and XBox to come home to, you’re going to complain less about constant overtime and that pesky pager duty us systems guys deal with.
  • After being filtered through 2 line managers, and who-knows-how-many project managers, IT executive leadership just doesn’t see the impact of less-experienced people working on projects. Messes are cleaned up at lower levels, usually by spending a buttload of money on consultants, and only show up at the senior level as “minor overages”. Had the job been done right, the higher salary paid to more experienced people would far outweigh paying experts $xxx/hr to unravel some mess put together by someone who just learned Java.
  • Even worse, people at the C-level believe that all IT people are whiny nerds who can be pushed around with very little pushback. This leads to the belief that nothing they do will be questioned.

I only see a couple solutions. A concerted effort could be made to make managerment aware of the actual cost of a project vs. the salary differential. I doubt that will work. You can also become one of those consultants, and get paid loads of money to clean up messes. However, that’s not for everyone…it requires tons of hard work, business savvy and is not at all stable. Try raising a family with no health insurance and a non-guaranteed income stream, especially in a high-cost-of-living area.

I admit that I’m pretty lucky. I’ve managed to land at companies that don’t seem to mind paying a little extra for someone who really knows their stuff. The price of admission for jobs like that is the willingness to invest in yourself constantly. Taking classes or buying software/hardware/books for training, even on your own time, is the best way to keep current. That way, companies get the best of both worlds…someone who knows the latest tech, and knows enough not to implement something half-baked because they want their weekends free. :-) Unfortunately, that stereotype of the COBOL guy sitting in the corner has a little bit of truth to it, and it means we end up gettting painted with the same brush.

One other choice would require a much different mindset than there is now…accept a lower salary and make up the difference by saving and investing carefully. I’ve been doing this anyway, because I know there will come a time where companies stop paying for IT talent and I’m going to be forced to take a huge paycut. Everyone I know, young or old, spends money like their income is never going to decrease. Live within your means so you can last through the bad times that are coming with the next wave of globalization.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Australian Internet Censorship

Friday, February 26th, 2010

From Slashdot Your Rights Online Story | Aussie Internet Censorship Minister Censors Self

Re:Not helpful (Score:4, Interesting)

by ghostdoc (1235612) on Friday February 26, @12:26AM (#31281768)

When I get involved in these arguments, I like to point out that in fact the vast majority of child abuse in this country has been carried out by members of the clergy, particularly the Catholic church, and that statistically the most effective way of reducing child abuse in this country would be to close all church-run orphanages and missions.

This would eliminate something like 99% of all child abuse, and wouldn’t affect the everyday lives of anyone else. While implementing the Conroy Filter will create a burden on the rest of the country but will not stop a single child being abused.

Needless to say, this doesn’t go over particularly well.

Re:Not helpful (Score:4, Interesting)

by Jah-Wren Ryel (80510) on Friday February 26, @01:03AM (#31281938)

Dunno if it made the news down there, but well over a decade ago Sinead O’Connor tore up a picture of the pope on live television in the USA and said “Fight the real enemy” as she did it. She was hugely censured for it and although it did not kill her career as a musician it probably forever kept her off the pop charts here.

The thing about her protest that most people didn’t even realize, was that she had just finished singing a version of the classic reggae song “War” in which the lyrics were repurposed to be about stopping child abuse. Her message was drowned out by all the media outrage – for a few weeks we learned that everybody in America was catholic, but nothing else really came out of the incident.

A decade later and the news media finally pick up on the abuses perpetrated by the catholic church – even the ‘discovery’ of an official super-duper-secret document detailing how to deny any molestation accusations and denigrate the accusers written by the guy who is now pope from back in the 70s – but not one of those people who took O’Connor to task for telling people the truth back then has come forward to apologize and say, “Sorry, guess you were right and we should have listened to you.”

So yeah, it doesn’t go over very well when you tell them and they sure aren’t willing to give you credit when they can no longer avoid the facts either.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

EULAlyzer

Thursday, February 25th, 2010

From Slashdot Your Rights Online Story | Magicjack Loses Legal Attack Against Boing Boing

Ran their EULA through EULAlyzer… (Score:5, Informative)

by WidgetGuy (1233314) on Wednesday February 24, @04:29AM (#31257088)

…and it concluded:

“The license agreement above has a high calculated interest ID. It’s extremely long, and there were a high number of detected ‘interesting’ words or phrases.” That means Eulalyzer thinks its a bad EULA. The interesting words or phrases are listed and can be viewed in context: (1) Advertising, (2) Emergency Calls or Services, (3) Third Party, (4) Web Site Address, and (5) Without Notice. I’ve never seen a EULA with that many “‘interesting’ words or phrases” called out by the program.

EULAlyzer is a free (download: http://www.javacoolsoftware.com/downloads.html [javacoolsoftware.com]). If, like me, you don’t have the time to read through the EULA’s for software you’re thinking of purchasing, this is just the program for you. At the very least, it will give you a “heads up” and point you to the ‘interesting’ parts of the EULA where you can, then, read as much “legalese” as you can stomach..

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Fail often, fail fast, fail cheap

Sunday, February 21st, 2010

From Slashdot News Story | Jimmy Wales’ Theory of Failure

‘Fail Often, Fail Early’ Is Not Just Wales’ Mantra (Score:5, Insightful)

by eldavojohn (898314) * <my/.username@@@gmail.com> on Saturday February 20, @09:16AM (#31209820)
Homepage Journal

This is a really old mantra in the business world that I was indoctrinated with when I partook in R&D for a Fortune 500 company.

Oh, and everyone’s got their own version of it [businessweek.com]. I’ve heard people correct me when I said “Fail Early, Fail Often” and they say that the order matters. But you’ll hear three concepts in these phrases:

  • Fail frequently. This can also be said “fail often” and simply means “accept a lot of failures.”
  • Fail early. Don’t invest a lot of time into what you’re failing at and just accept the failure and move on. Just as long as you don’t get hung up failing all the time (like Wales said). Also have heard it said as “fail fast.”
  • Fail cheap. This might be derived from ‘fail early’ as time is money. But this is the third optional part you’ll hear from investors and businessmen.

So the ultimate incarnation I’ve heard of this is “Fail often, fail fast, fail cheap.”

Now for the warning: if you take this too much to heart, you see people axing everything. And from the technical point of view, it sucks. And is demoralizing. Another thing is you get really really sick of hearing it and just being the silver bullet response to “why can’t I do X?”

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

The decline of Silicon Valley

Saturday, February 20th, 2010

From Slashdot Story | Are Silicon Valley’s Glory Days Over?

It’s the manufacturing, stupid. (Score:5, Interesting)

by Animats (122034) on Friday February 12, @11:45PM (#31124396)
Homepage

First, bypassing the “story” and a layer of blogs, is the actual report [jointventure.org].

What’s really happened in Silicon Valley is that it’s been hollowed out. Silicon Valley used to be a major manufacturing center. San Jose once had the highest percentage of manufacturing employees of the major US cities, something like 54%. Today, the assembly plants are gone. Most of the fabs are gone. Much of the engineering is gone. This is what happens when you “outsource”. Eventually, everything moves to where the production is, including management and finance.

Part of the problem was the “dot com boom”, with its fake companies and fake prosperity. That caused a major change in the culture, away from engineering and towards marketing. When the bottom fell out of the dot-com boom, most of the marketing types left. The number of twentysomethings in San Francisco dropped by half. (A friend in the club business says “and the other half are working their butts off and don’t go out much.”) The big name in Silicon Valley now is not HP or Intel or IBM or National Semiconductor or Fairchild. It’s Google, which is an ad agency. That’s a huge change in emphasis.

The innovation culture is declining. Portola Valley (a rich suburb) used to have the highest percentage of patent holders of any US community. That’s dropped. There’s not that much exciting innovation going on. I go to venture capital meetings, and the ideas being presented are just not very exciting. (I’ve heard a pitch for a social network for cats. And that made it through two rounds of filtering before I heard it.)

People are still struggling to get semiconductor line widths down, solar fab costs down, and such. But that’s a grind. Mobile devices are not a fun area in which to work – the weight budget, the cost budget, the power budget, and the time budget are all very tight. The manufacturing is in Asia, anyway, and the engineering is going there. New areas aren’t
appearing.

There’s noise about “green tech”, but realistically, “green tech” is either vaporware, like the “smart grid”, silly, like small windmills, or something that requires massive manufacturing, like big windmills. Five years ago, the noise was about “biotech”, which doesn’t employ
many people.

Fewer young people in the US are going into engineering, and that’s a rational decision. It’s hard, it’s expensive to study, your job may be outsourced, and it’s now a low-status field. In 1970, lawyers and electrical engineers made about the same amount of money. That was a long time ago. On the other hand, in Asia, an EE degree puts you in the top few percent of the population in terms of income and status.

US government polices haven’t really had much of an effect one way or the other on Silicon Valley, except that allowing the runup in real estate increased living costs substantially and that free trade has made outsourcing so easy.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Copyright laws say “‘the music industry controls music”

Saturday, February 20th, 2010

From Slashdot Your Rights Online Story | Overzealous Enforcement Means Even Legit Music Blogs Deleted

This is exactly the spirit of the law (Score:5, Insightful)

by damburger (981828) on Sunday February 14, @01:48PM (#31135884)

The laws in question are basically a way of saying ‘the music industry controls music. There shall be no music without our say so’ whilst appearing to be a justified set of rules to make the industry fair. Even if this were the first example (it really, really is not) then nobody ought to be at all surprised. Few service or hosting providers have the balls to actually look into the matter when a legal-sounding letter arrives; they just err on the side of not being taken to court and comply immediately, which is exactly the kind of environment the content industry has sought to create.

Rather than there being a presumption of innocence for those publishing on the web, and the rights holder having to prove guilt – there is a a presumption of guilt and the publisher has to prove innocence, normally with far fewer legal funds available than the rights holder. There is also no consequence to the service/hosting provider for taking content down.

In a society so thoroughly and openly corrupt, how can this be a surprise? If the entire government and legal system is open to the highest bidder (true in every western nation I can think of) then naturally the intent of all laws will be to keep entrenched elites in place.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Google CEO privacy quote

Saturday, February 13th, 2010

From Slashdot Technology Story | Google Buzz — First Reactions

Re:Public vs private (Score:3, Interesting)

by nine-times (778537) <nine.times@gmail.com> on Wednesday February 10, @01:56AM (#31082668)
Homepage

you’ve still shared it with someone who believes that you have no right to privacy, and that if – as their CEO puts it – you don’t want someone to know about you doing something, don’t do it.

In fairness, he didn’t say you had no right to privacy, and the quote is often taken out of context. It was in the context of saying:

If you really need that kind of privacy, the reality is that search engines – including Google – do retain this information for some time and it’s important, for example, that we are all subject in the United States to the Patriot Act and it is possible that all that information could be made available to the authorities.

So he’s not saying, “screw you, I don’t value your privacy.” He’s giving a warning that your information is probably not as private as you’d hope regardless of what service providers you’re using. Microsoft also keeps records of searches for some amount of time (I believe it’s at least 6 months) and they *will* turn that information over to the government. You know what? Your ISP has records of your web surfing, and will probably turn it over to the government if asked. Assuming you don’t host your own email, there are employees at your email service provider who can read your email. These are things you should know.

His advice may be a little flippant, but it’s not bad. If there’s something that you would be totally ashamed if people found out you were doing it, then you should probably at least consider not doing it. That’s true regardless of whether that “something” takes place on the Internet. Of course, the Internet, as it exists today, isn’t any good at securing privacy. Most people don’t encrypt their email, which means even if you want to, you can’t. Websites keep track of which IP requests come from and your ISP keeps records of your IP. Unless you’re rerouting encrypted traffic through proxies, you have TONS of information out in the open. It would be irresponsible of Google to claim that they can ensure your privacy.

So I’d put it this way: If you absolutely cannot afford to let anyone know that you’ve done certain things online, then you should either be taking strong enough measures to secure your own privacy that Google couldn’t track you if they wanted to, or else you should just not be involved in those activities. Otherwise, you’re just taking your chances.

I’d say the much more valid grounds for concern with Google is that, with all the services they offer, it’s such one-stop-shopping for anyone looking to invade your privacy.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Sysinternals + Dependency Walker

Saturday, February 13th, 2010

From Slashdot Technology Story | The Hidden Treasures of Sysinternals

Re:Duh (Score:3, Interesting)

by hairyfeet (841228) <bassbeast1968.gmail@com> on Wednesday February 10, @03:00AM (#31083012)

Same here, I figured better safe than sorry. With a full Sysinternals suite on a flash along with the “Computer Repair Utility Toolkit V2″ (I’d provide a link but some FOSSies had a fit and made the original website take it down. I’m sure you can find it on MegaUpload) that I update with new AV and antimalware tools it is like having a “shop on a stick” that lets me fix a good 80%+ of the problems I run into on customer’s boxes out in the field.

With those two suites and Dependency Walker [dependencywalker.com] on a 2Gb flash stick I can carry all my “save my ass” tools in my pocket, making my life a whole lot easier. I’ve found we PC repairmen are a lot like plumbers, as when we go to visit friends we often get “Hey, while you are here…” and with the Sysinternals suite and the above tools I can fix most problems in no time flat. So if you read this, thanks Mark, your tools kick ass.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Designing for IE6

Friday, February 12th, 2010

From Slashdot Ask Slashdot Story | Is Internet Explorer 6/7 Support Required Now?

Re: (Score:3, Interesting)

by OverZealous.com (721745)

For basic websites, I highly recommend Universal IE6 CSS [google.com].

I’ve decided that I will never design a website that supports IE6, but instead will only server up this rudimentary (if nice-looking) style sheet. As long as your website is standards-based, compliant, and content-oriented, this CSS file works great. You do, however, have to include some of those annoying <!– [if lt IE 7]>…<![endif]–> tags.

For web apps, which are more complex, then I use a browser sniff and redirect IE6 users away.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]