10/31/08

My Condolences, Wii.

It's finally happened. Another company has come out with motion-sensing controller. Which company?, you might ask. While my money would've been on Microsoft, the actual culprit is Sony. That's right- amidst the whole Blue-Ray/HD DVD war, Sony's R&D was hard at work developing this:

Here's a brief description from GameSpot.com:

"Last week, Sony Computer Entertainment of America's patent application for a new input device emerged in the US Patent and Trademark Office's online database. The application, which was first filed in June, details a new motion-sensing controller whose most distinguishing feature is its ability to break apart and be put back together in a variety of formations. The patent application also details a "hybrid video capture and ultrasonic tracking system" to deal with motion-sensing."

Will this be the end of the Wii's reign?
How will this effect Wii's Console market share?
Time will tell.

No matter the outcome, one thing is for certain. Wii's unique and innovative technology has finally been raped and plundered.

My condolences, Wii.
--------------------------------------------------------------
Sony would use Samurai in their patent drawing...
Posted by Living at 10:10 AM 0 comments
Labels: , ,

H@x - ClickJacking

Recently, "researchers" Robert Hansen and Jeremiah Grossman, unveiled the newest weapon in a Hacker's arsenal- Clickjacking.

Clickjacking is where an attacker can control the links your browser visits. Now as usual, there's an upside and a downside to this attack. The good news is that if you use a script filter, such as the add-on for Firefox called No Script, then there's a good chance you can prevent the attack from being successfully used on you. Now several bits of bad news.

First, the attack can be used via any browser. Yes, that includes Firefox 3 & Internet Explorer 7. The only known browser exception is lynx.
Second, the attack can be issued through javascript (like many other viruses), so objects like flash games are perfect bait. Also, Ebay could be used as an attack medium since it allows javascript to be embeded into their website.
Lastly, and potentially most disturbing, is that the attack is not limited to javascript. It is only limited to DHTML. So, in a nutshell, while using javascript would be the "easiest" way for a hacker to attack, it is not the only way.

Gone are the days when you could simply "disable javascript" and not have to worry about and online trouble.

It is also worth mentioning that this is a considered a 0(zero)-day vulnerability. 0-day vulnerabilities are exploits which have no patch; they weren't even discovered (by the "good guys") until recently. This means that there are NO defenses for this attack. As mentioned before, the only quasi-defense is to use a script-diabling program.

For more in-depth examples, Tod Beardsley from BreakingPoint has posted a few proof-of-concept exploits with speculation around clickjacking.
Posted by Living at 8:09 AM 0 comments
Labels: , , , ,

Tap that

Posted by Living at 7:53 AM 0 comments

Dog vs. Crab

Posted by Living at 7:46 AM 0 comments
Subscribe to: Posts (Atom)
Add to Technorati Favorites