If you've ever needed to know who or what is in the next room before entering (and i dont mean in Halo) you need to buy some of these guys:  Rolling Tactical Eyeballs

 

These rolling cameras can be thrown into a room ahead of an invading force in order to scope things out. Each ball can take video as it rolls or stay stationary. A wireless connection controls the rotation and camera angle and the balls transmit audio and video.

You can even drop these things off a two-storey building into the thick of things.

If your into gaming then you gotta get one of these babes:  Pyramat Sound Lounger PM550

 bowel-shattering bass

Of course you've been able to do this in Firefox for eons. But here we go:

 WinInet Limits Connections Per Server

http://support.microsoft.com/kb/183110

 

Critical Mistake #1: Non-HTTPS Login pages (even if submitting to a HTTPS page).

Most webdevs know that HTTPS is comparatively expensive-- the multistage handshake with multiple roundtrips and cryptographic operations is inherently less performant than straight HTTP.  A few years ago, someone got the bright idea that login pages should be served via HTTP to reduce this performance hit. 

The thinking goes something like: "Well, since the HTTP POST containing the user's credentials is sent via HTTPS, any man-in-the-middle can't see the data." 

And this seemed like a reasonable idea.  The practice became even more popular as banks and credit card companies decided that customers should be able to log in directly from the HTTP-delivered homepage.  Three of my financial institutions offer this "convenience".  One of them even draws little lock icons near the login box and provides a phone number for customers to call so they can convince them that it's safe.

There are two problems with this practice: One fairly obvious, and one slightly less obvious.  The first problem is simple: How does the user know that the form is being submitted via HTTPS?  Most browsers have no such UI cue.  (Pretty much everyone turns off the "Warn when sending unencrypted form data" option within 2 minutes of installing the browser.)  Even supposing there was a UI cue that the form was targeted at a HTTPS page, how could the user know that it was going to the right HTTPS page?  If the login form was delivered via HTTP, there's no guarantee it hasn't been changed between the server and the client.  A bad guy sitting on the wire between the two could simply retarget the POST to submit to a HTTPS site that he controls.  Oops. 

Think that's bad?  There's an even more sneaky attack the bad guy could execute.  The event model in HTML is pretty rich, and one of the things it can do is listen for keystroke events.  So, the bad guy could simply rewrite the login page HTML to leak keystrokes to a server he controls, every time a key is pressed.  Unsecured login form + Man-in-the-Middle+ 5 lines of JScript + Serverside keystroke collector = Bad News.  

(Food for thought: The keystroke-sniffing attack gets even worse if your JS can run in the browser chrome, a feature offered by some browsers.)

Critical Mistake #2: Mixing HTTP Content into a HTTPS page

Some HTTPS pages pull in assorted resources over HTTP, which leads to the annoying "This page contains both secure and nonsecure items" prompt.  Why does this hassle exist?  Is it really so bad if some files get pulled down via HTTP, if the main body of my page is delivered via HTTPS?

The answer is, of course, yes, this is a bad thing.  For one thing, it's impossible for the user to tell what parts of the page were delivered securely, and what parts were not.  And worse, if a man-in-the-middle can rewrite the HTTP traffic, he can, for instance, rewrite the HTTPS page using standard DHTML.  Or, he can scan the page for any information of interest (e.g. a credit card number) and POST that data to a server he controls.  Using HTTP-delivered resources on a HTTPS-delivered page pokes holes in your secure channel.  Don't do it.

 

Latest updates explained in good detail here. Hopeful when they ban the standby-ers and reset the stats shortly I'll manage to reach level 10. God May is gonna be a cool month!

RedvsBlue have some video walk thrus of the new maps

Register here for your shot at being the Halo 2 world champion. Best mark me down as being a high risk during May!

Also - good news from Bungie:

The wait for new Halo 2 content is over. As promised, the first four (of nine) maps are available for download today via Xbox Live. When you sign in, select "Content Download" from the Live menu and you'll see two download options.

The "Bonus Map Pack" is free of charge and includes Containment and Warlock.

The "Killtacular Pack" is a premium download that will cost $5.99 in exchange for Turf and Sanctuary. Both of these maps will be available as free downloads later this Summer - June 28 to be exact.

Grab these maps and fire up some custom games with your friends and see first hand what we've been so excited about the past few months. Next week we will be updating our matchmaking playlists and incorporating all four new maps in the approrpriate playlists.

And, for folks who don't have access to Live, you'll be able to get all nine multiplayer maps on June 28th when the Halo 2 Multiplayer Map pack is released in retail stores.

Top football defenders not only tackle hard, but distribute the ball intelligently to teammates. A similar challenge faces software developers today to ensure system uptime and data integrity, while ensuring that systems are nimble enough to operate at Internet speed.

In my opinion, many of the security problems that plague the internet (and computers in general) are caused by the fact that companies still put their priorities in the wrong place. Most programmers still choose performance over stability and security.

Pissed off by people using 'standby' on Halo 2, want to know what it is or how they do it? Watch this video! BTW Bungie has now released an update that fixes this glitch - so this info is provided for educational purposes only. Do not cheat on Xbox live or you WILL be BANNED.

 

 

From slashdot:

 "When the LHC Computer Grid starts operating in 2007, it will be the most data-intensive physics instrument on the planet. Today eight major computing centers successfully completed a challenge to sustain a continuous data flow of 600 megabytes per second on average for 10 days from CERN in Geneva, Switzerland to seven sites in Europe and the US. The total amount of data transmitted during this challenge -- 500 terabytes -- would take about 250 years to download using a typical 512 kilobit per second household broadband connection."

Just imagine the bittorrent-ing you could do!

Handy page with .NET tools definitely worth the download

Can personally recommend:

•  Microsoft FxCop
•  NUnit
•  NDoc
•  Visual Build Professional
•  .NET Reflector 
•  Allocation Profiler
• TestDriven.net

Hansleman finds another Gem. If your at all worried about IM security and you SHOULD be, install this software and encrypt your chat sessions - seamless. I love software that just installs and works.

I've added some more network monitoring tools to my site for a trial. Checkout my bandwidth usage!

 "Coding4Fun is all about giving something back to the hobbyist developer community"

 "Coding4Fun is for the millions of hobbyist developers worldwide who write very cool software applications for fun – on the nights, on the weekends, in their spare time, whenever. "

 

http://msdn.microsoft.com/coding4fun/

 

Just dont give M$ too many good ideas!

Good blog on the next gen dvd encryption which hopes to replace CSS

http://www.freedom-to-tinker.com/archives/000800.html

Will they not learn? - to minimize privacy, retail prices must be more competitive and stupid distribution rules, like regions, need to be scrapped. With e-commerce and the net, why should we pay more and wait longer in the UK for essential the same product?

When I'm coding (especially at home) I listen to a very wide range of music. Depending on the stage of the project the genre varies. For example, design generally means classical, implementation leans toward dance/trance, but for the next few weeks I need to code at a serious pace. This means we need to go back to the 90's when we raced around the M25 in convoy looking for the latest illegal rave. That's right, when I need to code quickly I'm proud to don the white gloves and glow sticks - Its Happy 2B Hardcore. For the next 2 weeks solidstore will be streaming uplifting tunes to help bring this project in on time.

What do you listen to when coding? Leave a comment.

BTW: Is there a name for the law (like Moore Law) that states as soon as you buy new hard disks you will fill them? I've just increased my total mirrored storage capacity to 1.1 terabytes and I've filled 'em already! Its amazing how much space 48 days worth of hardcore vinyl can take up!

With the number of references to 'hardcore' in this blog, I cant wait to see what referral spam I get

USB Cafe Pad

 USB Humidifier

 USB Wireless Security Lock

 

 USB Glowing Snowman

 

 USB Christmas Tree

 

and to connect them all up:

 

Viewers of MTV will get a sneak peek of the new Xbox console ahead of the machine's debut at the E3 games conference in Los Angeles. The new console will be featured on various MTV channels around the world on 12 and 13 May.

While no specific details about the machine's architecture has been officially released, experts predict the console will be powered by three 64-bit processors.

The new console will also make use of the Xbox Live online gaming system, with increased use of downloads.

If you were wise, you never doubted. If you doubted you have little chance of understanding the complexity and consequences of your mental miscalculation. It's very simple. Much like the swift and masterfully orchestrated barrage of a monkey slapping you silly all the while sorting different systems of data hierarchically in his head. His disappearance is even swifter as you struggle to your senses helplessly...

Killer coding ninja monkeys do exist. At long last, like Jedis of yesteryear, they have revealed themselves...

1. Flag through wall: (most devestating) You are able to grab any flag, bomb, gun etc... through any wall as long as the wall is not to thick.
Example: a. Zanzibar If you kamikazi and place flag at top left corner of steps in defenders base. You then can grab it through the wall by jumping on the boxes outside and jump towards the wall and grab. This is also helpful at grabbing flag through the floor at colossus and bloodgulg.  For beaver creek all you have to do is have one of your friends go through your bases portal. and then have all the rest of the team go on an assualt and grab the flag and throw it against the wall. Your other teamate should be able to grab it through the wall as long as he stays inside the portale after he transport. Then just exit and enter the portal and you'll be right back at your base. (easy score)
Now for colosuss this is alot easier all you have to do is go under the platform from where the flag is (try not to be seen) and just get directly under the flag, jump and crouch in the air and hold x the whole time you should grab the flag right through the floor. This is good for a surprise grab.

2. Sword sailing: allows you to reach high places on the map mostly for recreational playing not of use in reg match. To do this you must have an energy sword and an enemy player to participate. a. press x and right trigger rapidly and then move your aim cursor onto the enemy till it turns red. Then you will lung at the enemy without killing him. (as long as you keep hitting x) try doing this while an enemy jumps up to allow you to sail high into the air.

3. Banchee flying: have your partner fly a banchee, while another jumps on the top of it. Slowly fly where ever you want if you move slow enough you can reach anywhere you usually can with the banchee but your partner is there along with you. ( also if you would like to hide the bomb carrier or flag so game never ends have bomb carrier/flag carrier jump oto banchee and lift him to safety. This done by one of the # 1 clans who had the game last 2 hours before the other team quit.

4. Wraith wall clinging: When playing coagulation behind one of the enemies base you are able to boost amazingly up the wall almost 90 degree angle and continue up the wall to a decent hight. Gives you a nice birds eye view. (im not 100% sure but it is base opposite of the one with the high platform on the wall.)

5. Ghost flying: This is a hilarious and fun one where you use a wraith to launch a ghost across the entire map spiralling throgh the air. This is done on Headlong. You have a ghost go to the middle there is a wall underneath the broken bridge. You must find a spot on that wall where there is decent open space for thee wraith to hit. (It is near the rock next to wall) Have a ghost look forward and back up against the wall. Then have the wraith boost directly at the ghost and wham flying ghost. Watch as the ghost is sent hilariously spiraling. (you probably should have over shields set on)

6. Hole in Zanzibar: There is a pesky hole in zanzibar that you can have your flag/bomb/ball/gun/sword, swallowed up by it. The hole is located near the invisibility cloaking tower, head from there to the rock walk along wall where you can find a shot gun leaning up against an arch. You head down the walkway to where you see an arch/tunnel. Right before the steps down the arch is where the large hole is located. It is easily found.

7. Getting past invisiable walls: most invisible walls have their limits and can be overcame by jumping over them by sword sailing. example is in Zanzibar near the top right of the defenders base where the broken wall is jump on the roof by eather sword sailing ect... Once up go on the rocks away from thr base's roof untill you reach an invisible wall. Have an enemy jump up and down in the corner with the invisible wall while another enemy sword sails on him in mid air and youll go flying over the wall. It is not easy and may take a few trys. From there you can have a short hike to explore.

8. Sword climbing: This allows you to reach almost any hight with practice. It is easiest if you try in a corner have 2 enemies 1 with a sword. Have one jump on the others head. After you are on the sword enemies head you must begin jumping non stop. The sword guy then looks up at the other enemy on his head and begins to press X and B repeatedly (basically sword sailing) and you will be pulled to the enemy upward as you are pulled he jumps off your head and you will begin rising up and up and up ect.. With practice this allows you to reach anywhere in any map possible.

9. Flying spartan: Have an enemy with a sword sit inside the passenger seat of a warthog. The other must stand in red targetting range. The enemy in the warthog slash with the B button 3 times at the other enemy. (phew). After this is done the enemy not in the humor can proceed to the opposite side of the map once he reaches that, the sword enemy in the warthog can face in the air and get out of the warthog. You will be imediately flung into the air speeding across the entire map. (very fun)

10. Good flag grab spots: a. Zanzibar top left corner of steps, grab from crates outside. b. Zanzibar top right of ramp in defenders basegrab through bottom left front entrance. c. Coagulation Use humer to give you hight and jump up and grab flag through floor. d. Colossus jump up and grab flag through floor ( this one is harder but with practice gets easier) Also you can capture the flag by jumping up and pushing it through roof same way you grabbed it. e. Lockout you grab bomb, odd ball in the middle from underneath the glass good for play balls or returns.

11. Lockout trick: When you are playing 1 flag and you are on offence. When you grab the flag go up the ramp towards the sniper tower, then take a left once you enter room right before you enter the room with the green shot gun room drop down you can jump and release the flag and it will be placed 1 level up while everyone is down with you have an ally pick flag up and take it to home base to win.

12. Best weapon combo: Battle rifle and plasma pistol. Have a plasma pistol out charged when you see some one and have a good shot release and it will practically heat seak them. Then pull out your battle rifle and 1 shot to the head kills them with or without overshield. No other combo if done properly can out beat this one. (try staying away from multiple enemies because it takes awhile to recharge plasma pistol)

13. Outside Ivory Tower: To get outside ivory tower ehemm.(this glitch takes at least 3 enemies) a. Have 2 people with a sword go to the overshield ramp area. b. at the very top of the ramp have one enemy stand facing the glass opposite of the windows. c. The other go on the opposite side of the glass. d. There is a ledge to sit on. e. Then the enemy on the ledge begin sword sailing at the enemy through the glass. f. Try pressing up left with the d pad (left joy stick) while hitting the sword sailing buttons X and B. ( you may substitute B with the right trigger for this glitch) g. continue doing this it may take awhile it was frustrating for me at first and I have done it 3 times and it has not gotten any easier. h. NOW! once you get through you will start to fall try to catch the below ledgeagainst the building. i. Once you get 2 people down on the ledge begin the sword climbing glitch against one of the beams and copntinue up ( If you go up high enough past the top you both can get up together, keep going after you reach top untill you think you can both reach the edge.) j. now explore the great site of seeing every room and the vast landscape.

5 days since the 15,000 mark was breached, now I passed the 20K mark. Download the changer today or simple browse for your favorites.

If you haven't downloaded my wallpaper changer yet then now would be a good time. My wallpaper gallery has reached the 15,000 image mark and I have still thousands to catalog and upload. Each image has been personally reviewed so you can be guaranteed of some top quality high-res desktop wallpapers. You can now even exclude the 'Angels' section if you want to use the changer at work.

Go on - download today. Its Free - no Ad-ware or Spy-ware. Just good old honest .NET task-bar application written by yours truly.