Tuesday, July 19, 2011

Six weeks after World IPv6 Day, what have we learned?

Last month's World IPv6 Day created some excitement about IPv6. Once it was over, however, everyone went back to work—which for most people doesn't include anything IPv6-related.

The idea behind World IPv6 Day on the 8th of June was to flush out broken IPv6 setups by simultaneously turning on IPv6 across a large number of Web properties—including the four largest in the world. Few, if any, problems were reported, so in that sense WIPv6D was a resounding success. Apparently, it's possible to add IPv6 addresses to large Web destinations without significant adverse effects.

Read the rest of this article...

Read the comments on this post

Cameron Richardson Chandra West Kasey Chambers Megan Ewing Kristanna Loken

Orcs Must Die! coming to PC and XBLA this summer, Comic-Con this weekend

Robot Entertainment announced today that third-person tower defender Orcs Must Die! will be published by Microsoft Studios and available later this summer for PC and Xbox Live Arcade. The developer previously gave us a window of "late August or early September."

Orcs Must Die! will be playable this weekend at San Diego Comic-Con in the Xbox Lounge, located at the Hard Rock Hotel, and Robot Entertainment will have an OMD prequel comic book available at the show.

Not going to Comic-Con, but still want to get your hands on the transmedia companion fiction that is sure to deliver Great Gatsby nuance to the Orcs Must Die universe? Don't worry, the comic will be available in a digital format "later this summer, also at no charge."

Continue reading Orcs Must Die! coming to PC and XBLA this summer, Comic-Con this weekend

JoystiqOrcs Must Die! coming to PC and XBLA this summer, Comic-Con this weekend originally appeared on Joystiq on Mon, 18 Jul 2011 10:45:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Liz Phair Aaliyah Katherine Heigl Lorri Bagley Leslie Bega

Monday, July 18, 2011

The Joystiq Indie Pitch: Pragmatica

Indie developers are the starving artists of the video-game world, often brilliant and innovative, but also misunderstood, underfunded and more prone to writing free-form poetry on their LiveJournals. We at Joystiq believe no one deserves to starve, and many indie developers are entitled to a fridge full of tasty, fulfilling media coverage, right here. This week, we unlock HiVE's apocalyptic puzzler, Pragmatica.

What's your game called, and what's it about?

This is Pragmatica. It's a programming-based puzzler set in a not-too-distant future, in which robots have, somewhat controversially, all but replaced humans as the world's industrial labour force. The largest and most powerful robotics firm, Pragmatica, hires you as a programmer, tasking you with writing programs to solve tasks using their expensive and highly volatile robots. Gameplay-wise, this means combine actions and conditions (SEE-WALL, TURN-RIGHT) into a program, then hitting the launch button and watching the robots execute it to complete the task, or crash and burn trying.

Continue reading The Joystiq Indie Pitch: Pragmatica

JoystiqThe Joystiq Indie Pitch: Pragmatica originally appeared on Joystiq on Sun, 17 Jul 2011 22:30:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Camilla Belle Blu Cantrell Jaime King Lokelani McMichael Freida Pinto

T-Mobile myTouch 4G Slide Confirmed For July 27 Launch, July 19 Pre-Order

After some confusion, T-Mobile has taken to Facebook to give us an exact arrival date for the myTouch 4G Slide. We originally pegged the slider for a July 27 launch, and as luck (and leaks) would have it, we were right. T-Mo?s Facebook update also confirmed that July 19 will kick off the pre-order period (web only).

Izabella Scorupco Carla Campbell Penélope Cruz Kristen Bell The Pussycat Dolls

iOS, Android catching buyers' eyes while Blackberry suffers

New smartphone buyers have their eyes on iOS and Android devices this summer, with Blackberrys barely registering on their radar. That's according to the latest ChangeWave report with survey data of 4,163 mobile phone consumers—the majority of which are in the US. The trends show that smartphone buyers currently favor iOS devices a bit more than Android, but the two platforms are both holding strong against RIM in the consumer market.

According to ChangeWave, 46 percent of survey respondents who plan to buy a smartphone in the next 90 days said they plan to buy an iOS device—that's up two percentage points from the March 2011 survey. Similarly, 32 percent say they plan to buy an Android device, up one percentage point from March.

The two platforms were roughly at the same level of demand during the last quarter of 2010, but they have definitely split off since December. The explanation for this trend could lie in Flurry Antlystics' analysis from last week—the company said that new developer projects were focusing more heavily on iOS than Android during the first half of the year, which may be due to the introduction of the Verizon iPhone and iPad 2. New high-profile products like these help keep Apple at the forefront of consumers' minds. The fact that the rumor mill keeps focusing on a new iPhone this fall certainly helps, too.

What's sad are ChangeWave's numbers for RIM/Blackberry. Only four percent of new smartphone buyers said they planned to get a Blackberry device as of June 2011—down from five percent in March, and really down from 32 percent in December of 2008. This is RIM's "lowest level ever in a ChangeWave survey," and things certainly aren't looking great for RIM when it comes to marketing to consumers over enterprise users.

ChangeWave also surveyed consumers on how much of an effect Apple's iCloud announcement had on their plans to purchase an Apple product. Unsurprisingly, those who already own Apple products made up the largest group of those "more likely" to buy Apple products in the future after the news of iCloud came out (29 percent), but it's not just Apple loyalists who are looking forward to trying out the new service. Another 13 percent of survey respondents who are not currently Apple product owners said that iCloud made them more likely to buy an iOS device too, indicating that iCloud could become a major selling point for Apple to lure in new buyers this year.

Read the comments on this post

Dido Joss Stone Majandra Delfino Maria Bello Jennifer Gareis

A cheaper, easier cellphone antenna that can't get much smaller

An unusual method of creating antennas has allowed a group of researchers to make tiny versions only 1.8 times the theoretical size limit of an antenna. Scientists from the University of Michigan use a process that grafts a gold antenna onto a coin-sized, dome-like substrate that can operate in mobile phone frequencies.

The conducting part of the antenna resembles a short, multi-armed helix projected on the surface of a half-sphere, one of the leading design styles for making compact antennas that can still conduct signal reliably. Until now, scientists had to manufacture the antennas by bending wire around a sphere, which was inexact, time-consuming, and expensive.

With the new method, the researchers press a rounded substrate covered in a thin layer of gold against a thin antenna pattern, also done in gold. The extra gold layer is then etched away around the antenna pattern by plasma, and gold plating is used to beef up the gold antenna threads if needed.

A 32mm antenna with six gold arms curling around could conduct a frequency of 782MHz. The authors of the paper on the antennas hope that their process will eventually make small antennas as easy to produce as microelectronics have recently become.

Read the comments on this post

Emmy Rossum Kim Yoon jin Melania Trump Summer Glau Mía Maestro

Retailer sites show new August date for El Shaddai

El Shaddai: Ascension of the Metatron is officially scheduled for release July 26, 2011, but it seems Amazon and GameStop have their own schedule, both listing its release as August 16, 2011. Considering El Shaddai has been in development since 2007 and has been delayed once already, perhaps the retailers are just assuming here.

We have contacted Ignition for confirmation of El Shaddai's release, or even just a date for when it will release information about a new release date, if that's Metatron enough for you.

[Thanks to everyone who sent this in!]

JoystiqRetailer sites show new August date for El Shaddai originally appeared on Joystiq on Sat, 16 Jul 2011 21:00:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments

Melissa George Cameron Richardson Chandra West Kasey Chambers Megan Ewing

Sunday, July 17, 2011

Weird Science has a drink, a smoke, and a loaded firearm

No wonder alcohol and tobacco are handled by the same agency: The US government has an agency devoted to alcohol, tobacco, and firearms, which strikes many as an odd combination. Based on some new research, however, that may be a perfectly rational choice. One Garen Wintemute of UC Davis has looked into the habits of over 15,000 Americans, and found that alcohol and tobacco do go together. Firearms owners were more likely to drink heavily and drive afterwards. Worse still, among gun owners, those who tended to overindulge with alcohol were more likely to carry a gun for protection against others and keep the gun unsecured in the house loaded. There's no obvious connection to tobacco here, but we're going to guess "potential for self-harm" might tie them together.

Parrots get names from their parents: Parrots are impressive vocalists, especially when raised among humans, but those skills also play a role in the wild, where some species have been observed to use what are termed "contact calls"—essentially, unique names that help identify an individual. Now, researchers have tracked a series of parrot nests to figure out how these calls develop. The young green-rumped parrotlets in the study picked up their names from their parents. It's not that the parents name them per se, more that the youngsters begin to develop their unique contact calls by taking elements of things they hear from both of their parents and merge them into something unique. To demonstrate that this isn't some form of genetic recombination, the researchers tracked nests with foster chicks, and found that the calls remained a mixture of those of the parents that raised them.

Read the rest of this article...

Read the comments on this post

Susie Castillo Fergie Ivanka Trump Blake Lively Christina Applegate

The war for ModernWarfare3.com, with special Battlefield 3 appearance

Battlefield 3 and Modern Warfare 3 are locked in a tight competition for the dollars of first-person shooter fans, but last week the war apparently escalated. The site www.modernwarfare3.com began to direct people to the official Battlefield 3 site, leading many to believe that EA was in the middle of a very gutsy promotional stunt.

Activision was not amused and has since filed a domain name dispute with the National Arbitration Forum, claiming that it has full rights to the ModernWarfare3.com domain name.

Read the rest of this article...

Read the comments on this post

Nicky Hilton Garcelle Beauvais Kristy Swanson Ali Campoverdi Giuliana DePandi

Blog Post: Windows Server 2008 e 2008 R2 - Introduzione a IPsec parte 1

Ciao a tutti! Oggi parleremo di Internet Protocol Security (IPsec) ? una delle tecnologie pi� utili a livello di sicurezza e protezione dei dati, che per� non sempre viene utilizzata al massimo delle sue possibilit�. In questo post ci limiteremo ad una trattazione teorica, mentre la settimana prossima andremo a vedere nel dettaglio come utilizzarla in Windows.

Figure 4.2: IPSec stack layering

IPsec � un framework di protocolli che permette alle comunicazioni che viaggiano su IP di poter essere rese sicure e affidabili tramite l?utilizzo di meccanismi di crittografia sui pacchetti di rete stessi. Poich� IPsec � integrato al livello Network dello stack, pu� essere applicato in modo trasparente a quasi tutti i protocolli della suite TCP/IP, senza la necessit� di dover configurare ciascuno di essi in maniera differente. Grazie all?integrazione con Windows Firewall e Active Directory, i settings di IPsec possono essere distribuiti con facilit� all?interno dell?intera foresta.

Two IPSec Peers Using AD-based IPSec Policy

La Security Association (SA) � la base di IPsec. Una SA non � altro che un ?contratto? tra due macchine che si connettono; con una SA sono determinati i protocolli IPsec che verranno utilizzati, le chiavi di cifratura e la durata di tali chiavi. Ogni macchina poi costruisce un SADB (SA database) che mantiene tutte queste informazioni relative alle varie connessioni. Ogni SA ha un timeout e alla sua scadenza va ricreata.

Quando due macchine (peers) utilizzano IPSec per comunicare, vengono utilizzati due diversi tipi di Security Associations:

  1. Main Mode le due macchine procedono ad una mutua autenticazione (stabilendo quindi un secure channel - una relazione di fiducia e garanzia di identit� del proprio peer).
  2. Quick Mode i peer negoziano i dettagli della sessione, cio� in che modo verranno autenticati e/o criptati i pacchetti.

Lo scambio di pacchetti per la negoziazione Main Mode e Quick Mode avviene tipicamente tramite l?utilizzo del protocollo IKE. La procedura avviene in 6 passi per la Main e in 4 per la Quick Mode:


Tralasciamo al lettore interessato l?approfondimento sugli specifici pacchetti scambiati dai due peers in questa fase. Quello che � interessante sottolineare � che una volta stabilita una SA, alla prossima occorrenza i peers potranno semplicemente specificare una nuova Quick Mode mantenendo la Main Mode gi� attiva (qualora, ovviamente, non sia gi� scaduta).

Tra i parametri negoziati, vi � l?algoritmo di encryption (DES o 3DES), l?algoritmo di integrity/authentication (MD5 o SHA1) e il protocollo IPsec vero e proprio. A questo riguardo, esistono tre differenti metodi di sicurezza implementabili tramite differenti protocolli:

  • AH - authentication header L?autenticazione (packet signing) garantisce che il pacchetto non venga modificato durante il trasporto. AH calcola una firma digitale (MD5 o SHA1) dell?intero pacchetto IP (compreso di header) e la aggiunge in chiaro al pacchetto stesso. Il ricevitore verificher� la sua versione di tale firma e la comparer� con quella presente nel pacchetto ricevuto. Se corrispondono, saremo sicuri che il pacchetto non � stato modificato ? prevenendo cos� attacchi del tipo man-in-the-middle.


    Da una cattura del traffico di rete, possiamo vedere che l?header AH � stato aggiunto a garanzia dell?autenticit� ma comunque siamo in grado di leggere il contenuto del pacchetto (in questo caso un comando SMB over TCP)
  • ESP ? Encapsulated Security Payload L?encryption garantisce confidenzialit� ed evita che i pacchetti possano venire intercettati e letti da malintenzionati di terze parti (eavesdropping). In questo caso, tutto il payload del pacchetto di rete, oltre agli eventuali header TCP/UDP vengono criptati - ma non ovviamente l?header IP che � necessario per il routing e deve quindi poter esser letto in chiaro dai routers intermedi. Anche per questo motivo, non � necessario che gli apparati di rete che si trovano nel mezzo di una connessione IPsec debbano essere IPsec-compatibili.


    Se cercheremo di intercettare i pacchetti di rete, utilizzando ESP non sar� in alcun modo possibile visualizzarne il contenuto (se non l?header IP)
  • AH + ESP i due protocolli, per una connessione sicura e autenticata, possono essere utilizzati anche congiuntamente

L?autenticazione, inoltre, pu� avvenire secondo tre differenti modalit�:

  1. Pre-shared Key utilizzando una chiave condivisa che viene preventivamente negoziata dai peers
  2. Certificati Digitali i peers procedono a scambiarsi certificati garantiti da una comune Certification Authority. La forza dell?utilizzo di questo metodo non sta nel certificato in s�, ma nella CA che lo firma. Per questo motivo sono implementabili, a seconda delle esigenze, delle policy IPsec multilivello che sfruttano la granularit� dell?infrastruttura PKI.
  3. Kerberos qualora i due peers siano nella stessa foresta Active Directory, possono fare uso di un ticket Kerberos v5.

� bene specificare che ogni computer pu� avere una unica policy IPsec assegnata in ogni momento. La policy non � altro che un insieme di regole, ognuna delle quali ha una lista di filtri e di relative azioni da intraprendere. Semplicemente, questi filtri specificano le caratteristiche del traffico che la regola dovr� processare: IP sorgente e destinatario, tipo di porta (TCP/UDP) e relativo numero di porta sorgente e destinatario, protocollo. Ogni volta che verr� individuato traffico di rete relativo ad uno di questi filtri, verr� intrapresa l?azione corrispondente: permettere o bloccare il traffico, oppure negoziare l?opportuno paio di Security Associations IPsec. Questo tipo di negoziazioni includono i diversi parametri di encryption e autenticazione che abbiamo precedentemente descritto, oltre alla IPsec mode. Esistono infatti due differenti modalit� di funzionamento IPsec:

  • Transport mode � la modalit� pi� comune: due peer si autenticano (fase 1) e stabiliscono cifratura del traffico (fase 2). tutto il traffico tra i due peer verr� protetto in accordo con le policy specificate. La modalit� di trasporto non crea nuovi pacchetti di rete, ma si limita a renderli ?sicuri? cio� appendendo gli opportuni header AH e ESP prima del payload criptato.

Figure 4.7: Packet format with AH and ESP

  • Tunnel mode la modalit� di tunnelling viene invece utilizzata in quei casi in cui la nostra connessione avviene tra due siti ?sicuri? ma deve attraversare una regione della rete non sicura (ad esempio una enterprise che deve connettere un ufficio a New York e uno a Washington)

    Establishing L2TP/IPSec VPN Tunnel Between Sites

    Il traffico IPsec quindi, prima di uscire sul router locale che lo indirizzer� verso la rete esterna, passer� presso un IPsec gateway la cui funzione � creare un nuovo pacchetto che encapsuli il pacchetto originale (il tutto opportunamente criptato).

Figure 4.9: IPSec tunneled Mode packet format


Da come lo abbiamo descritto, potenzialmente tutto il traffico � criptabile con IPsec. Tuttavia, seppure sia tecnicamente possibile, � fortemente sconsigliato farlo in alcune situazioni particolari. Ad esempio, non dovrebbe mai essere criptato il traffico tra i membri del dominio ed il Domain Controller, sia per un puro motivo di aumento della latenza di rete (che pu� causare il fallimento dell?autenticazione verso il DC), sia per le performance della CPU del Domain Controller stesso, che dovrebbe mantenere SA verso tutti i client e i server della foresta. Inoltre, sarebbero generati problemi di performance anche se si tentasse di criptare con IPsec traffico real-time o peer-to-peer. Infine, IPsec non pu� criptare il traffico broadcast e multicast.

Links utili:

Grazie per l?attenzione e alla prossima puntata!

Stefano Gagliardi
Support Engineer
Microsoft Enterprise Platform Support

Rachel McAdams Kristin Cavallari Brittany Murphy Britney Spears Amanda Swisten