Wednesday, July 19, 2000

YAMSH (Yet Another Microsoft Security Hole) -- 10:42 pm CST, Update by J.t.Qbe

News hit the wire today that another hole has been found in Microsoft Outlook. This one opens the door for a buffer overrun exploit which can be triggered simply by downloading your mail via POP or IMAP. You don't need to open or read the email--simply downloading it will do the trick. With this trick, a malicious email can do anything you could on your computer, such as run a program, format your disk or change all your Quake skins to Barney. Microsoft is working on a patch. The best fix is to get rid of Outlook and install Netscape.

A.T. Hun comments: I'd like to hear from the folks who said all the email viruses were the result of user stupidity about this one. How long will it take before people realize that Outlook is a gateway for viruses and precious little else? I shudder when I think about how many companies use it as their primary email and scheduling app.

LithTech 1.5: Lesson Not Learned -- 11:58 am CST, Update by A.T. Hun

Our very own Wraith, author of the Bloodbath Mod for Shogo, discovered that the same well-known exploit in LithTech 1.0 (Shogo) still exists in LithTech 1.5 (KISS Psycho Circus: The Nightmare Child). It just shows you how little Monolith listened to the problems Shogo players were encountering.

Oh, and Shogo fans, if you download the demo for Psycho Circus, take a look at client.exe in a file manager and tell me if something looks familiar :)

UPDATE! Wraith just heard back from Third Law and it appears that the server already catches this exploit so that it would not affect KPC:TNC multiplayer. Stay tuned . . .

UPDATE #2 Wraith got permission from Third Law's Mike Maynard regarding the exploit (which, I can now reveal, was the rapid-fire cheat):

This sounds like something we already thought of and fixed. Our server doesn't allow weapons to 'attack' faster than a specific amount of time that's been defined for each weapon. If someone changed the animation's attack rate, it would simply show the (fast) attack on that person's client, and the server would ignore it. Other client's would only see normal attacks that the server sends them.

That's great news. I feared that the game would have a cheat before it hit the shelves.

Caldera buying SCO? -- 10:51 am CST, Update by The Master

According to Yahoo!News, Caldera could be buying SCO, maker of SCO Unixware and SCO OpenServer. This is a HUGE deal, since SCO is one of the last mainstream UNIX manufacturers (UnixWare is a UNIX v5.4 variant) and, coincidentally, powers the servers I use at work. SCO UW has been a really nice UNIX platform, and I hope if this deal goes through Caldera will continue it's development.

Thanks Dave.

J.t.Qbe comments: Caldera certainly should have the cash to buy SCO, and I think they could do some good stuff with it. SCO has some nice things in development which would benefit the Unix community at large. I agree that UnixWare is a nice system (better than SCO's own OpenServer) and deserves to live. Plus SCO holds the licensing for ancient versions of Unix, and I'd like to see that become more available.

The Master comments: Plus SCO UnixWare scales much better on large numbers of processors than Linux. I'd love somebody to pull the SMP stuff from SCO and plop it into the Linux kernel. That would be SOOOooooo sweet. Caldera could do it if they bought out SCO.

ASUS Cheating Drivers -- 10:32 am CST, Update by A.T. Hun

RIVA Station is reporting that ASUS is planning to release drivers for their AGP-V7700 and AGP-V7100 cards which have options for transparent textures, wireframe, and extra light. Yep, you don't have to rely on a 13-year-old 1337 haX0r anymore when a formerly reputable hardware manufacturer has done the cheating for you! Here's a press release:

Taiwan, Taipei July 18, 2000: ASUSTeK Computer, Inc. announces its new secrete weapon for AGP-V7700 and AGP-V7100 series graphics cards â€" the 3D SeeThrough TM technologies. "ASUS always provides the best value for our customers." said Jonathan Tsang, vice president of marketing and sales division of ASUSTeK Computer Inc. "The ASUS 3D SeeThrough TM technologies are developed for users to be a constant winner in the adventure or action 3D games. There are three special weapons for ASUS VGA cards' users â€" Transparent View, Wireframe View, and Extra Light. If you do not have an ASUS VGA card â€" be careful! Never compete in the 3D games with anyone who has an ASUS VGA card. Because the only result is to loose"

Yes, there are a couple of typos in the PR. I didn't know if it was a Chinese to English problem, a Chinese to German to English problem (RIVA Station is a German site), or if the whole thing is a hoax. I looked for the PR on ASUSTeK's site but couldn't find it. If this is true, someone at ASUS needs his head examined. RIVA Station has posted screenshots from several games showing off the effects. Thanks Shugashack.

Communicator 4.74 released -- 8:58 am CST, Update by The Master

Netscape has released version 4.74 of Communicator. You can use the above link to download, or direct to FTP.

CNET aquiring ZDNET! -- 8:57 am CST, Update by The Master

According to Yahoo!News, CNET to aquire Ziff-Davis for $1.6 billion in stock. Wow-that will combine both Gamespot and Gamecenter, two of the biggest game networks on the internet. Wow. Thanks Blue.

Tuesday, July 18, 2000

Pondering the Imponderable -- 10:11 pm CST, Update by A.T. Hun

I just switched to my second set of Rayovac Renewal batteries in my Visor (pause for applause). This time, I have Runtime running so I will get an accurate idea of the kind of lifespan to expect from these batteries. It will also be interesting to see the effect that recharging has on them. I really don't feel like spending a small fortune keeping this thing in disposable alkalines. NiMHs don't last long enough in the AAA size and don't hold a charge indefinitely. Hopefully these Renewals will be my answer.

Another slow news day -- 9:36 pm CST, Update by J.t.Qbe

Since there've only been 2 news items today, and those concerning Palm devices, I hereby declare it a slow news day. For those of you still stuck in the Windows-only world, you might broaden your horizons with this fluff piece, "Just How Does a Guy Get Into This Linux Thing?" over at Linux.com. It isn't deep, it isn't technical, but it's simply one Windows user's story of venturing into the world of Linux. Not a bad read if you don't have anything else to do.

Void 1.10 Released -- 9:30 pm CST, Update by A.T. Hun

Void, one of J.t.Qbe's and my favorite PalmOS games, has been updated to version 1.10. Void is a space trading game very reminiscent of Elite. Here's a list of the changes.

• Many more ship types, including being attacked by more than one ship at a time.
• New cloaking device.
• Ability to buy your own space stations.
• Captain's log feature.
• 3 'game slots' for up to 3 games at once.
• 3 types of docking stations.
• More missions.
• Updated trading logic

You can download the demo and/or buy it from Palm Gear.

J.t.Qbe comments: You can buy your own space stations? I've been staying away from Void for my own sake, but I don't know how much longer I can hold out. . .

Palm IIIxe 8M Fix Released -- 11:40 am CST, Update by A.T. Hun

Palm has released their fix for the 8M problem for the Palm IIIxe. Actually, this new patch will fix the Palm IIIc, IIIxe, and Vx. For more information on this problem, detection, and solution, go to Palm's 8M DRAM issue page. Thanks Palm Gear.

Past Two Days' News

The Haus is powered by:

All original information on this website is copyright © TheHaus.Net, 1999-2005. The use of original images, text, and/or code from this website without expressed written consent is prohibited. The authors of this site cannot be held responsible for any damage, real or imagined, which comes from the use of information presented on this site. All trademarks used are the properties of their respective owners. This site is not to be used as a floatation device (but if you try, I want a video tape of it).