36 Chambers – The Legendary Journeys: Execution to the max!

January 22, 2012

Recess Appointments Are Just Dandy Now

Filed under: Chicagoland, Curmudgeonliness — Kevin Feasel @ 12:47 pm

Remember when recess appointments were a bad thing?  Maybe the President could justify his decision by saying it’s a recess even though the Senate isn’t actually in recess…oh, wait…

January 21, 2012

Art And The Database Execution Plan

Filed under: Beautiful and Sublime, Database Administration — Kevin Feasel @ 6:15 pm

Brent Ozar has pictures of beautiful execution plans.

And, like most art, these plans (and their originating queries) should be framed, stored in a museum, and never made practical use of…

Mass Effect (PC): A mini-review

Filed under: Reviews you can use [tm]!, Video Games — Tony Demchak @ 5:10 am

Rather than go into a big long post about how awesome Mass Effect is, and it is awesome, I decided to just write a few brief words on it.

It’s a Bioware RPG. It is also the worst Bioware RPG I’ve played. This is no insult to Mass Effect; it is rather an endorsement of a company that’s consistently done very fine work with RPGs.

So why don’t I like it as much as other Bioware games? It’s obviously an RPG for people that don’t play RPGs. I’m not complaining about the setting; it’s not that different from Knights of the Old Republic, for example, and I liked that game better. The characters and story are terrific. As an RPG, in which the idea is to encourage players to completely customize their characters, it’s a little short. There just aren’t enough options.

The part I liked least was the mind numbing scouring of planets by Mako. That got kind of old, and instead of going “Yay! Something new to explore!” I felt “Yay! A slight variation on the same cookie cutter level design!” The non-story missions felt mostly like filler. The game is also a bit unstable, particularly towards the end. I experienced multiple crashes, which were pretty annoying.

It really shines as an action RPG, and the controls were fluid and sensible. The idea of conserving heat, not ammunition, adds a new tactical dimension to the game instead of mere bullet counting. From a gameplay perspective, I would rather the tactics menu be a toggle than a hold, but I understand it from a roleplaying perspective. Grenades seemed nearly useless.

It’s a definite thumbs up for me. It’s very accessible and entertaining; from any other company it would be one of the best games they’ve made. Not from Bioware, and that’s a good thing.

January 20, 2012

More Of This Week’s Security Notes

Filed under: (In)Security — Kevin Feasel @ 6:28 pm

The Economist gets it right

Filed under: Curmudgeonliness, Economics — Tony Demchak @ 3:19 am

Here’s the article.

If I were going to subscribe to a magazine, this would be on the short list, in general. However, this succinctly points out two things this blog has been saying for a while now.

1) Raising taxes won’t do any good without closing loopholes (yay me!)

2) You have to cut entitlements to make any real progress (good for Kevin, I guess.)

This sentence says it all: “[Raising the tax rate on the rich] would raise revenues of about 0.3% of GDP and do nothing to make America’s grotesquely complicated tax system more efficient.”

January 19, 2012

Solving The Y10K Problem

Filed under: Computinating, Wacky Theories — Kevin Feasel @ 8:17 pm

This is more than a decade old, but we’d better get prepared:  solving the Y10K problem.  It’s an elegant solution to a problem poised to strike any millennium now…

Oracle Vulnerability Day

Filed under: (In)Security — Kevin Feasel @ 6:42 pm

It’s Oracle vulnerability Christmas today!

The NIST National Vulnerability Database RSS feed updated today with dozens of Oracle-based product vulnerabilities, including lots for MySQL (example), Oracle Fusion Middleware (example), GlassFish (example), Communications Unified (example), Oracle VDI (example), Oracle Database Server (example), E-Business Suite (example), Peoplesoft (example), OpenSSO (example), and Solaris (example).

More information here on the 78 vulnerabilities patched.

January 18, 2012

Some Of This Week’s Security Notes

Filed under: (In)Security — Kevin Feasel @ 6:22 pm

January 17, 2012

EPD: Relics

Filed under: Curmudgeonliness, Wacky Theories — Kevin Feasel @ 5:24 pm

This is the final chapter of Extraordinary Popular Delusions and the Madness of Crowds.  The topic here is relics, otherwise known as “How is it that great saints always seem to have thousands of finger bones?”

Modern relics tend not to be actual body parts, but rather “This is the chair that Thomas Edison sat in as he did his thinking.”  In other words, we attach sentiment to objects and devices which were used in some way by someone we respect or admire.  Mackay argues that our modern “reliquism” dates back to just before the Crusades, with Christian pilgrims bringing back “thousands of apocryphal relics, in the purchase of which they had expended all their store” (696).  These relics ranged from pieces of the “true cross” to tears, blood, hair, and toenails.

Mackay then notes throughout the centuries that this lust for relics has not abated.  It has changed in focus and in form (in other words, people tend not to collect toenails of the rich and famous anymore), and relatively few people think that these things cure diseases.  We use them as a concrete link to the past, and they are wonderful to that extent; just make sure before you pay big money that this really was Elvis’s belt you’re buying…

January 15, 2012

People, SQL Injection Is Not That Hard To Fix

Filed under: (In)Security, Database Administration — Kevin Feasel @ 7:14 pm

I rant because it hurts me on a professional level that there are so many pieces of software vulnerable.  Just checking out Exploit-DB on two days (January 3rd & 4th, 2012), I saw 19 exploits.  Of these 19, 11 were SQL injection (well, 1 was XSS+SQL).  Here they are:

What’s sad is that this is just a typical outcome:  on most days, it seems that roughly half of the vulnerabilities found are SQL Injection attacks.  What’s even more said is that protecting against SQL Injection is not a difficult task.  It just requires sanitizing inputs, parameterizing queries, and limiting dynamic SQL statements.  I know that my focus is on the Microsoft stack, but other languages have their own versions of these concepts, and putting them into place requires just about the same level of skill—that is, very little.

« Newer PostsOlder Posts »

The Silver is the New Black Theme. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 75 other followers