malicious
Latest
Malicious gameplay video looks vicious
Coming to Japan later this year is Malicious, a PSN exclusive that's composed entirely of boss battles! It's as if developer Alvion looked at the usual "platforming" and "puzzle solving" nonsense and just cut it. Considering this debut trailer, we don't think the studio made the wrong decision.
Famitsu reveals some delicious Malicious details
This week's Famitsu has the very first details about Malicious, a downloadable 3D action title for the PS3 from Japanese developer Alvion (part of Sony's Japan Studio group) that looks pretty spectacular. A teaser site for the game went up a couple of months ago, but we now have some actual info, like the fact that the game will consist entirely of battles against boss characters and their minions. Also, combat will integrate moves using the character's magical cloak, which can turn into a protective shell, a fist, or even shoot "demon bullet" projectiles depending on the situation. Malicious is scheduled for release later this year in Japan. We'll be watching that teaser site for more media and updates.
BBC crafts malicious smartphone app to prove a point... we guess
You may surmise that Auntie Beeb is only good for news distribution from across the pond, but as it turns out, the BBC is apparently giving at least a few of its employees a little of that oh-so-coveted "20 percent time." In an effort to prove just how easy it is to create a smartphone application that can gank all sorts of personal information, a staffer at the organization spent just a few weeks learning enough code to create a "crude game." In play, the app would gather contact information, copy text messages and log the phone's current location; afterwards, it would shoot all of that information to a specified email address, but not before putting a serious hurting on the battery. All told, the spyware took up around 250 lines of the 1,500 making up the whole program, and thankfully for us all, the BBC decided against submitting the program into any app stores. Phew. So, the point? It's pretty easy to craft an ill-willed app, so as with anything in life, download with care -- and keep an eye on atypical battery drain, eh?
iPhone SMS database hacked in 20 seconds, news at 11
It's a story tailor-made for the fear-mongering subset of news media. This week, a pair of gentlemen lured an unsuspecting virgin iPhone to a malicious website and -- with no other input from the user -- stole the phone's entire database of sent, received and even deleted text messages in under 20 seconds, boasting that they could easily lift personal contacts, emails and your naughty, naughty photos as well. Thankfully for us level-headed souls, those gentlemen were Vincenzo Iozzo and Ralf-Philipp Weinmann, security researchers performing for the 2010 Pwn2Own hacking contest, and their $15,000 first prize ensures that the winning formula will go to Apple (and only Apple) for further study. Last year, smartphones emerged from Pwn2Own unscathed even as their desktop counterparts took a beating, but this makes the third year in a row that Safari's gotten its host machines pwned. That said, there's no need for fear -- just a healthy reminder that the Apple logo doesn't give you free license to click links in those oh-so-tempting "beta-test the new iPad!" emails.
Phishing Android apps explain our maxed-out credit cards
There's no such thing as a perfect mobile app store strategy -- you're either too draconian, too arbitrary, or too loose in your policies, and as far as we can tell, there's no way to find a balance that isn't going to trigger an alarm here and there or get a few people worked into a lather. If you're too loose, for instance, you're liable end up with the occasional bout of malware, which is exactly what appears to have gone down recently in the Android Market with a few fake banking apps published by a bandit going as "Droid09." As you might imagine, the apps end up doing little more than stealing your information and ending your day in tears; the apps have since been pulled, but that's probably little consolation for those already affected. The moral of the story? Be vigilant, keep a close eye on those system permissions the Market warns you about as you install new apps, report sketchy ones, and -- as always -- use a hearty dose of common sense.
Jailbroken iPhones exposed to second worm, this time malicious
As inevitable as the sun rising in the East and setting in the West, an innocuous iPhone worm has been transformed into a malicious bank details-stealing virus. The second recorded iPhone infection operates on exactly the same principles as the first, as it targets jailbroken handsets with SSH installed, but this time adds the ability for the hacker to remotely control and access the phone. By throwing up a purported ING Direct login page, he (or she, or they) can collect your online banking credentials and, presumably, all the cash they are supposed to protect. Presently isolated within the Netherlands, this outbreak may spread further still, as it is capable of infecting other jailbroken iPhones on the same WiFi network.
iPhone OS 3.1 anti-phishing works; you just need to set it up properly
Remember hearing that one of the new features of iPhone OS 3.1 was an anti-phishing capability for Safari? Jim Dalrymple over at The Loop wondered if it was working properly, and asked Apple what was going on. The response?"Safari's anti-phishing database is downloaded while the user charges their phone in order to protect battery life and ensure there aren't any additional data fees," Apple spokesman, Bill Evans, told The Loop. "After updating to iPhone OS 3.1 the user should launch Safari, connect to a Wi-Fi network and charge their iPhone with the screen off. For most users this process should happen automatically when they charge their phone."What this apparently does is allows Safari to completely download the anti-phishing database, which is necessary before the feature will work. It also appears that you'll need to update the database on occasion in the same way -- charge your iPhone with Safari up and the screen off.As always, TUAW urges you to practice safe computing, so enabling anti-phishing in this odd Apple-approved manner is highly recommended.[Thanks to LoopInsight.com for digging into this]
Unsolicited laptops sent to state governments never get used, now under investigation
Tempting though it may be, shipments of HP and Compaq (another HP brand) laptops sent to various US state governments have been sent either back to the manufacturer or to local investigators with nary even a game of Spider Solitaire in its account logs. As it turns out, the packages of three to five machines sent to each state -- West Virginia, Vermont, Wyoming, and Washington -- were never ordered, and in at least three of the cases were purchased with fraudulent credit cards of unknown origin. Even with the shipments apparently coming from HP directly, officials are playing it safe and working under the guise of the machines possibly having malicious code running through its circuitry. You know who the biggest victim in all this is? That guy in Human Resources who legitimately bought a Mini 1000 and had it shipped to the state's office for pickup. Worst. Timing. Ever.
DKP pitfalls and how to jump them
Kree's got a nice set of posts about some of the more advanced problems with a DKP system in his guild (he calls them pitfalls, which works very well as a metaphor). I've never been part of a really serious DKP system, but just like with any other economy, DKP can lead itself to imbalances if you aren't careful with how people are getting and spending points.Inflation is definitely a problem I've seen in other guilds -- usually, with DKP, you have a few very consistent raiders, and everyone else can fall behind. And eventually you get a few folks with tons of DKP, so much so that they can outspend everyone else and basically dictate how gear drops. Kree's solutions are good, though -- he offers up "point rot" (points devalue over time, so you can't save up tons of them at once), and a point cap (though even that can cause problems, as people are forced to spend DKP on gear they don't need rather than losing them). The other issues, collusion and upbidding, don't happen quite so often (both of those require players to be rather malicious, and in guilds where everyone knows which gear they should and shouldn't use, you don't usually have an issue), but he's got some good solutions there as well.DKP was designed to make sure passing out drops is fair, and Blizzard has put all sorts of rules and restrictions in the game to try and get raiders the gear they need without a lot of fighting. As long as your guild remembers that there's always more gear to go around and that no one piece is worth stealing or causing trouble over, a good, balanced DKP system can help you avoid these alligator-filled pitfalls pretty easily.
Experts predict malware field day for iPhone in '08
Like Y2K and the end of rock and roll, pundits love to call out platforms that are ripe for a nightmarish, post-apocalyptic hell-on-earth sort of attack by the world's technologically inclined miscreants. In that vein, mobile phones have been billed for years as the next great frontier in virii, largely because they're getting smarter, more open, and more ubiquitous than ever before. We can buy that logic, but the waves upon waves of malicious code infecting the world's smartphones simply haven't happened. So at what point do we say that these analysts are crying wolf?Now might not be a bad time to start, as Arbor Networks' security group is calling the iPhone a likely target in 2008 by hackers who want to "be the first to hack a new platform." We wouldn't dare say that there won't be attacks on the iPhone's security holes next year and beyond, but we don't think users need to be scrambling to disable their data connections, either; Windows Mobile, Symbian, Palm OS, and everyone else have gotten along fine for years aside from the occasional malware blip on the radar that barely makes a splash and goes unnoticed by 99 percent of the world's users. Not to mention the fact that the opportunity to "be the first" to hack the iPhone has come and gone -- so to the hackers of the world who're thinking about diving into the wide world of iPhone hacking, may we suggest you put your brainpower to the forces of good, not evil?
A fix for the Procrastinatr damage
TUAW readers, please accept my deepest apologies again for this Procrastinatr fiasco. As it turns out, most of my iCal calendars are simply subscriptions to my Google Calendars, so I never saw any damage before posting this. Fortunately, however, a commenter on the Procrastinatr post by the name of ejk has put together an AppleScript that can reverse the damage. After creating my own set of local calendars with events and todos, and testing this four times, I am confident that it works. After the jump I have included the script in its entirety, as well as instructions for your inspection. I have also listed instructions for backing up your calendars as they are. If you just want a download, I have also posted a link to a script I compiled myself, after the jump.
