Subject: General Tech | November 26, 2015 - 11:22 PM | Scott Michaud
Tagged: uplay, steam, pc gaming, origin, GOG
While everyone's in a turkey and gravy coma, retailers are hoping that you'll feel a bit browsy with your drowsy. Black Friday deals are popping up everywhere; some are good, but some are token at best... including the Black Friday sale on tokens at the local arcade.
Anyway, four (edit: Fixed typo) of the largest PC gaming services are Steam, UPLAY, Origin, and GOG.com. Steam is predictably the largest sale. It's another “Exploration Sale,” which is another way of saying, “Here's a few examples of great deals; browse for crap you like. You might find something cheaper. I dunno.” Speaking of a few examples, Elite Dangerous is now just a third of its price. Grand Theft Auto V is now reduced too, although it's not yet in the impulse buy territory. Call of Duty Black Ops III also received a little chop in price, which is unusual for the franchise. You'll probably want to browse Steam in general, especially if there's a game that you've been eying but couldn't justify buying yet.
UPlay's sale is a bit more... weird. If you played Tropico 5 but put it down before buying the DLC, the pack of boosters is now 75% off ($11 CDN here). Surprisingly, the vast majority of sales have nothing to do with Ubisoft titles, and the three exceptions are from 2013 / 2014.
Origin is a bit more rounded in terms of old and new titles. FIFA 16, released just this fall, is about 40% off where I am. Tomb Raider is in the mid-single digits of dollars. Battlefield Hardline is about $10. Do not buy The Witcher 3 here though, if the Canadian prices carry over to the US. The sale even extends back to Command & Conquer: The Ultimate Collection, NHL 09, and Medal of Honor: Airborne. It just keeps scrolling.
Now for GOG. This is, again, a sale that you should probably browse. If you were interested in The Witcher 3, purchasing it from GOG instead of Steam will get you the same sale but DRM-free. Its new price is $29.99 USD, unless you're Canadian. We get it for $23.49 USD at GOG or $29.99 CDN at Steam. I guess they feel like giving a slightly larger discount to compensate for the lack of turkey-goggles. Browse the “On Sale” tab in the bottom right before you leave too.
Subject: General Tech | November 26, 2015 - 12:22 PM | Jeremy Hellstrom
Tagged: idiots, iot, security
You would think people would be be taken aback if someone suggested saving money by using the same key on every new house built in a neighbourhood, if so you don't work for companies developing hardware for the Internet of Things. In a recent survey of 4,000 embedded devices from 70 hardware makers, Sec Consult found that many had the same hardwired SSH login keys and server-side SSL certificates. The numbers they provided The Register were a total 580 private keys were found distributed over all the analyzed devices, of which at least 230 are in already in use on the internet. To be fair this is not uncommon in consumer level firmware as companies do not even bother to check over the source code let alone change the security keys held within but it is a huge security risk. For a glimpse at how bad some of these supposedly secure certs and keys are read on at The Register.
"Lazy makers of home routers and the Internet of Things are reusing the same small set of hardcoded security keys, leaving them open to hijacking en masse, researchers have warned."
Here is some more Tech News from around the web:
- Nest defends web CCTV Cam amid unstoppable 24/7 surveillance fears @ The Register
- Fedora 23: An Impressive Release for Advanced Linux Users @ Linux.com
- Raspberry Pi Zero: £4 PC aims to bring machine to more hands @ The Inquirer
- It is now possible to unlock a Windows Lumia Phone for root access @ The Inquirer
- Samsung is mass producing 'Through Silicon Via' DDR4 memory in 128GB modules @ The Inquirer
- Defeating Chip and PIN With Bits of Wire @ Hack a Day
- Critical Zen Cart Vulnerability Could Spell Black Friday Disaster For Shoppers @ Slashdot
- Nvidia Shield Android TV @ eTeknix
Subject: General Tech | November 25, 2015 - 01:41 PM | Jeremy Hellstrom
Tagged: fallout 4, mod, gaming
The modders over at the Nexus community are already hard at work creating mods for Fallout 4 and Rock, Paper, SHOTGUN have compiled a list of the best ones currently out there. After a quick tutorial on how to apply mods they jump into the list and of them all the first one may be the most useful as it allows you to tweak your display resolution, mouse sensitivity, field of view and the many other settings you might have expect to be changeable in the game itself. From there they move onto improved lighting, longer death cam viewing, a higher settlement budget and even dialogue expansion. Check out what is there or head over to Nexus Mods to see what others catch your interest.
"While official mod support for Fallout 4 [official site] hasn’t arrived just yet, Nexus Mods have opened their proverbial gates. Their community is fast at work creating handy customisations and helpful leg-ups to see you right as you dive head first into the irradiated unknown."
Here is some more Tech News from around the web:
- Thea: The Awakening Is A 4X Roguelike And Out Now @ Rock, Paper, SHOTGUN
- First 50% deal on The Witcher 3: Wild Hunt & up to 80% off 36 games you won't find anywhere else @ GOG
- Forges Of Creation: Large Endless Legend Update Today @ Rock, Paper, SHOTGUN
- 2K Games has another BioShock game in development @ HEXUS
- The Call Of Croshaw: The Consuming Shadow Out now @ Rock, Paper, SHOTGUN
- Just Cause 3 minimum and recommended specs published @ HEXUS
- Machinimagic: Valve Announce Saxxy Award Winners @ Rock, Paper, SHOTGUN
- Wot I Think: Hard West @ Rock, Paper, SHOTGUN
Subject: General Tech | November 25, 2015 - 12:53 PM | Jeremy Hellstrom
Tagged: wireless, li-fi, 1GBps
Li-Fi is a new experimental wireless data transmission technology which sends data using the same lights that illuminate the space you are in, at such frequencies and intensities that your brain does not process any change in lighting which your eyes might capture. It transmits at an incredible speed, under perfect conditions in the the lab they saw 224GBps and recently have successfully transmitted at 1GBps in the field. Yes, that is 1GB per second of data transfer, light travels rather quickly after all. There are limits on where this technology can be used, in large spaces signals from different lights could interfere with each other and if you are outside then you will not be able to benefit but for offices and the home this could be rather impressive to behold. Read more about the researchers and how these lightbulbs could be tied into existing lighting at The Inquirer.
"BOFFINS HAVE field tested Li-Fi for the first time, achieving wireless speeds 100 times faster than WiFi."
Here is some more Tech News from around the web:
- Downloads for Windows 10 November big-bang build axed by Microsoft @ The Register
- Microsoft warns you might not get Windows updates if you're not using IE 11 @ The Inquirer
- Windows 10 Fall Update Uninstalls Desktop Software Without Informing Users @ Slashdot
- Even the Dumbest Ransomware Is Almost Unremovable On Smart TVs @ Slashdot
- Dum dum dum - another cloud bites the dust (Adobe's photo cloud) @ The Register
Subject: General Tech | November 24, 2015 - 02:55 PM | Sebastian Peak
Tagged: SanDisk Ultra II, MSI GTX 970 Gaming, GTX 970, 960GB SSD
The internet is full of sales this week, and there are some great PC hardware deals out there beginning with the best price per GB on an SSD we've ever seen.
- Sandisk Ultra II 960 GB SSD - $199, Amazon
At $199.99 shipped this 960 GB SanDisk Ultra II SSD is a stunning $0.20/GB, and offers good speeds for a SATA III drive with up to 550 MB/s reads and 500 MB/s writes, along with "n-Cache 2.0" which SanDisk explains is "a large, non-volatile write cache (which) consolidates small writes to boost random write performance".
What better to fill up that huge SSD than a library of games, and if you're in the market for a new graphics card to drive them there are some excellent deals out there. A good mid-range GPU option is the oft-maligned NVIDIA GeForce GTX 970, and memory controversy aside it's a very high performer for the money. Lately prices have dropped a bit, and there some great options out there when you factor in rebates.
- MSI GeForce GTX 970 Gaming 4G - $304.99, B&H Photo (after $20.00 rebate)
While you can find some lower-cost GTX 970's out there this is a good deal for one of MSI's overclocked Gaming series cards. And if you're looking for a quad-core processor to help drive a new GPU, how about AMD's ultra-affordable Athlon X4 860k, now under $70!
- AMD Athlon X4 860K Quad-Core Processor - $69.99, Amazon
It's nice to see prices starting to drop on some solid upgrades, and we're currently working on our annual holiday gift guide with more recommendations for a tech-filled holiday season. Stay tuned!
Subject: General Tech | November 24, 2015 - 12:42 PM | Jeremy Hellstrom
Tagged: dell, superfish, security, edellroot
As Scott mentioned yesterday, Dell refused to learn from Lenovo's lesson and repeated the exact same mistake with eDellRoot, a self-signed root CA cert with an unknown purpose. Unlike SuperFish which was to allow targeted ads to be displayed eDellRoot serves an unclear purpose apart from a mention of Microsoft-like "easier customer support" but it exposes you to the exact same security risks as SuperFish does. You could remove the cert manually, however as it resides in Dell.Foundation.Agent.Plugins.eDell.dll it will return on next boot and can return on fresh Windows installs via Dell driver updates, something which will be of great concern to their business customers.
Dell has finally responded to the issue, "The recent situation raised is related to an on-the-box support certificate intended to provide a better, faster and easier customer support experience. Unfortunately, the certificate introduced an unintended security vulnerability." and provided a process to remove the certificate from the machine permanently in this Word Document. You can check for the presence of the cert on your machine in those two links.
However the best was yet to come as researchers have found a second cert as well as an expired Atheros Authenticode cert for BlueTooth and private key on a limited amount of new Dell computers as well. As Dell made no mention of these additional certificates in their statement to the press it is hard to give them the benefit of the doubt. The Bluetooth cert will not make you vulnerable to a man in the middle attack however the second cert is as dangerous as eDellRoot and can be used to snoop on encrypted communications. The second cert was found on a SCADA machine which is, as they say, a bad thing.
We await Dell's response to the second discovery as well as further research to determine how widespread the new certs actually are. So far Dell XPS 15 laptops, M4800 workstations, and Inspiron desktops and laptops have been found to contain these security issues. The chances of you falling victim to a man in the middle attack thanks to these security vulnerabilities are slim but not zero so be aware of them and keep your eyes out for them on your systems. With Lenovo and Dell both being caught, it will be interesting to see if HP and other large vendors will learn this lesson or if it will take a third company being caught exposing their customers to unnecessary risks.
"A second root certificate and private key, similar to eDellRoot along with an expired Atheros Authenticode cert and private key used to sign Bluetooth drivers has been found on a Dell Inspiron laptop. The impact of these two certs is limited compared to the original eDellRoot cert."
Here is some more Tech News from around the web:
- Amazon is suffering a subtle data breach, lest it turn into another TalkTalk @ The Inquirer
- Windows 10: Microsoft flip flops 'as a service' as November update is pulled @ The Inquirer
- Hybrid carbon foams serve as good heat conductors @ Nanotechweb
- Pip Boys As A Service @ Hack a Day
- Intel hires Qualcomm's compute leader to lead new mobile push @ The Register
- Heterogeneous system architecture helps AMD and ARM deal with mammoth compute demands @ The Inquirer
- Windows 8.1 exams kept alive six more months, Win 7 tests immortal @ The Register
Subject: General Tech | November 23, 2015 - 08:15 PM | Scott Michaud
Tagged: windows 10, microsoft
UPDATE (Nov 24th, 8pm ET): As I was informed, both on Twitter and in the comments, the update has been restored. Apparently the issue was that this tool, when upgrading Windows 10 to Windows 10 1511, accidentally reset four privacy settings to default. They also happened to be four of the less-severe ones, such as whether to allow apps to run in the background and whether settings should sync between devices. It has apparently been fixed and the tool will install the latest version of Windows 10 once more.
Source: Ars Technica
Regardless of your opinion about Windows 10, I'm glad that Microsoft has once again provided a way to force a specific version on your device. Their recent statement, telling users that Windows Update will give them the correct build eventually, is not comforting if someone is failing to receive the update. Is it coming? Or did it block for some reason? I also wonder if the 30-day policy would still be enforced, making clean installs that much more annoying. Turns out it was all hypothetical, and Microsoft was planning on reinstating it instantly, though.
This is a bit surprising and disappointing. When the November 2015 update for Windows 10 went live, existing users could upgrade with Windows Update (if it let them) and the rest could force an in-place upgrade from Windows 7, 8.x, and earlier builds of Windows 10 using the tool. The latter method has apparently been reverted to the original Windows 10 build from July 2015.
This image is getting a lot more use than I intended.
Why? Who knows. They are still offering the update through Windows Update, and Microsoft claims that they have no intention of pulling it. This concerns me, because there are a few situations where Windows 10 updates will get stuck, such as if you get it through Windows Update then uninstall it. I have not seen any report cover the official procedure for this issue. Also, I wonder if there's a way to get past Microsoft's 30-day no-update policy.
According to WinBeta, Microsoft's official statement contains the following: “Microsoft has not pulled the Windows 10 November 10 update. The company is rolling out the November update over time – if you don’t see it in Windows Update, you will see it soon.” (Emphasis not mine.)
We'll probably hear more about this as the week goes on.
Subject: General Tech | November 23, 2015 - 03:16 PM | Jeremy Hellstrom
Tagged: poseidon Z RGB, thermaltake, mechanical keyboard, input
The keyboard market has changed drastically over the past year with the introduction of mainstream mechanical keys and improved LED backlighting features. Where once the market was not that competitive and only a few major players were offering products we now have a wide variety of brands to choose from. This makes it hard to stand out in the market without adding extra features to your keyboards, which leads us to the Thermaltake Poseidon RGB. This particular keyboard has an integrated 32-bit processor which allows you to choose between 16.8 million colors for each key. The keys use Kailh Brown RGB switches, a less expensive clone of the Cherry MX Brown switches more commonly found on these types of boards. Find out if they are good enough over at Benchmark Reviews.
"Just a few months ago, full RGB mechanical keyboards were rare beasts, and the inclusion of full per-key RGB lighting commanded a very high price, with some keyboards selling for almost $200.00. Now, prices are coming down rapidly and vendors are starting to compete on features, but how many more features are there left to add?"
Here is some more Tech News from around the web:
- TT eSports Challenger Prime @ Kitguru
- G.Skill Ripjaws MX780 RGB Laser Ambidextrous Gaming Mouse @ eTeknix
- Razer Mamba Chroma Mouse Review @ Hardware Canucks
- Corsair Gaming Scimitar RGB MOBA/MMO Gaming Mouse @ eTeknix
Subject: General Tech | November 22, 2015 - 02:08 PM | Scott Michaud
Tagged: software development
This is article is a bit different from what we normally post, so be sure to give your opinion in the comments if you want to see more of this (or not). You will most often find these types of software development rants on a programmer's personal blog, but I find them interesting so here we go.
There are two camps in software development regarding optimization, each with diehard advocates. One side argues for software to be strictly designed, with decisions needing to be coherent and performance-minded. The other viewpoint claims that optimization should be done after profiling, because you could spend weeks making a fairly useless chunk of code purr like a kitten, and ignore the turkey that's using 99.99% of your resources.
Both sides can also point to situations that validate their opinion. The latter, “don't premature optimize” crowd can show examples where time is wasted because the engineer didn't look before they leaped. One such story comes from Chandler Carruth of Google. One of his first tasks at the company was to review code from Ken Thompson, a “very senior engineer” who created Unix and defined UTF-8. It solved rule-matching with about a 20-fold increase in performance over what they were currently using. When Chandler went to integrate the fix, his colleague mentioned “Yeah, turns out our use-case overwhelmingly hits a single rule, so I just check it first. It's now 100x faster.”
The other crowd says that, even if you can find exactly where poop stinks, you're still polishing a turd. One issue that is commonly pointed to is garbage collection. In memory-managed languages, this process scans through your application to delete unused chunks. Its goal is to remove memory leaks without users needing to carefully manage allocation themselves. The problem is that it necessarily freezes basically every thread and often takes several frames worth of time to complete. As such, you can either live with the bad user experience in real-time applications, or you can carefully design your application to avoid leaking memory. If you take the time to design and architect, it allows you to either choose a framework without garbage collection, or sometimes reduce / eliminate how often it triggers.
So the argument is over-thinking wasting time versus under-planning painting software into corners. As it should be somewhat obvious, both are correct. It's a bad idea to blindly charge into development, and it's good to think about the consequences of what you're doing. At the same time, what you think means nothing if it differs from what you measure, so you need to back up your thoughts with experimentation.
The challenge is to coast the middle for the benefits of both, without falling into the traps on either side.
Subject: General Tech | November 22, 2015 - 12:35 AM | Scott Michaud
I say slowly shutting down because the service will remain active for a little while, letting users finish their subscriptions or use the free option. As of now, the only announced date is that Rdio will no longer renew subscriptions (or accept new paying customers) on November 23rd.
The company recently filed for bankruptcy, after trying to raise more capital and find other ways to keep the business running. Pandora will pay $75 million for the remnants of the service, although that could change if a better offer surfaces or an issue arises in bankruptcy protection. The press release states that “many members of the Rdio team will continue to shape the future of streaming music, applying our tradition of great design and innovative engineering on an even larger stage with Pandora.” It further states “Pandora is not acquiring the operating business of Rdio,” but rather just “the technology and talent.”
Rdio has not given a date that their service will end. This news is disappointing for me, because Rdio was the first music streaming service in Canada, at least that I found out about, which led me to choose it.