November 2008 – Page 8 – Brian.Carnell.Com

Adobe Reader Exploits in the Wild

It was such a shock to read recently about yet another exploit in Adobe’s piece-of-crap Reader. Ryan Nairaine over at ZDNet writes,

From the SANS ISC alert:

The payload is in a JavaScript object embedded in the PDF document. Once extracted, it just contains first level obfuscation with a simple eval(unescape()) call.

Once deobfuscated, parts of the publicly posted PoC are visible, but the attackers also modified certain parts.

Adobe Reader is one of the most widely distributed pieces of software on the Windows ecosystem to the application of this patch should be an absolute priority.

Forget patching Adobe Reader…just uninstall it and use FoxIt or any number of other PDF reader applications that don’t kill your system performance and aren’t constantly falling prey to these sort of problems (in part because they’re just not that big of a target given the install base…but still, Adobe has far too many of these problems with Adobe Reader).

Kids of Catan

Mayfair Games publishes a kids version of Settlers of Catan called, appropriately enough, Kids of Catan. Reviews of the game indicate its largely a game where everything is random with essentially zero strategy (which, of course, is also one of the criticisms that many people have of Settlers). Also a bit on the expensive sided at $49.

Giant Lego Minifig Washes Onshore in Brighton

Nice publicity stunt by Lego as part of the 30th anniversary of the Lego minifig.

The Psychotronic Guide to Archive.Org

The Psychotronic Guide to Archive.org is a guide to cult films that are in the public domain and hosted at Archive.Org such as everybody’s favorite, The Devil of the Desert Against the Son of Hercules

Using MMOs as a Turing Test

Interesting report at DODBuzz.Com about U.S. military research and development in a number of areas, including “artificial” intelligence. Dr. John Parmentola, Director of Research and Laboratory Management with the Army’s science and technology office, talks about using an MMO as a Turing Test for AIs,

And if you do end up at the Army Science Conference next month, don’t be startled by the three-dimensional holographic image of a soldier talking to you (not that the regenerated arm, mind-controlled computer or implanted memories won’t freak you out enough) as you walk down the hall. It might just be the virtual human Army researchers are creating to make simulators and war games more realistic for training, Parmentola said.

They’re working on creating “photorealistic looking and acting human beings” that can think on their own, have emotions and talk in local slang.

“I actually interact with virtual humans in terms of asking them questions and they’re responding,” Parmentola said.

To test out the computer generated humans’ “humanity,” Parmentola and his researchers want to unleash some of their cyber Soldiers into so-called “massively multi-player online games” such as “World of Warcraft” or “Eve Online” – games frequented by thousands of super-competitive human players in teams of virtual characters fighting battles that can last for days.

“We want to use the massively multi-player online game as an experimental laboratory to see if they’re good enough to convince humans that they’re actually human,” he said.

So someday that 13 year old spamming “this is so fucking gay” in the WoW trade channel might turn out to be SkyNet.

World Lecture Hall

World Lecture Hall is a directory of webpages from faculty around the world who offer their course materials on the Web.