Star Wars: The Old Republic

It may be the worst kept secret in recent gaming history, but that hasn't stopped LucasArts putting on a big show to unveil its new MMO from BioWare, Star Wars: The Old Republic. Dozens of journalists have been invited to the company's San Francisco HQ, including many flown all the way from Europe. Executives from BioWare, EA and of course LucasArts are all putting in an appearance, along with creative directors, storyline writers, gameplay programmers and an army of PR people. In fact, the only notably absent person is George Lucas.
A press conference is held in the impressive on-site cinema. A trailer is shown, along with a video of "pre-production gameplay footage". There's a question-and-answer session, followed by roundtable presentations, executive interviews, a tour of the building and a trip to the gift shop (think Javva the Hutt coffee mugs, hundred-dollar Indiana Jones hats, Yoda costumes for dogs and receipts that bear the legend, 'May the Force Be With You').
With all that stuff going on, you might think the dozens of journalists will come away with a thorough understanding of Star Wars: The Old Republic. You might be wrong. The phrase "We're not talking about that today" is wheeled out again and again, and after a couple of hours it feels like the list of things they're not talking about today is longer than the list of acceptable subjects for discussion.
Here are just a few of the things they aren't talking about today: the story delivery system, grouping, space combat, the number of classes, travelling between planets, player housing, how long the game's been in development, how many people are working on it, PC exclusivity, subscription fees, the release date. Best quote of the event: "We're not talking about anything that has to do with space today."

The visuals have a hand-painted quality to them - much like some of the backgrounds in the old movies.

It's clear that what would be discussed was determined well in advance, and that everyone has been thoroughly briefed. This launch event is not about sharing details or answering specific questions. It's about sending a precise, and rather short, message.
The message, in essence, is this: with Star Wars: The Old Republic, BioWare is doing things differently. This game is not Star Wars Galaxies 2, nor is it Knights of the Old Republic 3. (Actually, according to BioWare, it's KOTOR 3, 4, 5 and beyond, but more on that later.) It may be set in the same time period as Knights of the Old Republic, but it's an MMO as well as an RPG. It will include the same features you'd expect from traditional MMORPGs, but BioWare is throwing new elements into the mix.
"We're huge fans of the MMO genre," says BioWare co-founder Ray Muzyka, speaking in a post-press conference interview. "We're looking at the things that great MMOs do so well - exploration, character progression, combat, raids, PVP, PVE and all the things that fans of the genre have come to expect.

This mining droid may be taking the whole strike thing too far.

"We're adding something to that. We're adding a pillar where you get to play solo or multiplayer, and go back and forth between them via a meaningful story arc," he continues. "You make choices that matter and have consequences, and you feel like you're making a difference as you progress through this world."
According to Daniel Erickson, who's one of the writers helping to construct that story arc, this is what sets The Old Republic apart from other MMORPGs. "For whatever reason, when people took the RPG and went to make the massively multiplayer RPG, they left out the fourth pillar - story," he says. "Obviously, that's not something BioWare's ever done. So if we're going to make an MMO, we're going to make one with all the pillars there."
The story is set some 300 years after the events of the KOTOR games, and 3000 years before the Star Wars movies. Following years of war, the old Republic and new Sith Empire have reached an uneasy truce - so uneasy, in fact, that it falls apart soon after the game begins.

But that's only the main story arc. The specific narrative you experience will depend on the character class you select. The only classes we're talking about today are Jedi and Sith, says LucasArts executive producer Tom Nichols. When asked if there will be an option to play as, say, a bounty hunter, he simply replies, "Perhaps." However, Nichols does go on to add, "What we reference is the iconic roles from the movie, such as Boba Fett or Han Solo - that's our goal, to provide experiences like those key iconic characters."
They're also striving to provide experiences that are quite different for each class. It's not like the old days, explains Erickson, when BioWare was making games like Baldur's Gate. Back then, they had to come up with a generic storyline that would work whether the player had chosen to be a druid, wizard, warrior or whatever.
That's no longer the case, says Erickson - and as a result, the class narratives in SWTOR are "the most unique stories we've ever told". What's more, even if you play through the entire game as a Jedi, then do it all again as a Sith, "You will not see one repeated piece of content. Not one quest, not one line of dialogue, nothing."
This also means there is more story being told than ever. In fact, Erickson reveals, "We did the calculations and we realised, a long time ago, we had passed the point where we would have more story content than every BioWare game made to date, combined. That's all the Baldur's Gates, Neverwinter Nights, KOTOR, Jade Empire, Mass Effect, all the expansion packs. All those combined do not touch our content amount."

LucasArts was willing to confirm that lightsabers will feature in the game.

So. There's the main game setting, and a range of stories within that setting. Then there's a third layer, which is to do with the choices you make and how they affect the story that unfolds. According to BioWare's Greg Zeschuk, decision making is much more complex in SWTOR than in most MMOs.
"If you look at the stable of BioWare games, there are things that we do differently. The fundamental thing is the sense of choice - those [other MMO] games don't really have a sense of choice," he says.
"Your only choice is, do I take this quest or do I take that quest? If I want my bag of loot, I've got to do what the guy tells me. You don't have a question at the end like, do I kill this guy or do I let him live? It's not a question of deciding what the options are. MMOs have traditionally been about doing what you're told to do."

What a Trooper.

Ray jumps in to explain that BioWare's taking a different approach. "We're going to make sure all the story arcs are really interesting, fun to play through, and make you feel like you've made a difference, you've made a choice that actually affected the outcome," he promises.
Many of the choices you make will revolve around the light or dark side of the Force. It doesn't matter whether you've chosen to be a Jedi, a Sith or any other class - you can make decisions that might not fit traditionally with your character class. A Sith, for example, could choose to save a life instead of taking one.
However, said Sith would need to be prepared to have that decision questioned and criticised. In SWTOR, you can acquire AI-controlled companion characters who not only stick by your side but observe and comment on your actions. Your relationships with them can vary significantly and they serve a range of different purposes, as Nichols confirms.
"Companions can provide assistance in combat. They can provide comic relief and banter. They can alert you to things they're sensing, like nearby enemies. They might comment on decisions you're making that may seem to conflict with your class," he says. And that's not all.
"They may become your best buddy. You might build a romantic relationship with them. They might get pissed off with decisions you've made and leave, or betray you, or try to fight you. So they're another immersive element in the game, and again I think it's something unique we're bringing to the genre."
Just how unique, though? Aren't companions just an advanced form of the pets you can acquire in World of Warcraft and its ilk? "They've been compared to pets, but they're very different," argues Nichols. "They're much more immersed in the story and provide a different aspect of gameplay. I would think of them more as... Well, companions is the perfect word." For an example of the kind of relationship you can have, he says, think of Han Solo and Chewbacca: "They have personal stories, but they're also buddies."
You could argue that the most important reason to play MMOs is to share your adventures with real-life buddies. By introducing AI companions, isn't BioWare missing the whole point of MMO gaming - the social aspect? Not according to Zeschuk.
"The social experience is really important. We've got some interesting ways to have players interact within each others' stories, and that leads to results you probably haven't seen before," he says.
"Social gaming is something we don't want to forget. If you want a solo experience, you can do that. You can also really get involved with other people and do cool stuff together." Plus there are other advantages, he adds, such as when you're preparing for a group encounter - you can fill any role gaps with AI companions, and avoid having to wait around for human players.

This is one of the companion characters. Wouldn't.

So The Old Republic is designed to be an MMO for those who like to go solo as well as those who like to buddy up. It's also designed, Zeschuk adds, to suit players who might only play for half an hour at a time, along with those who enjoy marathon five-hour raid sessions. "The thing for us is to really cater to all those different types of players, and make sure there is something there for all of them," he says.
But what about those players who were hoping for a KOTOR 3 in the style of the previous games, rather than a KOTOR MMO? "We're passionate about this franchise, but in our minds we're doing KOTOR 3, 4, 5, 6, 7, 8 and 9," Muzyka offers.
"This game is that big. It's huge in terms of the content, the story, the things you get to do. It's set in that same part of the Star Wars universe, with all the things that MMO fans have come to know and love - exploration, progression, customisation, combat. But with a story as well."

George Lucas drew this bit of concept art himself. All right perhaps not.

"As more gets revealed about what we're actually doing, we suspect those people will be very happy," Zeschuk chimes in.
That may take some time, however. According to Nichols, the next batch of information about SWTOR won't be released until "early next year". Until then there's nothing more to go on than what's been revealed at this press event - i.e. nothing much.
But perhaps that's unfair. Had the announcement of Star Wars: The Old Republic been a real surprise instead of a long-predicted event, there might have been a bit more excitement when it finally came - perhaps enough to draw a veil over the lack of juicy details.
However, there are still so many questions to be answered about Star Wars: The Old Republic. Questions about how the interface will work, what the combat will be like, how much it'll cost to play... We're not talking about any of that today, of course. The even bigger questions, such as whether complex storylines and AI buddies will work in MMOs, won't be answered until the game is released - and that could be years from now.
Ray Muzyka is certain about one thing, though. "When this comes out, it's going to be the best game BioWare's ever done," he says. "We're excited about that." If you're a Star Wars fan, a BioWare buff, an MMO player or all of the above, you probably should be too. Excited - and curious to know more.

Star Wars: The Old Republic is due to be released Q2 2011 on MMO.

How to Find A Hobby That You Will Enjoy

There are so many possible hobbies. Choose one--or possibly more than one--that suits you. A hobby should be something that when you get up in the morning on your day off, you will be able to say, "Great, today I can enjoy my hobby," or "I can't wait to get home from work, because your hobby is waiting for you"! You should be so absorbed when doing your hobby that you may even loose track of time. A hobby can bring tremendous joy and satisfaction to the young or old. It should be custom fit to what you want to be doing with your valuable spare time.

Finding the right hobby takes a little thought and experiment. Read on to learn how to find the right one for you!

Instructions

Things You'll Need:

• Paper and pen

1. 1
   Start out by making a list of all the possible hobbies you even think you would be interested in. Search your mind back to when you were younger too. Maybe you built a tomahawk or shield as a boy or girl scout for an Indian Pow Wow event, and really enjoyed it. Maybe your drawing or painting was hung in the hall at your grammar school because it was so good or possibly you remember doing your own tune up on your car and how proud you were. At this point you just want to list a lot of possibilities, no matter how odd they may seem.
   
2. 2
   Ask yourself these questions about each hobby on your list:
   
   1) Can I afford this hobby financially? Consider tools and supplies.
   2) Do I have a place to work on my hobby; or would I need to rent out a garage or studio?
   3) Will my hobby offend others? For instance, oil painting in the house will surely create an odor.
   4) Can I get started right away; or will set up take a long time?
   5) Can I work on my hobby whatever the season?
   6) Consider if the hobby will be self satisfying and productive?
   7) Most importantly, will you "enjoy" the hobby; or might it feel like another job?
   
3. 3
   After asking yourself the above questions, begin to eliminate any of the hobbies that are unrealistic, for whatever the reason, financial or otherwise.
   
4. 4
   The list of hobbies remaining on your list should be those that you can afford, are realistic, will not disturb those around you and--most importantly--those that you feel you will enjoy.
   
5. 5
   From what remains on your list, you should now be able to find a hobby to get started with. There is no rule against having more than one hobby!
   

Tips & Warnings

• Many a hobby has turned into a business as well. Quilt making, knitting scarves or building wooden bird houses, for instance. There is always a market for these types of goods, and who knows, your hobby may even earn you extra cash!
• For a first time hobby, you may not want to jump right in and spend a lot of money to get started, go slowly and be sure you will enjoy the hobby, which is the goal.
• The person with a hobby they enjoy and look forward to is usually a "happy" person!

Diablo 3 Blizzcon

On the second day of the BlizzCon, a handful of members of the Diablo 3 development team, lead by game director Jay Wilson, sat down to answer questions from BlizzCon attendees. There were a lot of questions asked, and a few nuggets of useful and intriguing information gleaned. Let's take a look at some of the highlights.

PvP Battle Arenas

On the subject of the PvP arena, the developers made it very, very clear that they want to keep the PvE and PvP games separate. Each skill has a separate data set for PvP and PvE, which may include tweaks to cooldowns, damage, and so on. In addition, Jay Wilson very emphatically stated that the team will never nerf a PvE ability because of PvP. The team also confirmed that there will be no PvP stat similar to World of Warcraft's resilience. They also confirmed that they have no plans to implement dual skill builds for PvE and PvP. The feeling they have is that a good PvE build should also be a decent PvP build, and vice-versa. It's also true that Diablo 3 is much more alt-friendly, so they're also assuming that a lot of people will just have a PvP character and a PvE character.

Finally, the team emphatically confirmed that there are no plans to support Esports play for the arena system. On the contrary, they plan to actively avoid the Esport moniker. Games like Starcraft 2 had to sacrifice a lot to become Esports, said one team member, and the Diablo 3 team just isn't interested in making those same sacrifices. They don't want their balance and design decisions to become slave to the Esport, and they want to give people the option of building quirky characters and esoteric builds. Clan and guild support is still under discussion as a Battle.net feature, though. It's also worth noting that there will be no PvP in the PvE game. If you want to PvP, you'll need to head to the arenas. That said, if you head to the arenas as a hardcore character, and you die, your character is still done.

Diablo 3 (PvP Battle Arenas)

• 
• 
• 

Endgame considerations

A few players asked about plans for an endgame. The team admitted that they hadn't really solidified their plans yet. Part of this is because they need to see how people play the game in the beta in order to understand what they need and want from an endgame. You have to game before you can endgame, in other words. They did mention that they want to cater to as many types of players as possible, even PvPers, and that they wanted to avoid the Diablo 2 boss run phenomenon if at all possible -- if you like loot runs, they say, you should be able to get loot from running the game normally. While multiplayer modes like Capture The Flag and DotA-style combat are not completely off the table, they did emphasize that they want to stick to the core gaming principles of the Diablo series at all times, and they would not implement any gameplay modes that violated or drifted from that.

Boss fights, said the team, will be an extension of core gameplay. One of the team members said that they're looking to make them 50-percent Legend of Zelda and 50-percent Diablo 2. Zelda has simple, straightforward boss fights that still fit specific themes, and they'd like to emulate this in their own fights. When asked about resistances, they did say that they're making resistance scale with monster and player levels, similar to defense, so we shouldn't see arbitrary resistance reductions at higher difficulties. They also said they no longer plan to make monsters immune to forms of attack. However, they specifically left the option of fights that require resistance stacking on the table, noting that such tactics are a pretty classic part of end-game fights in a lot of action-RPG games.

Economy and character management

The team also answered a few questions on how the economy will work in the game. They noted that gold simply became so plentiful as to be useless in Diablo 2, and that they're actively trying to avoid this in Diablo 3. To start, gold will drop much less often that it did in Diablo 2. There will also be a "salvage" option for magical items, which will let you break them down for crafting components instead of selling them. The services offered by the artisans themselves, such as enchanting and gem de-socketing, should also create a money sink. Finally, the team is building the system from the ground up to be incredibly resistant to the item duplication bugs and cheats that plagued Diablo 2.

In addition to the straight up economy improvements, the developers also want to make trading between players easier. They've already built a basic trading UI pane where people can put items and gold in a window on one side, and see what the other player is offering on the other side. They're also considering other solutions to end chat channel spamming and special games created just for trading. Finally, your stash will be "massive," reported one team member, and there will be a shared stash to cut down or eliminate the need to "mule" things between characters on the same account. In addition, all of your characters should be on the same account, as the team plans to make any character cap so high as to be nearly unreachable, and there is currently not plan to ever delete your characters.

Odds and ends

The team answered quite a few other miscellaneous questions as well. One questioner wanted to know if they would consider adding WASD movement support. He was afraid of clicking to attack and accidentally moving instead. The team said that they'd actually tested WASD movement and found it limiting and clunky, and therefore had no plans to implement it. But they did mention that you'll be able to hold the shift key to stand still and avoid accidental movement.

We also will likely see the fate of the old Diablo 2 playable characters and many of the locales. (We already know, of course, that the Barbarian male will be the same one from Diablo 2). The new PCs will all follow the same story progression (and aside from the Barbarian, both genders will have the same basic backstory); but there will be different class-based flavors to their interactions with and reactions to story events.

The developers also reiterated their dedication to fighting bots and any 3rd-party actions that they feel threaten the integrity of the game. The new Battle.net, noted one team member, contains a lot more tools to fight bots both passively and actively as well. Also taken off the table was the possibility of 3rd-party UI mods. The team noted that while UI mods work for games like WoW, they also bring an added level of complexity and often force the developers to balance their game around them; and again, that's not something they want to deal with, not to mention they don't want to make the game that complicated.

Crysis 2

Though we've seen the new Nanosuit and the tech trailer from GDC, Crytek has been keeping its latest project under wraps for a while. That all changed this week in New York as Cevat Yerli and the team from Crytek invaded New York to show off a full demo of Crysis 2 in action. Though the demo was shown on the Xbox 360, the game will also be released on PC and PS3 this holiday season. In addition to getting to see the game for ourselves, we also had the chance to talk with Cevat and the game's writer Richard Morgan, bonafide science fiction author, about the new direction for Crysis 2.

By now you've probably seen the video of the trailer shown in Times Square earlier this week, but that's only the very beginning of the story. As the nanosuit-clad soldier stands amid the ruined rubble of Manhattan, choppers fly by overhead. Aliens lurking in the shells of demolished buildings launch an attack on the choppers and, predictably, all hell breaks loose. Enter the player to kick some serious alien butt.

After a brief introduction by EA Partners' General Manager David Demartini, Cevat YErli took the stage to discuss the inspiration behind the sequel. Building on the sandbox success of Far Cry and the original Crysis, Crysis 2 will allow players to overcome obstacles through a fluid mixture of stealth, speed, strength and shields. How you tackle each encounter will be entirely up to you and, based on the demo, it seems like you'll be able to switch back and forth fairly quickly between the different modes.
The nanosuit is one of three key areas Crytek is focused on. Cevat explains his intention is to make the use of the suit more accessible by reducing the layers of interface. This time around, for instance, you will have two basic modes, a hunting mode that emphasizes stealth and a tank mode designed for direct combat. In one you can sneak around invisibly, but in the other you can really soak up damage before going down. You can also activate a secondary mode that determines whether you want more power or greater tactical awareness.

So, for instance, you might opt for a stealth approach and also activate your tactical mode so you can spot the location of nearby enemies. If things get too rough, you can switch from tactical to power mode and use it to escape with quick running and powerful jumps. If that still doesn't get you out of trouble, you can switch your stealth mode to shield and rely on the suit's additional power mode to give you the muscle to really bash your way through any encounters. Once you've taken out enemies, you can switch from power back to tactical mode while still keeping your shield profile up and running. In this mode, you'll have greater awareness of where enemies are and be able to stand up to them in a direct fight.

This matrix, which allows for one of two styles and one of two modes, gives players four different options that they can switch to depending on the situation at hand. Upgrades which are available during the course of the game will even allow players to customize their suits for more specific types of play. It's all about adapting, engaging and surviving.

We saw a good bit of this in the demo level. It begins with the player standing high up in a damaged skyscraper, looking down at the Crynet guards on nearby roof below. Activating power and stealth modes, the player turns invisible and jumps down on the roof. Sneaking up behind an isolated guard, the player gets the option for a quick and quiet stealth kill. Pulling out a shotgun, the player takes a few shots at the other guards and quickly switches from stealth to shield mode to maximize his armor.

The battle has come to New York and it's up to you to protect it.

As he makes his way through the firefight, the player switches freely back and forth between stealth and shield approaches. When the last enemies are down, he switches off power mode and activates the tactical awareness mode. The tactical mode reveals rocket-armed guards on a nearby building, so the player switches back to power mode to quickly jump away from danger. Power mode also allows the player to pick up a gun mounted on the side of the building and use it as he would any other ordinary weapon.
The second big pillar of the sequel is the location of New York. Drawing on the concept of the "urban jungle," Crytek has created levels that have a much more vertical focus than those on the previous game's island. Given the city's ruined state in the game, there are also lots of opportunities for cover. Despite the move to a city setting, Crysis 2 remains a game that takes place mostly outdoors, so you won't be spending much time running in and out of buildings as you fight against the aliens.

Using New York as a setting also makes the game much more emotionally relevant to players. Where many players had to be told they were supposed to care about protecting the island, most will presumably already feel some initial motivation to save New York. The game's writer, Richard Morgan, even revealed that New York will be treated a bit like an actual character in the game with its own story arc and its own destiny. It is, in his words, the world's most iconic city, so it makes sense to use it as the backdrop for this latest story.

Unfortunately, the team isn't quite willing to talk about the specifics of the story and they aren't likely to reveal many of the surprises or twists in store. Richard likes to present the story to the player like a freefall, forcing them to cope with danger without exactly knowing what's going on. To that end, he would say that the Crynet security forces aren't necessarily the bad guys. The player will find himself in opposition to them, of course, but their separate agendas might line up from time to time as they both fight back against the alien invasion.

The nanosuit still allows players the option to play different ways.

We saw a bit of that in a scene where the player has been captured by Crynet and is being loaded into a helicopter to be taken to a nearby prison. As the chopper lifts off, an alien construct explodes out of the building below and destroys the chopper. As the player lays there waiting for the nanosuit systems to come back online, he watches as something strange happens to the Crynet security guards lying beside him. A larger ship flies down the street, dropping massive alien soldiers all along the block where you've crashed. As soon as your suit is functional again, you find yourself in a firefight alongside the surviving Crynet forces.

The third and final piece of the puzzle is highly interactive destruction, which was amply demonstrated in this street level firefight. Grenades and bullets are whizzing through the air and stonework and steel are exploding all around you. Not only does it make for an outrageous spectacle, but the smoke and fog it kicks up seems designed to keep the view distances from getting out of hand on the long straight streets of Manhattan.

The city of New York has its own destiny and story arc.

Naturally, Crysis 2 will feature all the latest features of the new CryENGINE 3 technology, which was recently showcased at GDC. Real time lighting, complex shading, procedural destruction and physics based effects will make the world seem more alive, while a dynamic cover system, lifelike AI and credible hit reactions will add a sense of realism to the actors in the game. The tech demo shows off many of these features and explains which platforms they're being rendered on. When asked if PC gamers need to be worried that the performance ceiling on the consoles will set a lower limit on the PC presentation, Cevat said that the team is fully committed to taking full advantage of the PC's expanded graphics power.

Crysis 2 has definitely been one of the game's we've been the most curious about this year, so it's great to finally see it in action. You can check out the trailer and the tech demo yourself on our media page, and be sure to stay tuned to IGN for even more details on this amazing and ambitious new shooter.

Researchers hack toys, attack iPhones at ToorCon

This IM-Me instant messaging toy for teen girls can be turned into a wireless tool for opening garage doors, cloning RFID tags and other less innocent activities.

(Credit: Elinor Mills/CNET)

SAN DIEGO--From "weaponized" iPhone software to hacked toys and leaked cookies, researchers at the ToorCon security conference here this weekend showed how easy it can be to poke holes in software and hardware with the right tools, know-how, and curiosity.

One researcher demonstrated how to take control of an iPhone using an exploit that targets a hole in Safari, which has been patched. The iPhone had an app installed that allowed it to process credit card numbers, which could then be stolen if this were an attack in the wild.

Eric Monti, a senior security researcher at Trustwave, "weaponized" an exploit that was launched as the Jailbreakme.com program this summer, designed to allow iPhone owners to use unauthorized apps.

For the demo, he directed the "victim" iPhone to a Web address that opened a PDF file that contained the exploit code. Then a rootkit was downloaded giving him complete control of the iPhone. Once a rootkit is downloaded an attacker has access to all data, e-mails, voicemails, and text messages, as well as the microphone and speaker. "You can easily eavesdrop on someone if you're on their iPhone remotely," Monti said.

If the iPhone has the free Square app installed, which is used for processing credit card numbers, the attacker could also steal those numbers, he said, adding that there is not a security issue with the Square app. "We will see people processing credit cards in stores using iPhone apps," transactions using highly sensitive data that should be on only secured devices, Monti told CNET in an interview after his talk.

Two researchers gave a light-hearted talk, titled "Real Men Carry Pink Pagers," about how they turned a toy into a wireless tool that could be used to open garage doors and clone RFID tags used for inventory control on shipping docks and RFID-based passports, among other uses. The pink plastic IM-Me device, with a "Girl Tech" brand on it, was designed to allow young girls to send instant messages with friends on a private network.

The IM-Me device also uses the same wireless chip that some smart meters use and could be turned into a diagnostic tool to test the security of those devices, said wireless researcher Michael Ossman. He worked on the project with Travis Goodspeed, who wrote software that gives the IM-Me functionality that most teen girls can't fathom.

"We took old hardware and repurposed it...It's fun to turn it into something useful and to learn about it," Ossman said, summing up a core element of the true hacker spirit.

This isn't the first toy Ossman has worked his hack magic on. During Defcon in August, he used the hackable badge from the event to try to turn a toy guitar into an electric instrument. The guitar, which he played for a select audience this weekend, remains acoustic at this point, but Ossman did manage to create a very cool electronic light oscillator for tuning the strings using RGB (red, green, and blue) LEDs.

Two other presenters showed how limited encryption used on many popular sites on the Web--like Facebook, Twitter, Hotmail, and Flickr (but not Google)--can put user accounts at risk of compromise by someone snooping on session traffic between the user's computer and the site's server. Sites typically encrypt the username and password as they are transmitted, but unless the entire Web session is encrypted with "https," or secure hypertext transfer protocol, someone sniffing the network could capture the cookie information and use that to access the accounts, according to security researchers Eric Butler and Ian Gallagher.

Web surfers don't even have to be on one of the sites to have their cookie data exposed. Any site that even just hosts a Facebook or Twitter widget or has a Flickr image embedded can leak a user's cookie data if the user is logged into the relevant host site, they said. "The cookie allows you to do everything you can with a password," Butler said. "It is hard for users to protect themselves."

So-called HTTP session hijacking, or "sidejacking," is not new; another researcher released a tool last year to enable this on Facebook. But Butler and Gallagher said users will be vulnerable to such attacks until Web sites move to full session, end-to-end encryption and configure sites to indicate that browsers only should send data over encrypted channels. They are releasing a tool that automates an attack and said that they hope that doing so will bring attention to the problem and motivate Web site owners to use encryption more broadly.

"Any motivated attacker could do this without this tool," Butler said. "We think this will shine light on the issue."

Eric Monti demonstrates how he is able to surreptitiously take control of an iPhone during a ToorCon presentation.

(Credit: Elinor Mills/CNET)

Another researcher talked about the security problems with the Absolute Manage (formerly LANrev) software, which was designed to remotely update software and which was used to secretly take photos of high school students in Philadelphia earlier this year. Joel Voss, security consultant at Leviathan, said it took him only 48 hours to develop a proof of concept and another dozen hours to create a working exploit to break the encryption on the software.

Voss' exploit renders all computers with the Absolute Manage client software installed vulnerable to compromise by an attacker who could not only spy on the computers, but even run malware on them. Voss informed the company about the problem in July but the current release of the software does not resolve the issue, he said. "It's bad for anyone to be running software that is that insecure," he said, adding that he is not releasing the exploit. Absolute Manage could not be reached for comment on Sunday.

Developers need to be aware of the privacy implications of the software they create, said David Kane-Parry, a principal security consultant at Leviathan Security Group. His talk focused on potential unintended privacy issues related to location-based mobile apps, like Google Maps, in which the data is not encrypted between the consumer's device and the app server. He also noted, for example, that mobile photos uploaded to sites like Facebook can be geo-tagged to reveal the coordinates of where the photo was taken, unbeknownst to the picture taker.

And in a keynote at the event, Dan Kaminsky, who discovered a security flaw with authentication in the Internet's Domain Name System last year and an even more serious problem the year before, talked about the need for the industry to adopt DNSSEC, which stands for Domain Name System Security Extensions. DNSSEC deployment has been slow because it's not easy to do, he said.

To solve that problem Kaminsky has developed software he jokingly dubbed "Phreebird" that allows DNSSEC to be deployed as an upgrade to the existing infrastructure without having to "massively change their processes," he said. A test version of the software will be released at Black Hat Abu Dhabi in November. Meanwhile, a member of the Google Chrome team has developed an "unofficial, unsanctioned" build of Chrome that uses DNSSEC to validate Web sites, he said.

"There's a huge bug in one of the core concepts of the Internet," Kaminsky said in an interview. "DNSSEC is a fix, but we need to deploy it."

How to Make a Good Impression During Job Interviews

When going to an interview, it is important to have the right state of mind and to focus on what is important.  The thing that is the most important when attending an interview is not how you answer questions.  It is the impression that you leave behind.  That being said, answering questions "correctly" will of course impact on that impression.  The word "correctly" was put in quotes because there are no perfect answers to questions, although there are wrong answers.

 

Put things in perspective.  By the time you are called for an interview, the employer will already have gone through your resume and cover letter.  He or she knows the basics about you: your background, your work experience, your general interests, why you want to join the organization, etc.  Whatever the employer knows up to that point, however, is only one-sided.  The employer only knows what you have decided to reveal.  Based on the information that you have provided, however, he or she decided that you were "worthy" of a meeting.  This is the employer's way to show an open mind.  "Here's your chance" he or she is saying.  "Show me what you've got" or "prove to me that you are as good as you pretend to be."

 

This is partly how the stress builds up.  You are starting to feel the pressure to "impress."  Knowing that other candidates have also been called for an interview, you feel even more pressure.  This is where you realize that the application process in an ensemble.  Everything has to fit together.  Your resume and your cover letter have to impress, yet truly reflect who you are so that when you show up on Interview Day, you can be yourself.  (Tips on how to handle stress during job interviews can be found in another article on WorkBloom.)

 

The first thing about making a good impression is to be positive.  If you are negative and over-worry, that will show.  Condition your mind to be positive and optimistic about your future so that when you see the interviewer for the first time as he or she walks towards you, that smile that is on your face is sincere. 

 

First impressions matter.  Why?  Because they create biases.  If you make a bad impression upfront, you will have to combat that bias.  It's like running uphill.  On the other hand, if you make a good impression, you can ride on it.  It's like running downhill.  That being said, make sure to dress professionally, smile, give a firm handshake, and introduce yourself properly.  How to dress properly for an interview is discussed in further detail in the "Interview Attire" section of WorkBloom.

 

As the interviewer walks you to the interview room, he or she might ask you a few questions about the weather or how you got there... some small talk to put you at ease.  Accept the "invitation" and relax. 

 

As the interview "formally" starts, make sure to remember that interviewing is a "communication process."  This means that you have to be "clear" when you talk.  Clarity entails that you "speak clearly" and "answer clearly."  Speaking clearly means that you have to speak loud enough and pronounce your words well enough so that you are well understood.  Think of news anchors and how they speak.  Answering clearly means that you have to satisfy whatever was on the mind of the interviewer when he or she asked you the question.  In order to do that you have to practice your listening skills.  Yes, listening is part of communicating.  If you are not sure what was asked, ask the interviewer to repeat himself or, even better, rephrase the question in your own words and ask the interviewer to confirm that you grasped his or her question properly.  The next thing to keep in mind is that questions are asked for a purpose.  Try to find the purpose underlying the question.  What does the interviewer want to know and how can you best answer his or her question? 

 

Put yourself at ease as you answer questions and undertake it as if it was a conversation.  To "converse" with someone is the best way to "connect" with that person.  If you were not offered a glass of water and feel that your mouth is dry, don't be shy and ask for a glass of water.  The interviewer will be happy to do so.  Don't let those minor details bother you. 

 

As the interview winds down, make sure that you have showed interest for the organization by asking a few relevant and intelligent questions.  Don't let your guards down.  The interview is not over until you have left the building. 

 

As you leave, give each interviewer a firm handshake and thank them for meeting with you.  You can also ask for their business cards if you do not yet have them.  Having your interviewers' business cards is important for following-up purposes.  You want to spell their name correctly and you want to send to each interviewer separate e-mails.  Remember, the last step in the interview process is not when you leave the interview room.  It is when you follow-up the day after the interview.  Following-up is not an option.  It is mandatory.

 

To conclude, remember that you will be chosen not based on any specific answers that you give, but on the overall impression that you leave behind.  Trusting yourself is the central and most important thing you need to remember.  If you don't trust yourself, nobody will.