пятница, 18 декабря 2020 г.

Our most powerful SEO Ultimate Plan

hi there

Getting Top 10 Position in Search Engines is % Must for every Website if
you are really serious to do Online Business. If you are not in top 10 it
means you are getting only 5% of visitors for that particular keyword.


Please find more information on our plan here:
https://str8creative.co/product/seo-ultimate/


thanks
Alys
support@str8creative.co

воскресенье, 22 ноября 2020 г.

Cheap Monthly SEO plans %domain%

hi there

After checking your website SEO metrics and ranks, we determined that you
can get a real boost in ranks and visibility by using any of our plan below
https://www.cheapseosolutions.co/cheap-seo-packages/index.html

cheap and effective SEO plan
onpage SEO included

For the higher value plans, DA50 DR50 TF20 SEO metrics boost is inlcuded

thank you
Mike
support@cheapseosolutions.co

среда, 21 октября 2020 г.

вторник, 6 октября 2020 г.

re: new Social SEO

hi
retro-d-for-dummies.htmlnoreply

Glad to hear that, here are the details below

More information here:
http://www.realsocialsignals.co/buy-social-signals/

For the best ranking results, buy Monthly basis Social signals, provided
daily, month after month:
http://www.realsocialsignals.co/custom-social-signals/


Regards
Beau












http://www.realsocialsignals.co/unsubscribe/


2018-11-9, tr, 19:37 retro-d-for-dummies.htmlnoreply
<retro-d-for-dummies.htmlnoreply@blogger.com> raše:
Hi there, Please send me the@ Social signals offer ^that we talked about
over the phone. I`m interested and I w@ant to boost my SEO metrics with this
new SEO method. Thanks again, will wait your reply.

четверг, 1 октября 2020 г.

суббота, 26 сентября 2020 г.

среда, 23 сентября 2020 г.

Euronimoes

Dave Ross wrote to tell me about his print and play game Euronimoes, which is in its third and final edition (hasn't required any updates in 4 years).

Print and play games are great for time when you are stuck at home, because they: are craft projects (sometimes minimally), free, and usually light, simple, and family-oriented.


Euronimoes fits the bill, as a Euro-style pattern building game, which requires only one or two sets of Dominoes (0-6) and a few poker chips for each player, and the free rules from his site.

On each turn, you take a Domino into your hand, either from a "market" or the draw pile, and then play one from your hand into your personal pattern space (see the above figure, for example). Dominoes in the market cost -1 (you gain a chip) up to 3 chips, while taking a random Domino always gives you 1 chip.

Columns in your space must always form runs up or down (if touching), and you score the lowest tile in each run; lowest score in the end wins. There is also an option to build upwards and take off more points from your score.

That's about it; details are in the free rules.

вторник, 22 сентября 2020 г.

AK-046, Tomcat The F-14 Fighter Simulator!

In this episode I cover the only plane flying simulator on the 2600 that I am aware of, Tomcat F-14. It certainly was an adventure! Up next is the CBS Electronics game Mountain King, so if you have thoughts on that game, send it to me at 2600gamebygame@gmail.com by November 17. My Extra Life half marathons are coming up this weekend on the 8th and 9th starting at 6 pm. Thanks to all who have donated so far, I'm still trying to reach my goal! You can donate at the link below, thanks for that and thanks as always for listening.

My Extra Life donation page, thank you!
Tomcat F-14 on Random Terrain
Dan Kitchen's web site
Interview with Dan by Classic Gamer 74
Interview with Dan by ZeroPage Homebrew
No Swear Gamer 374 - Tomcat F-14
No Swear Gamer Tomcat F-14 full mission
Eugenio's PRGE 2019 photo album
Arcade Blogger - Atari Bradley Trainer
Hugues Johnson's Console Timeline

воскресенье, 13 сентября 2020 г.

Burgundian Candy

One of the 3 pike blocks 
 This is partly what re-kindled my interest in the late 15th century. It's become extremely popular over the last few years - in no small part to the fantastic plastic and complimentary metal ranges put out by the Perry twins. Trouble was, the wars of the Roses never quite did it for me. Seemed a bit dull, but what was going on in Europe at the same time always appeared much more exotic. So where to start? Burgundians were a logical choice, many, many years ago I spent 5 years living in modern day Burgundy, in the environs of Dijon, so I had a slight affinity with the area, and had spent plenty of happy hours clambering around castles and fortified chateau that still grace the area. So Burgundians it was. The vague and not terribly joined up plan, being that Burgundians meant Swiss, which could stretch into The wars of Burgundian succession, and then into the early Italian Wars. Like I said, not that joined up.
Perry knights and coustillier 
Anyway, here are a few pictures of the Burgundians so far. Mostly Perry and Foundry, with a few Steel Fist
Perry knights 

Crossbows and handgunners to the fore

These were a lot of fun to paint


Worms eye view

Buds, Blooms, And Thorns Kickstarter Preview Of The Whatnot Cabinet By Pencil First Games

Buds, Blooms, and Thorns Kickstarter Preview of The Whatnot Cabinet by Pencil First Games
DisclaimerSupport me on Patreon!
Vitals:
Title: The Whatnot Cabinet
Designed by: Steve Finn
Publisher: Pencil First Games
Year Published: 2021
MSRP: $??
1-4p | 20-30 min | 8+
Kickstarter Link: The Whatnot Cabinet
Kickstarter Price: $39

Disclaimer: This review is for a prototype version of the game.  Art and components may not be final and are subject to change.

Introduction:
Back in 2017 I was fortunate enough to review A game called Herbaceous by the board game design supergroup of Steve Finn on design, Eduardo Baraf on development and publishing, Beth Sobel on art, and Keith Matejka on solo gameplay.  I absolutely loved the game. And since then have been equally impressed with their other games: Herbaceous Sprouts and Sunset Over Water.  All three games are excellent, relaxing filler games that play in about 30 minutes.  When I heard about The Whatnot Cabinet by the same dynamite team, I was very excited.  I'm thrilled to have the opportunity to review The Whatnot Cabinet while it is still on Kickstarter, but let's see if it holds up to this team's other games.

Blooms:
Blooms are the game's highlights and features.  Elements that are exceptional.
  • Fast, simple gameplay.
  • Good player interaction.
  • Puzzly moments.
  • Fun solo play.
Buds:
Buds are interesting parts of the game I would like to explore more. 
  • The Fascination Pack mini-expansion adds more variety.
  • The game plays great at all player counts I've tried, I look forward to trying at the other player counts.
Thorns:
Thorns are a game's shortcomings and any issues I feel are noteworthy.
  • Turns can sometimes feel a bit limiting when bad luck won't get you the tiles you need.
  • There are limited ways to mitigate bad luck.
  • Ran out of tiles in a two-player game.
Final Thoughts:
I really like The Whatnot Cabinet, however, I do feel it had one flaw.  My biggest concern was with the amount of luck in the game and an inability to mitigate it occasionally.  It is pretty easy to get yourself in a situation where one tile is the difference between a bunch of points or none and if that tile doesn't come up when you can get it, you're out of luck.  There are several ways that tiles in the "ouutdoors" (the publicly available tiles in the game) can be cleared and replaced, which is fine for when you are digging for that desired tile, but when someone else does that and dumps your tile before you ever have a chance to acquire it, that can be frustrating.  Additionally, at the end of every round the "outdoors" is refreshed, so tiles can be discarded before you ever have an opportunity to acquire them.

I'd love to see a way to get discarded tiles back, or at the very least, only have the "outdoors" refill every round instead of getting wiped completely.

On a somewhat related note,  we used the actions to refresh the "outdoors" so often in one two-player game that we ran out of tiles before the end of the game.  I'm not sure if that's a common occurrence, but maybe returning discarded tiles to the bag each round could help with both of these issues.

Overall though,  I really liked The Whatnot Cabinet.  It fits in perfectly with the other relaxing themes this team has released.  The puzzle the game presents is engrossing, the artwork is gorgeous, and the game plays a lot faster than you expect.  I especially liked the solo game.  It plays fast, presents an interesting challenge, and is quick and simple to set up and take down, all attributes I look for in solo games.  Steve Finn, Eduardo Baraf, Beth Sobel, and Keith Matejka have knocked out of the park again with this design.

The Whatnot Cabinet earns a Bloom from me.  It's a perfect addition to this team's game catalog.  If you enjoy any of those other games, or any of Steve Finn's other games, then you'll love The Whatnot Cabinet.  Check it out now, on Kickstarter, for only the next week!

Buds, Blooms, and Thorns Rating:
Bloom!  This game is great and worth
adding to your collection!  It should be
on just about every gamer's shelf. 

Pictures:
















Did you like this review?  Show your support: Support me on Patreon!Also, click the heart at Board Game Links , like GJJ Games on Facebook , or follow on Twitter .  And be sure to check out my games on  Tabletop Generation.


GJJ Games Reviews are independent, unpaid reviews of games I, George Jaros, have played with my family and friends.  Some of these games I own, some are owned by friends, some are borrowed, and some were provided by a publisher or designer for my honest feedback and evaluation.  I make every attempt to be both honest and constructively critical in my reviews, and they are all my opinions.  There are four types of reviews on GJJ Games: Full Reviews feature critical reviews based on a rubric and games receive a rating from 0 to 100.  Quick Reviews and Kickstarter Previews are either shorter reviews of published games or detailed preview reviews of crowdfunding games that will receive a rating from 0 to 10 based on my impressions of the game.  Buds, Blooms,and Thorns reviews are shorter reviews of either published or upcoming games that highlight three aspects of a game: Buds are parts of a game I look forward to exploring more, Blooms are outstanding features of a game, and Thorns are shortcomings of a game.  Each BBT review game will receive an overall rating of Thorn, Bud, or Bloom.

понедельник, 7 сентября 2020 г.

пятница, 4 сентября 2020 г.

Procedurally Generated Annotations

Imagine exploring this dungeon:

Dungeon map
Procedurally generated dungeon map

But that's not what watabou's One Page Dungeon generator produced. It produced that dungeon with a title, Underground Lair of the Cursed Lich: For several centuries the lair of the Cursed Lich was considered lost, until recently was rediscovered by a gang of gnolls, and also with text annotations on some of the rooms:

Dungeon map with annotations
Procedurally annotated dungeon map

Big difference! The text sparks curiosity and imagination in a way that the map by itself does not. Is that bard good or evil? Did the bard and cleric know each other? How did seals kill the gnoll?! What does the magic gem do? This type of text is missing from many procedural generation projects, including mine. I love what watabou did here.

Let's look a map from Azgaar's Fantasy Map Generator:

Continent map
Procedurally generated continent map

But that's not all Azgaar generates. He also generates country names, borders, icons, and other annotations:

Continent map with annotations
Procedurally generated everything

Look at how much more interesting that is!

Zoomed in, the map looks nice, with regions, rivers, and bays:

Region map
Procedurally generated region map

But look how much more interesting it is with town names, roads, and trade routes:

Region map with annotations
Procedurally generated everything

It doesn't take much annotation to make the magic! Just a small amount triggers our curiosity and imagination. Our minds see patterns easily, even when they aren't really there ("apophenia"). This is something I'd like to explore the next time I'm making a procedural map generator.

(Note: this is an expanded version of what I posted on twitter)

понедельник, 31 августа 2020 г.

Change Passwords Regularly - A Myth And A Lie, Don'T Be Fooled, Part 2

In the previous blog post, I have covered the different passwords you have to protect, the attackers and attack methods. Now let's look at how we want to solve the issue.

Password requirements

So far we have learned we have to use long, complex, true random passwords. In theory, this is easy.
Now, this is my password advice for 2014:

Password character classes
Use upper-lower-digit-special characters in general cases.
If you don't understand what I just write, choose from this:
qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM0123456789-=[];'\,./<>?:"|{}_+!@#$%^&* ()`~
If you are a CISO, and say: use 3 out of 4 character class, everyone will use Password12 or Welcome12 as their password (after the 12th enforced password change).

Password length
This is basically the only thing which changes whether the password is in the very high/high/medium/low level. Check the previous blog post for the details about very high/high/medium/low level.

Password length: Very high level class (including work-related/enterprise passwords)
15 character (or 20 if you are really paranoid). Making true random passwords longer than 20 characters usually does not make any sense, even in high security scenarios (e.g. military, spy agencies, etc.). 15 character in Windows environment is a right choice, as LM hash is incompatible with 15 character passwords, thus one (effective) attack won't work. Beware, there might be bugs with using 15 character passwords, with a low probability.

Password length: High-level class
12 character, upper-lower-special characters

Password length: Medium class
10 character, upper-lower-special characters, still TRUE random

Password length: Low-level class
9 character. Why less?

Pin codes
Always choose the longest provided, but a maximum of 8. Usually, more is pretty impractical.

Password randomness
True random, generated by a (local) computer. Avoid Debian. Avoid random generated by your brain. Do not use l33tsp33k. Do not append or prepend the current month, season or year to a word. Do not use Star Wars/Star Trek/(your favorite movie/series here) characters or terminology. In general, avoid any pattern like the above ones. The chances that a true random password generator generates SkyWalker12 is very-very low. And believe me, it is not that hard to crack those. Every algorithm that you would come up with; the bad guys have already thought of it. Use true random. Let the computer do it for you. See details later in this post.

Password history
Never-ever reuse passwords. NEVER!

Password change period
If it is not enforced otherwise, don't bother to change it twice in a year. But! Check if the password cracking speed made your current ones obsolete. If yes, change the obsolete passwords. Immediately change the password if you have been notified that the service you use has been compromised. Immediately change all of your recently used passwords if you suspect malware was running on your computer (do this on a known clean computer). Immediately change your password if you have used it on a computer you don't own, or there is a small chance malware is running on it. Change it if you really had to give your password to someone. Otherwise, goodbye regular password change. We will miss you...

If you are a CISO, and writing security policies, you should have to enforce the password change period based on: do you allow LM hashes? What is the password length requirement for users and administrators? What is the current hash cracking speed, and the forecast for the next 2 years? I think people would be happy to increase their passwords with 1-2 characters, if they are not forced to change it frequently (e.g. every month).
Now after I was sooo smart giving advises people still hate to implement, let's see the practical implementations. At least some people might like me, because I told them not to change the passwords regularly. Next time someone tells you to change all your important passwords regularly, put a lie detector on him, and check if he changes all of his passwords regularly. If he lies, feel free to use the wrench algorithm to crack his passwords. If he was not lying, call 911, to put a straitjacket on him. Only insane paranoid people do that in reality. Others are just too scared to say "what everyone recommended so far is bullshit". Comments are welcome ;) Other people might hate me for telling them using true random passwords. Don't panic, keep reading.
And don't forget to use 2 factor authentication. It might seem a bit of an overkill at the beginning, but after months, you won't notice using it.

(Bad and good) solutions

I will use the same password everywhere

This is a pretty bad idea. If one of the passwords are compromised, either the attackers can access your other sites, or you have to change all of your passwords. There are better ways to spend your life on earth than changing all of your passwords.

I will remember it

Good luck remembering 250 different, complex passwords. Don't forget to change them regularly! ;)

I will use the password recovery all the time

Not a very user-friendly solution. And because the security answer has to be as complicated as the password itself, the problem has not been solved.

I will write it down into my super-secret notebook and put it in my drawer

Although it might work in some cases, it won't work in others. I don't recommend it.





I will use an algorithm, like a base password, and add the websites first letters to the end of the password

Still better than using the same password everywhere, but believe me, if this is a targeted attack, it is not that hard to guess your password generation algorithm.

I will use the advice from XKCD, and use the password correcthorsebatterystaple

Still a lot better than simple passwords, but unfortunately, people are still bad at choosing random words with random order, so it is not the best solution. And again, you can't memorize 250 different passwords ... Even 10 is impossible. Only use this method in special corner cases (see details later), and use a passphrase generator!

I will use a password manager

This is the very first good idea. It solves the problem of remembering 250 different complex and random passwords. Some people might complain about using a password manager, here are those complaints. And my answers:

If someone gets access to this one password store, all is lost.
Answer: If someone accessed your password store, and the master password, you can be pretty damn sure that most of your passwords are already stolen. For extra paranoids, you can use multiple password stores, one for daily use, one for rare cases. Beware not to forget the password for the second one ;)

What if I don't have access to the password store when I need it?
Answer: In the age of cheap notebooks, tablets, and smartphones, in 99% of the cases you should not use that important password on any other device than yours. In the rare cases when you must, you can use either your smartphone to get the password, or use a browser extension like Password hasher to generate different passwords to different websites, with one password. For extra paranoids, you can have different master passwords for the different security levels. And don't forget to change the password after you are back at your own computer.

What if I forgot the one password to the password store?
Answer: If you use your password manager daily, it has the same odds to forget that one password as it is to forget every one of your passwords.

Password managers make phishing attacks easier.
Answer: Who started this nonsense? Good password managers decrease the risk of phishing.

Password managers have the same vulnerabilities as other websites or software.
Answer: Well, this is partially true. There are at least 3 types of password managers, from most secure to least: offline, browser built-in, online. Online password managers give better user experience, with a sacrifice in security. But if you choose one of the leading password managers, and you are a simple home user, the risks are negligible. If you try to store your work password in an online password store, you might violate your internal security policy. For paranoids, use offline password managers, and back them up regularly. If you choose an online password manager, at least use 2-factor authentication. And don't forget, your Chrome password can be easily synchronized to the cloud, shifting it to the online category.

In some cases, like Full Disc Encryption, OS login, smartphone login, or password manager login, the auto-type of password from the password manager is not available, thus choosing a true random password is a pain in the a$$.
Answer: True. Generate pronounceable passwords or passphrases in these corner cases, e.g. with the Linux tool apg you can generate pronounceable passwords. For easy and fast type, don't use capital letters (only lower-alpha - digit - special) in the original password, but increase the length of the password. Add 1 extra character because you don't use upper case letters, add 3 other because it is a pronounceable password, and you are good to go. For extra paranoids change one or two of the letters to uppercase where it is convenient. 
apg -M SNL -m 15 is your friend.
If you want to check what I write here (always a good idea), test the entropy of a true random 10 character password with all character classes, and check it with 14 characters, without uppercase. I recommend KeePass for that. If you comment on this that "Keepass can not measure that it is a pronounceable password, thus the entropy is lower in reality", my answer is: "Check out the current passwords used by users, and current password advises, and tell me if this password is a lot better or not ..." . You have been warned.
 

For the high-level password class, I don't recommend anything your brain generated. There are also suitable offline passphrase generators. Use at least 5-6 words for passphrases.

Password managers are not user-friendly, it takes more time to log in.
Answer: If you set auto-type/auto-fill, and the password manager is opened once a day (and you lock your computer when you leave it), in this case, logging in takes less time than typing it! It is more convenient to use it, rather than typing the passwords every time.

I like to create new unique passwords every time I create a new account, and password managers take the fun away from it.
Answer: Said no one, ever! "38 percent of people think it sounds more appealing to tackle household chores – from folding the laundry to scrubbing toilets – than to try and come up with another new user name or password."

To summarize things. Use a password manager.

General advise

Never use your essential passwords on other computers. They might be infected with a password stealer. If you really have to use it, change the password as soon as possible on a trusted (your) computer.

Don't fool yourself by phishing sites. If you go to the local flea market, and there is a strange looking guy with "Superbank deposit here" logo above his head, will you put your money?

Protect yourself against malware. Use a recent operating system, and even if you use OSX or Linux, it is not a bad thing to have an AV as a "last line of defense". Or to check your pendrive for Windows USB worms.

Never-ever use online web sites to "generate your password", "measure the complexity of your password" or "check if it has been breached". Never! (Except if it is your password manager :) ... )

Update: Sign up on the https://haveibeenpwned.com/ for notification if your e-mail is found in a leak.

Changing passwords frequently is bad advice. It is not effective. Put more energy in other right password advise. 

Related posts


RFCrack Release - A Software Defined Radio Attack Tool

RFCrack uses the following hardware with RFCat libraries:
YardStick One: 
https://goo.gl/wd88sr

I decided to cleanup my RF testing harness and release it as a tool named RFCrack
Mostly because it has been pain to set up use-case scenarios from scratch for every device I am testing. Rather then release a tool no one knows how to use. The below video will be a quick but comprehensive tutorial to get you started If you've been following the blogs, this will greatly simplify your testing, in the following ways:
  • RFCrack handles all of your data conversions. 
  • It allows you to capture, replay and save payloads for use anytime 
  • It will handle rolling code bypass attacks on your devices. 
  • You can jam frequencies and fuzz specific values 
  • It will also allow you to scan specific frequencies in discovery mode or incrementally probe them 
  • RFCrack will hopefully have keyless entry & engine bypass support in the near future

This is the first release, everything works as intended but there will be plenty of updates as I continue to do research and find reasons to add features needed for testing. I am still making changes and making it more flexible with modifiable values and restructuring code.  If you have any legitimate use case scenarios or need a specific value to be modifiable, hit me up and I will do my best to update between research, if its a legitimate use case.

You can reach me at:
Twitter: @Ficti0n
http://cclabs.io , http://consolecowboys.com

GitHub Code for RFCrack:

https://github.com/cclabsInc/RFCrack

Full RF Hacking Course in Development:

Not all of the attacks in the tool have been covered in the RF hacking blog series and a few more are in research mode, as such, not yet added to the tool but will probably be covered in a full length online class on Hacking with RF which includes all targets and equipment.  Send an email to info(at)cclabs.io if your interested.



Walkthrough Training Video:




Until Next time: 

Cheers, and enjoy the tool for your personal use testing devices, feedback and bug reports are appreciated.  I have another RF blog coming out shortly based on my friends research into hacking garages/gates and creating keyfobs.  I will post when its ready. 
More info