From the DMG

Standard

Sage advice from the inside cover of the new Dungeon Masters Guide

Disclaimer: Wizards of the Coast does not officially endorse the following tactics, which are guaranteed to maximize your enjoyment as a Dungeon Master. First, always keep a straight face and say OK no matter how ludicrous or doomed the players’ plan of action is. Second, no matter what happens, pretend that you intended all along for everything to unfold the way it did. Third, if you’re not sure what to do next, feign illness, end the session early, and plot your next move. When all else fails, roll a bunch of dice behind your screen, study them for a moment with a look of deep concern mixed with regret, let loose a heavy sigh, and announce that Tiamat swoops from the sky and attacks.

20141126_211819

Geek Christmas Gifts Under $20

Standard

Its that time of the year, when many spouses, parents, friends or family members cannot figure out what to get that special geek in their life.

Well, have no fear – here are a few suggestions….and all under $20.

I found these items while perusing the most excellent site ThinkGeek.com.  If you have never visited, I highly recommend it…but you better have some spare time and your wallet.

Kicking off, I feel its only fitting that we start with something featured on this very blog almost a year ago…..The 8-Bit Holiday Wreath for only $15.99. 

Next up, for the gamer in all of us…..how about a couple of D20 related items? 

Imagine the joy on your DM’s face when you present him with some cupcakes from your D20 Critical Hit Cake Pan ($7.79).

 

Even better?  What DM wouldn’t want to sit down to contemplate world domination with a cocktail cocktail containing D20 Ice ($7.99)?

And finally at ThinkGeek, what do you get when you cross a coffee mug with Legos?  Something so incredible that it almost defies words…the Build-On Brick Mug for ONLY $9.99!

What geeky item is on your Christmas list this year?

e-Cigs….Health Risk for Security?

Standard

There used to be a story going around the hacking world – where one technique was to load spyware onto a usb drive and leave it in the parking lot of the business you intended to hack.  The theory was, someone will find it……and the WILL plug it into their computer, because users cannot risk the temptation.

Now we have e-cigs, something I personally find ridiculous.  While deemed a “Safer” alternative, I personally doubt pumping those chemicals into your body is any different – just give me a great cigar.

Meanwhile, the story below notes the potential security risk for IT, when users want to charge their “cigs” at work.

Maybe NSA had it right way back in the day, by sealing up the USB Ports?

Now e-cigarettes can give you malware

E-cigarettes may be better for your health than normal ones, but spare a thought for your poor computer – electronic cigarettes have become the latest vector for malicious software, according to online reports.

Many e-cigarettes can be charged over USB, either with a special cable, or by plugging the cigarette itself directly into a USB port. That might be a USB port plugged into a wall socket or the port on a computer – but, if so, that means that a cheap e-cigarette from an untrustworthy supplier gains physical access to a device.

A report on social news site Reddit suggests that at least one “vaper” has suffered the downside of trusting their cigarette manufacturer. “One particular executive had a malware infection on his computer from which the source could not be determined,” the user writes. “After all traditional means of infection were covered, IT started looking into other possibilities.

“The made in China e-cigarette had malware hardcoded into the charger, and when plugged into a computer’s USB port the malware phoned home and infected the system.”

Rik Ferguson, a security consultant for Trend Micro, says the story is entirely plausible. “Production line malware has been around for a few years, infecting photo frames, MP3 players and more,” he says. In 2008, for instance, a photo frame produced by Samsung shipped with malware on the product’s install disc.

Even more concerning is a recent proof-of-concept attack called “BadUSB”, which involves reprogramming USB devices at the hardware level. “Very widely spread USB controller chips, including those in thumb drives, have no protection from such reprogramming,” says Berlin-based firm SRLabs, which released the code.

Combine the two, says Ferguson, “and a very strong case can be made for enterprises disabling USB ports, or at least using device management to allow only authorized devices.

“For consumers it’s a case of running up-to-date anti-malware for the production line stuff and only using trusted devices to counter the threat.”

Dave Goss, of London’s Vape Emporium, says that vapers can remain safe by buying from respected manufacturers such as Aspire, KangerTech and Innokin, and by checking for “scratch checkers” on the box, which mark out authentic goods from counterfeits.

“Any electrical device that uses a USB charger could be targeted in this way, and just about every one of these electrical devices will come from China,” he adds.

In early November, figures obtained by the Press Association revealed that e-cigarettes and related equipment, such as chargers, were involved in more than 100 fires in less than two years.

http://www.theguardian.com/technology/2014/nov/21/e-cigarettes-malware-computers

5 Yr Old MCP–Is it Valid?

Standard

I recently read an article about that I found both interesting and disturbing at the same time.  In it, we are introduced to Ayan Qureshi, claimed to be the youngest Microsoft Certified individual – having passed a cert exam at 5yrs old.

While the initial knee jerk reaction is – “That’s pretty cool”, I am a bit concerned on a few things.

      1. Braindumped data or teaching specifically to the exam
      2. No valid form of ID
      3. Inability to understand or be bound to the NDA

First, his father Asim states “The hardest challenge was explaining the language of the test to a five-year-old. But he seemed to pick it up and has a very good memory,”.  To me, this indicates that his father “Brain Dumped” information to his child, a fairly common practice where you repetitively go over the question base until you have memorized the test, instead of actually knowing the material.   Sadly, this is demonstrated in several state competency exams here in the United States  (with documented examples of Teachers teaching to an an exam) and highlights why you cannot base demonstrable knowledge based solely on certifications.

Secondly, I question how the boy was able to provide proper identification.  At 5 years old, it is unlikely he had proper photo ID (plus an alternate) to present to the proctor prior to sitting the exam.  It is possible (especially since he appears to have immigrated to the UK from Pakistan in 2009) that he has a passport – there is a requirement from Pearson VUE that the the ID has a “ recent recognizable photo, and signature”.  Since he would have immigrated as a baby (and passports are not issued frequently) the child would have changed drastically in appearance and would not have signed the document – this would not be a valid form of ID.

Finally, How does a child legally accept an NDA?  Since he is a minor, I would argue that he probably does not have the mental capacity to understand the “Click Through Agreement”.

Based on these three points , I personally would question the validity of the claims that he is an MCP.  Instead, I applaud that the child is able to retain the data – and hopefully he continues his education to LEARN the skills necessary to become an IT Professional.

Read about little Ayan here and feel free to comment below.

Five-year-old passes Microsoft exam