The Rabbit Done Died

But it’s NOT what you think…

We missed this announcement last week, not so much from inattention, but from astonishment: We did not even know Second Life was still a thing, but apparently so.

Now featuring dead sleeping bunnies…

Virtual rabbits across Second Life will fall asleep on Saturday then never wake up, now that the their digital food supply has been shut down by a legal battle. The player-made and player-sold Ozimals brand of digirabbits are virtual pets that players breed and care for in the sandbox MMO, and even need to feed by buying DRM-protected virtual food. But they rely on servers. Waypoint reported earlier today that the seller of Ozimals and the Pufflings virtuabirds has received a legal threat he says he cannot afford to fight, so they’ve shut down. By Saturday, rabbits will run out of food and enter hibernation.

The rabbits aren’t dead, they’re sleeping. They simply can never wake up. 1

…At least the Ozimals’ birdy cousins, the Pufflings, had a swift death. They shut down instantly on Wednesday when the servers went down, while rabbits hold on with the food in their cyberbellies.

Ozimals did give rabbit owners a brief chance to save their rabbits. Before shutting down, they gave away items which make rabbits not need food — and leaves them sterile. Some rabbits will live on forever, the last of their kind. If you wish that fate upon your rabbit, apparently some kindly players have a stash you’re welcome to.

The Rabbit Done Died

Show 1 footnote

  1. If you’re a SL aficionado, and had one of your rabbits die go to sleep forever, drop us a line and let us know how you’re handling the emotional trauma. Seriously.

MP3 is Dead; Long Live MP3

If you read the news, you may think the MP3 file format was recently officially “killed” somehow, and any remaining MP3 holdouts should all move to AAC now. These are all simple rewrites of Fraunhofer IIS’ announcement that they’re terminating the MP3 patent-licensing program…

MP3 is no less alive now than it was last month or will be next year — the last known MP3 patents have simply expired…

MP3 is very old, but it’s the same age as JPEG, which has also long since been surpassed in quality by newer formats. JPEG is still ubiquitous not because Engadget forgot to declare its death, but because it’s good enough and supported everywhere, making it the most pragmatic choice most of the time.

AAC and other newer audio codecs can produce better quality than MP3, but the difference is only significant at low bitrates. At about 128 kbps or greater, the differences between MP3 and other codecs are very unlikely to be noticed, so it isn’t meaningfully better for personal music collections. For new music, get AAC if you want, but it’s not worth spending any time replacing MP3s you already have…

Until a few weeks ago, there had never been an audio format that was small enough to be practical, widely supported, and had no patent restrictions, forcing difficult choices and needless friction upon the computing world. Now, at least for audio, that friction has officially ended. There’s finally a great choice without asterisks.

MP3 is supported by everything, everywhere, and is now patent-free. There has never been another audio format as widely supported as MP3, it’s good enough for almost anything, and now, over twenty years since it took the world by storm, it’s finally free. 1

MP3 is Dead; Long Live MP3

Show 1 footnote

  1. We’re assuming her that this means the Fraunhofer codec can now be shipped with free wit all *NIX distros, which should actually improve the quality of MP3s.

Tech Rodeo

Google kick-started it and Mozilla has smoothly implemented it:

An algorithm we’ve depended on for most of the life of the Internet — SHA-1 — is aging, due to both mathematical and technological advances. Digital signatures incorporating the SHA-1 algorithm may soon be forgeable by sufficiently-motivated and resourceful entities.

Via our and others’ work in the CA/Browser Forum, following our deprecation plan announced last year and per recommendations by NIST, issuance of SHA-1 certificates mostly halted for the web last January, with new certificates moving to more secure algorithms. Since May 2016, the use of SHA-1 on the web fell from 3.5% to 0.8% as measured by Firefox Telemetry.

In early 2017, Firefox will show an overridable “Untrusted Connection” error whenever a SHA-1 certificate is encountered that chains up to a root certificate included in Mozilla’s CA Certificate Program. SHA-1 certificates that chain up to a manually-imported root certificate, as specified by the user, will continue to be supported by default; this will continue allowing certain enterprise root use cases, though we strongly encourage everyone to migrate away from SHA-1 as quickly as possible.

Tech Rodeo

Related notes: WordPress now supports Let’s Encrypt (free ssl certs for your blog), as well as Squarespace; Danish government entities using email servers now have to implement STARTTLS and DANE for their SMTP servers. 1 An unprecedented look at SSL implementation in North Korea. Reversing direction,  neverssl.com pledges to stay available over HTTP in order to provide a default URL for Wi-Fi captive portals. And finally in our SSL/TLS round-up, draft 17 and draft 18 of TLS 1.3 have been published.

Tech Rodeo
Oh those fun Germans!

When they crash, self-driving Mercedes will be programmed to save the driver, and not the person or people they hit. That’s the design decision behind the Mercedes Benz’s future Level 4 and Level 5 autonomous cars, according to the company’s manager of driverless car safety, Christoph von Hugo. Instead of worrying about troublesome details like ethics, Mercedes will just program its cars to save the driver and the car’s occupants, in every situation.

One of the biggest debates about driverless cars concerns the moral choices made when programming a car’s algorithms. Say the car is spinning out of control, and on course to hit a crowd queuing at a bus stop. It can correct its course, but in doing so, it’ll kill a cyclist for sure. What does it do? Mercedes’s answer to this take on the classic Trolley Problem is to hit whichever one is least likely to hurt the people inside its cars. If that means taking out a crowd of kids waiting for the bus, then so be it

Tech Rodeo
A reminder; it’s always about the money…

DDoS — distributed denial of service — is an unsophisticated form of attack that overwhelms sites with spam traffic so legitimate users can’t get through. DDoS is a war of economics: whoever has the most computing power, defender or attacker, usually wins.

This makes DDoS a useful tool for censorship of small and mid-level publishers, but major sites usually have defenses in place and aren’t susceptible to these attacks. However, Friday wasn’t business as usual. The series of attacks that took out Dyn, the DNS service that provides the backbone of many major sites, were powered in part by a botnet of hacked DVRs and webcams known as Mirai. Mirai first emerged several weeks ago during a DDoS against Brian Krebs, a cybersecurity journalist who runs his own publication KrebsOnSecurity.com.

The DDoS attack on Krebs, the scramble for protection that followed, and Friday’s massive attack mark a new chapter in DDoS. More and more websites are being forced to seek shelter behind a shrinking number of powerful DDoS protection providers. But that centralization means that, as potent botnets like Mirai become stronger, larger sections of the internet can be knocked offline during attacks.

Mirai is irritating for the American internet users who couldn’t access their favorite websites Friday, and a thorn in the side of companies that are now forced to recall their easily hacked IoT devices — but the botnet is also influencing the market for DDoS protection.

Tech Rodeo

Show 1 footnote

  1. Though unless you read Danish, you’ll just have to take our word for it.