Java and Game Development

Fri, Jan 11, 2013

It seems like at least once every few days, someone is asking whether Java is an acceptable language for game development over on /r/gamedev. I’m going say something potentially unpopular: please don’t use Java. A lot of people will tell you that the only way to do real game development is in C or C++. I’m not one of them. Honestly, I love high level languages. And, for the most part, I’m a firm believer in saying “use what you already know”.

I Know Where You are and What You are Sharing

Tue, Nov 8, 2011

I Know Where You are and What You are Sharing: Exploiting P2P Communications to Invade Users’ Privacy Abstract: In this paper, we show how to exploit real-time communication applications to determine the IP address of a targeted user. We focus our study on Skype, although other real-time communication applications may have similar privacy issues. We first design a scheme that calls an identified- targeted user inconspicuously to find his IP address, which can be done even if he is behind a NAT.

Again, the cloud: Dropbox

Fri, Apr 15, 2011

Since I mentioned how much l like Dropbox in my last post, I thought I’d add a follow-up. There’s been a bit of a buzz* lately about how insecure Dropbox is. I don’t see this as a reason not to use it, but extra precautions should be taken if you want to store sensitive information. I personally love TrueCrypt for this, as creating a fixed-size encrypted drive doesn’t leak information about the number or size of files you’ve encrypted.

SSL: Google vs. F5

Mon, Feb 7, 2011

Adam Langley, an engineer on Google’s Chrome team, wrote a blog post last summer titled Overclocking SSL. Adam argues that on today’s hardware, SSL connections are not computationally expensive, and showed us some statistics from GMail’s switch to HTTPS by default. He doesn’t go so far as to outright encourage other sites to do the same for their users, but the message is strongly implied. Last week, Lori MacVittie of F5 wrote a blog post (which was at least partially a response to Adam’s post) entitled Dispelling the New SSL Myth, in which she argues that SSL is only inexpensive if you use 1024-bit certificates and easier-to-crack ciphers like RC4.