Ronald.phillips

They probably didn't use dipping sauces, though.

My mother's favourite game on Linux is without a doubt Frozen Bubble. It is a casual game in all of the best ways; one you can dive into and learn at your own pace thanks to its simple but repeatable formula. Consider this to be a snapshot in time back to 2002, from right before the game was to take the world by storm.

Achieving continued success in Hollywood is never easy, and ultimately comes down to relationships. Director Chad Stahleski has been at the helm of every entry in the "John Wick" franchise including the upcoming "John Wick: Chapter 4," but his connection to star Keanu Reeves dates all the way back to "The Matrix." Stahleski worked as Reeves's stunt double in the original sci-fi action epic, also standing in as Neo in "Reloaded" and "Revolutions," then continuing to double the actor in the football comedy "The Replacements" and 2005's "Constantine." Stahleski was also the martial arts choreographer for Reeves's directorial debut "The Man of Tai Chi" — the movie responsible for gifting us with the memorable line "You owe me a life." 

Reeves returned the favor when Stahleski stepped behind the camera to direct "John Wick." The revenge-fueled neo-noir epic helped redefine American action films, spawning four sequels by the time John Wick's story wraps up in the fifth (and final?) installment. With a spinoff called "Ballerina" in the works starring Reeves, Ana de Armas and Norman Reedus, as well as the prequel TV series "Continental," the hitman universe Reeves and Stahleski have worked so hard to build shows no signs of slowing down. 

After experiencing a brutal fall from the top of the Continental Hotel at the end of "John Wick 3 -- Parabellum," Reeves's unstoppable assassin probably can't take much more abuse. He's not made of Teflon, and the series as a whole is in danger of turning Wick invincible, which would take away from his dogged determination to right the wrongs he's been dealt. His story has to end somewhere. The past has to catch up with him eventually. Both Reeves and Stahleski both seem to agree that the end is near.

'There's No Happy Ending'

"Keanu and I have never, from one to two, two to three, ever expected to do a sequel or a follow-up," Stahleski surprisingly told Indiewire in an interview timed to the release of "John Wick 3." The ending of "Parabellum" is about as close to a cliffhanger as you can get! Wick cut off one of his own digits to appease the High Table's Elder in the last film, but in an age where the sequel is king, Lionsgate would probably greenlight sequels until the world's greatest killer only had his thumb and trigger finger left. As it stands, the franchise is over after "Chapter 5," and Stahleski warned fans that the character is in for a dark fate. "John may survive all this sh*t, but at the end of it, there's no happy ending. He's got nowhere to go." 

The franchise as a whole has always maintained some semblance of reality, which hopefully won't be abandoned in "Chapter 4" considering that Reeves has already said that he was pushed to the limits this time around. "'John Wick: Chapter 4' was the hardest physical role I've ever had in my career so far," Reeves told Total Film. One "Car-fu" sequence, in particular, that takes place in Paris with the Arc de Triomphe as a backdrop, should test the human limits of the character like never before. 

The introduction of legendary judo and ju-jitsu practitioner Dave Camarillo should also take John Wick to the brink. That's before you factor in the inclusion of actor Hiroyuki Sanada and Hong Kong action icon Donnie Yen as a new antagonist named Caine. So, how is it possible to make it out of a fourth movie alive? 

How Should The Franchise End?

Stahleski seems to be acutely aware that the future of John Wick looks grim. "Honestly, I challenge you right now, here's a question to you: How do you f***ing want me to end it?" It's just not realistic for a character with such a dark past to ever have a chance at contentment. That opportunity was already ruined during the first opening minutes of the first film. Stahleski broke it down in brutal fashion, telling Indiewire:

"Do you think he's going to ride off into the f***ing sunset? He's killed 300 f***ing people and he's just going to [walk away], everything's okay? He's just going to fall in love with a love interest? If you're this f***ing guy, if this guy really exist[ed], how is this guy's day going to end?"

That's a very blunt way of putting it, but Stahleski isn't wrong. No matter what happens by the time the franchise wraps up, John Wick is a marked man. "John Wick: Chapter 4" plans to trot around the globe and introduce multiple storylines, while also premiering what are sure to be some of the greatest action set pieces seen in recent history. A crossroads is coming, however. Do we, as an audience, care more about the mythology or the man? Reeves has elevated this character because of his relatability. We root for him, even if he knows deep down that there is no going back. Stahleski knows it, too. "He's f***ed for the rest of his life. It's just a matter of time." The Baba Yaga may have finally met his match when "John Wick: Chapter 4" fires its way into theaters on March 24, 2023.

Read this next: The 18 Best Action Movie Actors Ranked

The post Don't Expect The John Wick Franchise To Have A Happy Ending appeared first on /Film.

Horror fans are no strangers to the curse of deleted scenes and the seemingly arbitrary nature of the MPAA. Genre heavyweights like Brandon Cronenberg must contend with a rating system that can make or break a film, while studios cut R-rated features, endeavoring to garner that more accessible, ever-so-profitable PG-13. Throughout horror history, there are hundreds of excised scenes, some of which, including the now infamous baboon from "The Fly," are readily available, with others, such as many "Friday the 13th" deaths, relegated to the annals of "could have been."

Even more curious, however, are ideas so brutal they were never filmed, to begin with. While brutality at times seems to be the genre's core attraction (there are nine "Saw" movies, after all), there are times when, either at the behest of a studio or filmmaker, planned scenes are scrapped. While the reasons differ from production to production, here we'll be looking at six ideas from famous horror movies that were too brutal to put on film.

The Meg's R-Rated Cut

"The Meg" wasn't the disaster it easily could have been. While not exactly a critical darling, "The Meg" performed well enough to merit a sequel, the forthcoming "Meg 2: The Trench" from "Kill List" director Ben Wheatley. A bonafide popcorn movie, "The Meg" had a hard road getting to theaters, eventually becoming a U.S.-China co-production. Consequently, there were a lot of hands involved all the way through to ensure "The Meg" performed well both domestically and in China.

One of the clearest decisions was making "The Meg" PG-13. While fans of the source material were likely disappointed to see their favorite giant shark neutered for profits, the decision doesn't hamper the film that much. An R-rated cut would be cool, though, according to director Jon Turteltaub, audiences will never have a chance to see it. In an exclusive interview with Bloody Disgusting, Turteltaub recounts plans for a much more violent megalodon, with some scenes either being filmed or in the beginning stages of visual effects development. According to Turteltaub, "It's too fun a movie to not let people who don't like blood and people who are under, say, 14 years old into the theater." He later explains that within the constraints of modern filmmaking, those few scenes filmed still aren't available since the cost of completing the VFX simply wouldn't be worth it. For anyone with children, thank them the next time you watch "The Meg."

Alien's Alternate Ending

Even avowed fans of certain movies can learn a little tidbit that completely recontextualizes their attitude toward one of their favorites. There's no denying Ridley Scott's "Alien" is an absolute masterpiece. One of the scariest films ever made, Scott's attempt to make a haunted house movie in space, swapping ghosts for a nasty, slimy alien, is historic. With a longstanding and ongoing franchise (the FX series premieres in 2024), the first "Alien" was the little Xenomorph that could. Only, it almost didn't — if Scott's original scripted ending had been used.

In both the theatrical and director's cuts, Sigourney Weaver's Ellen Ripley defeats the Xenomorph before entering stasis, setting up the events of James Cameron's "Aliens." In an interview with Entertainment Weekly, Ridley Scott revealed his original, brutal ending that had executives threatening to fire him if he proceeded with the grim plan. In her final battle with the Xenomorph, Ripley was poised to lose. The alien was to strike at her, impaling her space helmet and ripping her head clean off. It would have been a brutal way to end the film, one that would have effectively killed the entire franchise.

Dawn Of The Dead's Grim Ending

George A. Romero's "Dawn of the Dead" is one of the greatest zombie movies ever made. It's abounding in gory deaths, sick social commentary, and plenty of undead tension, which undoubtedly continue to influence zombie cinema. While "Night of the Living Dead" kindled the fire, "Dawn of the Dead" ignited it. In "Dawn of the Dead," survivors of a zombie outbreak barricade themselves in a shopping mall, taking on both consumerism and the undead as they endeavor to survive for as long as possible. In the filmed ending, Peter (Ken Foree) and Fran (Gaylen Ross) successfully escape the mall by helicopter. 

As outlined by Little White Lies, Romero originally scripted a much darker conclusion that would have seen Peter dying by suicide off-screen (a decision he chooses not to make in the filmed version) and Fran, now without hope, thrusting her head into the helicopter's spinning blades. Speculatively, Romero was said to be so attached to the characters by the time they began to film the end that he couldn't in good conscience have them killed so brutally. Disparate accounts exist as to whether the ending was shot, though as it stands, Fran and Peter survive and fly off into an uncertain, zombie-filled future.

If you or anyone you know is having suicidal thoughts, please call the National Suicide Prevention Lifeline​ by dialing 988 or by calling 1-800-273-TALK (8255)​.

King Kong's Spider Pit

The "King Kong" cinematic universe is no stranger to deleted scenes. Peter Jackson's 2005 revitalization of the iconic property features a lengthy deleted scene that sees the core cast battling a monstrous, piranha-esque creature in the rivers of Skull Island. The scene is available on YouTube, with close-to-finished audio and visuals, though the sequence was unfortunately excised from the theatrical cut. Perhaps most infamous, however, is the missing spider pit from Merian C. Cooper and Ernest B. Schoedsack's 1933 original. While Jackson would pay homage to the sequence almost a century later, the original scene remains the subject of intense scrutiny and speculation.

For the uninitiated, the original 1933 film had planned a spider pit sequence that would see Jack Driscoll (Bruce Cabot) and company falling into a pit of arachnoid creatures after King Kong shakes them from a log. In the released cut, the film seamlessly transitions to Jack's escape from the pit, with the other sailors presumably dying from the fall. The plan, however, was to have them devoured by spiders living at the bottom of the pit. Some speculate the scene was scrapped before filming, while others contend footage does exist, though it was scrapped after test audiences deemed it too brutal (which is reasonable). Whether it exists or not, there is some comfort in knowing that, at some point, the 1933 Fay Wray masterpiece might well have been considerably more brutal.

Slender Man's Violent Cut

"Slender Man" sort of came and went. Like the creepypasta phenomenon itself, Slender Man is a mid-aughts artifact, a digital specter of online urban legends and chatroom spookshows (see Marble Hornets). While it would have made considerably more sense for studios to capitalize on the craze when Slender Man was in the zeitgeist, that didn't happen. As a result, "Slender Man" arrived too little, too late, with the added controversy of releasing in an environment where Slender Man was in the news for very different reasons.

According to Bloody Disgusting, Screen Gems radically reworked "Slender Man." First, for a more teen-friendly tone, David Birke's screenplay was rewritten, scrapping the more adult content for something more accessibly PG-13. Compounding the problems was a real-life case of a "Slender Man" stabbing. Both Sony and Screen Gems opted to cut several key scenes, including a few glimpsed in "Slender Man'" trailer, to sidestep the controversy of ostensibly exploiting a real-life crime. As Bloody Disgusting contends, the combination of script changes and cut scenes results in a movie that doesn't feel much like a movie at all. Whatever "Slender Man's" legacy should have been, this is certainly not it.

Terrifier 2's Balloon Animal Anatomy

Much like the first "Terrifier," Damien Leone's "Terrifier 2" revels in brutality, so much so the sequel had audiences walking out of the theater, some sick to their stomachs because of the violence on display (just thinking about that salt scene is nauseating). Yet, for as brutal as "Terrifier 2" is, for as much as it seems filmmaker Leone doesn't have a single line he's not willing to cross, there is one taboo, and it involves a little bit of male anatomy.

In the released cut, Art the Clown (David Howard Thornton) stabs Jeff (Charlie McElveen) directly in the junk. It's a brutal scene, and audiences might wonder how the graphic death could have been any worse. In an interview with Variety, Leone remarked how the scene was originally scripted as much worse, with Art "possibly making a balloon animal out of it." Leone passed on the idea once filming began, worried the death was taking things considerably too far. It was likely the right call, too. Despite the uber-violence and 138-minute runtime, "Terrifier 2" was a staggering success. There's a delicate balance with making a slasher of this violent scale work, and balloon animal genitalia might have been a step too far.

Read this next: Horror Movies That Even Horror Fans Could Hardly Finish

The post Ideas for Horror Movies That Were too Brutal to Put on Film appeared first on /Film.

Thomas Mahler, the CEO of Ori developer Moon Studios, has taken to Twitter to talk about the studio's next game.

Moon Studios is currently actively working on a new game, which, according to Mahler, will be a "full-blown ARPG". Work on the project began following the release of Ori and the Blind Forest in 2015 but was given more time in the oven in order to work on Ori and the Will of the Wisps. Interestingly, Mahler initially called the Ori franchise, the studio's  'Mario', while its upcoming new title was believed to be the studio's 'Zelda', thereby referring to Nintendo first making a platformer before making an adventure game.

Ori was our 'Mario', this is our 'Zelda'.

That was my thought when I first started prototyping our new project back in 2015.

We then committed to Wisps, which allowed us to give this project more time in the oven so that we'd then be able to turn it into a full-blown ARPG.

— thomasmahler (@thomasmahler) February 4, 2023

Published by Xbox Game Studios, Ori and the Blind Forest as well as Ori and the Will of the Wisps initially launched for Xbox and PC but were later also released for the Nintendo Switch. Unfortunately, those on PlayStation platforms were never able to enjoy these amazing Metroidvania's. According to the Ori director, he's actually not that fond of exclusive titles, and this was one of the main reasons that Moon Studios teamed up with Take-Two Interactive’s indie label, Private Division back in 2020.

That was the main reasons we signed this title with @PrivateDivision!

Despite your name, I'm not into 'exclusives', at least for our studio. I want everyone to be able to play our games!

— thomasmahler (@thomasmahler) February 4, 2023

As for Moon Studios' upcoming new action RPG, Mahler believes that the team will be able to further improve upon the standards for open-world RPG game design set by FromSoftware's Elden Ring and The Legend of Zelda: Breath of the Wild.

"Even BotW and Elden Ring had 'empty spots' due to the way they did their open worlds", Mahler writes on Twitter. "I think we can improve that a bit And yeah, we're definitely taking cues from Diablo 2, Ultima Online, Souls, etc. We're not making an Action-Adventure, but a full-blown ARPG!"

Interesting details from Mahler for sure. Moon Studios' next game has yet to receive a release date, but we'll update you as soon as more information comes in.

The post Ori Dev on New “Full-Blown ARPG”: We Can Improve Elden Ring’s and BOTW’s Empty Spots in Open-World Design by Aernout van de Velde appeared first on Wccftech.

The latest game to get the reverse-engineering treatment is The Legend of Zelda: A Link to the Past, Neowin has reported. A GitHub user called snesrev has fully ported the game to PC using over 80,000 lines of code, while adding some extra enhancements. Those include support for enhanced aspect ratios and pixel shaders, a higher quality world map, secondary item slots and more. 

The version was re-engineered in C code, and requires libraries from the SNES emulator LakeSNES. It features all the same levels, enemies and puzzles of the original game, and can even run the original machine code alongside the ported C version. Another GitHub user, xander-haj, showed exactly how it works compared to an emulation in a YouTube video from last year. 

The ported version of Link joins other recent projects, notably Star Wars: Dark Forces, that have been fully ported to PC. Unlike emulation, which effectively transforms your PC into an old console, reverse-engineered games are rebuilt from scratch, which allows for added features like the widescreen and pixel shades inserted by snesrev. 

Savvy users could create this build on Windows, Mac, Linux and even the Nintendo Switch, with more platforms potentially doable down the road. It's on shaky legal ground, however. For example, after someone did a very cool PC port of the classic Super Mario 64, Nintendo cracked down and links to the download disappeared from file-hosting websites.

E-commerce industries in South Korea and the U.S. are at the receiving end of an ongoing GuLoader malware campaign, cybersecurity firm Trellix disclosed late last month. The malspam activity is notable for transitioning away from malware-laced Microsoft Word documents to NSIS executable files for loading the malware. Other countries targeted as part of the campaign include Germany, Saudi Arabia,

SecurityWeek Cyber Insights 2023 | Zero Trust and Identity and Access Management (IAM) – Zero trust is not a replacement for identity and access management (IAM), it is an extension in extremis. It is the extension of IAM principles from people to everyone and everything, everywhere and anytime. The difficulties in IAM are retained but are complicated by the complexity of installing it everywhere.

Nevertheless, zero trust is widely seen as an important part of effective cybersecurity. In 2023 we will see more vendors touting a complete zero trust product and/or methodology, and more businesses attempting its implementation.

Here we examine how this might progress through 2023.

Background

Zero trust is a natural evolution from the realization that company networks no longer have a perimeter that can be defended. With no perimeter to defend, every asset needs to be individually protected, and every access needs to be individually verified. Location means nothing – access to anything from anywhere must always be verified before it is granted. 

It is a short step from this to realize such verification should apply within the network as well as from outside: east-west (where it is also called ‘microsegmentation’) as well as north-south. Achieve this, and you have fulfilled the journey to zero trust.

Zero trust is the replacement of a defensible data center perimeter with individual defensible asset perimeters – from one to potentially millions.

The DoD Zero Trust Reference Architecture, referred to in an OMB memorandum in January 2022, describes the concept: “Zero trust is the term for an evolving set of cybersecurity paradigms that move defenses from static, network-based perimeters to focus on users, assets, and resources. Zero trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location (i.e., local area networks versus the Internet) or based on asset ownership (enterprise or personally owned). Zero trust requires designing a consolidated and more secure architecture without impeding operations or compromising security. The classic perimeter/defense-in-depth cybersecurity strategy repeatedly shows to have limited value against well-resourced adversaries and is an ineffective approach to address insider threats.”

The OMB memorandum goes on to state, “This memorandum requires agencies to achieve specific zero trust security goals by the end of Fiscal Year (FY) 2024.” Two things are immediately apparent: firstly, there will be extensive activity within federal agencies through 2023 to fulfill this requirement (and associated vendor activity to help them achieve this); and secondly, it is no simple task. The trickle-down effect of federal mandates will ensure that adequately resourced private industry will follow.

“Zero trust represents a fundamental shift in the way in which organizations view and approach risk (and in turn security),” explains Chris Denbigh-White, cybersecurity strategist at Next DLP. “Moving through 2023 many organizations are going to realize that zero trust is not so much a destination as a means of conducting the journey of information security. Yes, technology will play a vital role in this journey but should never be confused with the end of the conversation, or indeed the end of the journey.”

It is worth noting that some vendors call their preferred route to zero trust ‘zero trust network access’ (ZTNA). You can get further details on ZTNA here – but within this article we will treat the two terms (zero trust and ZTNA) indiscriminately.

Problems and issues for 2023

“The most common mistake organizations make deploying zero trust or microsegmentation is underestimating the complexity of their network,” says John Yun, VP of product strategy at ColorTokens. “An effective zero trust implementation requires the knowledge of all servers, applications that run on the servers, and users authorized to use those applications.”

Matthew Carroll, CEO and co-founder of Immuta, warns that zero trust should not be considered a complete solution on its own. The problem that it seeks to solve is partly due to the massive increase in data sharing that has arisen through the growth of cloud-based SaaS infrastructures. This will result in an increase in data processing agreements (DPA) between companies and SaaS providers. “In 2023, we’ll see DPAs become a standard element of SaaS contracts and data sharing negotiations.”

He still fears that zero trust alone will not provide adequate security. “In 2023 we’ll see a major shift in data security architecture. This will include proper access controls that effectively balance access and security.” But he adds, “Zero trust won’t work using traditional approaches because there are too many endpoints.” Implementing a zero trust approach for access must still be integrated with adequate anomaly detection – zero trust for access should not be at the expense of internal visibility.

The effect of Covid-19 has increased the importance of a zero trust architecture. “The Covid-19 pandemic ushered in a new era of remote and hybrid working,” says Craig Lurey, CTO and co-founder at Keeper Security. “The explosion in the sheer number of endpoints, with an increasing amount of them accessed remotely, requires a higher level of security to tackle growing online threats. Under this new normal, zero trust is now the only realistic and comprehensive framework for securing modern, cloud-based data environments and distributed workforces.”

Joseph Carson, chief security scientist at Delinea, adds, “A zero trust approach will become more essential than ever as the transformation continues. Employees should have access only to what they need to efficiently do their job. This will ensure that an attacker’s ability to move within the larger business network is limited and the attack surface reduced.” But he also notes that this could raise privacy issues if employers impose conditions on personally owned computers.

“It appears remote work is here to stay and will increase into 2023,” says John McClurg, SVP and CISO at BlackBerry. “Enterprises should look to adopt a zero trust architecture and security model to truly secure their remote workforces. This model is defined by trusting no one and absolutely nothing by default – including users inside an actual network. By assuming every user, device or network is hostile, zero trust security forces everyone to prove who they are before access is authorized.”

The urgency of the pandemic and the consequent rush to implement remote working is in many cases causing problems for the integration of an overarching zero trust solution. “The majority of organizations today still struggle with allowing explicit access to applications and enforcing zero trust policies across their business. In fact, over 80% of organizations have found it difficult to implement a zero trust model, and that has a lot to do with the fact that many organizations have hybrid IT architectures,” explains Peter Newton, senior director of products at Fortinet.

The problem is that it is too cumbersome to have one set of policies for on premises and an entirely different set of policies for the cloud. Consequently, he says, “In 2023 we will see more IT teams shift to incorporate ZTNA across the entire network – from cloud to on-premises – for universal coverage under a single solution. And as ZTNA begins to go mainstream in the enterprise, we’ll start to see organizations transition away from a pay-per-user model and start to bake ZTNA directly into their security architecture for a more seamless and consistent user and management experience.”

At its root, zero trust is a major extension of identity and access management (IAM) – but IAM itself is a problem that has never yet been completely solved. “Organizations are still learning the concept of identity sprawl and the scale of their technical debt, which means that companies are just starting to realize the scale of the challenge,” comments Wade Ellery, field CTO at Radiant Logic. 

“In 2023, we are going to see more and more businesses slow down to speed up –they’ll recognize they need to put in an identity data foundation before they can justify building new, revenue-oriented projects that demand access to identity.”

For zero trust, he added, “As we move into 2023, senior decision-makers and security teams are discussing how they can achieve a granular-approach in real-time, and ultimately, they will come back to the issue of identity data management.”

More and more companies are recognizing the theoretical security benefits of zero trust and are starting their own journeys. In 2023, the difficulties in doing so will become more apparent – but it’s not all doom and gloom. “To a certain extent, factors such as internal politics, talent shortages, and economic conditions play a role in any IT project,” comments Hendra Hendrawan, security technical councilor at the Info-Tech Research Group. “Still, organizations with a good IT or cybersecurity strategy should embark on the zero trust journey with fewer frictions.”

At a high level, he says a successful IT implementation generally consists of well-documented processes, good selections of technology, and great talents. “Couple these with a solid security strategy, and achieving a zero trust architecture should not be a question of how but of when.”

That ‘when’ will be many years in the making. “Zero trust is a security model, not a product. Adopting zero trust across an enterprise requires careful planning and the use of complementary, multi-vendor solutions,” warns Torsten Staab, principal engineering fellow at Raytheon Intelligence and Space. “For many organizations, adopting zero trust security will be a multi-year journey. Establishing a solid zero trust strategy up front and developing a phased, step-by-step implementation plan to avoid boiling the ocean and losing focus will be key to a successful zero trust implementation.” But for 2023, he added, “Look for additional zero trust implementation guidance and recommendations from NIST and CISA.”

IAM issues

Foundational to implementing zero trust will be solving the existing IAM problems – and that will not be easy. The traditional approach has been to implement basic MFA involving a second-factor token delivered via a mobile phone – but such MFA is frequently broken by hackers. 

“My prediction for 2023,” says Ben Brigida, director of SOC operations at Expel, “is that we will witness an increase in MFA push notification fatigue attacks. Why? Because they’re working. More and more, organizations are turning to cloud access identity providers for single sign-on capabilities. Attackers know that if they can get their hands on credentials for these platforms, they’ll get access to critical business applications—not just email. So, they’re sending multiple push notification requests to users and hoping the user will just approve one to make the notifications stop.”

Chris Vaughan, VP technical account management, EMEA and South Asia at Tanium, calls this an MFA push exhaustion attack. “This is where an attacker sends a large number of MFA acceptance prompts to users’ phone which may cause them to click accept to stop the barrage of requests. This has been largely successful in gaining access to user data and accessing IT environments.”

“Once considered a ‘silver bullet’ in the fight against credential stuffing,” adds Marcus Fowler, CEO of federal government for Darktrace, “it hasn’t taken attackers long to find and exploit weaknesses in MFA and they will continue to do so in 2023.”

John Stevenson, senior product director at Cyren, expands on the problem: “Phishing will remain an unsolved problem leading to countless account takeover attacks. As businesses enable MFA, phishers will update their tactics to defeat additional verification steps like one-time codes sent to phones or email addresses. So-called strong authentication methods that rely on mobile phones and email accounts (that were never intended to be identities) will be the first to prove insecure for high-risk use cases. Passwordless authentication won’t yet solve these issues due to insufficient lifecycle management solutions and incompatibility with legacy systems.”

John Pescatore, director of emerging security trends at SANS, sees an additional phone-based threat to identity management. “While mobile phones are more secure than desktops,” he comments, “we will also see a greater volume of stalkerware included in downloaded apps that target consumers.” 

Pegasus spyware is a prime example of this threat – it can install itself on iOS and Android devices with zero clicks. Hackers are also creating malicious stalkerware apps and hiding them in app stores. 

“As people become more accustomed to downloading family tracking software and giving away app permissions, the risk of having their keystrokes, locations, voice, and even photos and videos recorded for financial theft and other nefarious purposes will also increase.”

If second-factor one-time codes and passwordless authentication are not the solution to the IAM issue. an alternative must be found. Many have been suggested, from physical biometrics (including touchless fingerprinting) to behavioral biometrics and more.

“Touchless fingerprinting will emerge as the top authentication method,” claims Chace Hatcher, VP of technology and innovation at Telos. “In 2023, organizations with a pre-existing fingerprint database infrastructure will increasingly turn to touchless fingerprinting to perform remote biometric identity verification”, he says. “With regards to authentication, we’ll see identity platforms backed by multi-modal true biometrics face and fingerprint and ‘convenience biometrics’ embedded mobile solutions like faceID and touchID emerge.” 

“In 2023, more people will protect their critical accounts with methods other than logins and passwords,” adds Ricardo Amper, founder and CEO at Incode. “When creating accounts, they will provide multiple factors such as biometrics, government-issued identity documents, and information from reliable sources to prove their identities. When authenticating access to these accounts, they will use biometrics, providing more security for their private data.”

Donnie Scott, CEO at Idemia, has a more specific US identity prediction for 2023. “In 2023, every jurisdiction that issues an identity will have deployed, be in the process of deploying, or considering the deployment of a digital form of mobile identity/mobile-driver’s license. Arizona was the first US state to adopt mobile IDs followed by Oklahoma, Delaware, and Mississippi. Up to 30 states, including Colorado, Hawaii, Ohio, and the territory of Puerto Rico, are in the process of making mobile IDs available to their residents. We will only see this increase.”

He is very upbeat about the potential. “The benefits of this model, where biometrics meets identity, are a citizen-controlled assertion of identity, backed by the Government’s high standard of proof against who that person is. This combination results in a high assurance, privacy protected model.”

But the problem for this, and virtually every other means of remote identification, is that ultimately it identifies a mobile phone and not necessarily the owner or current user of that phone. A compromised phone can still lead to a compromised identity. Absolute proof of personal identity for perfect zero trust is very difficult. 

And we haven’t even mentioned machine identities, which are equally important in a zero trust architecture, and present their own problems.

Summary

“Modern security solutions that remove the implicit trust from users, devices, services, and workloads, regardless of the location will become the norm,” says Stefan Schachinger, product manager network security at Barracuda. “The ‘context’ of who, what, when, where, and how will become key security components in a world of continuous zero trust evaluation that will defend against ever more stealthy threats. In 2023, just detecting and blocking malicious events will no longer be sufficient. You need to investigate and remediate everything.”

Achieving a solid zero trust architecture won’t happen overnight. It’s not a product you can buy and run. It will require the integration of different security solutions – some of which may already be present while others will need to be purchased, implemented, and integrated, seamlessly. Many companies will start the journey in 2023, and many others will make progress – but getting close to the destination will probably take years.

Nevertheless, “Zero trust represents a new cybersecurity paradigm that offers numerous benefits to organizations of all sizes and industries. Deploying a zero trust approach to access management can be especially effective, creating a virtual ‘locking of shields’ between governments and the private sector,” says McClurg. “This allows for closer cooperation to better protect critically important infrastructure and services.”

“I like to keep this stuff abstract,” Steve Riley, field CTO at Netskope, told SecurityWeek. “I want to eliminate implicit trust from every layer: from the network, from applications, from virtual machines and from the data objects. Instead, I want the situation where every interaction is mediated by something, and the level of confidence in that interaction is measured by the context and the signal surrounding.”

Related: The History and Evolution of Zero Trust

Related: White House Publishes Federal Zero Trust Strategy

Related: Demystifying Zero Trust

Related: Universal ZTNA is Fundamental to Your Zero Trust Strategy

The post Cyber Insights 2023 | Zero Trust and Identity and Access Management appeared first on SecurityWeek.

Cult favorite genre film star (Evil Dead, Bubba Ho-Tep, Spider-Man) and popular host of “Last Fan Standing” Bruce Campbell hits the road this spring with a 22-city tour, BRUCE-O-RAMA starring Bruce Campbell, starting Wednesday, April 5.

Recognizing his god-like status in the horror and fantasy worlds – best-loved for the Evil Dead franchise as chainsaw-wielding Ash Williams (voted the greatest horror movie character ever by Empire magazine) – the Wall Street Journal calls Bruce Campbell “the consummate celebrity of the Comic-Con circuit,” while Esquire crows that he “has become America’s new favorite game show host!” Evil Dead Rise, the fifth installment of the franchise which Campbell executive produced, comes out on April 21, 2023.

A two-part evening of indulgent fun, BRUCE-O-RAMA begins with “Last Fan Standing,” the only interactive game show exclusively for fans of pop culture. Praised by Variety as “an unrivaled celebration of pop culture obsession and fan engagement,” “Last Fan Standing” is a fast-paced trivia game that tests superfan knowledge about the things that really matter: fantasy, horror, sci-fi, superheroes and gaming. Everyone in the audience gets to play, guided by the hosting prowess of Bruce Campbell and producer Steve Sellery. In the second half, Bruce will introduce a cult film favorite he’s starred in and take questions before the screening in a lively half-hour of anecdotes, insults, and random cash giveaways.

For a few thousand lucky fans, BRUCE-O-RAMA is set to hit the following markets this spring:

Tickets for each location are available at www.bruceorama.com. VIP tickets are available including preferred seating, photo-op with Bruce and signed tour poster. In select markets, there will also be an “Ultimate Fan Package,” which additionally includes a Bruce-autographed chainsaw!

For more info, please visit www.bruceorama.com.

The post [News] Bruce Campbell Launching BRUCE-O-RAMA 22-City Tour appeared first on Nightmarish Conjurings.

OpenTTD v13.0 is released. OpenTTD is an open source simulation game based upon the popular Microprose game "Transport Tycoon Deluxe", written by Chris Sawyer. It attempts to mimic the original game as closely as possible while extending it with new features....More

A security vulnerability report claimed that a particular program did not store its saved passwords in the Windows Credential Manager securely:

Microsoft’s Contoso program does not encrypt user passwords before saving them in the Windows Credential Manager. As a result, any program that runs with the user’s credentials can read the passwords. The Contoso program should save encrypted passwords in the Credential Manager.

There was another report that put the blame on Credential Manager:

Credential Manager should require administrator privileges to read a user’s saved credentials.

The perceived issue here is that one program can read the passwords saved by another program, and that other program should encrypt its paswords so that they can be decrypted only by that program. Rogue programs enumerating the contents of the user’s saved credentials would be stymied because they don’t know how to decrypt the data.

But if you have gained the ability to execute code in the context of the victim, then you’ve already won. You can do anything the victim can do!

It’s like saying, “I am a bad guy from a 1960’s spy movie. I have successfully hypnotized the victim into obeying all of my commands, while nevertheless behaving perfectly normally. I tell the victim to go to the bank, withdraw all their money, and bring it to me. This is a security flaw in the bank. It should not allow hypnotized people to withdraw money!”

The bank did its job, which is to confirm the identity of the person withdrawing the money. The person at the counter did nothing to draw suspicion, and all the paperwork checked out, so they got their money.

The system sees that there is a process running as the user, and that process is asking for the password that the user had saved earlier. Now, certainly, users are permitted to access the passwords that they had saved (that being the point of saving the password), and the Credential Manager is correct in returning those saved passwords to that user. The information is not being disclosed to other users: Users can access their own saved passwords, but they cannot access the saved passwords of other users.

Encrypting the data before putting it in the password cache sounds like it would stop an attacker, but it doesn’t. Since the original program must be able to decrypt the data, the attacker can analyze the original program and re-run the decryption function. In the attacker is being lazy, they can just run the original program and set a breakpoint immediately after it decrypts the password.

You might think that you could protect yourself from hypnosis-induced bank withdrawal by telling the bank, “Before giving me any money, make sure to ask me this secret security question.” But that doesn’t help, because even though you’ve been hypnotized, you still know the answer to the secret security question. The hypnotized-you goes to the bank, the bank teller asks the security question, you answer it, get your money, and give it to the 1960’s evil bad guy.

And of course requiring administrator privileges to retrieve your own saved passwords would be a non-starter. Every time you want to use a saved password, you have to call your administrator to get it for you?

Allowing users to retrieve their own saved passwords is perfectly normal behavior. No security boundary is crossed, and the information is disclosed only to the user to put the information there in the first place.

If you let someone run arbitrary programs under your identity, you have handed over control of everything tied to your identity, and that includes your saved passwords.

Bonus bogus vulnerability: Suppose you create a shortcut to the command line runas /savecred /user:.\administrator someprogram.exe, and you run the shortcut, and an administrator comes over and types their password when prompted. A security vulnerability report claimed that there is an elevation of privilege vulnerability because an attacker can edit the shortcut to read runas /savecred /user:.\administrator cmd.exe and gain an administrative command prompt.

That’s true, but that’s also the whole point of /savecred.

The /savecred option means “Use the saved credentials from the Credential Manager, or prompt for credentials (and save them in the Credential Manager).” They are not saved in the shortcut at all. Not that saving them in the shortcut is even an option, because you can run runas from a command prompt, and in that case there’s no shortcut.

If you call over an administrator and get them to type their password into your system, then you found yourself a gullible administrator. In this case, what you tricked them into doing is adding their password to your password cache. It’s like calling an administrator to your Web browser and asking them to type their password into a Web site. That password is going to be saved in to your Web browser password cache, and you can now extract it from that cache and reuse it for anything you like.

The point of /savecred is to let you save your own credentials so you don’t have the hassle of typing them over and over into places you use often. If you can trick an administrator into putting their password into your saved credential cache, then more power to you (and shame on the administrator).

Don’t be a gullible administrator.

The post It rather involved being on the other side of this airtight hatchway: Reading the user’s saved passwords appeared first on The Old New Thing.

It's taken a bit of time for "Star Trek: Picard" to circle back to the series that started it all. Fans of "Star Trek: The Next Generation" naturally expected "Picard" to serve as a reunion of sorts, bringing Patrick Stewart's Picard and his Enterprise crew back together for some 25th Century adventures. But with the exception of old friends like Data (Brent Spiner), William Riker (Jonathan Frakes), and Deanna Troi (Marina Sirtis), the past two seasons of "Picard" have been all about the titular Starfleet admiral and his new crew. 

Executive producers Alex Kurtzman and Akiva Goldsman were likely keen to explore new territory, which was probably the best decision. But with "Picard" moving into its third (and final) season, showrunner Terry Matalas naturally wanted to end things on a high note. That meant bringing back the original "Next Generation" cast for one last adventure. It felt like a natural progression for sure — but even so, Matalas wasn't sure how Stewart himself was going to receive the pitch.

'After A Bottle Of Wine, We Were Off To The Races'

Matalas spoke to SFX (via CBR) about his decision to turn season 3 of "Picard" into a "Next Generation" reunion — as well as his reservations with pitching it to his leading man. Matalas became showrunner shortly before season 2, and learned then that Kurtzman and Goldsman "were always thinking about each one of these seasons being a different story." When it came time to start building out the story for season 3, Matalas knew he wanted to go big. "I had certainly always wanted to do one final Star Trek: The Next Generation adventure, but wasn't certain that Patrick would be up for it," he continued. In hindsight though, he needn't have worried: once Stewart sat down to hear the pitch, it seemed to be smooth sailing:

"I sat down with Patrick at his dining room table and took him through what I thought was the final story of Picard, and some arcs that I felt needed to be paid off for his character and some relationships and some storylines and, after a bottle of wine, we were off to the races."

Clearly, Matalas got his wish in a major way. While this could potentially be the last we see of Picard, at least fans will be treated to a reunion before it all ends. Season 3 of "Picard" will see Stewart reunite with Jonathan Frakes, Michael Dorn, Marina Sirtis, LeVar Burton, and Gates McFadden for their first adventure in 20 years — and it may never have happened if Matalas hadn't presented his own idea to Stewart himself.

Read this next: Every Star Trek Show And Movie In Chronological Order

The post Picard's Showrunner Wasn't Sure Patrick Stewart Would Agree To A Star Trek: The Next Generation Reunion appeared first on /Film.

An anonymous reader shares a report from Ars Technica: The month before Dwarf Fortress was released on Steam (and Itch.io), the brothers Zach and Tarn Adams made $15,635 in revenue, mostly from donations for their 16-year freeware project. The month after the game's commercial debut, they made $7,230,123, or 462 times that amount.... Tarn Adams noted that "a little less than half will go to taxes," and that other people and expenses must be paid. But enough of it will reach the brothers themselves that "we've solved the main issues of health/retirement that are troubling for independent people." It also means that Putnam, a longtime modder and scripter and community member, can continue their work on the Dwarf Fortress code base, having been hired in December. The "issues of health/retirement" became very real to the brothers in 2019 when Zach had to seek treatment for skin cancer. The $10,000 cost, mostly covered through his wife's employer-provided insurance, made them realize the need for more robust sustainability. "You're not just going to run GoFundMes until you can't and then die when you're 50," Tarn told The Guardian in late 2022. "That is not cool." This realization pushed them toward a (relatively) more accessible commercial release with traditional graphics, music, and tutorials.

Read more of this story at Slashdot.

Dell is eliminating about 6,650 roles as it faces plummeting demand for personal computers, becoming the latest technology company to announce thousands of job cuts. From a report: The reduction amounts to about 5% of Dell's global workforce, the company said in a regulatory filing early Monday. Dell is experiencing market conditions that "continue to erode with an uncertain future," Co-Chief Operating Officer Jeff Clarke wrote in memo viewed by Bloomberg.

Read more of this story at Slashdot.

Much has been made of "The Thing," John Carpenter's 1982 box office bomb-turned-genre darling. Whether it's Bill Lancaster's adapted script of John W. Campbell Jr.'s 1938 novella "Who Goes There?," Rob Bottin's gnarly special effects (with an assist from dog-Thing creature designer Stan Winston), or Carpenter's meticulous direction that's light on the jump scares and heavy on the dread, the result is now considered one of the great gargoyles in the horror movie pantheon. Though the story is about an alien organism infiltrating an Arctic research post, and though there are plenty of tentacles about, the narrative is largely character-driven as paranoia and mistrust grow among the isolated cadre of men, led by Kurt Russell's pilot, R.J. MacReady.

A 2016 LA Weekly interview with the cast and crew yields insights from the film's production. Therein, Carpenter called the shoot "intimidating," as he had to wrangle multiple accomplished actors — some of whom, like Keith David and Donald Moffat, came from the theatrical stage. It would be during a half-month of rehearsals prior to filming that these actors fine-tuned their characters further than Lancaster's script or Carpenter's extensive storyboards had. Naturally, they turned to their captain for direction. Carpenter told LA Weekly:

"I didn't have experience working with an ensemble cast. So I brought an actor into my office and talked with him about his process. That conversation didn't give me any specific ideas for the movie, but it got me thinking about what my job is: Giving the actors whatever they need to give a good performance. So for two weeks I rehearsed with all of these guys. I asked questions of them, and they asked questions of me."

For some, the chief question was just where the line of delineation lies between the Thing's consciousness and the person it occupies.

If I Was An Imitation, A Perfect Imitation, How Would You Know If It Was Really Me?

In the movie, senior biologist Blair (A. Wilford Brimley) and physician Copper (Richard Dysart) address the mechanics of the Thing, albeit in a limited way. "What we're talkin' about here is an organism that imitates other lifeforms," observes Blair, "and it imitates 'em perfectly." It attacks, absorbs, and shapes itself as a carbon copy of its host, indistinguishable from the person it targets. You don't need a whole taxonomy classification to understand that; as Richard Masur's Clark says, "It's weird and pissed off, whatever it is."

The Thing can't be detected unless it's compelled to reveal itself (such as in the celebrated blood test scene), and several cast members questioned if and when their characters knew they were infected. David Clennon, who plays assistant mechanic and resident stoner, Palmer, recalled hours of rehearsal time spent "discussing f***ing metaphysics" about the infection:

"Some of the actors were obsessed with this question: When you become the Thing — when the alien takes over your mind and body — do you know that you've become the Thing? Or do you just go on thinking that you are your old self? I couldn't see the point of solving that silly riddle."

Carpenter remembered Russell as being the most persistent with this question. He told LA Weekly:

"The big question that kept coming to me was: If you were a Thing, would you know? I think Kurt Russell started that one. I said, 'I think you would.' But he kept asking that question, so I don't think that answer was sufficient."

It's an answer /Film's Eric Vespe keeps in mind as he explores the theory that MacReady was not only infected at some point, but he knew it. Dive down that rabbit hole here.

Read this next: Sci-Fi Box Office Bombs That Deserve A Second Chance

The post Kurt Russell Couldn't Stop Asking John Carpenter One Question About The Thing appeared first on /Film.

[link] [32 comments]

[link] [35 comments]

In a franchise inching towards double-digit entries and with as big of a cast as "Fast & Furious," where it's not a guarantee that everyone in the audience has watched (or remembers) all the previous installments, it's important to give each character a quirk that makes them instantly memorable. People who missed the second movie might not know the name of Tyrese Gibson's smartass, but his constant wisecracks make us care about him anyway on a film-to-film basis, even if he's rarely the main focus of any given scene.

Likewise, those who missed out on "Tokyo Drift" may not understand how Han Lue (Sung Kang) came in, but it's still easy to keep track of him as that guy who's always snacking on something. (He's also the guy fans rooted to bring back.) Not only is it a relatable character trait — who among us would not like to have a snack on hand throughout any given situation? — but it's one that is consistent with his backstory and personality. As a former chain smoker, Han needs to be doing something with his hands to avoid the temptation to relapse. He's also perhaps the most laid-back person in the crew, and nothing says laid-back like someone hanging out in the corner, just eating his chips.

But for director Justin Lin -- who first joined the franchise with "Tokyo Drift" and stuck around for the fourth, fifth, sixth, and ninth films -- every choice about Han's snacking is made far less casually than you would think.

'We Cannot Fake Han's Snacks'

"It just can't be a regular snack," Justin Lin told Collider in an interview in 2021, ahead of the Blu-ray release of F9. "And talking to Sung, I think they had to go — like, they had to import those crackers, you know? And I was adamant, I was like, 'We cannot fake Han's snacks. It doesn't matter.'" This is why you never see Han eating Cheez-its or M&Ms; he's always munching on something you wouldn't typically find in an American vending machine. For a character who hails from Japan, he's got Japanese snacks like Kameda Seika Kakinotane Rice Crackers or Meiji Hello Panda Cookies. Lin added: "Having worked with Sung, like even the way he tosses it, you know, it had to be natural. So I remember that was a big thing."

While all of this may sound ridiculous, it's part of the authenticity that helps sell the character. While most viewers may not notice, you can expect Japanese audiences to question what's going on. It's a similar kind of attention to detail that inspired William Hartnell, the first Doctor on "Doctor Who," to decide the exact function of every button and lever on the TARDIS control panel and keep it consistent (via "About Time"). Keen-eyed viewers might have picked up on the fact that he was pressing buttons at random, and it would've made the show feel a little less authentic.

As cartoonish and absurd as "Fast & Furious" has gotten over the years -- in the latest entry, they ended up in space -- the franchise has always seemed to understand that when it comes to the little things that make a character seem real, being authentic and consistent is still crucial.

Read this next: The 14 Greatest Action Movies Of The 21st Century

The post Fast & Furious Director Justin Lin Takes Han's Snacking Very Seriously appeared first on /Film.

An ongoing malvertising campaign is being used to distribute virtualized .NET loaders that are designed to deploy the FormBook information-stealing malware. "The loaders, dubbed MalVirt, use obfuscated virtualization for anti-analysis and evasion along with the Windows Process Explorer driver for terminating processes," SentinelOne researchers Aleksandar Milenkoski and Tom Hegel said in a

When SaaS applications started growing in popularity, it was unclear who was responsible for securing the data. Today, most security and IT teams understand the shared responsibility model, in which the SaaS vendor is responsible for securing the application, while the organization is responsible for securing their data.  What’s far murkier, however, is where the data responsibility lies on the

When a filmmaker writes and directs their own script, they run the risk of comparing their strengths and weaknesses. Take Zack Snyder — few would say he can wield a pen as well as he can a camera. On the flip side, there's Joss Whedon; his writing has shaped pop culture, for better or worse, but his visual craftsmanship never grew beyond 1990s network TV.

Quentin Tarantino is aware of this dichotomy and it has motivated him to push himself as an artist. In the wake of his breakout run in the 1990s, "Reservoir Dogs," "Pulp Fiction," and "Jackie Brown," Tarantino was especially praised for his dialogue. With conversations littered with pop culture ephemera, Tarantino's characters don't sound much like real people, but they certainly argue like them. Unlike many other writers famous for stylized dialogue (see the aforementioned Whedon), he gives all of his characters distinct voices too.

But Tarantino felt limited by this praise: "It was like, 'Am I the director that I want to be?" Or do you just do what you've done before because that was just fine? 'You write really good dialogue. Stick with that, buddy. But stay out of [great, cinematic directors'] park, because ultimately you can't cut it." That's why he decided to make "Kill Bill," to see if he could cut it as a great filmmaker, not just a great writer.

'I've Always Adored Action Filmmakers'

Speaking to Rolling Stone in 2003, Tarantino called "Kill Bill," "[His] first action movie." Here's where we make an important distinction between violence and action; Tarantino's films always had the former, but not the latter. When guns are fired in "Reservoir Dogs" and "Pulp Fiction," it always happens in short bursts. The violence and bloodshed aren't meant to look especially cool, at least compared to the sword fights in "Kill Bill." The closest thing to action in the former two movies is the chase scene in "Reservoir Dogs" when Mr. Pink (Steve Buscemi) flees the police. "Jackie Brown," on the other hand, has no action and little violence, which helps explain why Tarantino swung hard in the opposite direction for his next film.

Tarantino explained why he went to action to buff up his filmmaking bona fides. As he put it:

"I've always adored action filmmakers. And those are actually what I consider the real cinematic directors. And so if I'm going to throw my hat in that ring, I want to be one of the best that ever lived. I don't want to do an OK job. I want to rock everybody's f***ing world."

Tarantino is also a known aficionado of Southeast Asian cinema. When listing his favorite movies from 1992 to 2009, he included Japanese action films such as "Battle Royale" and "The Blade." He recruited Sonny Chiba, a Japanese martial artist and genre star, to cameo in "Kill Bill." The finale of "Kill Bill Volume 1," where the Bride (Uma Thurman) and O-Ren Ishii (Lucy Liu) duel in the snow, resembles "Lady Snowblood." With these influences, it makes sense that when Tarantino set out to make an action movie, he wound up making a samurai movie.

The Ceiling Of Your Talent

When trying something new, you always risk failing. When doing so publicly, the potential fallout is magnified threefold. Quentin Tarantino directed "Kill Bill" not in spite of that risk, but because of it. He explained to Rolling Stone: "I have an expression that I call "hitting your head on the ceiling of your talent. I wanted to find out where that ceiling was for me. I actually wanted to risk failing."

"Kill Bill" was split into two movies; knowing why Tarantino made the movie helps explain his structural decisions. The action is front-loaded in "Volume 1," from the opening where the Bride kills Vernita Green/Copperhead (Vivica A. Fox) to the bloody spectacular finale, where the Bride invades the House of Blue Leaves with the intention to kill O-Ren, slaughtering her entire Yakuza organization along the way. "Volume 2," on the other hand, is closer to Tarantino's usual oeuvre, relying more on dialogue-driven suspense. In any case, Tarantino's risk paid off; "Kill Bill" was a financial and critical success.

After "Kill Bill," I'd argue that Tarantino has made only one other pure action movie: "Django Unchained," a Spaghetti Western set in the antebellum south. Tarantino is known for unconventional story structure, so seeing him tell a straightforward hero's journey like "Django" practically becomes subversive. Though ultimately heavier on the talking than the shooting, "Inglourious Basterds" comes close to an action movie as well.

Even if he didn't totally reinvent himself, Tarantino definitely took the lessons about how to make violence look cool from "Kill Bill."

Read this next: 13 Tarantino Projects We Never Saw But Wish We Could've

The post The Risk Of Failure Drove Quentin Tarantino To Create Kill Bill appeared first on /Film.

Many times, in the course of our work as analysts (SOC, DFIR, etc.), we run tools...and that's it. But do we often stop to think about why we're running that tool, as opposed to some other tool? Is it because that's the tool everyone we know uses, and we just never thought to ask about another? Not so much the how, but do we really think about the why?

David Cronenberg knows what he likes. He's made a career out of sticking doggedly to his own twisted visions of humanity and churning out some of the most provocative films of the past few decades. But while they're sometimes dismissed as gratuitous body horror fests, Cronenberg's films have often interrogated complex societal issues. That was the case with his 2012 effort "Cosmopolis," which provided an unsettling insight into the cold detachment of society's elite, played out almost entirely inside a limo by Robert Pattinson. And while Pattinson, fresh off his "Twilight Saga" stardom, was understandably nervous and terrified going into "Cosmopolis," he seems to have left a lasting impression on Cronenberg.

A decade later, Pattinson would end up playing the lead role in Matt Reeves's superhero film "The Batman," stepping into what is the "Cosmopolis" director's arguably least favorite genre. In the past, Cronenberg has had some pretty harsh words for superhero films. Asked about Christopher Nolan's "The Dark Knight Rises" back in 2012, he said: "I think it's still Batman running around in a stupid cape. I just don't think it's elevated. Christopher Nolan's best movie is 'Memento,' and that is an interesting movie. I don't think his Batman movies are half as interesting."

According to the filmmaker, superhero movies are "by definition [...] for kids." That's an opinion he doubled down on in 2020 when he told Vulture: "The version of genre [film] that is most forceful in Hollywood right now — the superhero thing — has never appealed to me much. [...] To me, it's too formulaic, and too adolescent in its emotional understanding."

Despite all that, the "Shivers" director chose to sit through Pattinson's foray into the genre for which he has so much disdain.

Pattinson Was 'An Honorable Batman'

Yes, David Cronenberg, who thought anyone who said "The Dark Knight Rises" was "supreme cinema art" didn't know "what the f**k they're talking about," has watched "The Batman." Last June, he sat down for an interview with The New Yorker, in the lead-up to his most recent nauseating effort, "Crimes of the Future," which saw him return to body horror. (It's not a bad entry in the Cronenberg canon, even if it doesn't represent any significant evolution in his style.)

The Canadian filmmaker revealed he had screened Matt Reeves's noirish take on the Caped Crusader simply due to his affection for Robert Pattinson. And it seems the star of "The Batman" got about as good an appraisal as he could expect from Cronenberg, who felt Pattinson was "an honorable Batman." He added:

"I don't want to say anything more than that, because I've already made my position on superhero movies clear and been attacked for it [...] It's basically an adolescent power fantasy, and that's its essence. You can't get away from that, and it limits it in terms of emotion and power and intellect."

Cronenberg almost managed to stay positive there, but quickly righted himself to heap some more scorn on the genre that so effortlessly offends him. Oh well, for now, Pattinson can rest easy knowing he at least has the distinction of making David Cronenberg sit through a film with "a stupid cape."

Read this next: The 15 Best Horror Movie Directors Of All Time

The post David Cronenberg Watched The Batman Simply Because He Respected Robert Pattinson appeared first on /Film.

When shaken and chilled to minus 320 degrees Fahrenheit, ordinary frozen water "turns into something different," reports the New York Times, "a newly discovered form of ice made of a jumble of molecules with unique properties." The ice of our everyday lives consists of water molecules lined up in a hexagonal pattern, and those hexagonal lattices neatly stack on top of each other.... With permutations of temperature and pressure outside what generally occurs on Earth, water molecules can be pushed into other crystal structures. "This is completely unexpected and very surprising," said Christoph Salzmann, a chemistry professor at University College London in England and an author of a paper published on Thursday in the journal Science that described the ice.... The new discovery shows, once again, that water, a molecule without which life is not known to be able to exist, is still hiding scientific surprises yet to be revealed. This experiment employed relatively simple, inexpensive equipment to reveal a form of ice that could exist elsewhere in the solar system and throughout the universe. And according to LiveScience, the new form of ice has some unusual properties: Among them, Salzmann said, is that when the researchers compressed the medium-density ice and heated it to minus 185 F (minus 120 C), the ice recrystallized, releasing a large amount of heat. "With other forms of [amorphous] ice, if you compress them and you release the pressure, it's like nothing happened," Salzmann said. "But the MDA [medium-density amorphous ice] somehow has this ability to store the mechanical energy and release it through heating." Medium-density amorphous ice might occur naturally on the ice moons of gas giant planets, Salzmann said, where the gravitational forces of the enormous worlds compress and shear the moons' ice. If so, the mechanical energy stored in this form of ice could influence the tectonics on these Hoth-like moons.... Scientists still debate the nature of water at extremely low temperatures. Any debate now needs to take into account medium-density amorphous ice, Salzmann said. Thanks to long-time Slashdot reader fahrbot-bot for submitting the article.

Read more of this story at Slashdot.

Neowin reports on "a potentially dangerous exploit capable of completely unenrolling enterprise-managed Chromebooks from their respective organizations" called SH1MMER. The Register explains where the name came from — and how it works: A shim is Google-signed software used by hardware service vendors for Chromebook diagnostics and repairs. With a shim that has been processed and patched, managed Chromebooks can be booted from a suitably prepared recovery drive in a way that allows the device setup to be altered via the SH1MMER recovery screen menu.... In a statement provided to The Register, a Google spokesperson said, "We are aware of the issue affecting a number of ChromeOS device RMA shims and are working with our hardware partners to address it." "Google added that it will keep the community closely updated when it ships out a fix," reports SC Magazine, "but did not specify a timetable." "What we're talking about here is jailbreaking a device," said Mike Hamilton, founder and chief information security office of Critical Insight, and a former CISO for the city of Seattle who consults with many school districts. "For school districts, they probably have to be concerned about a tech-savvy student looking to exercise their skills...." Hamilton said Google will need to modify the firmware on the Chromebooks. He said they have to get the firmware to check for cryptographic signatures on the rest of the authorization functions, not just the kernel functions — "because that's where the crack is created to exploit it. I think Google will fix this quickly and schools need to develop a policy on jailbreaking your Chromebook device and some kind of penalty for that to make it real," said Hamilton. "Schools also have to make sure they can detect when a device goes out of policy. The danger here is if a student does this and there's no endpoint security and the school doesn't detect it and lock out the student, then some kind of malware could be introduced. I'm not going to call this a 'nothingburger,' but I'd be very surprised if it showed up at any scale." Thanks to Slashdot reader segaboy81 for submitting the story.

Read more of this story at Slashdot.

Not every Fallout 4 mod is created equal, and this new project channels the often-attempted “DLC-sized expansion with new voice acting” angle and seems to absolutely nail it, with new quests, characters, and even a new ending to the base game as well. If you want an excuse to dive back into Fallout 4, one of Bethesda’s best RPG games, this is an excellent excuse.

MORE FROM PCGAMESN: Fallout 4 console commands, Fallout 4 mods, Buy Fallout 4

It's an intimate fireside chat this week as we talk about Dead Space, The Mortuary Assistant, Like a Dragon: Ishin, the Last of Us, and plenty more, and read a bunch of your questions.  This week's music:  Norma Jean - Sword in Mouth, Fire Eyes 

Kurt Russell is the preeminent example of gruff, masculine swagger, injecting his performances with a vigorous presence no matter the role. Considering all of his muscly, mustachioed charms, it's a wonder that he hasn't been in more Westerns. That could be simply because films about the frontier aren't quite as common now as they used to be, but the actor takes his choice of roles in the genre seriously. Both "Tombstone" and 2015's "Bone Tomahawk" appealed to Russell, not because of their brutal action, but because of their dialogue, both refreshing to him in their own unique ways.

To be fair, Westerns have inspired Russell's roles, even if the films themselves weren't strictly in the Western genre. There's no mistaking that Snake Plissken in "Escape from New York" is at least partly an impression of Clint Eastwood's The Man with No Name, and Russell's role as Jack Burton in "Big Trouble in Little China" feels like a John Wayne parody. Still, Russell was well into his career before landing the role of Wyatt Earp in "Tombstone," released in 1993. The production was a hectic one, initially installing screenwriter Kevin Jarre in the director's chair before replacing him with George P. Cosmotos. Russell helped modify the script and, according to some on set like co-star Val Kilmer, took up a bulk of directing duties to see the project to completion.

Talking Like Tomahawk

Kevin Jarre based "Tombstone" on historical events and real people, even if, in true Western tradition, they were exaggerated for the sake of storytelling. In contrast, the premise of "Bone Tomahawk" is ripped straight out of a pulp magazine (including some controversial themes that date back to that era), combining Western elements with horror and "weird fiction." Russell points out, however, that the film's dialogue sounds remarkably natural, explaining that a movie about cannibalistic cave-dwelling mutants ironically portrays less of an exaggerated take on late nineteenth-century speech patterns than a classic John Wayne Western:

"I love 'The Searchers.' I think it's a cool movie. But the dialogue style? No way. It can't compare to 'Bone Tomahawk' or something like 'Tombstone.' This is much more of that true flavor. This makes you feel that this could actually be some weird little town in 1897 that is just out there where nobody knows where everything really is. The people talked this way. I believe that. I don't think this is a Hollywood western dialogue movie. This has a style to it. It lends itself much more to the credibility of reality than almost all westerns. It doesn't have a modern day sound to it."

Although the plot of "Tombstone" is much more grounded in reality, Russell seemed attracted to the way both films used their dialogue to humanize their characters. Westerns are known for mythologizing historical figures, but "Tombstone" and "Bone Tomahawk" brings the Western down to sandy earth, even if they both still embrace extravagance in the end. The former aims for an intimate portrayal of Wyatt Earp and Doc Holliday, the latter wants its heroes to feel like ordinary men before the creatures come for their meat.

Read this next: The 20 Best Westerns Of All Time

The post How Bone Tomahawk Reminded Kurt Russell Of Tombstone appeared first on /Film.

More than 30 years ago Nintendo released the third game in its Legend of Zelda series — appropriately titled, "A Link to the Past." This week Neowin called it "one of the most beloved video games of all time," reporting that it's now been reverse-engineered by a GitHub user named Snesrev, "opening up the possibility of Link to the Past on other platforms, like Sega's 32X or the Sony Playstation." This reimplementation of Link to the Past is written in C and contains an astonishing 80,000 lines of code. This version is also content complete, with all the same levels, enemies, and puzzles that fans of the original game will remember. In its current state, the game requires the PPU and DSP libraries from LakeSNES, a fast SNES emulator with a number of speed optimizations that make the game run faster and smoother than ever before. Breaking from the LakeSNES dependency, which allows for compatibility on modern operating systems, would allow the code to be built for retro hardware. It also offers one of the craziest features I have seen in a long time; the game can run the original machine code alongside the reverse-engineered C implementation. This works by creating a save-state on both versions of the game after every frame of gameplay, comparing their state and proving that the reimplementation works.... Snesrev now works alongside 19 other contributors. Despite the immense amount of work that went into this project, the result is brilliant. Not only does the game play just like the original, it also includes a number of new features that were not present in the original. For example, the game now supports pixel shaders, which allow for even more stunning visuals. It also supports widescreen aspect-ratios, giving players a wider field of view, making the game even more immersive on modern displays. Another new feature of this reimplementation is the higher quality world map. The new map is much more detailed and gives players a better sense of the world they are exploring.... The amount of time, effort, and talent that went into creating this is simply astonishing. Thanks to Slashdot reader segaboy81 for sharing the article.

Read more of this story at Slashdot.