Diberdayakan oleh Blogger.

Popular Posts Today

Symantec sees rise in high-traffic DDoS attacks

Written By kom nampuldu on Rabu, 22 Oktober 2014 | 16.01

A type of distributed denial-of-service attack, DNS amplification, has risen sharply, according to new research from Symantec.

The security vendor said it saw a 183 percent increase in DNS (Domain Name System) amplification attacks from January through August, which abuse recursive DNS resolvers.

Recursive DNS resolvers look up a domain name and return an IP address, which can be called into a browser.

But these types of servers return a large amount of data. Attackers abuse them by making requests but substituting the IP address of their victims.

That directs a large amount of data to the victims, consuming up to 50 times more bandwidth, making it an "amplification" attack.

The problem is that there are 28 million open DNS resolvers, which should be locked down and secured, wrote Symantec's Candid Wueest, a threat researcher, in a report.

"Until this problem is addressed, DNS reflection attacks will continue to be used for large DDoS attacks," he wrote. "In the past, we have also noticed that some attackers set up their own deliberately vulnerable DNS servers and then misused them for reflection attacks."

DDoS attack continue to be a problem, as a variety of groups—from hackers to extortionists—use the method to punish or embarrass companies and organizations.

Most of the DDoS attack traffic for the first half of this year came from India at 26 percent, with the next highest source being the U.S. at 17 percent, Symantec wrote. The reason may be a high number of poorly configured servers that can be abused for amplification attacks.

The most common type of organizations targeted by DDoS flood attacks are those in the gaming industry, then software companies and media organizations.

DDoS have become shorter in duration but tend to focus a larger amount of traffic toward a victim. Larger but shorter attacks follow initial probes that are intended to figure out what defenses are in place.

"In other attacks, small bursts were enough to temporarily disrupt the victim's operations," Wueest wrote. "For example, in online games, a short offline window of a few minutes can be enough to settle the odds on who will win the game."

DDoS attackers were quick to exploit the "Shellshock" flaw, a vulnerability discovered in September in Bash, a command-line shell processor present in most Unix and Linux systems.

"Within 24 hours after news about the ShellShock Bash vulnerability was published, we saw the first use of an exploit against the issue, where attackers aimed to install DDoS malware scripts on Unix servers," Wueest wrote.

DDoS scripts such as PHP.Brobot and Backdoor.Piltabe were installed on vulnerable Unix servers, abusing their high bandwidth for attacks.

The going rate for DDoS hire services—often referred to as "booter" or "stresser" services—range from as little as US$5 to $1,000, charged according to the attack's duration and size.

"These services are commonly offered in the gaming community to temporarily get rid of competing teams," Wueest wrote.


16.01 | 0 komentar | Read More

China attacks lead Apple to alert users on iCloud threats

Apple has warned users about attacks on its iCloud website, after monitoring groups alleged that China had tried to intercept customer information from the service.

Although China was not named, Apple said Tuesday it was "aware of intermittent organized network attacks" on its iCloud service that were designed to obtain user information, according to a company support page.

Apple said the iCloud servers are still secure but advised customers accessing the service to always verify that they've connected to an authentic iCloud website via a trusted browser.

Starting over the weekend, visits to Apple's iCloud site in China began returning an invalid digital certificate, a sign that the connections had been tampered with using a technique known as "man-in-the-middle attack", according to anti-censorship group GreatFire.org.

Such attacks involve the hacker trying to eavesdrop on the communication by tricking victims into believing they've visited a secure website. Once duped, the victim's activities can be monitored.

GreatFire.org alleged that the Chinese government was behind the attack, as a way to steal username and password information from Apple's iCloud users. But on Tuesday a spokeswoman with the Chinese Foreign Ministry said the country opposed any form of hacking.

The man-in-the-middle attack on the iCloud service was just one of several in China that have targeted U.S. websites. Starting late last month, visits to Yahoo's site from the country were also mysteriously returning invalid digital certificates.

Both Apple and Yahoo have declined comment.

Security vendor Netresec analyzed the attack on the iCloud service, and said it appeared to be conducted over networks belonging to China Telecom, and China Unicom, two state-controlled broadband providers. Both companies did not immediately respond to a request for comment.

The attack on the iCloud service came just after Apple began officially selling its iPhone 6 in mainland China. Before it launched, Apple had increased the security on its iOS software, following a request from a Chinese regulator.

The sophistication of the attack probably means the hackers had access to an Internet service provider, allowing them to create the insecure connections to the Apple site, said Su Gim Goh, a security adviser with F-Secure. "It's not something that a script kiddie could have done," he said, adding that an organized group or government could have been behind it.

"iCloud is a big service abroad. This is one good way to look at user content," he said.

Mainland China, Hong Kong and Taiwan represents Apple's second biggest market behind the U.S. On Tuesday, GreatFire.org said Apple had changed its domain name system in China to avoid the attack.


16.01 | 0 komentar | Read More

Microsoft sued as lawsuits over employee no-poach deal mount

A court filing in May last year has attracted more class action lawsuits, alleging secret no-poaching deals among tech companies to keep salaries low.

Oracle, Microsoft and Ask.com are facing suits alleging that they conspired to restrict hiring of staff. The suits appear to refer to a memo which names a large number of companies that allegedly had special arrangements with Google to prevent poaching of staff.

The document was filed as an exhibit on May 17, 2013 in another class action suit in the U.S. District Court for the Northern District of California, San Jose division over hiring practices. The tech workers who filed that suit alleged that Google, Apple, Intel, Adobe Systems, Intuit, Lucasfilm and Pixar put each other's employees off-limits to other companies by introducing measures such as "do-not-cold-call" lists.

The seven tech companies had earlier settled similar charges in 2010 with the U.S. Department of Justice while admitting no wrongdoing, but agreed not to ban cold calling and enter into any agreements that prevent competition for employees.

Google, Apple, Adobe and Intel appealed in September District Judge Lucy Koh's rejection of a proposed settlement of US$324.5 million with the tech workers, which she found was too low. Intuit, Lucasfilm and Pixar had previously settled for about $20 million.

The former employees filing lawsuits against Microsoft, Ask.com and Oracle have asked that the case be assigned to Judge Koh as there were similarities with the case against Google, Apple and others.

A key defense the companies may adopt is that the DOJ did not see it fit to prosecute them before 2010. "Oracle was deliberately excluded from all prior litigation filed in this matter because all the parties investigating the issue concluded there was absolutely no evidence that Oracle was involved," Oracle spokeswoman Deborah Hellinger wrote in an email after the suit against the company was filed.

Ask.com and Microsoft could not be immediately reached for comment.

The suit against Microsoft filed by former employees Deserae Ryan and Trent Rau charges, among other things, that Microsoft and other companies entered into anti-solicitation and restricted hiring agreements without the consent or knowledge of its workers. The plaintiffs said that the agreements that involved Microsoft were not disclosed publicly until the filing of May 17 last year.

In the class-action suit filed against IAC/InterActiveCorp, the parent of Ask.com, former employee Robert Arriaga alleges a conspiracy by Ask.com, Google and other companies to fix and suppress the compensation of their employees by way of "Sensitive Company Agreements," which first came to light on May 17 last year.


16.01 | 0 komentar | Read More

First products from Apple-IBM deal to come next month

Written By kom nampuldu on Selasa, 21 Oktober 2014 | 16.01

The first products from Apple's mobile enterprise partnership with IBM will roll out next month, according to Apple CEO Tim Cook, who said the partnership "could change the way people work."

In July, Apple announced an "exclusive" deal with IBM in which iPhones and iPads would be sold to enterprises backed by IBM's cloud and analytics services. The first products will be for the banking, government, insurance, retail, telecommunications and travel and transport sectors, Cook said on a Monday earnings call.

Apple did not share specific products details, but the one-time PC rivals are working closely together. IBM is creating iOS-specific security, analytics and management tools and will resell iPhones and iPads. Apple will roll out new support services for businesses.

First out of the gate will be a set of iOS apps, according to Roger Kay, principal analyst at Endpoint Technologies Associates.

"From what I understand, those products will be IBM apps developed with some help from Apple," Kay said.

The deal was viewed as an odd marriage between the hip Apple and old-school IBM, but it could help both. Apple hasn't had great luck with enterprises, while IBM is trying to expand its mobile footprint, Kay said.

The deal could help business users blend their iPads and iPhones easily into enterprises that use IBM software and systems, Kay said.

"The [deal] reassures IT managers that their employees using Apple products weren't getting off the ranch and exposing data," Kay said.

Apple is attracted to the enterprise market because device sales there could generate higher profit margins. In this case, IBM may be buying specially configured iPhones and iPads in bulk to resell to specific customers.

IBM is a bit more refined at hand-holding and customizing products for enterprise customers than is Apple, which makes products for the mass market, Kay said.

Apple during the earnings call tried to highlight its successes in enterprises. Chinese company Baidu has 20,000 employees using iPhones and has 30 internally developed iOS apps. Escalator company Schindler has deployed more than 20,000 iPhones and 20 apps. About 25,000 iPads were deployed in the Minnesota public school system.

And since the Apple-IBM partnership was announced, there has been a growing enterprise excitement about iPads and iPhones, Cook said.

But while iPhone shipments grew during the fourth quarter, iPad shipments declined.

Apple sold 39.27 million iPhones during the fourth quarter, increasing from 33.8 million units from the year-ago quarter. IPad shipments were 12.3 million, falling from 14.08 million units.


16.01 | 0 komentar | Read More

Apple's Yosemite OS shares Spotlight search terms by default

Apple is being called out for how it shares desktop and Web searches in its latest desktop operating system, Yosemite.

Spotlight, which underwent a rework for Yosemite, indexes desktop files and makes them searchable via keywords. By default, the latest iteration of Spotlight sends those search terms to Apple, in conjunction with Microsoft's Bing search engine, which Apple says is used to improve Spotlight's accuracy.

If "Location Services" are turned on in Yosemite, a computer's approximate location is also sent to Apple whenever Spotlight is used. Apple advises users of the data it is collecting and says that the sharing can be disabled by turning off "Spotlight Suggestions."

"Location Services" can also be turned off, but Apple still uses a computer's IP address to discover an approximate location. Apple does not, however, collect the search results that Spotlight generates.

The worry is that users may not completely understand what is being shared, as concerns grow over how companies collect, store and use what could be sensitive or revealing data.

The issue came up after research done with Yosemite by Landon Fuller, a software engineer and CEO of New York-based Plausible Labs. He launched a website called Fix Macosx, which highlights his work using a software tool called Net-Monitor. NetMonitor studies what network connections are made by Yosemite.

Fuller found other instances in which Yosemite shared data. If someone selects "About this Mac," which shows information about the computer, Yosemite contacts Apple, assigning a unique analytics identifier in the request, according to Fuller's GitHub page. The contact is made even if an option to share such analytics data has been disabled.

In another example, Fuller found that search terms entered in Safari are shared with Apple, even if a person is using a search engine such as the privacy-focused DuckDuckGo and "Spotlight Suggestions" is disabled.

Also, if someone sets up Apple's Mail application with a new email address, the domain of that address is sent to Apple, Fuller wrote.

"Mac OS X has always respected user privacy by default, and Mac OS X Yosemite should too," he wrote on Fix Macosx.

For those who don't want the information shared, Fuller recommends they disable "Spotlight Suggestions," "Bookmarks & History" and "Bing Web Searches" under the "Search Results" tab in Spotlight's preferences. To disable search terms entered in Safari, another selection—also called "Spotlight Suggestions"—should be disabled. Fuller has written a Python script that can accomplish those tasks.

Apple officials couldn't immediately be reached for comment.


16.01 | 0 komentar | Read More

Samsung Knox devices approved for government use by NSA

Samsung Electronics' Galaxy devices have been approved by the U.S. National Security Agency under a program of the agency to quickly deploy commercially available technologies.

The Commercial Solutions for Classified (CSfC) program only lists devices that have met the agency's security standards, and may not necessarily translate into large government orders for the South Korean company.

The products selected under the program of the NSA and Central Security Service include the Galaxy S4 and S5, Galaxy Note 3 and Galaxy Note 10.1 2014 Edition under the classification of mobile platforms. Also included under the mobile platforms classification is Boeing Black, a smartphone designed for defense and security applications by Boeing.

The listing may, however, serve to boost the standing of Samsung devices based on the Knox platform as an alternative to other products such as those of BlackBerry in markets such as enterprise and government where security of data is often a key factor in purchase decisions.

Samsung said in June it has been seeking security certifications from relevant government bodies across the world for devices using the Samsung Knox platform.

Knox is an Android-based platform that aims to enhance security of the current open-source Android. Devices using the platform allow users to switch between a personal space where personal data can be stored and the protected Knox Workspace container.

Five Samsung mobile devices were in June included on the list of products approved for sensitive but unclassified use by the Defense Information Systems Agency (DISA) of the U.S. Department of Defense. DISA certifies commercial technology for defense use.

The CSfC list supplements the DISA listing to address the full range of U.S. government security objectives, Samsung said in a statement Tuesday. It said it was the only manufacturer with mobile devices on both lists.


16.01 | 0 komentar | Read More

Dropbox used for convincing phishing attack

Written By kom nampuldu on Senin, 20 Oktober 2014 | 16.00

Dropbox's file storage service was used for a tricky phishing attack, although the service was quick to shut down it down, according to Symantec.

The security vendor said it detected a batch of phishing emails advising recipients that they've been sent a large file and included a link to Dropbox-hosted page.

"The email claims the document can be viewed by clicking on the link included in the message," wrote Nick Johnston of Symantec in a blog post. "However, the link opens a fake Dropbox login page, hosted on Dropbox itself."

By hosting the fake login page on Dropbox, the scammers gain some benefits over hosting it on a random, strange-looking domain name. The phishing page is contained within Dropbox's user content domain, similar to shared photos or files, Johnston wrote.

Most of the phishing page's elements are also served over SSL (Secure Sockets Layer), which encrypts communication between a client and a server and makes the ruse look more convincing. Older browsers may not prompt a warning if SSL isn't used for the entire page, he wrote.

"The prominence of the warning varies from browser to browser; some browsers simply change the padlock symbol shown in the address bar, whereas others include a small banner at the top of the page," Johnston wrote. "Users may not notice or understand these security warnings or the associated implications."

Phishing attacks have often been staged on trusted domains for file storage and sharing, such as on Google's Docs and Drive services.

The phishing page, which was quickly taken down by Dropbox, asks for a user's Dropbox credentials but also includes logos for popular webmail services. It purports to allow people to use the same webmail credentials to log into Dropbox.

Once a set of credentials has been collected, a PHP script within phishing page simply redirects to Dropbox's actual login page, Johnston wrote.


16.00 | 0 komentar | Read More

Is your Ethernet fast enough? Four new speeds are in the works

ethernet's future is now about much more than the next top speed: The engineers charting a path for the ubiquitous networking protocol are looking at several new versions to serve a variety of applications.

At a meeting last Thursday of the ethernet Alliance, an industry group that promotes IEEE ethernet standards, three major new projects were up for discussion.

To meet immediate demands in cloud data centers, there's a standard in the works for 25Gbps (bits per second). For the kinds of traffic expected in those clouds a few years from now, experts are already discussing a 50Gbps specification. And for enterprises with new, fast Wi-Fi access points, there may soon be 2.5Gbps ethernet. That's in addition to the next top speed for carrier backbones and moves to adapt the technology for use in cars.

These efforts are all meant to serve a growing demand for ethernet outside the traditional enterprise LANs for which it was originally designed. That means solving multiple problems instead of just how to get ever more bits onto a fiber or copper wire.

"What I'm hearing is lots of diversity. Lots of diversity in need, lots of diversity for the future," ethernet Alliance Chair John D'Ambrosia said part way into the daylong meeting in Santa Clara, California. "We're moving away from an 'ethernet everywhere' with essentially the same sort of flavor."

The EA's annual Technology Exploration Forum is a venue for discussing the kinds of technical details that many participants will go on to debate in various task groups of the IEEE 802.3 Working Group, which sets the official standards for ethernet. Optical and electrical signaling, fiber strands and copper wires, processing power, energy consumption, heat, cost, and other issues all come into play in determining what to build and how.

Without diving too deep into those details, here are some of the new technologies brewing in ethernet.

1. 25-Gigabit

A 25Gbps standard may seem like a step backward, because 40-Gigabit and 100-Gigabit ethernet already exist. But in fact, it's all about the need for more speed, specifically from servers in cloud data centers. Google and Microsoft are the biggest buyers of ethernet now, largely because their cloud operations require so much data exchange between servers, according to Dell'Oro Group analyst Alan Weckel.

The key to 25-Gigabit ethernet is that many of the components that could go into it are already developed: The 100-Gigabit standard is made up of four "lanes" of 25Gbps, so many of the same parts go into that high-end gear. That should mean higher production volumes for parts that go into both technologies, driving prices down.

Rallying around 25Gbps also gives network architects a logical way to build their data centers, with servers linking to switches at 25Gbps and the switches aggregating those connections into 100-Gigabit uplinks, Weckel said. That four-to-one ratio is what they're used to working with.

Having building blocks in multiples of 25 will become more important as cloud data centers age, Weckel said. It should let network engineers reuse technology as needs and speeds grow.

"Right now, all clouds are greenfield, but as the cloud matures, and actually has a real business model and has to actually talk to Wall Street and explain the billions of dollars that they spend on every data center, you're going to see reuse become very important," Weckel said.

By contrast, 40-Gigabit ethernet is made up of four lanes of 10-Gigabit ethernet, a technology that the cloud giants are now outgrowing, ethernet Alliance's D'Ambrosia said. They need more than 10Gbps for each server, even as average enterprises start to connect more servers at that speed.

Google, Microsoft and several prominent networking vendors formed a group in early July to promote standardization of 25Gbps and 50Gbps ethernet, saying they couldn't wait for the IEEE to finish a standard. Later that month, the IEEE started its own 25Gbps task group and said it might be done in as little as 18 months. On Thursday, D'Ambrosia said he doesn't necessarily agree with that forecast but he's optimistic. "Consensus is forming quickly in the industry," he said.

2. 50-Gigabit

Work is also beginning on a 50Gbps specification, which could be the next speed offered for linking servers in data centers. Both servers and high-performance flash storage systems will drive a need for something more than 25Gbps in the biggest data centers in a few years, Weckel of Dell'Oro said.

At Thursday's event, attendees debated whether to seek a 50Gbps standard or go all the way to a single-lane system for 100Gbps. A 50Gbps specification is more within reach, said Chris Cole, director of transceiver engineering at Finisar. For a 100Gbps standard today, "you're pushing the components," Cole said. He expects to see standard 50Gbps products starting in 2016.

3. 2.5-Gigabit

It may not sound very fast, but 2.5-Gigabit ethernet might help companies fill their buildings with very fast Wi-Fi. It's being proposed specifically as a tool to help enterprises' wired infrastructure keep up with wireless access points that increasingly form the edge of those networks.

The latest Wi-Fi technology, IEEE 802.11ac, can operate at more than 1Gbps—much more, with certain configurations. With that much traffic going over the air, the Gigabit ethernet links that most enterprises use to connect their access points to the wired network could become a bottleneck, said Kamal Dalmia, vice president of sales and marketing at Aquantia.

Upgrading to 10-Gigabit ethernet would give networks plenty of bandwidth, but most companies don't have the right kind of cable to do that, Dalmia and other participants said. A 2.5Gbps version of ethernet would work on commonly used Category 5e and Category 6 cable over the standard distance of 100 meters, so users could go beyond Gigabit ethernet without the cost of pulling new cable.

Aquantia is already producing silicon for ethernet gear that can run at 2.5Gbps or 5Gbps. The process of setting a 2.5Gbps ethernet standard, which might also involve 5Gbps capability, is expected to begin at an IEEE meeting next month.

4. 400-Gigabit

ethernet's backers haven't given up on reaching a new top speed, either. An IEEE task group is already working on a 400-Gigabit ethernet standard, which is currently projected for completion in March 2017. The fast links might use multiple lanes of either 50Gbps or 100Gbps. Once finished, the superfast technology would be destined for the cores of service-provider networks.


16.00 | 0 komentar | Read More

China again blames US for disrupted cybersecurity talks

China claimed on Sunday the U.S. has derailed cybersecurity cooperation between the two countries and that it doesn't tolerate hacking.

The statement came a day after Yang Jiechi, a state councilor who deals with foreign affairs, held discussions on Saturday in Boston with U.S. Secretary of State John Kerry on topics that included cybersecurity.

"Dialogue and cooperation between China and the U.S. in the field of cybersecurity is faced with difficulty due to the wrong actions taken by the American side," according to a statement on China's Ministry of Foreign Affairs website.

Jiechi told Kerry that "China firmly opposes and cracks down on all forms of hacker attacks," it said.

In an unprecedented move, the U.S. Justice Department in May charged five members of the People's Liberation Army with stealing trade secrets from U.S. companies. It marked the first-ever U.S. criminal charges related to suspected state-sponsored hacking.

The indictment alleged the men belonged to Unit 61398 of the Chinese Army in Shanghai, which lead an eight-year hacking spree that stole intellectual property from companies including Westinghouse Electric, United States Steel and subsidiaries of SolarWorld, among other companies.

The documents included photos, such as that of Wang Dong, who allegedly went by the nickname "UglyGorilla" and Sun Kailiang, who is wearing a military uniform.

The trade secrets stolen included information about a nuclear power plant design and cost and pricing data from a solar panel company, according to the indictment. China did not refer to the criminal case in its statement on Sunday.

The legal action contributed to increasing tension between the two countries, which had been strained since Google accused China-based hackers of stealing its intellectual property in early 2010.

Google said it was one of more than 20 large companies struck by a cyberespionage campaign dubbed Operation Aurora by security experts, who contend the group behind those attacks is still active.


16.00 | 0 komentar | Read More

Spoiler Alert review: This game starts at the end and goes backward from there

Written By kom nampuldu on Minggu, 19 Oktober 2014 | 16.01

Dante had it wrong. (Be warned: I'm about to spoil an 800-year-old piece of literature.) In The Divine Comedy Dante tells us there are seven circles of hell, increasing in severity of punishment as you delve deeper. Clearly he missed the special eighth circle of hell for people who spoil stories in any medium, be it books, film, television, or video games.

All that aside, I'm going to spoil the end of Spoiler Alert: You defeat the final boss and find the princess.

Wait, don't get mad! Come back! It's the first scene you'll see in the entire game.

Be kind. Rewind.

Spoiler Alert is a platformer played entirely in reverse. You start at the end, having already beaten the game, and then progress backwards to the first level. Take all your classic platformer tropes and they're most likely represented here, albeit with a twist.

Spoiler Alert

For instance, you're probably accustomed to running from left-to-right across the screen in a Mario-style platformer. In Spoiler Alert you'll instead run right-to-left. Are you a pro at hopping on enemy heads to squash the life out of them? Spoiler Alert has you jumping on heads to bring enemies back to life. You'll also jump into spots where coins used to be in order to replace them,consume fireballs you shot out at enemies, and watch as spikes fly back towards the ceiling they once fell from.

Spoiler Alert is more like a rhythm game than a platformer, to be honest, as you're running at a constant reverse speed and trying to time your jumps to match. It's a trippy take on the genre, and a fantastic concept. In a world drowning in puzzle platformers, Spoiler Alert feels both fresh and creative.

Spoiler Alertjavascript://

Unfortunately the game doesn't really manage to live up to its promise. I never like to fault a game for being short, but Spoiler Alert is really damn short. To be fair the game only costs $3, but I managed to complete the entire main campaign plus the ten bonus levels in only forty minutes and I had at least a silver rating on each level. I can guarantee I could get all gold ratings and still come in under an hour of play.

It's not really the length that's at issue. There are other games (The Vanishing of Ethan Carter) I enjoy despite providing a relatively brief experience. The problem with Spoiler Alert is that because of the abbreviated length it feels like the game never gets to explore the intricacies of its concept.

While there are three different worlds for you to traverse, a la Mario, each feels largely the same outside of the theme applied (Forest, Ice, Alien Invasion). The game never gets hard by any means, and in fact the levels seemingly follow no progression at all—there are levels in the last world (first, going by Spoiler Alert's logic) that are as simple as some of the first levels you'll ever play, but then there are others that are leaps more complicated right afterward. I don't feel like the theme of "You've beaten the game and are progressing backwards" is in any way held up by the difficulty across each set of levels and, ultimately, the game.

Spoiler Alert

The art style is also a bit of a turn-off. It has a sort-of roughness to it that smacks of low-budget gaming regardless of whether it was done on purpose. There's a crudeness—almost a GameMaker-esque quality—to it that I would expect from a free web game.

Spoiler Alert does have options for speedrunning and user content, which I expect might extend the lifespan of the game for certain people. However, I don't think it's enough to salvage the short length or turn this into a must-buy, despite the strength of the core concept.

Bottom line

I had brief moments where I enjoyed Spoiler Alert, but there's not enough of it and what is there isn't polished enough to really merit playing. It's a highly creative concept but, ultimately, a gimmick that doesn't quite work as a game.


16.01 | 0 komentar | Read More
Techie Blogger