An excerpt of one of the two vulnerabilities responsible for today's security update:
In Microsoft Security Bulletin MS04-025, Microsoft describes a critical vulnerability in the way Internet Explorer processes .GIF and .BMP images. An attacker can use malicious images on a web page or in HTML-formatted email messages. If the attacker can convince a user to visit the web page, open the message, or otherwise view the image, the attacker may be able to gain control of the user's machine.
I blame these constant, and ever more laughable windows security problems on their closed source software model. There are dangers in running software on your machine that can only be audited for security by the people who get rich selling it to you. There are many rants to be had in situations like this, and counter-rants, but this I feel is the largest problem with closed source applications. The code simply doesn't "get out enough" and winds up with these sociological disorders.
My friends and I just went to go see a midnight preview of M. Night Shyamalan's The Village. Afterwards I listened to them talk about films I haven't seen yet like Soilent Green, films I have seen like The Others, but I just couldn't get into their groove.
Then when I got home, I went online and checked out Rotten Tomatoes. Yep, 65%. imdb, 108 votes for 6.5 percent.
Well I'm still not satisfied, but here in my blog I can let loose. I did it for Azkaban, and now I can do more damage to this movie than anyone else will dare do. Please excuse any spoilers. Here goes:
You've asked for it, you've got it :)
My flash game "Gravity" now has a high score list!
As per Jim Lucas' inquiries (do you have a website Jim? I'ma link you) you /do/ have to be online while you play in order for it to record your high score.
Also of note is that it will only record the highest score you make under a certain set of initials. I did this so that one person who can get 30 ten times in a row doesn't keep someone who can get 29 from being on the list. Please try not to use a bunch of different names! :)
Theeeeeere once was a show in 1984, got canceled after it's first season, called "Automan". It was about an LA cop with a background in creating computer games (a nerd's nerd named "Wally"), who got a bit ahead of himself by creating an artificial intelligence on a PDP-11. He went one farther by figuring out how to manifest this being as a Star Trek style hologram. The computer nerd was played by Lucille Ball's son Desi Arnaz Jr. It was at least a million times as campy as any other show of the time, even knight rider. I've recently obtained the whole series from bittorrent and started watching it however, and I think it is the bahm.
First of all, they get to cruise around in a holographicly enhanced Lamborghini Countache called "the Autocar" which zips through traffic and around corners exactly like the vehicles in "Car Wars". Or if you're not familiar with that game, like Pac-man. Of course they never stop and think to equip the thing with a seat-belt, but I'm (uniquely) capable of forgiving them such campy transgretions.
Underneath all of the camp and all of the "If you can whip up holograms of anything and walk through walls and sweet talk computers, why didn't you just XYZ instead of doing it the hard way?" is hidden some astoundingly well thought out crime/detective stories. There is always 2, sometimes even three levels of "bad guys" predating upon one another. The threading is excellent, in that each character has their own unique understanding of what's going on around them and their own agendas. Threading is rare in well written movies, let alone TV shows. And of course there is more 80's camp, geekiness, and bad parody than any earthling human can possibly appreciate except for me.
If you'd like, I can cook you up a VCD of the pilot and you can stare in slack disbelief at the sheer audacity of the show. It's fully MST3K'able! but I luvit.
For awhile there I got a blog entry in every day :) Now my average is slipping again to 1 every 3 days.
Ah well, interesting things have happened here.
We had our family reunion yesterday, on my grandma's 75th birthday, many people came and a fun time was had by all. The food was also superb.
My uncle gave gramma a computer (?!) for her birthday, making the people who raised me the last people in my family (going out 4 generations) to own one. Sometime this week I'll have a chance to go down there, and I'll put my blog in her bookmarks so that she won't complain about not calling quite so often. She can read "the Jesse Gazette" along with the other 3 of you :)
This morning my grandpa went parasailing. (?!) It proved too early-morning of an early-morning event for my family to attend (neither of us were confident in our abilities to operate a vehicle at that time) but the word was that it was a beautiful morning and a wonderful flight, and everyone involved felt less freaked-out after having seen it accomplished :)
I got to watch Donnie Darko and was only vaguely impressed. Of all things, what I found lacking was the plot. The Cinematography, special effects, and sound design were choice. Of course I'm a huge fan of Tears for Fears, but I never would have relied on their music so heavily to drive any film of mine. I found myself predicting, with biting accuracy, what the "sensible" people in Donnie's life would say next on three seperate occasions.
The plot was nebulous. It was in no way clear where all of the forsight was coming from, or why the jet engine got caught in a wormhole. Yes, yes, "Einstein-Rosen bridge", they were stealing the homework done by Carl Seagan for the original book 'Contact'. "Any metal vehicle" indeed, I wonder if Professor Noah Wiley was referring to needing structural integrity, or simply quoting Doc Emmet brown so far as "stainless steel being a good electrical conducter".
All I know is it sure sucks to be Frank the Rabbit. Poor guy, he's just trying to "go with" your sister and hang loose, and you go and shoot him in the eyeball.
Well, Jake Gyllenhaal is a fine actor (and of course Maggie is a hottie) and Richard Kelley will probably start making some very interesting movies soon. (I guess he has three in he works now)
That game that I made last week wound up with the following high score list:
me - 72
Vince - 16
My brother-in-law - 12
Darla and Spencer - 4
Jake, The owl, Chris Arribito, Robbie - 3
Everyone else - 2
Sooooo.. I made some modifications. It makes it easier on you low-end lot and harder on us up-end lot :)
Actually I made three modifications.
1> level select. Harder levels score faster, but they're um.. harder. One way or another 72 won't be as easy for me to get anymore :)
2> Pause feature. Vince said "you need pause". Jake said "You need a brake on this thing". The pause is kind of a brake, so get over yourself ;) No, for real though, the "easy" level starts out with zero grav so it gets a lot easier for you Jake-lot to get used to the controls before the planet starts messing with your affairs.
3> you'll notice change #three. :)
I don't know if you've seen it before or not, but here is a Geek Test that seems pretty good.
My score is 71.59763% - Geek *G*O*D*, which puts me comfortably above the only 100 or so other people on Orkut to have published their scores, out of 3,800 members of the Geeks community. Thus I am their lord and master *mental*flex*.
Since Jake always blogs about flash games and I was bored, I made one.
It's called Gravity.
So here's the premise. You are dorky red spasechip, in orbit around planet killingyouguy. Your enemy is Gravity, and the only way to lose/die is to crash into the planet. So.... don't crash into the planet :)
The controls are just like the controls in asteroids, minus the shoot and the hyperspace. Press left to turn left, right to turn right, and up to fire thrusters. Slowing down involves turning bass ackwards (facing away from your momentum) and firing them thrusters. Unlike asteroids, you have an evil planet's gravity alllllways trying to pull you in.
Your goal is to collect all of the green spinning berrets. When you collect one, another will appear randomly in space, and your score will increase. As your score gets very large, be warned that even experienced propellorheads will start to feel heavier.. and HEAVIER...
• This space is toroidal, just like Slider Tic-Tac-Toe or slider-anything-else-I've-invented. This means that exiting one side of the screen will magicport you to the other side of the screen. This can be very tricky to use to your advantage, since the direction in which gravity is pulling you suddenly is coming from the opposite side. In particular, try not to slide off the corners or else, due to the distance and direction, your fate will be almost certainly be sealed.
• Do not go very very fast. One planet in a toroidal space is like an infinite orchard of close-planted trees. If you hop on a motorcycle and buzz through such an orchard at a few hundred clicks, and you're being pulled in random directions, your average lifespan drops down to a few seconds. And it's harder to "brake" at high speeds of course.
• Sophisticated pause feature: If you have to go answer the door or go to work or something and don't want to quit your rediculously successful game, simply ease into an orbit. No I'm kidding.. long term testing has shown that all orbits eventually decay :) Hit 'P' to pause and unpause.
• Rumor: It has been suggested that the planet's surface is unforgiving, but that the planet's rings may be brushed by lightly without harm coming to you. As long as you don't get in too deep....
So have fun and comment and lemme know what high scores you get. I got 35! :)
Since the number of threats and difficulties a wireless network faces are just as numerous as the number of incomplete solutions available, I've taken the liberty of drawing up a grid illustrating the situation as it stands.
Here is the grid:
I welcome any suggestions, additions or corrections. The grid is incomplete, and may be less than accurate in areas where I've misread the situation. I haven't yet researched Dynamic WEP for instance, and I'd add "implementational faults allowing amplified DOS" if I knew more about that (replaying disconnect messages and the like).
This grid assumes a setup with a single provider of internet access through an unknown number of AP's. This could be a SOHO, WISP, Campus, or community network. The users of the access are "local" and those unauthorized to use the access are "remote". "Radius" is a term being used a bit broadly here to refer to any 802.1x / EAP / PEAP / CHAP / whatever per-user authentication mechanisms, that are often backed by a Radius server. "NoCat" is also a broad term refering to any similar capture-auth gateway.
If you can't tell from the grid, I feel as though WPA1+Radius has failed to penetrate the market effectively, and that vendors creating vendor-specific variants of different things has been hurtful. My Aironet's support the protocol fine as a server, my CB3 Plus Deluxes support the protocol partially in Access point mode, but refuse to act as a client in bridge mode, and I'm finding it highly difficult (impossible?) to set up a Windows machine as a client. Of course we are all praying that WPA2 (aka 802.11i) will be official enough to demand vendor compliance, and the sooner the better, and then I can change the red and orange marks on the convenience side of that row to green and the whole grid will become unnessessary :)
Another area I'm particularily interested in is column D, "local users eavesdropping traffic" so far as the TKIP (1-key) variants of WPA.. I know that a local user can eavesdrop on WEP traffic (if you have the key you can sniff your buddy's traffic and decrypt it easily with Kismet) But can a local user (anyone who knows the passphrase) eavesdrop on WPA traffic as easily? I can't seem to google for that :)
I'll probably also add preambles and such explaining the grid to arbitary visitors eventually, but it's late and I wanna go bed.
Thanks for humoring a green-horn network admin :)
I work as a systems and network administrator for internet solutions provider Webformix here in Bend, Oregon. We are handling an exceedingly large number of wireless projects for various clients, which I'm responsible for speccing out. For anyone who has ever done any study of the wireless world, it is obvious what a state wireless security is in these days.
802.11 wireless technologies have spread across the landscape like wildfire due to their ease of implementation and standardized interoperability, but security features for this network platform have been left in the dust for the exact opposite reasons: they are difficult to deploy and lacking a coherent standard vendors have failed to make your average access point play nicely with your standard wireless card, or sometimes even play at all.
Security is espescially important in a wireless network since you are essentially broadcasting your internet access presence into the air. Unsecured, anyone in the vicinity may accidentally wind up on your network, or else a determined attacker can see everything you do online and/or jump online with you and abuse your connection (waste your bandwidth, commit fraud online, send spam, and you'll get blamed) with ridiculous ease. With a fairly inexpensive directional antenna, the attacker could be on a hill 20 miles away and still eavesdrop on your email.
Worse yet is that many of the encryption and authentication methods that are available must be watertight in order to be any help at all, but many of them are not. The data encryption standard "WEP" (Wireless Equivilent Protection) that was ratified as part of the 802.11 protocol was proven easily crackable in 2001. It is still better than nothing for your home network. Just like a car door lock it can deter your average attacker.. espescially since your neighbor probably set up no encryption at all. But if an attacker is determined, or if they have nothing better to do than sit on a hill for a few hours cracking your network, then that's really all that they need.
Many other concerted attempts at encryption and authentication have been proposed, and implemented, and none of them so far are a silver bullet. To rest easy, what we need is strong security, with strong user authentication and — for those of us who want it — accounting. But we also need this to be easy to set up, on the server and for the client. We need it to be interoperable, so that different hardware from different vendors can use the protocol fluently on the same network, and so that your laptop or PDA can get online even if you're running OSX. The more transparent and user-proof, the better.
Many home-brewed solutions have been attempted above the link-layer. Capture-auth gateways that force you onto a web page where you need to log in before you can get access, throwbacks from dialup and DSL such as PPPOE and PPTP, and encryption technologies initially meant to bridge corporate networks such as IPSEC and VPN have all been plyed at. These have their own strengths and weaknesses, but as has been the case so far.. the easier they are to implement on server and on client, the less secure they end up being, and vice versa.
IEEE has been brewing up the successer to the WEP standard for a few years now, known as 802.11i. This promises to be the silver bullet everyone has been pining for.. but it has not yet materialized. It may during the next few months or years, it just got ratified like last week, but very very few vendors have it implemented yet.
While it was being proposed, the WiFi alliance saw fit to create a defacto standard known as WPA (Wifi Protected Access) which takes many of the important elements from the upcoming 802.11i standard and makes them available as a temporary software-upgrade solution for existing hardware. Alas, for whatever reason it has spent at least a year being poorly implemented by vendors so that a majority of it's authentication-related functionality remains unusable to the wireless world. Vendors like Cisco and Microsoft have riddled their implementations with so many vendor specific changes that they cannot co-exist with other hardware. Most wireless AP/bridge combo's I've tested (linksys, microsoft, motorola, engenius) support serving advanced WPA features in AP mode, but not authenticating by them in bridge mode. Finally Windows XP's heralded new WPA client support lacks the ability to specify your username and password for a wireless network — the only option allowed is to use your windows username and password.
For you wireless security buffs out there, the next post will be a discussion of what can be done about the situation. Every choice appears full of trade-offs, and I've put together a grid which displays these trade-offs visually, to help us make those tough choices.
The first single off their new album "The Spine", the video has officially been produced and directed by Strong Sad and The Cheat of Homestarrunner.com, and can be viewed here:
According to this Wired interview, TMBG will be making a separate video for the MTV crowd. Choice quote: "I feel like if MTV and Homestar collided, the world might explode."
The first place that we went to on our vacation was The Enchanted Forest. Situated on a hill with similar geometry to COCC, this theme park is uniquely Oregonian: The only thing you need to do to entertain an oregonian is to give them a trail up a hill and possibly something to look at in between the trees. That is how this theme park started in the early seventies. Since then it's added a myriad different rides and amusements, but the beginning of the journey is still "Storybook trail" which is a minor hiking trail adorned with well crafted scenes from pre-disney brothers grim fables.
2 years ago they added the kiddy rides up near the theater. Bumper boats, frog hopper, and a mini ferris wheel. This year they've added the adult bumper cars, but those were non-operational when we were there (down for maintenance or some such). Also, we can see the work they are doing on the European Village Phase III project, which may not be finished by next year. During the times that my family has made our once or twice yearly visits, we've also seen them add the "Johnny Rio" gunslinging game, RC boats, and a wind-chime piano in Pinochio's house. On a sadder note however, the Fantasy Fountains must have been having technical issues (For the first time that we've ever seen) because half the jets were out of kilter or out of sync somehow. It appeared to me as if the system could have used some CLR.
In 2002, after getting through their Crooked House, we were inspired to visit the Oregon Vortex, which dissapointed us and left us in wont of some more crooked house. Just as a Crooked House warning, kids love it in there, and when you come out there are a few steps downward back to the normal path. They are entirely visible, and normal, and your unattended child is somehow guaranteed to fall down them. So please, act responsibly in light of the afteraffects of the crooked house and take your child's hand, and then you can all fall down the steps together. :)
My wife and son and I just returned from the Willamette Valley, where we visited the Enchanted Forest (more on that another time) and the Oregon Zoo. We had a great time, and I'm just now finally recovering enough from the car lag (and the email backlog) enough to blog about the place.
At Woodland Park, they have this enlosed greenhouse-tent full of butterflies where you are invited to enter and see them up close. At the Oregon zoo they have a Lorikeet greenhouse with a similar twist. You can purchase cups of modified apple juice to attract the lories to you. In both places, I was soon covered in 3-7 amorous animals at a time, much to the amazement of their keepers, and had the opportunity to coax many of them onto mystified children and tourists. And I'd get pooped on. ;)
We got to watch the baby elephant Chendra demonstrate her inginuity as she dug a pit underneath a fence to his enclosure, snaked her trunk out and reached a good 5 or 6 feet out to nab some local vegitation to snack on. I have some IRC penpals from Malaysia, one of them asked me what the food here was like. Once I can remember who asked I'll let them know we have the Chendra seal of approval ;)
We got a very good view of the Hippos for a change. They swam right up to where we were behind the glass, so we could see them pretty clearly through the water's surface, and they would pop the tops of their heads out to flick their ears at us. It looked like a baby and it's mother.
We also got a very good view of an Amur Leapord. They have this false house set up (small enough that adults have to duck down) with one wall being a window into the leopard's habitat. Our leopard was crashed out right in front of the window, almost like she was basking at us. Imagine a college student zonked out in front of a large A/C :) She was facing away from us so we could only see her beautiful coat and paws. Darla took a snapshot, and the weak flash on her throwaway camera (or the clicking sound) was enough for our friend to raise up her head and check us out. She was very beautiful and her green-teal eyes reflected balefully at us like lamps. After she was satisfied we weren't going to bite her in the rump, she slumped back down to obtain additional Z's.
So what zoo or zoo-like amalgamation have any of you enjoyed the most?
Gmail offers a gig of storage so that us normal folk will never need to clean out our email boxes. They can remain as archives of all of our dealings and communications. Later, when we've filled up a good portion of the gigabyte allocated to us it will be cost effective for Gmail to evolve their service into 10 gig.
It's amazing how many email users are simply affronted by that very gesture, as though an inbox that is less than 50% full is a source of shame, and thus Google has made their job of maintaining a full inbox more difficult.
Every time I hear of a different service increasing the sizes of their email boxes, it seems to be reviewed favorably over Gmail. Hotmail, Yahoo, and Lycos have all upped their inbox sizes to at least 100MB, most often 2gig with a subscription. Barney just sent me a link to an article touting an Israeli email service called Walla as the next Gmail killer. Why, you might ask? Because they provide 1 gig of space with their free accounts, plus mail filtering, email search, and virus protection. The article's optimism does not seem to be affected by the fact that every web based email I've ever seen includes filters, search and anti-virus.
The only other feature advertised is support for various multimedia capabilities, apparently geared towards allowing you to (ab)use your email box for multimedia file storage.
And then, of course, Sarah Gilbert suggests that Gmail is made moot by Big IMAP, which offers potentially more than a gigabyte of storage, plus IMAP access and (obviously) no ads, for the low low price of $10-$20 per month. Here is a quote from her blog:
I would be remiss if I didn't mention, however, that Big IMAP gives you a lot more value than any Gmail invite - more storage, IMAP support, and no ads. There is a 30-day free trial if you want to check it out ;)
The fact that Gmail remains at least three times cheaper (zoolander homage intended) doesn't seem to be addressed.
There have been many times that I wished I had some gift or another to impart upon the world. Perhaps I could cure cancer, or feed the homeless, or build a better internet, but now those hopes have been marred, because apparently purity of altruism sometimes appears to be received offensively, and I'll have to continue sharpenning my skills of rudeness and self-interest in order to fit in in this world.
Slashdot's RSS service has defamed your headline reader. You are probably not requesting pages more often than their terms of service allow.
Slashdot, the single most popular news portal in the entire blogosphere, has probably issued it's automated "no soup for you" to absolutely every RSS subscriber at some point in time or another. I personally have an RSS reader that I do not set to refresh RSS feeds *at*all*, so it only refreshes feeds when I launch the program to read the news, which is every day or two. Regardless, every week or so Slashdot sees fit to ban me for 72 hours.
I suspect it's because they are confusing BendBroadband's transparent proxy server with an individual newsreader, so that the majority of the city of bend can receive no more than 1 RSS feed update from the cybergiant every 30 minutes, or else the whole town spends three days without soup.
To the best of my knowledge, this problem stems from Slashdot using a CGI to generate it's RSS.. which means every time you hit that URI a program runs and eats a few userseconds of CPU to feed you the same RSS it's fed over a million others around the globe in the last ten minutes or so. That quickly adds up to millions of userseconds, which the powers that be at Slashdot appear to want to ration out to the soupline instead of finding a better way.
One superior method is employed by Movable Type, which keeps your blog posts and RSS feeds available as a collection of static HTML files. Your webserver can painlessly deliver these to one or a billion people on demand. There is no process to run, no database to consult, just a few kilobytes of data to fire down the pipe at whoever asks. Movable Type and similar blogging tools recreate your entire website essentially whenever a new post is authored. This is a moderate amount of work, but it certainly beats recreating the pages for every page view, so long as your blog posts get read more often than they get written.
Other than badly designed CGI's hogging the OSDN servers, the only possible complaints that slashdot could have regarding abuse involve bandwidth. Now I can't weigh a slashdot RSS file just at the moment due to being banned, but wired's rdf/rss file weighs just under 2 kilobytes. Slashdot's front page weighs 120k. So there you go, you would have to request an RSS file 60 times to use up as much bandwidth as a single page request. Counting network overhead, maybe 40 times.
I understand that it can be commulatively frightening to let a newsreader program, who's owner may not be present, pull your RSS file every 5 minutes 24 hours a day.. multiplied by potentially millions of readers.. but stop and do the math. If I requested a 2 kilobyte RSS file EVERY SECOND... 60 times a minute.. from slashdot's servers, over the course of a day and 86400 requests I would have pulled down a whopping 178 megabytes. Granted, most people with files that large feel more comfortable bit-torrenting them, but slashdot's firewalls would have denied a huge percentage of my requests mistaking them for DOS attacks, limiting server impact to a few megabytes per day. Newsreader software would have to support high resolution timers just to attempt more rigorous request schedules than that, which would be treated as DOS with greater degrees of confidence by firewalls and routers.
So, abuser's ISP should clearly be inconvenienced sooner than Slashdot would have to give up more bandwidth on a single abuser than Sourceforge does on someone downloading software.
There is simply no excuse for Slashdot's hackneyed RSS rationing approach. They are guaranteed to waste more CPU time doing the accounting to see how often a certain IP address requests an RSS feed than they would simply serving the feed, and they waste an equivalent amount of bandwidth feeding their self-important guilt-trip message in leui of RSS uopn every request, complete with a custom-tailored UID that you may use in correspondance with them about the incident, but not that you should bother for at least 72 hours, or until they feel more inclined to forgive your terrible transgressions.
monkeyinabox.net it's dot com.... just posted an article asking why all the retro interest in the 80's all of the sudden. So I figured I'd answer. :)
For a large percentage of the people who spend money at the moment (and thus convince vendors to pander to them) the 80's were an age of innocence. We're all a bunch of nostalgia freaks.
Also, the 80's were a very optimistic time. Not just because Reagan said they should be, but because all of the things you tout about in your article (video games, communications technology, computers, music videos) were only then beginning to blossom. We could watch cartoons that Tex Avery made in the 1940's promising a "home of tomorrow" that we felt we could live in by the time we grew up. Jim Henson, PBS and others did a since-then unprecidented job at actually trying to broadcast educational programming to the world without charging the world any money. Sesame street, electric company, 3-2-1 contact, bill nye, ghost writer, Mister Rogers, Cap'n Kangaroo, school house rock, nova, national geographic, the best that they can do nowadays is Barney, Teletubbies, and a few reruns of Arthur.
In the eastern hemisphere the 80's were a peak for television. Almost every britcom worth mentioning (ab fab, faulty towers, blackadder, are you being served, a fine romance, as time goes by, etc) were made in the eighties (the notable exception being Monty Python, which was a forerunner to the rest), and thats where anime got it's start as well (Gundam, Ranma ½, Kimagure Orange Road, Uresei Yatsura, Jubei Ninpucho, Bubblegum Crisis, Urotsokudoji)
Playgrounds were made out of metal, instead of interlocked plastic bubbles. The playground at Powell Butte elementary school had 2 slides, each of which were upwards of 10 feet tall. One 8x12x12 jungle gym (where I spent 60% of my recesses), one 12' wide jungle-gym-styled merry-go-round which saw 30 rpms from time to time, and a 20 (twenty!) foot tall swing set, with four swings. And four acres of tree lined field in full view of the recess monitor, which meant you could run to the other end of it (a quarter mile away) and not be in trouble.
Nobody got their hands mangled by posessed merry go rounds, or impaled themselves or got tetnis or any non-trivial burns on any of the scary peices of metal. Our playgrounds failed to live past the 80's thanks to FUD caused by ridiculously rare playground accidents.
That brings me to another severe failure since the 80's. In the 80's people believed that getting things done involved doing them. Now getting things done involves exploiting whatever is handy. If someone offended you, you used to give them a good punch in the nose. Now you sue them for defamation of character. If you were getting sued in the 80's, you made your case and the truth would set you free. Now you have to bury your opponent in paperwork before he does the same to you.
Video games had severe technical limitations, which meant that game designers were forced to use their imaginations to make games fun to play. Now there are so many options when making a game that game designers only focus on eye candy, largely to the detriment of overall game quality. I don't have an Xbox or a PS2, and I'll never feel compelled to play their games. (I'll get an Xbox cuz I need a media center though, of course)
Music was simply better. It is not a matter of taste. Zero people will tell you that the course of their lives were changed when they heard "hit me baby one more time" or "why can't I breathe" or "every day is a winding road". I think I've become fond of only a couple of dozen songs that were released since the end of the millenium.
Movies have not gone downhill since the eighties, at least not in most aspects. The ability to make seamless special effects has improved by ten fold every year (or the cost to do it has reduced tenfold, whichever) so now there are stories that just couldn't be effectively told in the eighties.. but movies have gotten unforgivably more expensive in spite of falling production costs, so that now movie tickets cost nearly as much as DVD's. That and since 2000, something like 60% of films are either sequels or remakes. This doesn't say the films are "bad", but it does say that the producers are frightened to try out new material.
The 80's had some very bad movies of course, such as anything that relied heavily enough on puppets, but it had some movies that simply haven't been equalled since: Terminator 1, Die Hard 1-3, The Goonies, The Last Starfighter, The Explorers, The Princess Bride, Tron, Short Circuit I+II, Certain nightmares on elm street, Certain hellraisers, Ghostbusters I+II, Certain Terry Gilliam flicks, Beetleguise, The Neverending Story, etc.
I think that aside from us nostalgics, our culture is heavily reflecting on the eighties now to meditate on the creativity we have since then lost. In order to make something new, we have to really examine this old stuff.. because it came from an era when new stuff was made freely, and we want to do that again.