First, lets acknowledge that there are at least two kinds of online games, those that require mouse precision and those that don't. Quake and all other 3D shooters require precision, Starcraft, Ultima online, and others do not.
For non-precision games, its pretty clear how to keep them from cheating, as their cheats are all about information. Don't send them anything you don't want them to know, and don't depend on any of their calculations.
For the precision games, I think the key is to stay ahead of the encryption curve. If you can generate keys (and patch them in) faster than the l33t h4x0rs can crack them, then you're secure. Fall behind just once, and you have problems. Its a heck of a problem to send a key to a cracked client without the cracker getting it.
You just have to make the right decisions on what you're sending that client. To quote Designer Dragon (original lead designer of Ultima Online): "Never put anything in the client. The client is in the hands of the enemy."
Zipwow's first corollary to that: "Never send anything to the client that you don't want them to know."
Why is the server sending the mob's hp and level to the client? If you're willing to spend the processes for it, you could also not send mob information about mobs that aren't currently visible to the client.
Its a harder job, but its possible, and it keeps you honest.
Sure, you could do what you've described, but is it really practical? If you're going to create a distributed database of illegally copywrighted works in the range of terabytes of data, would you want to provide the raw CD information, or just the damn mp3s themselves?
Additionally, this sort of 'service' would be clearly illegal, and anyone involved in it would be both detectable and prosecutable.
That's assuming they live where there's laws, but if they live in China they probably just have a big database of mp3s ANYWAY, which is really the easiest route.
This is akin to saying "The banks in the world are insecure because the vault could be broken into by freezing the lock and applying 40 tonnes of pressure" when you can just point a gun at the teller and ask nicely.
How do you figure this is client-side security? MP3.com owns a copy of all the disks, they could change the data they ask from from the CD periodically. Your 'spoof database' of information that mp3.com asks for would only be good for a week or two.
I suppose that's good enough for you to set up your account and download the mp3s, but its likely that the spoof database is similar in size to just providing the pirated mp3s for download in the first place.
Its not like someone's going to set up an account that has EVERY disc mp3.com owns (yeah, they won't notice that) then publish the username on the net for thousands of people to use. Only one person can connect on a username at a time, so your account would be shut off pretty quickly if you tried that. Even if you had multiple accounts, you're going to be turned of pretty quickly, as well as investigated.
It seems to me that there are waaay easier ways to pirate music than hacking through mp3.com.
Zipwow
Re:A game as boring as EQ or AC
on
Anarchy Online
·
· Score: 1
Have you played these games? I play Ultima Online regularly. I've helped build a guild of players that has varied from 15 to 60 members, and lasted since early beta, almost 4 years ago! We've built a village complete with tower, gatehouse, smithy, tailor, training hut, etc.
Our village attracted ruffians (other players) who wanted to drive us out of our homes and force us through intimidation to sell to them. We trained ourselves and fought them off.
Recently, I've been building a casino there, hiring other people to deal, having events and publications, sending people out into the world to bring in new players. We've had to fend off attacks by two groups of murderers (neither on nights we were open, thankfully) as well as many thieves.
Still think the world can't be changed? Still think you can't build anything? I can't agree.
Zipwow aka Smythe, Cap & Dagger Casino Director (www.zipwow.net/CapNDagger) Vas Lor, The Nobility (www.thenobility.org)
Ahh, now I see your problem. Should it be called GPL is your real question. Okay, no. And I think that's addressed below, and will likely be amended soon.
Your original note had more of a 'scare tactic' voice with "do you trust this software" and "this proprietary software will take over the world" voice, which I don't think is appropriate in this case.
crush wrote: So, let me restate the question which you carefully avoided , and which is after all really the meat of my post, do you think that there is any difference between using a
"Open Source" CD Authenticator written to work with the hidden Windows API and a "GPL'ed" CD Authenticator written to work with a hidden proprietary library. ?
First, one point. What 'hidden Windows API' are you now comparing this to? The thing the Beam-It authenticator uses (the CD-ID) seems to be a well-defined part of the standard for creating audio CDs.
Until I understand that half of your question, I don't think I could provide an answer.
Do I think it should be open? Sure. Am I really that worried about it? Nope. Some kind of open 'authenticator' would be nice, but it doesn't seem to have as insiduous an effect as a proprietary player, in my opinion.
crush said: It seems to me that there is very little difference between the approach of releasing an "Open Source" player written to work with the hidden Windows API and releasing a "GPL'ed" player written to work with a hidden proprietary library.
Perhaps you should try out the software you're bashing before you criticize it. The GPL'ed piece of software is NOT the player, its the bit that authenticates your ownership of the CD to the webserver. The webserver sends the tracks of those CDs you're authenticated for in plain old MP3 streams, for which you can use anything you'd like. Zipwow
How many of us would have known that this was possible, if we didn't subscribe to Nature or some such other periodical? Fascinating stuff, I can't wait.
There was a linux port of this for a while, but I'm not sure what state its in now. I suspect it hasn't been maintained.
If your ORPG (Online Roleplaying Game) is designed as it should be, your communication protocols should all be open, and folks ought to be able to write their own client or maintain and OSS one. The authors still get their money because people still have to pay to connect to the server...
I spend enough time in this game, it would be nice if I could play it on a stable OS, or at least one that has something that will let me recover from anything silly the client does, unlike Win98 which just dies.
Sales tax isn't the only kind of taxes that exist. Property and income taxes are still quite in effect, and seem to make more sense in situations where its not clear where the purchase is actually made.
How do you plan to tax purchases made from United States companies by customers who live outside the US?
Or as a more difficult question, how do you tax purchases made via the internet to a server in Hong Kong for services rendered in guatemala by a company based in New York?
The internet makes sales taxes obsolete. If you want to tax a business that is doing business in your state, levy property and income taxes against them.
I keep my checking and savings with NetBank. They have up-to-the-minute transactions, so if I go to lunch, by the time I get back to my desk, I see the memo for the checkcard purchase.
One service I particularly like is the automatic bill payment. I schedule it to pay my rent on the 1st, and it pays my rent on the 1st. It doesn't mesh completely well with my every-other-friday paycheck, because I sometimes need to 'float' a little, but it does the trick in general, and worked very, very well when I was paid on the 1st and the 15th.
There's been problems from time to time, but what's kept me there is how they handled things. Once, my rent wasn't sent. At all. I called the bank, and they asked me for the phone number to my rental office, and they took everything from there. They paid my late fees and just took care of things.
In another incident, they had some glitches when they were upgrading, and my balance wasn't updating, and I ended up overdrawing my account (by like 400 dollars). Not a single service charge, not a single check returned. Made me a pretty solid customer.
Everything's free, there's interest paid with no minimum balance on the checking account, which turns out to be about a dollar a month for me, and they provide the checks for free as well. They have no branches anywhere, so if you need a money order or something, you'll have to go elsewhere, but that hasn't been a problem for me.
Since they don't have any branches, you'll end up paying ATM fees to whoever owns the ATM you use. Netbank won't charge you to use the ATM, of course. It hasn't been a big deal for me, I usually just get however much cash I'm allowing myself for that pay period and then I'm done with ATMs.
Deposits are done either by auto-deposit (like your paycheck) or by mail (they give you self-addressed stamped envelopes). No ATM deposits for some reason.
As far as their stocks go, they're not the cheapest on the block, ($25/trade) but they seem to be in the range. The money comes out of/in to your money market or checking account with NetBank.
Drop me an email (by spelling out the dot), and let me know if you're interested in getting a referral. Its not required, but it'd get me a nifty t-shirt and maybe $1000 bux.
The key phrase was "if there's an accident". Meaning (as you describe) the actual plant in your backyard isn't bad, but it breaking open or blowing up and distributing its insides all over your house and friends and nice little city will not be good for you.
'course, maybe you wouldn't need streetlights and such then? Heh.
Isn't this *exactly* the situation Java's supposed to be for? GNOME, KDE, NT, who cares?
Of course, if you're using the flashy uber-cool stuff, then you're going to have to get specific, but if you're just trying to *do* something, it seems like Java ought to be the answer.
Okay, so there's the little issue of an efficient Virtual Machine for linux. Details, details..
The concept behind VRML is exactly that of HTML. It's a markup language
It's not a markup language. The 'M' in VRML is 'Modeling'. Virtual Reality Modeling Laguage. What would it mark-up? It began as a standard way to describe objects in 3D and proceeded from there. Proceeded a lot, actually.
There are *some* facilities for doing things dynamically with VRML, but from what I saw, they were mainly hacks with javascript etc that look like they weren't really planned during the original design
This isn't the case either. VRML's design has the basic things that you need to get things done in 3d: interpolators, sensors for spherical, planar, and cylindrical mouse movement, collision sensors, proximity sensors, time sensors and more, nicely set up in an event-driven model. Many interactions don't even require any code. Map a plane sensor to a position interpolator and you can move things around by clicking and dragging.
Now while its true that VRML does not have its own programming language, it does provide a specific interface to code 'bits', the SCRIPT node. This is as designed, mostly because VRML existed before Java was really strong. Some people use javascript (yuck, but simple) some folks use Java, some use C++, but if your browser supported it (a big if) you could use perl or smalltalk or anything. Kind of nice, in my opinion.
Here's a fair example, you can't do anything dynamic that would require changes to the wrl file loaded in the browser
This just isn't true. Your code nodes (in whatever language) can add and remove things from the scene at will, resize them, move their individual points to morph them, etc.
I believe you must've looked at the early VRML, VRML 1.0. This is equivalent to looking at the first release of Java and saying, "oh, its all bollocks" and never looking again.
So why isn't VRML the next big thing? Well, there's several theories, Blaxxun's attacking the most widely held: no good browsers. Java's the de facto standard for scripting info in a VRML browser, and there are all kinds of interesting things you could do, but almost no browser completely supports the VRML97 specification AND the Java specification. There are VRML browsers written using Java3D, but they are largely incomplete, and a bit slow.
Some folks have also said that VRML is something of a solution in search of a problem. What would you do with VRML on the web? Yeah, there's lots of cool stuff, but very few of them pay well, and others (like online gaming) require fast, efficient browsers, and really don't benefit from the openness of the standard.
Edit the datastream to give you a shave, remove those bags from your eyes, comb your hair, draw on a shirt and tie. Think we can adapt the fortune generator to give you a daily tie?
PHP is fine for taping a read-only UI to a database, or doing little cleanups and 'we need this tomorrow' stuff. Its fast and familiar, being similar to perl.
However, I think that Java Servlets are really the way to go in large systems where code reusal and proper design methods are critical. You can really stick with MVC (Model View Controller), writing generalized stuff to model your data access, controller pieces (which are the servlets) to describe the flow of your application (select product, click ok on license, enter cc info), and then put all your layout specific stuff in the JSPs.
You'll reuse your core stuff all over the place (same as if you modulize your php stuff), and if you separate your content from your control, you can use the same servlet code calling different JSPs to provide your applications in different layouts and languages
And yeah, you can technically *do* all that with PHP3, there's nothing stopping you from separating it all out that way, but if you use Java/ Servlets/ JSPs the architecture really encourages you to do it properly. I haven't done any specific speed tests, but the servlets stuff is currently supporting quite a bit of activity (1000 folks a day) on an NT box of medium range (dual p350s). We haven't migrated to Java 1.2 yet, so hotspot isn't an option yet, but its another bonus. Soon as we convince the higher-ups, its off to UNIX...:) Zipwow
See, you 'allegedly' pour a bunch of money, 'hire' a bunch of famous programmers, and nobody does anything. Tell nobody anything, bake at 375 degrees of buzz, and sell it to someone else for a huge, huge number.
Now, take THAT even LARGER amount of cash, all the developers (who haven't been working anyway) and start ANOTHER company that does what you want to do in the first place, but couldn't afford and didn't want to share with the venture capitol folks, while laughing at the morons who bought the original worthless company on hype.
I only hope that I will not be assassinated for revealing the secret!
Slashdot Mirror
This is a new twist, all that negative mass may be created by the wormhole itself. This statement is important:
Krasnikov says, "What's new is that this wormhole actually generates enough to make it arbitrarily large."
So, perhaps only a little is required to get it started, then it will create more, up to some point which differs for different wormholes apparently.
Zipwow
First, lets acknowledge that there are at least two kinds of online games, those that require mouse precision and those that don't. Quake and all other 3D shooters require precision, Starcraft, Ultima online, and others do not.
For non-precision games, its pretty clear how to keep them from cheating, as their cheats are all about information. Don't send them anything you don't want them to know, and don't depend on any of their calculations.
For the precision games, I think the key is to stay ahead of the encryption curve. If you can generate keys (and patch them in) faster than the l33t h4x0rs can crack them, then you're secure. Fall behind just once, and you have problems. Its a heck of a problem to send a key to a cracked client without the cracker getting it.
Zipwow
You just have to make the right decisions on what you're sending that client. To quote Designer Dragon (original lead designer of Ultima Online): "Never put anything in the client. The client is in the hands of the enemy."
Zipwow's first corollary to that: "Never send anything to the client that you don't want them to know."
Why is the server sending the mob's hp and level to the client? If you're willing to spend the processes for it, you could also not send mob information about mobs that aren't currently visible to the client.
Its a harder job, but its possible, and it keeps you honest.
So, for all levels of LPI certification, it costs you about $600 bucks. Of course, only the first exam is currently available, and its a beta exam.
They work with Virtual University Enterprises to deliver their exams, so you can take them at over a thousand places worldwide.
Zipwow
(Disclaimer: I work for VUE)
Ever been bitten by a chicken? They HURT! This chicken has no teeth either, but he's hurting us all the same.
Zipwow
Sure, you could do what you've described, but is it really practical? If you're going to create a distributed database of illegally copywrighted works in the range of terabytes of data, would you want to provide the raw CD information, or just the damn mp3s themselves?
Additionally, this sort of 'service' would be clearly illegal, and anyone involved in it would be both detectable and prosecutable.
That's assuming they live where there's laws, but if they live in China they probably just have a big database of mp3s ANYWAY, which is really the easiest route.
This is akin to saying "The banks in the world are insecure because the vault could be broken into by freezing the lock and applying 40 tonnes of pressure" when you can just point a gun at the teller and ask nicely.
Zipwow
How do you figure this is client-side security? MP3.com owns a copy of all the disks, they could change the data they ask from from the CD periodically. Your 'spoof database' of information that mp3.com asks for would only be good for a week or two.
I suppose that's good enough for you to set up your account and download the mp3s, but its likely that the spoof database is similar in size to just providing the pirated mp3s for download in the first place.
Its not like someone's going to set up an account that has EVERY disc mp3.com owns (yeah, they won't notice that) then publish the username on the net for thousands of people to use. Only one person can connect on a username at a time, so your account would be shut off pretty quickly if you tried that. Even if you had multiple accounts, you're going to be turned of pretty quickly, as well as investigated.
It seems to me that there are waaay easier ways to pirate music than hacking through mp3.com.
Zipwow
Have you played these games? I play Ultima Online regularly. I've helped build a guild of players that has varied from 15 to 60 members, and lasted since early beta, almost 4 years ago! We've built a village complete with tower, gatehouse, smithy, tailor, training hut, etc.
Our village attracted ruffians (other players) who wanted to drive us out of our homes and force us through intimidation to sell to them. We trained ourselves and fought them off.
Recently, I've been building a casino there, hiring other people to deal, having events and publications, sending people out into the world to bring in new players. We've had to fend off attacks by two groups of murderers (neither on nights we were open, thankfully) as well as many thieves.
Still think the world can't be changed? Still think you can't build anything? I can't agree.
Zipwow
aka Smythe,
Cap & Dagger Casino Director (www.zipwow.net/CapNDagger)
Vas Lor, The Nobility
(www.thenobility.org)
Ahh, now I see your problem. Should it be called GPL is your real question. Okay, no. And I think that's addressed below, and will likely be amended soon.
Your original note had more of a 'scare tactic' voice with "do you trust this software" and "this proprietary software will take over the world" voice, which I don't think is appropriate in this case.
"Open Source" CD Authenticator written to work with the hidden Windows API and a "GPL'ed" CD Authenticator written to work with a hidden proprietary library. ?
First, one point. What 'hidden Windows API' are you now comparing this to? The thing the Beam-It authenticator uses (the CD-ID) seems to be a well-defined part of the standard for creating audio CDs.
Until I understand that half of your question, I don't think I could provide an answer.
Do I think it should be open? Sure. Am I really that worried about it? Nope. Some kind of open 'authenticator' would be nice, but it doesn't seem to have as insiduous an effect as a proprietary player, in my opinion.
It seems to me that there is very little difference between the approach of releasing an "Open Source" player written to work with the hidden Windows API and releasing a "GPL'ed" player written to work with a hidden proprietary library.
Perhaps you should try out the software you're bashing before you criticize it. The GPL'ed piece of software is NOT the player, its the bit that authenticates your ownership of the CD to the webserver. The webserver sends the tracks of those CDs you're authenticated for in plain old MP3 streams, for which you can use anything you'd like. Zipwow
How many of us would have known that this was possible, if we didn't subscribe to Nature or some such other periodical? Fascinating stuff, I can't wait.
Zipwow
There was a linux port of this for a while, but I'm not sure what state its in now. I suspect it hasn't been maintained.
If your ORPG (Online Roleplaying Game) is designed as it should be, your communication protocols should all be open, and folks ought to be able to write their own client or maintain and OSS one.
The authors still get their money because people still have to pay to connect to the server...
I spend enough time in this game, it would be nice if I could play it on a stable OS, or at least one that has something that will let me recover from anything silly the client does, unlike Win98 which just dies.
Zipwow
Sales tax isn't the only kind of taxes that exist. Property and income taxes are still quite in effect, and seem to make more sense in situations where its not clear where the purchase is actually made.
How do you plan to tax purchases made from United States companies by customers who live outside the US?
Or as a more difficult question, how do you tax purchases made via the internet to a server in Hong Kong for services rendered in guatemala by a company based in New York?
The internet makes sales taxes obsolete. If you want to tax a business that is doing business in your state, levy property and income taxes against them.
Zipwow
One service I particularly like is the automatic bill payment. I schedule it to pay my rent on the 1st, and it pays my rent on the 1st. It doesn't mesh completely well with my every-other-friday paycheck, because I sometimes need to 'float' a little, but it does the trick in general, and worked very, very well when I was paid on the 1st and the 15th.
There's been problems from time to time, but what's kept me there is how they handled things. Once, my rent wasn't sent. At all. I called the bank, and they asked me for the phone number to my rental office, and they took everything from there. They paid my late fees and just took care of things.
In another incident, they had some glitches when they were upgrading, and my balance wasn't updating, and I ended up overdrawing my account (by like 400 dollars). Not a single service charge, not a single check returned. Made me a pretty solid customer.
Everything's free, there's interest paid with no minimum balance on the checking account, which turns out to be about a dollar a month for me, and they provide the checks for free as well. They have no branches anywhere, so if you need a money order or something, you'll have to go elsewhere, but that hasn't been a problem for me.
Since they don't have any branches, you'll end up paying ATM fees to whoever owns the ATM you use. Netbank won't charge you to use the ATM, of course. It hasn't been a big deal for me, I usually just get however much cash I'm allowing myself for that pay period and then I'm done with ATMs.
Deposits are done either by auto-deposit (like your paycheck) or by mail (they give you self-addressed stamped envelopes). No ATM deposits for some reason.
As far as their stocks go, they're not the cheapest on the block, ($25/trade) but they seem to be in the range. The money comes out of/in to your money market or checking account with NetBank.
Drop me an email (by spelling out the dot), and let me know if you're interested in getting a referral. Its not required, but it'd get me a nifty t-shirt and maybe $1000 bux.
Zipwow
The key phrase was "if there's an accident". Meaning (as you describe) the actual plant in your backyard isn't bad, but it breaking open or blowing up and distributing its insides all over your house and friends and nice little city will not be good for you.
'course, maybe you wouldn't need streetlights and such then? Heh.
Zipwow
http://www.gn.apc.org/pmhp/ehippies/
Why do theatres continue to use this very strange format? Surely there must be a cheaper, more reliable digital solution.
The United States (and other industrialized nations) has a smaller population than man places, but its impact on the environment is much greater.
We 'industrialized' types use energy, burn fossil fuels, generate trash, and pollute the environment much more than our 'quota'.
Less people but nearly all industrialized will not solve our problems unless we change the way we treat the environment and use our energy.
Zipwow
"They said they need it today!"
"Bah, that's what they said yesterday."
Isn't this *exactly* the situation Java's supposed to be for? GNOME, KDE, NT, who cares?
Of course, if you're using the flashy uber-cool stuff, then you're going to have to get specific, but if you're just trying to *do* something, it seems like Java ought to be the answer.
Okay, so there's the little issue of an efficient Virtual Machine for linux. Details, details..
Zipwow
The concept behind VRML is exactly that of HTML. It's a markup language
It's not a markup language. The 'M' in VRML is 'Modeling'. Virtual Reality Modeling Laguage. What would it mark-up? It began as a standard way to describe objects in 3D and proceeded from there. Proceeded a lot, actually.
There are *some* facilities for doing things dynamically with VRML, but from what I saw, they were mainly hacks with javascript etc that look like they weren't really planned during the original design
This isn't the case either. VRML's design has the basic things that you need to get things done in 3d: interpolators, sensors for spherical, planar, and cylindrical mouse movement, collision sensors, proximity sensors, time sensors and more, nicely set up in an event-driven model. Many interactions don't even require any code. Map a plane sensor to a position interpolator and you can move things around by clicking and dragging.
Now while its true that VRML does not have its own programming language, it does provide a specific interface to code 'bits', the SCRIPT node. This is as designed, mostly because VRML existed before Java was really strong. Some people use javascript (yuck, but simple) some folks use Java, some use C++, but if your browser supported it (a big if) you could use perl or smalltalk or anything. Kind of nice, in my opinion.
Here's a fair example, you can't do anything dynamic that would require changes to the wrl file loaded in the browser
This just isn't true. Your code nodes (in whatever language) can add and remove things from the scene at will, resize them, move their individual points to morph them, etc.
I believe you must've looked at the early VRML, VRML 1.0. This is equivalent to looking at the first release of Java and saying, "oh, its all bollocks" and never looking again.
So why isn't VRML the next big thing? Well, there's several theories, Blaxxun's attacking the most widely held: no good browsers. Java's the de facto standard for scripting info in a VRML browser, and there are all kinds of interesting things you could do, but almost no browser completely supports the VRML97 specification AND the Java specification. There are VRML browsers written using Java3D, but they are largely incomplete, and a bit slow.
Some folks have also said that VRML is something of a solution in search of a problem. What would you do with VRML on the web? Yeah, there's lots of cool stuff, but very few of them pay well, and others (like online gaming) require fast, efficient browsers, and really don't benefit from the openness of the standard.
Zipwow
Edit the datastream to give you a shave, remove those bags from your eyes, comb your hair, draw on a shirt and tie. Think we can adapt the fortune generator to give you a daily tie?
Zipwow
However, I think that Java Servlets are really the way to go in large systems where code reusal and proper design methods are critical. You can really stick with MVC (Model View Controller), writing generalized stuff to model your data access, controller pieces (which are the servlets) to describe the flow of your application (select product, click ok on license, enter cc info), and then put all your layout specific stuff in the JSPs.
You'll reuse your core stuff all over the place (same as if you modulize your php stuff), and if you separate your content from your control, you can use the same servlet code calling different JSPs to provide your applications in different layouts and languages
And yeah, you can technically *do* all that with PHP3, there's nothing stopping you from separating it all out that way, but if you use Java/ Servlets/ JSPs the architecture really encourages you to do it properly. I haven't done any specific speed tests, but the servlets stuff is currently supporting quite a bit of activity (1000 folks a day) on an NT box of medium range (dual p350s). We haven't migrated to Java 1.2 yet, so hotspot isn't an option yet, but its another bonus. Soon as we convince the higher-ups, its off to UNIX... :) Zipwow
Nothing! And doesn't plan to!
See, you 'allegedly' pour a bunch of money, 'hire' a bunch of famous programmers, and nobody does anything. Tell nobody anything, bake at 375 degrees of buzz, and sell it to someone else for a huge, huge number.
Now, take THAT even LARGER amount of cash, all the developers (who haven't been working anyway) and start ANOTHER company that does what you want to do in the first place, but couldn't afford and didn't want to share with the venture capitol folks, while laughing at the morons who bought the original worthless company on hype.
I only hope that I will not be assassinated for revealing the secret!
Zipwow
(this would be sarcasm)