I just can't understand why someone running what is apparently a popular site would ever keep logs for more than a very short amount of time?
Because you're obsessive and love rolling around in your logs, generating completely unnecessary graphs of unique ips over time and having your mood swing up and down with the slope of the line. Your need to have all of the data so you can get new ideas on how to plot and analyze your hits since you put the server online blinds you to other issues.
Ummmmm, 'cuz I have a... ah... friend who does that. Yeah. A friend. Definately not me.
BREW doesn't support threading, globals, or even static variables.
I'll suggest that the man responsible for programming the Wolfenstein 3d engine (for the distinctly non-threaded DOS on a weirdly crippled 80286) will find those limitations survivable.
You clearly don't work in the field yet. Trust me, no employer will complain if you log some extra hours because you're in Deep Hack Mode. The problem is that you'll be asked to be working 12 hours days when you're not. You know those days when you really don't feel productive, so you do something else? For example, maybe sleeping for 16 hours after doing two up-all-night coding binges. Well, no break for you; you're expected to put in another 12 hour day and be productive. Repeat, night after night, week after week (weekends included). In extreme cases (all too common in the game industry), month after month. Eventually you're going to hit the point where you need a break. But your boss in more interested in having an ass in that chair than in real productivity. You'll be checking stupid mistakes into the code, you'll be oblivious to minor bugs. Eventually you'll get to a point where each hour of work you do actually sets the project further back instead of advancing it.
Death marches (as they're affectionately known) aren't "I'm in the groove and can't possibly stop" all night coding binges. They suck the life out of you. You're typically fighting lots of bullshit (the same BS that got you behind schedule in the first place) and your morale is drained because you're never, ever on time. You're asked to the impossible; not a "I'll just work really, really hard" impossible, but "even if I never take breaks to eat, sleep, or use the restroom I'll never make that dealine" impossible. This isn't cool and the sign of a vibrant programming population. Death marches are typically the the sign of large, beaurocratic, grossly mismanaged companies with terribly managers, a complete lack of plans, and no real hope of accomplishing anything.
It's timely. It's of interest to a wide variety of people. How is this not news?
Sure, it might be illegal and immoral, but it's still news. Indeed, in the criminal world information like "the FBI is preparing a massive sting next Tuesday" would very newsworthy.
This isn't to defend this particular case; the evidence does seem to suggest that the "journalistic shield" doesn't apply. However, it's still news.
OK, so what you're saying is that in order for XP to be vulnerable, it must be directly connected to the Internet, the user must specifically have disabled the firewall, and no intermediate firewall must be present.
Although it's a good idea to have an intermediate firewall to catch obviously bogus packets, that's not an excuse for Microsoft to be sloppy.
As for disabling the firewall, while that's probably a bad idea for Joe Home User, what if I want to run my web site off of a Window XP box? Presumably I'm going to have open up a hole to port 80 so people can connect to it. That open port becomes a target for this attack. Firewalls aren't magic pixie dust that just makes everyone bad go away while leaving everything good alone.
(It's possible the firewall has specific code to block this type of bogus packet even on open ports, but that isn't clear. Even if it does it's a bloody stupid.)
To suggest that it's not serious since everyone should just use a firewall is to suggest that Windows XP is not suitable for running network services. While I'm prone to agree, it's hardly a rousing defense of the operating system.
Wow, what a great use of Flash! Without Flash, how could someone display static text and static images at the same time! And by automatically advancing them I was able to enjoy reading at the rate the author decided instead of my own reading speed which might be faster or slower. Also, if without Flash how would we have heard that amazing MIDI tune, highlighting the capabilities of the "Demo Mode" button on a 1990 Casio keyboard. Truly we are in the World of Tomorrow with such amazing capabilities.
Being a journalist is not just starting a web site and pronouncing yourself as one...
Ignoring this particular case (Apple may have a legit case based on NDA violations, so this wouldn't be a First Amendment issue at all), I find your point of view frightening. Why can't I simply declare myself a journalist? If I can't just declare myself one, who exactly is going to credential me? Any system that marks people as Real Journalists will be a real threat to the First Amendment, an organization able to stifle a free press.
For much of the early history of the our country (including when the First Amendment was being drafted) if you could afford a printing press you were a publisher. Anyone who stories for you was a journalist. There was no test, no organization. Ownership of a press was all it amounted to. But now we need to be protected?
Ultimately Matt Drudge is a talentless hack and scandelmonger, but he's as valid a journalist as the next guy. I'm willing to accept that in exchange for our vibrant free press.
As it is, I'm pretty close to mapping slashdot.org to 127.0.0.1 in my hosts file and staying away for a while.
Close only counts in horseshoes and hand grenades. Taco's right, constantly complaining about dupes is dumb. Dupes have been part of Slashdot for a long, long time. If you're repeatedly complaining you're a fool. After all, you keep coming back, so clearly it isn't bad enough and Taco has no incentive to change anything. Spending the additional time to reduce the number of dupes has no significant benefit to him or Slashdot.
One suggestion is fine; a steady stream of suggestions from different people might change his mind. Deciding you can't stand dupes and not returning is another reasonable option. Complaining repeatedly is just silly. Your post says you can't stand it, but your repeated visits say you can't stand to leave.
Can someone please explain to me what the point of forcing users to change their passwords every 90 days is?
The theoretical advantage is two fold. First, it reduces the window of opportunity. If someone somehow gets your password (keylogging, shoulder surfing, gets you liquored up, whatever) the damage is limited to the period until the next password change. Second, if someone is programmatically attacking your password (say, with a password cracker) they'll need to start over ever 90 days. If it typically takes (say) 900 days to crack a password they're much less likely to successfully get a password.
Of course, all that's strictly theoretical. Once someone has broken into your account you need to assume that they'll leave a backdoor; simply changing your password may not be enough. (This, of course, will depend on the system in question.) And as you note, the attacker still has on average 45 days to Do Bad Things. So not much of a win there.
If you're using strong password (you mention using random strings) then the time to brute force your password should be measured in years or decades. Making you change it frequently encourages you to pick more simple passwords, actually reducing security.
Ideally everyone would have nice, long, random passwords. But Joe Random User isn't going to do that. The real, pratical, answer is smart card with a simple PIN. While they have their own flaws your average person will understand it better. "This ID card is a key, protect it like you'd protect your house key."
Somehow I don't see a library trying to use a legal loophole on their end so patrons can illegaly copy games...
No more so than libraries using a loophole so patrons can illegally copy CDs and VHS tapes (both of which are widely available in libraries). In fact, given a typical 30-day loan period many people will finish the game in the period and have reduced incentive to keep a copy, unlike a music CD which you may wish to keep and listen to forever.
However, with video games, i see no reason to expect that games bought today will be used much even 5 years from now. Any consol games surely will be horribly out of date and few people will even own the consols anymore.
Not necessarily. Indeed, the author's director asked this same question, leading the author to focus on the PS2. The PlayStation 1 is just about 10 years old now and its games easily played on widely available hardware (the PS2 or the budge PSone). By all reports the PS3 will emulate the PS2 and possibly the PS1. So if you're careful about what you pick a 15 year lifespan is reasonable. That's a pretty good run (if not a great one).
Indeed, by your logic DVDs are a bad investment; HD-DVDs are on the horizon and there is a reasonable chance that within 15 years that DVD will as dead as VHS is now.
Yeah, you ARE aware that, since Fry's is private property, they CAN ask to see your receipt, right?
For some reason visitors to my home get all pissy when I ask them to submit to a strip search. I have no idea what their complaint it. After all, it's my private property.
If you can't understand that you have my sympathy for the death of your spirit of adventure. Pushing technology to do completely inappropriate things is part of what makes a hacker a hacker.
Indeed, on the matter of "real" certs, you can't get much more real than VeriSign. And VeriSign is apparently willing to issue "microsoft.com" certificates to strangers and issue certificates that claim to be owned by PRESS YES TO CONTINUE. If that's the sort of security we get from the "real" CAs, I'm not terribly impressed.
Strictly speaking, these free SSL certs are real. They're just relatively unrecognized. What GoDaddy provides isn't "more real", it's "more widely trusted." If you chose to trust StartCom by importing their CA cert then their certs will be practically identical to GoDaddy's. The question is: do you want to trust StartCom in this way? In theory you should decide which CAs to trust based on how much validation they do of their users. It's not a "real vs not-real" test, it's a gradiant. Some CAs do extensive checks. Some do middlin' checks. StartCom does basically nothing. Of course, in practice each browser manufacturer sets its own rules and automatically trusts CAs that pass those rules.
Plus, they give a rating from 0-100 which is much more useful than the 1-5 Google is using.
Totally. Titanic gets 3.8 stars? That could be anywhere from 68 to 72! How can I make educated decisions that way? I'll totally go see a movie rated 71, but 70? I think not. I do have minimum standards! With Google Movies I won't be able to tell if this movie is good enough for!
When I get my computer generated movie review scores averaged from a wide variety of people with different scoring systems and techniques I want as many digits of meaningless precision as possible!
I see a lot of people whining that the review took too long. Really, what's the freakin' rush? Slashdot could join the "Must Publish First" race other sites do, but frankly, the other sites have years of experience at it. The game is still on store shelves, lots of people haven't purchased it. Games aren't like movies, if you wait a year it will still be available and just as good (or bad). The bargin hunters are still waiting for used copies to show up in resale shops or discounts in a year or two. I'm a reasonably serious gamer (buying a dozen or so games a year, beating most of them), and I don't find a few month lag to be a problem.
If you want your reviews moments after official release, try other review sites, you already know where they are. For those of us who often wait to purchase games we're happy to get good reviews whenever we can.
...it's a advertisement for the XFPS.
If this is an advertisement, Slashdot needs further work. When most gaming sites suck up to an advertiser, they say things like "10/10!!!!1!!1one! Perfect in every possible way!" They don't tend to say things like "6/10" (pretty mediocre by most standards) and "...the up close and personal fighting style required in console FPS games don't allow an XFPS user to move with enough agility to be a skilled player."
I was using GTA to train in murder (just like the lawyer suggested). When I was trained well enough I turned off my PS2 and headed outside to cap some prostitutes. That's where I ran into problems. No matter how hard I pressed L1 I couldn't get a lock-on. Also, tried a bunch of cheat codes and at no point did a car fall from the sky next to me. Maybe I have a buggy version of reality? If I return it for replacement, will my old saves work with a newer version of reality?
Games Workshop doesn't care about the hobby
on
NYT on Warhammer
·
· Score: 3, Insightful
I played Warhammer for several years and a number of their other games (Dungeon Quest, Warhammer Quest, Talisman (multiple editions), Space Hulk) for even longer. Like any company Games Workshop (GW) is a bit of mixed bag, but it was the attitude that irritated me the most.
I think GW's attitude is best summarized by how their in-house magazine (White Dwarf) describes the hobby. It's not the "wargaming hobby" or perhaps the "gaming hobby". No, it's "the Games Workshop hobby". Feh. Tabletop gaming is a small market. Wargaming (which is most of what GW does these days) is a subset of that. The hobby as a whole has had a rough decade. What the hobby needs is unity, to grow the hobby as a whole, to not be selfish pricks about it. Sure, I wouldn't expect GW to advertise for other products, but to try and control the language to deny the broader hobby is wrong.
Beyond that, it's a series of minor missteps that irritated me. Sure, release new editions of your games every few years. Release new models to go with them. But to declare that models from previous editions are not allowed in tournaments is bogus. Demanding that the models be genuine Citadel miniatures (Citadel being Games Workshop) is awfully selfish. Building a miniature army is expensive. Expecting customers to exclusively use your product and to buy (and paint!) an entire new army every few years is the wrong attitude. This is the sort of thing that turns many people off to wargaming as a whole.
Every MMO has CD keys that are forever associated with a given account.
Not true. Those that don't bother with selling you an initial product certainly don't. There are a number of smaller MMO's (like Puzzle Pirates) for which this is true. However, this isn't a "it's just the small and irrelevant MMOs" case, it's also true for the world's largest MMO.
How do you expect them to actually release a CD key? The way these games work is you can come back to it later and renew your account if you wish. How can they renew their account if the key has been released for reuse?
If you sell your CD copy (and associated key) you lose the ability to renew your account later. That's life. If you want to keep your account for later you shouldn't sell your copy. Their EULA suggests that the game can be resold; if someone cannot reasonably do that then they have a problem. If Blizzard isn't going to keep their side of the deal, why should the player keep his?
Frankly, this entire mess is the result of the stupid "You must buy a copy to play" logic. Lineage managed to become the world's larged MMO without that policy. Assuming the developers want to continue charging a set up fee (Which is what buying the box amounts to), just be honest about it. If someone gets a copy without paying for it at retail, charge a one-time setup fee (at a discount, since you didn't have to pay to duplicate the disc, box it up, or get it onto store shelves). Then be sure to label your boxed products "Covers one time setup fee, fee cannot be transferred or sold."
Re:Shouldn't Apple put something like this out?
on
MythTV 0.17 Released
·
· Score: 1
mythTV is NOWHERE near ready for primetime. It is still a bitch to install and update.
Indeed (and I say this with my own MythTV box sitting on the floor next to my television, having just gotten basic recording working last week). However, I think the poster was suggesting that Apple either take MythTV and polish it, or create something similar. Obviously Apple wouldn't just take it and ship it unchanged; at the very least it needs to be more "Mac-like." Indeed, Apple has shown themselves to be quite capable of taking existing open source world and putting a polish on it. Examples include Apple's rootless X-server (derived from XFree86), the distributed XCode compiles (derived from distcc, I believe). They ship gcc, vim, and a pile of other OS tools. I would certainly find an Apple refined MythTV (iTV, I guess), a compelling option.
Fun is harder than a list of 4 things. In part, because fun is different for different people.
Take, for example, The Sims. Wildly successful, my addicted friends insist it's fun. Debatably it has "#1) Storyline", but only player generated. The Sims is
almost completly lacking in "#2) Hand-eye coordination." You'll get more HEC work browsing the web. "#3) Tactics"? Minimal.
Another example, one of the best selling computer games ever, Myth. Lots of tasty Storyline, yes. Basically zilch HEC and Tactics. Debatable tactics. Bestseller and very fun.
You claim SW:KOTOR is almost nothing but storyline, yet it's critically acclaimed and very popular.
These are some interesting axis to consider a game on, but far from the only ones.
Slashdot Mirror
Because you're obsessive and love rolling around in your logs, generating completely unnecessary graphs of unique ips over time and having your mood swing up and down with the slope of the line. Your need to have all of the data so you can get new ideas on how to plot and analyze your hits since you put the server online blinds you to other issues.
Ummmmm, 'cuz I have a... ah... friend who does that. Yeah. A friend. Definately not me.
I'll suggest that the man responsible for programming the Wolfenstein 3d engine (for the distinctly non-threaded DOS on a weirdly crippled 80286) will find those limitations survivable.
Death marches (as they're affectionately known) aren't "I'm in the groove and can't possibly stop" all night coding binges. They suck the life out of you. You're typically fighting lots of bullshit (the same BS that got you behind schedule in the first place) and your morale is drained because you're never, ever on time. You're asked to the impossible; not a "I'll just work really, really hard" impossible, but "even if I never take breaks to eat, sleep, or use the restroom I'll never make that dealine" impossible. This isn't cool and the sign of a vibrant programming population. Death marches are typically the the sign of large, beaurocratic, grossly mismanaged companies with terribly managers, a complete lack of plans, and no real hope of accomplishing anything.
It's timely. It's of interest to a wide variety of people. How is this not news?
Sure, it might be illegal and immoral, but it's still news. Indeed, in the criminal world information like "the FBI is preparing a massive sting next Tuesday" would very newsworthy.
This isn't to defend this particular case; the evidence does seem to suggest that the "journalistic shield" doesn't apply. However, it's still news.
Although it's a good idea to have an intermediate firewall to catch obviously bogus packets, that's not an excuse for Microsoft to be sloppy.
As for disabling the firewall, while that's probably a bad idea for Joe Home User, what if I want to run my web site off of a Window XP box? Presumably I'm going to have open up a hole to port 80 so people can connect to it. That open port becomes a target for this attack. Firewalls aren't magic pixie dust that just makes everyone bad go away while leaving everything good alone.
(It's possible the firewall has specific code to block this type of bogus packet even on open ports, but that isn't clear. Even if it does it's a bloody stupid.)
To suggest that it's not serious since everyone should just use a firewall is to suggest that Windows XP is not suitable for running network services. While I'm prone to agree, it's hardly a rousing defense of the operating system.
Wow, what a great use of Flash! Without Flash, how could someone display static text and static images at the same time! And by automatically advancing them I was able to enjoy reading at the rate the author decided instead of my own reading speed which might be faster or slower. Also, if without Flash how would we have heard that amazing MIDI tune, highlighting the capabilities of the "Demo Mode" button on a 1990 Casio keyboard. Truly we are in the World of Tomorrow with such amazing capabilities.
Just a reminder, the case is much more complex than typically summarized. It's a terrible example of "lawsuits gone wild."
Ignoring this particular case (Apple may have a legit case based on NDA violations, so this wouldn't be a First Amendment issue at all), I find your point of view frightening. Why can't I simply declare myself a journalist? If I can't just declare myself one, who exactly is going to credential me? Any system that marks people as Real Journalists will be a real threat to the First Amendment, an organization able to stifle a free press.
For much of the early history of the our country (including when the First Amendment was being drafted) if you could afford a printing press you were a publisher. Anyone who stories for you was a journalist. There was no test, no organization. Ownership of a press was all it amounted to. But now we need to be protected?
Ultimately Matt Drudge is a talentless hack and scandelmonger, but he's as valid a journalist as the next guy. I'm willing to accept that in exchange for our vibrant free press.
Close only counts in horseshoes and hand grenades. Taco's right, constantly complaining about dupes is dumb. Dupes have been part of Slashdot for a long, long time. If you're repeatedly complaining you're a fool. After all, you keep coming back, so clearly it isn't bad enough and Taco has no incentive to change anything. Spending the additional time to reduce the number of dupes has no significant benefit to him or Slashdot.
One suggestion is fine; a steady stream of suggestions from different people might change his mind. Deciding you can't stand dupes and not returning is another reasonable option. Complaining repeatedly is just silly. Your post says you can't stand it, but your repeated visits say you can't stand to leave.
The theoretical advantage is two fold. First, it reduces the window of opportunity. If someone somehow gets your password (keylogging, shoulder surfing, gets you liquored up, whatever) the damage is limited to the period until the next password change. Second, if someone is programmatically attacking your password (say, with a password cracker) they'll need to start over ever 90 days. If it typically takes (say) 900 days to crack a password they're much less likely to successfully get a password.
Of course, all that's strictly theoretical. Once someone has broken into your account you need to assume that they'll leave a backdoor; simply changing your password may not be enough. (This, of course, will depend on the system in question.) And as you note, the attacker still has on average 45 days to Do Bad Things. So not much of a win there. If you're using strong password (you mention using random strings) then the time to brute force your password should be measured in years or decades. Making you change it frequently encourages you to pick more simple passwords, actually reducing security.
Ideally everyone would have nice, long, random passwords. But Joe Random User isn't going to do that. The real, pratical, answer is smart card with a simple PIN. While they have their own flaws your average person will understand it better. "This ID card is a key, protect it like you'd protect your house key."
No more so than libraries using a loophole so patrons can illegally copy CDs and VHS tapes (both of which are widely available in libraries). In fact, given a typical 30-day loan period many people will finish the game in the period and have reduced incentive to keep a copy, unlike a music CD which you may wish to keep and listen to forever.
Indeed, by your logic DVDs are a bad investment; HD-DVDs are on the horizon and there is a reasonable chance that within 15 years that DVD will as dead as VHS is now.
For some reason visitors to my home get all pissy when I ask them to submit to a strip search. I have no idea what their complaint it. After all, it's my private property.
Why?
Are you mad?
Because it's there.
If you can't understand that you have my sympathy for the death of your spirit of adventure. Pushing technology to do completely inappropriate things is part of what makes a hacker a hacker.
Indeed, on the matter of "real" certs, you can't get much more real than VeriSign. And VeriSign is apparently willing to issue "microsoft.com" certificates to strangers and issue certificates that claim to be owned by PRESS YES TO CONTINUE. If that's the sort of security we get from the "real" CAs, I'm not terribly impressed.
Strictly speaking, these free SSL certs are real. They're just relatively unrecognized. What GoDaddy provides isn't "more real", it's "more widely trusted." If you chose to trust StartCom by importing their CA cert then their certs will be practically identical to GoDaddy's. The question is: do you want to trust StartCom in this way? In theory you should decide which CAs to trust based on how much validation they do of their users. It's not a "real vs not-real" test, it's a gradiant. Some CAs do extensive checks. Some do middlin' checks. StartCom does basically nothing. Of course, in practice each browser manufacturer sets its own rules and automatically trusts CAs that pass those rules.
Totally. Titanic gets 3.8 stars? That could be anywhere from 68 to 72! How can I make educated decisions that way? I'll totally go see a movie rated 71, but 70? I think not. I do have minimum standards! With Google Movies I won't be able to tell if this movie is good enough for!
When I get my computer generated movie review scores averaged from a wide variety of people with different scoring systems and techniques I want as many digits of meaningless precision as possible!
If you want your reviews moments after official release, try other review sites, you already know where they are. For those of us who often wait to purchase games we're happy to get good reviews whenever we can.
...it's a advertisement for the XFPS. If this is an advertisement, Slashdot needs further work. When most gaming sites suck up to an advertiser, they say things like "10/10!!!!1!!1one! Perfect in every possible way!" They don't tend to say things like "6/10" (pretty mediocre by most standards) and "...the up close and personal fighting style required in console FPS games don't allow an XFPS user to move with enough agility to be a skilled player."
I was using GTA to train in murder (just like the lawyer suggested). When I was trained well enough I turned off my PS2 and headed outside to cap some prostitutes. That's where I ran into problems. No matter how hard I pressed L1 I couldn't get a lock-on. Also, tried a bunch of cheat codes and at no point did a car fall from the sky next to me. Maybe I have a buggy version of reality? If I return it for replacement, will my old saves work with a newer version of reality?
I played Warhammer for several years and a number of their other games (Dungeon Quest, Warhammer Quest, Talisman (multiple editions), Space Hulk) for even longer. Like any company Games Workshop (GW) is a bit of mixed bag, but it was the attitude that irritated me the most.
I think GW's attitude is best summarized by how their in-house magazine (White Dwarf) describes the hobby. It's not the "wargaming hobby" or perhaps the "gaming hobby". No, it's "the Games Workshop hobby". Feh. Tabletop gaming is a small market. Wargaming (which is most of what GW does these days) is a subset of that. The hobby as a whole has had a rough decade. What the hobby needs is unity, to grow the hobby as a whole, to not be selfish pricks about it. Sure, I wouldn't expect GW to advertise for other products, but to try and control the language to deny the broader hobby is wrong.
Beyond that, it's a series of minor missteps that irritated me. Sure, release new editions of your games every few years. Release new models to go with them. But to declare that models from previous editions are not allowed in tournaments is bogus. Demanding that the models be genuine Citadel miniatures (Citadel being Games Workshop) is awfully selfish. Building a miniature army is expensive. Expecting customers to exclusively use your product and to buy (and paint!) an entire new army every few years is the wrong attitude. This is the sort of thing that turns many people off to wargaming as a whole.
Not true. Those that don't bother with selling you an initial product certainly don't. There are a number of smaller MMO's (like Puzzle Pirates) for which this is true. However, this isn't a "it's just the small and irrelevant MMOs" case, it's also true for the world's largest MMO.
If you sell your CD copy (and associated key) you lose the ability to renew your account later. That's life. If you want to keep your account for later you shouldn't sell your copy. Their EULA suggests that the game can be resold; if someone cannot reasonably do that then they have a problem. If Blizzard isn't going to keep their side of the deal, why should the player keep his?
Frankly, this entire mess is the result of the stupid "You must buy a copy to play" logic. Lineage managed to become the world's larged MMO without that policy. Assuming the developers want to continue charging a set up fee (Which is what buying the box amounts to), just be honest about it. If someone gets a copy without paying for it at retail, charge a one-time setup fee (at a discount, since you didn't have to pay to duplicate the disc, box it up, or get it onto store shelves). Then be sure to label your boxed products "Covers one time setup fee, fee cannot be transferred or sold."
Indeed (and I say this with my own MythTV box sitting on the floor next to my television, having just gotten basic recording working last week). However, I think the poster was suggesting that Apple either take MythTV and polish it, or create something similar. Obviously Apple wouldn't just take it and ship it unchanged; at the very least it needs to be more "Mac-like." Indeed, Apple has shown themselves to be quite capable of taking existing open source world and putting a polish on it. Examples include Apple's rootless X-server (derived from XFree86), the distributed XCode compiles (derived from distcc, I believe). They ship gcc, vim, and a pile of other OS tools. I would certainly find an Apple refined MythTV (iTV, I guess), a compelling option.
Fun is harder than a list of 4 things. In part, because fun is different for different people.
Take, for example, The Sims. Wildly successful, my addicted friends insist it's fun. Debatably it has "#1) Storyline", but only player generated. The Sims is almost completly lacking in "#2) Hand-eye coordination." You'll get more HEC work browsing the web. "#3) Tactics"? Minimal.
Another example, one of the best selling computer games ever, Myth. Lots of tasty Storyline, yes. Basically zilch HEC and Tactics. Debatable tactics. Bestseller and very fun.
You claim SW:KOTOR is almost nothing but storyline, yet it's critically acclaimed and very popular.
These are some interesting axis to consider a game on, but far from the only ones.