Maybe I'm missing something, but as sobig.E comes as a zipped file, it won't autorun. It requires the user to click on the attachment and then click on the pif file within the attachment.
The number of people who would do this is has to be smaller then the number of people who will "preview" an email.
I also like the way AV companies don't rate key-logging as that big a danger.
"Hmm, this virus will record the URL and login details for your online banking and send them off for someone to use at their leisure."
"Does it delete any files?"
"Nope."
"Ok, that is a low rating then."
"This virus deletes solitaire.exe."
"Argh! Highly Dangerous! We need to release a definitions update NOW!"
Nah, a) you just build up your castle, b) segregate the population by wealth, c) hire more guards and d) encourage them to squabble amongst themselves.
Sorry, thought I was still in the dark ages. How about, a) Move to an "enclosed suburb/enclave", whatever they call these things now. Add some remote controlled gates, some pure-bred guard dogs and a video intercom for good measure. b) Given the way property prices work this segregation tends to happen automatically, cool. Want to get rid of your annoying poor neighbours, just buy the property and develop it. c) Police are expensive, security guards are cheaper. d) Don't make any extra effort to specifically target the criminal problems suffered by those in the "less well off" areas of a suburb/town/state. Blame the poor/under-educated/un-employed for the state of the current economy.
Remember, not in My backyard, and not in My lifetime. Foster inertia.
All those MUD, MUSH, MOO, whatever admins who dream of doing it commercially should take special note here.
When you do it for free, you can tell people this is how it is, like it or lump it.
When you do it for a living you have to kiss ass and attempt to convince people that your (bosses) decision is the right one for them (the people indirectly paying your wages and keeping you in a job).
So be careful what you wish for and remember that sometimes hobbies are enjoyable mainly because they are hobbies...
Note: In either case you still have to listen to them bitch and moan.
Yeah, you have to be careful, wouldn't want people to know you once said, "Come here George Wookie Bush, I'm going to stick this here light saber where the suns don't shine!".
In general, people also appreciate it when others refrain from "blasting shitstorms of personal information onto the internet" as there is already pleny of "personal shit" to wade through now.
The linked article seems more like an ad for AO then a study of gaming addiction. She sets herself up as the test subject and then only mentions briefly (and shallowly) the effects she experienced.
Other players are mentioned but it isn't made clear if they are addicts as well (or does AO imply addicts only?), nor is any mention made of the downside (or lack thereof) to their gaming habit. All the bad examples are taken from other games (EQ, the Korean CS casualty, etc).
Overall I got the message that AO is great, come play and if you spend a bit more time playing it then you should, well that's OK (at least you're not doing drugs)... sure looks like an ad, or at least a favorable review.
I have a passion for a tidy kitchen, but I can walk out the door with dirty dishes in the sink. If I had a compulsion for a tidy kitchen, I probably couldn't.
Habits tend to lead to compulsive behaviour, I always put on my seatbelt when I get in a car, I don't even have to think about it. I feel very uncomfortable riding in a small vehicle without one. (It was a bit wierd when I first started riding a motorbike, but that habit was at least partially established from when I rode a bicycle/horse.)
Being able to tell the difference between a passion and a compulsion can be very difficult, especially when you try it on yourself. (Analyzing others is pointless anyway, because they won't listen to you anyway...)
I've skimmed the linked article twice now and it does not state any specific usability issues. It seems to merely be a limp-wristed academic rehashing of any discussion regarding OSS usability conducted on the internet in the last five years.
The assumption made initially that because every person and their pet isn't now using OSS instead of something else because of usability issues is fundamentally flawed, sorry C- for the professors.
I haven't had a chance to follow all the references but some proof that usability is a major stumbling block to OSS take-up would be nice. As opposed to the inertia of (modern) business practices and the fact that most (home) users are "happy" with what they have already and have no need to swim in unfamiliar waters.
Note: I don't think the article is a complete waste of a read but I do think it failed miserably in what it purported to do.
You forgot to mention the regulatory mechanism (noble berth then, overpriced higher education generally only attainable by the offspring of nobility now) to ensure your serfs cannot easily attain nobility and the "old money" stays in the family.
Re:Damn, it sucks to be a moderator at times like
on
ECCp-109 Solved
·
· Score: 1
Division by zero is undefined because tolerating it makes for uncomfortable number systems where every number is equal to every other.
Actually it is undefined because there is no definitive answer to a division by zero.
How many zeroes do you need to add together to get one?
Well I lasted from 2.0 to 3.0, but I'm afraid it is time for me to change from KDE.
My problem is I want a sensible window manager. What I consider to be a sensible window manger is one that allows me to stop anything from stealing window focus.
The whole point of having a window manager is so that you can run multiple windows. If I'm typing something I expect my keystrokes to go to the currently selected window not to whatever self-important application that decides to raise itself and steal the focus.
I don't care if other windows are raised over my currently selected window, I simply want my keystrokes to go the window that I have explicitly focused on.
Otherwise I might as well only run one application at a time to ensure no random keystroke redirection and would hence have no need for a window manager.
Your comment makes no sense, AFAIK Microsoft have no obligations to write new software. They don't even have to provide ongoing support for their current software unless they have signed contracts. I'm sure most OSS developers would sign a support contract in return for dollars...
Microsoft could announce tomorrow that they are quitting the software business and producing blowup sex dolls, why does this make them a better choice then OSS?
Of course if Apache is abandoned by its current developers, the source code is there for _anyone_ to pick up and continue improving. Any real IT company would have in-house software developers to do this for them (or a handy outsourcer), any company that doesn't is just pretending it exists in the information age.
If guarantees are such a part of the "formal" business world, where are all of Microsofts guarantess??
That's an assumption you're making, not some theoretical bad programmer.
Not only is it an assumption I'm making, but (as I stated) also an assumption I'm verifying in the hope that I don't get mistaken for that theoritcal bad programmer.
strncpy( dest, src, dest_size); dest[dest_size-1] = '\0'; always works, no matter the size of dest and src, and without modifying the src, calling exit(), or any other such sloppiness.
What happens when you want everything that is in src, not just what fits in dest? I guess that would be another unstated assumption. Of course this gets messy because you then make the assumption that src has a reasonable finite size.
Actually, I just wish more systems supported the OpenBSD strlcpy().
I've never used it, but I notice even the manual page for it includes explicit checking for truncation, so I guess validation is hard to avoid. Of course when some dope writes "BSD C in 6 1/2 minutes!", I worry something like this will appear: "*Note: We use strlcpy() here because it is safer then strcpy() and strncpy().", forgetting of course to add the checks.
In the end I feel that the copying of strings is not a trivial exercise in C, and if people don't validate (ie check) their assumptions (or even realise they are making them), then trouble will ensue, not matter what standard function they use. C was not designed to be a "safe" language, people should not treat it as such. Also, there is nothing stopping people from creating their own wrappers (as you suggested with your inline function), this could be done once (for a program, or a project, or all projects), and it is never a concern again.
The strcpy() bug is copying a string too big for the dest buffer, and that doesn't have to have anything to do with input. Not to mention that ensuring that your very large input is null-terminated doesn't stop you from having a buffer overflow when you strcpy() that string into a smaller buffer. I told you they weren't the same thing, but you didn't believe me.:)
So if I assume that my source string will fit into my destination string, this is not making an assumption on the input to the function? It seems the same to me.:)
It "claims" to do something that is fundamentally unsafe to do without even the basic check of having a length field.
It doesn't however enforce that you can't check the field length before hand, the same way there is nothing stopping you from checking the value of a pointer before you try to dereference it.
If I've already verified my assumption that the source string is smaller then the destination string (validating the input), I can safely use strcpy(). I could just as easily use strncpy(), and then check that the destination string is null-terminated (validating the output). Both of these methods still require validation, so I don't see the gain in using one over the other. Without validation, strncpy() is safer, the same way it is safer to be in a car with airbags then a car without if you never wear a seatbelt.
I thought this: scripting might be interesting (and even relevant), but I'll try it when it is fixed.
As I pointed out in my second paragraph, I know that some people are interested in it, but they don't need anything new to satisfy their script cravings. Do you see the difference in interacting with other people and interacting with other people's scripts?
Forcing null-termination of sources is not the answer, because if you have a source that is not already null-terminated, then you have a bug elsewhere in your code.
The bug being that you didn't ensure the termination...
We're talking about strcpy()-related bugs here. That means you already have a string in a buffer of sufficient size to hold the string
Making assumptions about the input is the strcpy bug isn't it?
Having a copy to play with is why strcpy() is used. If it was acceptable to modify the source, then you wouldn't make a copy.
Well you may want to store a copy of a string, the contents of which changes, there are plenty of reasons for duplicating a string, modification is only one of them.
I just feel strcpy is offered as a scapegoat, for the causes of insecure programs (when I'm sure we both know it is poor programming practices). So I stand by original statement, strcpy does what it claims to do, if you use it to something when you actually wanted to do something else, more fool you. Forcing people to use strncpy instead of strcpy will not ensure safer programs.
What is the point of scripting? If a task is so mundane and repetitive that it is easily scripted, why even bother putting it into the game to start with? All that extra coding, debugging, cpu time and possibly bandwidth is wasted on something that no-one is interested in, and doesn't add anything to the game.
If people just want to pit their scripting skills against each other there are already plenty of "bot" games out there to do just that. It is very obvious what sort of audience would find "programming" a character appealing as a recreational activity, but seeing as they are making it, I guess they get to choose.
Bah, if your string is not null terminated, you are introducing a bug. Neither strcpy nor strncpy ensure this, so it is still left to the programmer to do it. If it is done to the source string (and as you said, you know the destination size) before it is ever feed to either function, which one you use is irrelevant.
I guess you could even argue that strncpy encourages the handling of unterminated strings, as you can safely pass them around with the various n functions, of course as n varies through the program, all sorts of odd behaviour shall ensue.
So by fixing the bug in the program (by ensuring all strings are null terminated, not by replacing every strcpy call with strncpy) you are also ensuring the program is secure (it is no longer vunerable to buffer overflows), wasn't that one of the points of the original article?
This doesn't mean strncpy is useless, for example, you may have to use a string you don't want to (or can't) vary by null terminating it (a constant perhaps), so you'll need strncpy to safely make a copy of it that you can play with.
If you went shopping around and four or five junkyards quoted you forty dollars to dispose of your wreck, and then you found one who would do it for five dollars, wouldn't you be a little suspicious?
When you see item X going for $100 in the stores, and someone on the street offers you X for $10 (including shipping to another country), you would have to be an idiot to refuse, wouldn't you?
Of course, you won't get gaol time for doing something that is morally wrong, but to believe a business has no idea what is going on after it "signs the check" is crazy. They will have costed various methods of disposal and found the cheapest "legal" method they could.
I do think the article is a cheap shot though, it isn't like America is the only country with old computers, and shady businesses.
This gets modded up? This is a tired, stupid argument.
If it wasn't for the Europeans (aided by the middle east and asia), Americans, ugly or otherwise would be hunting buffalo (and I'd be spearing kangaroos), so no internet for you without the eurotrash.
Reading a few history books suggests that one or two Russians died in WW2, but other then them I'm sure that the USA did it all. Of course, if it was announced that America would stand against Hitler as soon as he started, it is quite possible that a great deal fewer people would have died (and almost certainly no Americans...). However there was no real rush, as no-one was dropping bombs on their homes, nor driving tanks through their streets.
That the terrible suffering and infinite loss of those involved should be sullied by some prat who is quite happy to slur his own and another country's government, but gets upset when someone else offers up their opinion, is sickening, and shows a total lack of understanding, tolerance and maturity, I guess that is what scores on/. though...
What is wrong with strcpy? It does what it is supposed to do. The fact that people use it carelessly and inappropriately is irrelevant, the same could be said of scissors, should they never have existed too? (and the same goes for goto)
I've started to create one, using MySQL, Zope and a browser front end. At present it suits my purposes better to interact with it using Python scripts but it is nice to have "one-click" search results in the browser. I don't think I'm going to get what I ultimately want using the above (heaps of issues, security of course being a main one, and maintaining the current state being another), but it works well for a "proof of concept".
It also is not likely to become a neat little "install and use" package, but that is one of my goals for it. For example there are tradeoffs between harddisk space and search time depending on how much indexing you do, presenting this in an easy to tune manner would be no small task.
Take a look at mud clients, there are plenty of them. But I'm guessing the ratio of client writers to mud players would be very small, it is merely the overall number that makes it seem like an abundance of clients. The reason people write mud clients is not to just play them, they have telnet for that, but to play better/easier. If there is no "tactical" advantage to having a "fancy" client, very few people are going to take the time to do it.
As your project attracts developers, are they going to more interested in coding clients or creating "intelligent" computer opponents (or any other server side development)? Given that you are only likely to get a few (if any) to begin with, hoping to find one who is good with UIs and enjoys working on them may be a long shot.
I also don't really understand why you are having trouble with the UI, when you think of playing this game (that is why you are writing right?), what do you imagine seeing on the screen?
Slashdot Mirror
So if another one gets shot, will they declare firearms a valid method of casting your vote or just give the whole "president" thing a miss?
Maybe I'm missing something, but as sobig.E comes as a zipped file, it won't autorun. It requires the user to click on the attachment and then click on the pif file within the attachment.
The number of people who would do this is has to be smaller then the number of people who will "preview" an email.
I also like the way AV companies don't rate key-logging as that big a danger.
"Hmm, this virus will record the URL and login details for your online banking and send them off for someone to use at their leisure."
"Does it delete any files?"
"Nope."
"Ok, that is a low rating then."
"This virus deletes solitaire.exe."
"Argh! Highly Dangerous! We need to release a definitions update NOW!"
Nah,
a) you just build up your castle,
b) segregate the population by wealth,
c) hire more guards
and
d) encourage them to squabble amongst themselves.
Sorry, thought I was still in the dark ages.
How about,
a) Move to an "enclosed suburb/enclave", whatever they call these things now. Add some remote controlled gates, some pure-bred guard dogs and a video intercom for good measure.
b) Given the way property prices work this segregation tends to happen automatically, cool. Want to get rid of your annoying poor neighbours, just buy the property and develop it.
c) Police are expensive, security guards are cheaper.
d) Don't make any extra effort to specifically target the criminal problems suffered by those in the "less well off" areas of a suburb/town/state. Blame the poor/under-educated/un-employed for the state of the current economy.
Remember, not in My backyard, and not in My lifetime. Foster inertia.
All those MUD, MUSH, MOO, whatever admins who dream of doing it commercially should take special note here.
When you do it for free, you can tell people this is how it is, like it or lump it.
When you do it for a living you have to kiss ass and attempt to convince people that your (bosses) decision is the right one for them (the people indirectly paying your wages and keeping you in a job).
So be careful what you wish for and remember that sometimes hobbies are enjoyable mainly because they are hobbies...
Note: In either case you still have to listen to them bitch and moan.
Yeah, you have to be careful, wouldn't want people to know you once said,
"Come here George Wookie Bush, I'm going to stick this here light saber where the suns don't shine!".
In general, people also appreciate it when others refrain from "blasting shitstorms of personal information onto the internet" as there is already pleny of "personal shit" to wade through now.
The linked article seems more like an ad for AO then a study of gaming addiction. She sets herself up as the test subject and then only mentions briefly (and shallowly) the effects she experienced.
... sure looks like an ad, or at least a favorable review.
Other players are mentioned but it isn't made clear if they are addicts as well (or does AO imply addicts only?), nor is any mention made of the downside (or lack thereof) to their gaming habit. All the bad examples are taken from other games (EQ, the Korean CS casualty, etc).
Overall I got the message that AO is great, come play and if you spend a bit more time playing it then you should, well that's OK (at least you're not doing drugs)
I have a passion for a tidy kitchen, but I can walk out the door with dirty dishes in the sink. If I had a compulsion for a tidy kitchen, I probably couldn't.
Habits tend to lead to compulsive behaviour, I always put on my seatbelt when I get in a car, I don't even have to think about it. I feel very uncomfortable riding in a small vehicle without one. (It was a bit wierd when I first started riding a motorbike, but that habit was at least partially established from when I rode a bicycle/horse.)
Being able to tell the difference between a passion and a compulsion can be very difficult, especially when you try it on yourself. (Analyzing others is pointless anyway, because they won't listen to you anyway...)
I've skimmed the linked article twice now and it does not state any specific usability issues. It seems to merely be a limp-wristed academic rehashing of any discussion regarding OSS usability conducted on the internet in the last five years. The assumption made initially that because every person and their pet isn't now using OSS instead of something else because of usability issues is fundamentally flawed, sorry C- for the professors. I haven't had a chance to follow all the references but some proof that usability is a major stumbling block to OSS take-up would be nice. As opposed to the inertia of (modern) business practices and the fact that most (home) users are "happy" with what they have already and have no need to swim in unfamiliar waters. Note: I don't think the article is a complete waste of a read but I do think it failed miserably in what it purported to do.
I heard it was an imperial to metric conversion problem.
You forgot to mention the regulatory mechanism (noble berth then, overpriced higher education generally only attainable by the offspring of nobility now) to ensure your serfs cannot easily attain nobility and the "old money" stays in the family.
Division by zero is undefined because tolerating it makes for uncomfortable number systems where every number is equal to every other.
Actually it is undefined because there is no definitive answer to a division by zero.
How many zeroes do you need to add together to get one?
Cool, at least this ensures us poor .au's don't receive anything from such ivory tower morons.
Oi...Yank SELF-RIGHTEOUSNESS is just as annoying as the crap from anywhere else! Hmm, what is this "Post Anonymously" button for?Well I lasted from 2.0 to 3.0, but I'm afraid it is time for me to change from KDE.
My problem is I want a sensible window manager. What I consider to be a sensible window manger is one that allows me to stop anything from stealing window focus.
The whole point of having a window manager is so that you can run multiple windows. If I'm typing something I expect my keystrokes to go to the currently selected window not to whatever self-important application that decides to raise itself and steal the focus.
I don't care if other windows are raised over my currently selected window, I simply want my keystrokes to go the window that I have explicitly focused on.
Otherwise I might as well only run one application at a time to ensure no random keystroke redirection and would hence have no need for a window manager.
Your comment makes no sense, AFAIK Microsoft have no obligations to write new software. They don't even have to provide ongoing support for their current software unless they have signed contracts. I'm sure most OSS developers would sign a support contract in return for dollars...
Microsoft could announce tomorrow that they are quitting the software business and producing blowup sex dolls, why does this make them a better choice then OSS?
Of course if Apache is abandoned by its current developers, the source code is there for _anyone_ to pick up and continue improving. Any real IT company would have in-house software developers to do this for them (or a handy outsourcer), any company that doesn't is just pretending it exists in the information age.
If guarantees are such a part of the "formal" business world, where are all of Microsofts guarantess??
That's an assumption you're making, not some theoretical bad programmer.
Not only is it an assumption I'm making, but (as I stated) also an assumption I'm verifying in the hope that I don't get mistaken for that theoritcal bad programmer.
strncpy( dest, src, dest_size); dest[dest_size-1] = '\0'; always works, no matter the size of dest and src, and without modifying the src, calling exit(), or any other such sloppiness.
What happens when you want everything that is in src, not just what fits in dest? I guess that would be another unstated assumption. Of course this gets messy because you then make the assumption that src has a reasonable finite size.
Actually, I just wish more systems supported the OpenBSD strlcpy().
I've never used it, but I notice even the manual page for it includes explicit checking for truncation, so I guess validation is hard to avoid. Of course when some dope writes "BSD C in 6 1/2 minutes!", I worry something like this will appear: "*Note: We use strlcpy() here because it is safer then strcpy() and strncpy().", forgetting of course to add the checks.
In the end I feel that the copying of strings is not a trivial exercise in C, and if people don't validate (ie check) their assumptions (or even realise they are making them), then trouble will ensue, not matter what standard function they use. C was not designed to be a "safe" language, people should not treat it as such. Also, there is nothing stopping people from creating their own wrappers (as you suggested with your inline function), this could be done once (for a program, or a project, or all projects), and it is never a concern again.
The strcpy() bug is copying a string too big for the dest buffer, and that doesn't have to have anything to do with input. Not to mention that ensuring that your very large input is null-terminated doesn't stop you from having a buffer overflow when you strcpy() that string into a smaller buffer. I told you they weren't the same thing, but you didn't believe me. :)
So if I assume that my source string will fit into my destination string, this is not making an assumption on the input to the function? It seems the same to me. :)
It "claims" to do something that is fundamentally unsafe to do without even the basic check of having a length field.
It doesn't however enforce that you can't check the field length before hand, the same way there is nothing stopping you from checking the value of a pointer before you try to dereference it.
If I've already verified my assumption that the source string is smaller then the destination string (validating the input), I can safely use strcpy(). I could just as easily use strncpy(), and then check that the destination string is null-terminated (validating the output). Both of these methods still require validation, so I don't see the gain in using one over the other. Without validation, strncpy() is safer, the same way it is safer to be in a car with airbags then a car without if you never wear a seatbelt.
I thought this: scripting might be interesting (and even relevant), but I'll try it when it is fixed.
As I pointed out in my second paragraph, I know that some people are interested in it, but they don't need anything new to satisfy their script cravings. Do you see the difference in interacting with other people and interacting with other people's scripts?
Forcing null-termination of sources is not the answer, because if you have a source that is not already null-terminated, then you have a bug elsewhere in your code.
The bug being that you didn't ensure the termination...
We're talking about strcpy()-related bugs here. That means you already have a string in a buffer of sufficient size to hold the string
Making assumptions about the input is the strcpy bug isn't it?
Having a copy to play with is why strcpy() is used. If it was acceptable to modify the source, then you wouldn't make a copy.
Well you may want to store a copy of a string, the contents of which changes, there are plenty of reasons for duplicating a string, modification is only one of them.
I just feel strcpy is offered as a scapegoat, for the causes of insecure programs (when I'm sure we both know it is poor programming practices). So I stand by original statement, strcpy does what it claims to do, if you use it to something when you actually wanted to do something else, more fool you. Forcing people to use strncpy instead of strcpy will not ensure safer programs.
What is the point of scripting? If a task is so mundane and repetitive that it is easily scripted, why even bother putting it into the game to start with? All that extra coding, debugging, cpu time and possibly bandwidth is wasted on something that no-one is interested in, and doesn't add anything to the game.
If people just want to pit their scripting skills against each other there are already plenty of "bot" games out there to do just that. It is very obvious what sort of audience would find "programming" a character appealing as a recreational activity, but seeing as they are making it, I guess they get to choose.
Bah, if your string is not null terminated, you are introducing a bug. Neither strcpy nor strncpy ensure this, so it is still left to the programmer to do it. If it is done to the source string (and as you said, you know the destination size) before it is ever feed to either function, which one you use is irrelevant.
I guess you could even argue that strncpy encourages the handling of unterminated strings, as you can safely pass them around with the various n functions, of course as n varies through the program, all sorts of odd behaviour shall ensue.
So by fixing the bug in the program (by ensuring all strings are null terminated, not by replacing every strcpy call with strncpy) you are also ensuring the program is secure (it is no longer vunerable to buffer overflows), wasn't that one of the points of the original article?
This doesn't mean strncpy is useless, for example, you may have to use a string you don't want to (or can't) vary by null terminating it (a constant perhaps), so you'll need strncpy to safely make a copy of it that you can play with.
If you went shopping around and four or five junkyards quoted you forty dollars to dispose of your wreck, and then you found one who would do it for five dollars, wouldn't you be a little suspicious?
When you see item X going for $100 in the stores, and someone on the street offers you X for $10 (including shipping to another country), you would have to be an idiot to refuse, wouldn't you?
Of course, you won't get gaol time for doing something that is morally wrong, but to believe a business has no idea what is going on after it "signs the check" is crazy. They will have costed various methods of disposal and found the cheapest "legal" method they could.
I do think the article is a cheap shot though, it isn't like America is the only country with old computers, and shady businesses.
This gets modded up? This is a tired, stupid argument.
If it wasn't for the Europeans (aided by the middle east and asia), Americans, ugly or otherwise would be hunting buffalo (and I'd be spearing kangaroos), so no internet for you without the eurotrash.
Reading a few history books suggests that one or two Russians died in WW2, but other then them I'm sure that the USA did it all. Of course, if it was announced that America would stand against Hitler as soon as he started, it is quite possible that a great deal fewer people would have died (and almost certainly no Americans...). However there was no real rush, as no-one was dropping bombs on their homes, nor driving tanks through their streets.
That the terrible suffering and infinite loss of those involved should be sullied by some prat who is quite happy to slur his own and another country's government, but gets upset when someone else offers up their opinion, is sickening, and shows a total lack of understanding, tolerance and maturity, I guess that is what scores on /. though...
I was going to make an on topic comment here, but
What is wrong with strcpy? It does what it is supposed to do. The fact that people use it carelessly and inappropriately is irrelevant, the same could be said of scissors, should they never have existed too? (and the same goes for goto)
I've started to create one, using MySQL, Zope and a browser front end. At present it suits my purposes better to interact with it using Python scripts but it is nice to have "one-click" search results in the browser. I don't think I'm going to get what I ultimately want using the above (heaps of issues, security of course being a main one, and maintaining the current state being another), but it works well for a "proof of concept".
It also is not likely to become a neat little "install and use" package, but that is one of my goals for it. For example there are tradeoffs between harddisk space and search time depending on how much indexing you do, presenting this in an easy to tune manner would be no small task.
Take a look at mud clients, there are plenty of them. But I'm guessing the ratio of client writers to mud players would be very small, it is merely the overall number that makes it seem like an abundance of clients. The reason people write mud clients is not to just play them, they have telnet for that, but to play better/easier. If there is no "tactical" advantage to having a "fancy" client, very few people are going to take the time to do it.
As your project attracts developers, are they going to more interested in coding clients or creating "intelligent" computer opponents (or any other server side development)? Given that you are only likely to get a few (if any) to begin with, hoping to find one who is good with UIs and enjoys working on them may be a long shot.
I also don't really understand why you are having trouble with the UI, when you think of playing this game (that is why you are writing right?), what do you imagine seeing on the screen?