Re:For anyone who is sick and tired of MMORPGs...
on
Guild Wars Launches
·
· Score: 2, Funny
Guild Wars sounds great. I will definitely play.
However, I take some exception with the idea that its an MMORPG, or even to label it as a "virtual world". If the main progress for your character necessitates entering an instance to which you teleport instantly, then what are you playing? Are there quests and stories that span the globe? Isn't it missing some of the essence of any VW?
The meetup areas are "massively multiplayer". I understand that. But, is there any hint of character, quest, story or game progression from the meetup areas? It sounds quite like Battle.Net to me.
Its also interesting to note the frustration levels of some people about MMOs.
Exploring vast areas considered a negative!
Other citizens hindering one's progress!
Forming groups with new or unfamiliar people!
Safe from PVP combat when not specifically looking for it!
All of these strike me as some of the logical consequences of playing a "massively multiplayer" game. All of these things are what Guild Wars is not. The title of the game is certainly apt, but I'm surprised they bill themselves as an MMO.
I look forward to playing it, but will be prepared with the expectation that it is a multiplayer game, and not an MMO of any large scope or splendour.
The true majority will speak with their wallets. If the Honour System is indeed as unpopular as the forum-whores would have us believe, then we'd witness a massive drop in the WoW subscribership.
So far, the AH on my server is as busy as ever.:-)
If he were moving forward in time, wouldn't he be posting after you?
Plus which, his post is shown to be four minutes before yours. My temporal mechanics is a bit rusty, but that makes him posting a full six minutes ahead of you (had he not used his transmorgifier to shorten the gap).
Takes quite the effort to get ahead of, er behind, you.
The cheapest resource in a book is its words: you can have as many of them as you want really, no matter how long it takes to read.
I'd argue that the most expensive part of the book is the words! It would cost a lottttt less to produce a book with zero pages than for a 700plus-page volume.
Furthermore, removing 'extra' lines of dialogue to shorten a film might make sense only if the dialogue wasn't a core aspect of the film and its humour.:-)
I am not a proponent of this system, but I know a little bit about this stuff.
The Info-cards concept is mainly the brainchild of Kim Cameron, who was one of the architects for a directory server called, "ZoomIT", before it was bought by Microsoft. It is now the essential core of what we all know as Active Directory. So in that sense, the designer of the iCards is also a chief designer of AD. He described this whole solution to me several months ago, although the devs at MS were calling them "vCards" at the time. He claimed, "its like your email Vcard, but with X.509 tossed in," (digital signatures).
You can read his blog, where he postulates and proselytizes about identity, including setting forth a semi-formal set of "Laws of Identity"; essential criteria which any distributed identity system must satisfy. Like Passport (didn't). Like pingID. Like Sxip. Like i-Names.
Etc., etc.
The MS guys actively follow identity trends on the Internet today. They didn't say this, but I am quite certain that they were not huge fans of Passport, knowing the technical and privacy risks associated with centrally stored identity data. Duh.
I'm sure they let Passport die. They knew it was not a workable solution. Fundamentally, the type of identity applications for which Passport was designed would never have worked if they had culminated in massive web services buy-in. How could it? Do you "sign in" to user forums (like this one) with huge requirements for security and privacy? So why would you use the same system for banking??? And that, literally, was the mission for Passport years ago! Single-signon for the web! w00t!
No. You probably don't sign in to discussion forums with the expectation of security that you would your email. Most forums and pages and all that fun stuff that we slashdotters built for fun in the late nineties is fair game for this. And who of us wanted to actually store a database of users and names and stuff for just a silly forum? And I think thats what infoCards is. It allows you to share info about yourself without an actual authentication (as we know it). Remember what Cameron said, he said it was "V-Cards with some X.509 tossed in". V-Cards are basically a set of data that you write, or even... data that is written about you and digitally signed. Name, gender, date of birth, etc. So whatever you wanna "tell" to your forum page about yourself when you sign in, you'll actually authenticate to that little local datastore they put into windows. Then this unlocks those little tidbits of info that you're sharing. You're not going to auth to the webpage (or maybe you will, but its again a super low assurance mechnism and no one expects it to be anything more than that).
So... you will authenticate locally. Want heftier security for that? Cool. Then buy our cool little one-time password token...:-)
So, once you've authenticated to your little datastore, you get to decide whom you're sending your data to. So there will be some mechanism by which you get to authenticate them. Kim said this had to be omnidirectional, right? So you're making sure that the World of Warcraft forums are indeed whom you're telling your gender to or favourite colour, etc. Then this stuff gets all packaged up and sent over the wire to wherever its supposed to go. Maybe its encrypted. Maybe its signed. Maybe its cleartext. Depends on the app. And the forum writer doesn't even have to be running Windows to accept that data.
So what is infoCards?
Low assurance localized authentication, user-controlled data exchange, nodal verification and built with personal or 3rd-party assertions about that information.
"...using real, live people to make your content interesting is like an admission of defeat. It says that virtual world is neither sufficently compelling to be interesting in its own right, nor sufficiently rich to enable players to make it interesting themselves."
[Designing Virtual Worlds, Richard A. Bartle, 2003, New Riders Games, ISBN: 0131018167]
Definitely a must for anyone interested in MMO design.
WOW has hand-crafted network code which is kept a trade secret. At this point, I can see why.;-)
Kidding aside, each realm has many servers, all geographically dispersed. And you're right, even certain zones in themselves are serviced by multiple machines. Your observation about distinct IP addresses doesn't necessarily mean distinct machines, however. Interview, Blizzards' Shane Dabiri.
So, you can bet that they have dynamic load balancing in place within a realm.
As an aside, Wish is now defunct. Story. Its point of distinction was one contiguous world that all subscribers would share. This is a true MMO in my opinion. We surmise that their subscriber base in beta did not survive sustainability projections, so in the end it was a casualty of simple finances.
The rest of the market that instances the VW into multiple 'shards' are inpure in my opinion. So when I see advertising that prides itself on "1.5 Million Subscribers!" I just think, "so what!". Splitting users into 90 distinct realms lessens the weight of these claims. If you have 100,000 user concurrency that means you're really only playing with 1,000 players, and we've seen what thats like.
IMO, WOW as a game system and a server system doesn't scale in any impressive way.
It seems to me that both "have" and "are" require additional hardware to do the authentication. Surely, Microsoft isn't intending to make consumers buy smartcard readers or fingerprint scanners with Longhorn?
No, they are not. In fact, I highly doubt that they will require you to do anything new at all. What they are enabling is the option to use two-factor authentication, if your organizational needs mandate it. Regular home users will likely be able to log in insecurely like they always have.
Additional hardware for token-based authentication requires the purchase of, well, the token! And usually that means your administrator will need to purchase a server that is synchronized with your token (to be able to check that the number is "correct").
Smartcards (which are another means of fulfilling the "something you have" option) are also pretty easy to purchase and use these days - there are plenty of USB smartcard devices that are small enough to fit on a keychain. RSA Security sells all this stuff. Among others, of course.
In case its still not clear to you, a common form of two-factor authentication is through the use of a small hand-carried device that uses a time-sensitive algorithm to generate a series of numbers. Time senesitive means that this number series changes over time.
In the industry, this is commonly called a "token" and there are multiple vendors that sell them:
Typically the "two-factorness" of the authentication is a description of the relative strength of the authentication process. The process itself is one which authenticates users based on several criteria:
Something you know [passwords]
Something you have [tokens]
Something you are [biometrics]
When Microsoft says its going to use "two-factor" authentication, they are really saying, "We are going to require users to authenticate using one-time number generators and also by knowing a password".
Is this a good thing? Most people say, guardedly, "yes". But only because its better than just merely using passwords.
You have to be an expert level linux hacker to get it runnning though.
You may not be aware, ok, actually you aren't aware that getting Tivo to run in Canada (or anywhere outside of the U.S.) is an extremely easy process!
All you need :
Cable subscription
Tivo box (preferably Series 1)
Broadband or semi-dedicated Internet
Null modem cable and adaptor
Piece of software called, "Simplicity"
Connect the Tivo to a laptop via the modem cable.
Setup the Tivo to "dial" the modem (very easy to do, its a few keystrokes on the tivo remote)
Run the "simplicity" software on the laptop.
Watch Simplicity take care of the rest.
You get full Tivo functionality, including livetv pause, adaptive recording, seasons pass, etc.
I would happily pay for this service gladly in Canada. Unfortunately, its not available nor are there plans to do so, so I don't even get the choice. But, with obtaining cable tv guide info on the web and using this little program, my tivo is as happy as if it were in its home country. I will tell you, using Tivo has made me actually watch TV, versus having gone for years without. Incidentally, I am more exposed to television advertising (since, well, I'm actually watching the thing now).
The archaic days of blind tv broadcasting are essentially, and gladly, over.
As an avid reader of all things gaming, I'll definitely prop up my favourite rag : Computer Games Magazine. Their reviews are "spot-on" (at least for the games that I've personally played).
Woeful name for a publication, however, I perceive their reviews as being extremely honest and balanced. They won't hesitate to pan a game, and I definitely don't get the feeling that they are giving a bia$ed apprai$al. Their coverage is detailed and offers a refreshing maturity compared with most of the magazines that I've read out there.
I'm Canadian and I travel to the U.S. frequently. It is on the U.S. Customs Declaration form, actually.
"Address of the place you are staying in the U.S."
Been asked directly many times to provide this address.
In addition, my girlfriend is non-North American (Australian). When she travels to the U.S., she has to answer the same questionnaire every single time containing the most laughably bizarre questions you've ever heard :
Have you ever been affiliated with the Nazi party?
Are you a communist? (sic)
Have you ever been convicted of treason, espionage or sabotage?
Do you have military training (including small arms, demolitions and insurgency)?
I cannot imagine the braindead fool that would ever answer YES to those questions. I cannot imagine the braindead fool customs agent that would take it seriously. "Excuse me sir, was your demolitions experience with C4 or TNT?"
One has to remember that the vast majority of exploration to the "New World" was motivated by the lure of gold and other riches, the competition from hostile neighbours and the promise of military dominance in the region.
Discovering riches on other planets would most certainly change our approach, and we'd have the glorious and uncautious golden age of exploration that you yearn for.
I've seen many definitions in the vendor and user side of security. A statement like "responsibility without authority" is highly negative and a little fatalistic, dont' you think? One of the key defining elements for me is that a good security administrator has the ability "to influence without power". That means, being Mr. SecAdmin is as much an exercise in politics as it is in technical werewithall.
Relate this back to the industry. You're either at the top-level or you're in the trenches. A good security admin will bridge the two as best he/she can. Security fundamentally affects (and is affected by) almost every facet of an organization. I've seen through personal experience a "silo-like" mentality to security policy execution. The secadmins were in their own private bubble that attempted to be dictatory and impervious to external influence. This is wrong, wrong, wrong!
Unfortunately, the needs of the job amount to being a little political. The decisions must be participatory, or at least giving the appearance of being participatory. That is what gives you buy-in from your users. You might say, "Why should I?" Well, if you're saying that, then you might want to find another job. Its a necessary evil if you care about keeping your org secure. If not, you might be the one complaining after the fact, "They never listened to me". Even if you're merely sitting there explaining why you are doing what you're doing - at least people are involved. You might even be giving them bad news, but at least you're telling them that you're giving them bad news before you change their lives. The real challenge here is finding the right people to involve.:-)
Good security as much depends on the "how" of security versus the "what" of security. If your methodology is technically correct, cheap, and does the job, but you've dumped it on the organization, then guess what. It ain't gonna fly!
The article, in its efforts to be concise, has not really justified its claims. Trying to sway the course of one of the largest governments in the world indeed sounds like a recipe for frustration, but does not necessarily map back to the industry in general. Those seem like radically different things. I remember Richard Clarke seeming positively perky during the days of his assumption of cyber-security czar role. Look at him now.
Microsoft has helped the Open source revolution happen.
Look at the UI. Look at the applications. The basic look and feel hasn't changed significantly since 1995. Almost every new technology "innovation" has been either bought or copied (poorly) by Microsoft.
OSS' growth has been more viral, more grassroots, more innovative than the top-down "we know better than you" approach that Microsoft has successfully imposed on its users in the last 5 years. It is with this suppression of innovation that Microsoft has directly spawned and contributed to the open-source revolution!
On another note, after 10 years on Wintel, I switched to Macintosh recently. After 5 minutes inside of OSX, I experienced more innovation and creativity than I had on Windows for as long as I can recall.
Thank-you Microsoft for helping me switch to truly useable applications.
Slashdot Mirror
However, I take some exception with the idea that its an MMORPG, or even to label it as a "virtual world". If the main progress for your character necessitates entering an instance to which you teleport instantly, then what are you playing? Are there quests and stories that span the globe? Isn't it missing some of the essence of any VW?
The meetup areas are "massively multiplayer". I understand that. But, is there any hint of character, quest, story or game progression from the meetup areas? It sounds quite like Battle.Net to me.
Its also interesting to note the frustration levels of some people about MMOs.
- Exploring vast areas considered a negative!
- Other citizens hindering one's progress!
- Forming groups with new or unfamiliar people!
- Safe from PVP combat when not specifically looking for it!
All of these strike me as some of the logical consequences of playing a "massively multiplayer" game. All of these things are what Guild Wars is not. The title of the game is certainly apt, but I'm surprised they bill themselves as an MMO.I look forward to playing it, but will be prepared with the expectation that it is a multiplayer game, and not an MMO of any large scope or splendour.
The true majority will speak with their wallets. If the Honour System is indeed as unpopular as the forum-whores would have us believe, then we'd witness a massive drop in the WoW subscribership.
So far, the AH on my server is as busy as ever. :-)
If he were moving forward in time, wouldn't he be posting after you?
Plus which, his post is shown to be four minutes before yours. My temporal mechanics is a bit rusty, but that makes him posting a full six minutes ahead of you (had he not used his transmorgifier to shorten the gap).
Takes quite the effort to get ahead of, er behind, you.
The cheapest resource in a book is its words: you can have as many of them as you want really, no matter how long it takes to read.
I'd argue that the most expensive part of the book is the words! It would cost a lottttt less to produce a book with zero pages than for a 700plus-page volume.
Furthermore, removing 'extra' lines of dialogue to shorten a film might make sense only if the dialogue wasn't a core aspect of the film and its humour. :-)
I wouldn't be so sure that everyone playing FPS on consoles is in a rush to get a mouse and keyboard set up
I am not a proponent of this system, but I know a little bit about this stuff.
The Info-cards concept is mainly the brainchild of Kim Cameron, who was one of the architects for a directory server called, "ZoomIT", before it was bought by Microsoft. It is now the essential core of what we all know as Active Directory. So in that sense, the designer of the iCards is also a chief designer of AD. He described this whole solution to me several months ago, although the devs at MS were calling them "vCards" at the time. He claimed, "its like your email Vcard, but with X.509 tossed in," (digital signatures).
You can read his blog, where he postulates and proselytizes about identity, including setting forth a semi-formal set of "Laws of Identity"; essential criteria which any distributed identity system must satisfy. Like Passport (didn't). Like pingID. Like Sxip. Like i-Names. Etc., etc.
The MS guys actively follow identity trends on the Internet today. They didn't say this, but I am quite certain that they were not huge fans of Passport, knowing the technical and privacy risks associated with centrally stored identity data. Duh.
I'm sure they let Passport die. They knew it was not a workable solution. Fundamentally, the type of identity applications for which Passport was designed would never have worked if they had culminated in massive web services buy-in. How could it? Do you "sign in" to user forums (like this one) with huge requirements for security and privacy? So why would you use the same system for banking??? And that, literally, was the mission for Passport years ago! Single-signon for the web! w00t!
No. You probably don't sign in to discussion forums with the expectation of security that you would your email. Most forums and pages and all that fun stuff that we slashdotters built for fun in the late nineties is fair game for this. And who of us wanted to actually store a database of users and names and stuff for just a silly forum? And I think thats what infoCards is. It allows you to share info about yourself without an actual authentication (as we know it). Remember what Cameron said, he said it was "V-Cards with some X.509 tossed in". V-Cards are basically a set of data that you write, or even... data that is written about you and digitally signed. Name, gender, date of birth, etc. So whatever you wanna "tell" to your forum page about yourself when you sign in, you'll actually authenticate to that little local datastore they put into windows. Then this unlocks those little tidbits of info that you're sharing. You're not going to auth to the webpage (or maybe you will, but its again a super low assurance mechnism and no one expects it to be anything more than that).
So... you will authenticate locally. Want heftier security for that? Cool. Then buy our cool little one-time password token... :-)
So, once you've authenticated to your little datastore, you get to decide whom you're sending your data to. So there will be some mechanism by which you get to authenticate them. Kim said this had to be omnidirectional, right? So you're making sure that the World of Warcraft forums are indeed whom you're telling your gender to or favourite colour, etc. Then this stuff gets all packaged up and sent over the wire to wherever its supposed to go. Maybe its encrypted. Maybe its signed. Maybe its cleartext. Depends on the app. And the forum writer doesn't even have to be running Windows to accept that data.
So what is infoCards?
Low assurance localized authentication, user-controlled data exchange, nodal verification and built with personal or 3rd-party assertions about that information.
Its pretty smart, IMHO most of th
The article also explains why we don't have screenshots. Because PC Gamer has the exclusive on those.
"The preview of the CS2-128 cipher proposed is in html form and will be available in a published format at the end of April."
The "peers" "review" the code. Perhaps they find vulnerabilities or exploits in the implementation.
And then the company releases it... in hardware.
Then, who peer reviews that? Sounds supremely fl@wed. :-)
Too bad MxO's designers never learned the basics :
[Designing Virtual Worlds, Richard A. Bartle, 2003, New Riders Games, ISBN: 0131018167]
Definitely a must for anyone interested in MMO design.
I hear he's looking for work after 'Constantine'.
"The Matrix is better than the real. In here, I'm a great actor!"
Kidding aside, each realm has many servers, all geographically dispersed. And you're right, even certain zones in themselves are serviced by multiple machines. Your observation about distinct IP addresses doesn't necessarily mean distinct machines, however. Interview, Blizzards' Shane Dabiri.
So, you can bet that they have dynamic load balancing in place within a realm.
As an aside, Wish is now defunct. Story. Its point of distinction was one contiguous world that all subscribers would share. This is a true MMO in my opinion. We surmise that their subscriber base in beta did not survive sustainability projections, so in the end it was a casualty of simple finances.
The rest of the market that instances the VW into multiple 'shards' are inpure in my opinion. So when I see advertising that prides itself on "1.5 Million Subscribers!" I just think, "so what!". Splitting users into 90 distinct realms lessens the weight of these claims. If you have 100,000 user concurrency that means you're really only playing with 1,000 players, and we've seen what thats like.
IMO, WOW as a game system and a server system doesn't scale in any impressive way.
Kafka
No, they are not. In fact, I highly doubt that they will require you to do anything new at all. What they are enabling is the option to use two-factor authentication, if your organizational needs mandate it. Regular home users will likely be able to log in insecurely like they always have.
Additional hardware for token-based authentication requires the purchase of, well, the token! And usually that means your administrator will need to purchase a server that is synchronized with your token (to be able to check that the number is "correct").
Smartcards (which are another means of fulfilling the "something you have" option) are also pretty easy to purchase and use these days - there are plenty of USB smartcard devices that are small enough to fit on a keychain. RSA Security sells all this stuff. Among others, of course.
In case its still not clear to you, a common form of two-factor authentication is through the use of a small hand-carried device that uses a time-sensitive algorithm to generate a series of numbers. Time senesitive means that this number series changes over time.
In the industry, this is commonly called a "token" and there are multiple vendors that sell them :
RSA Security
ActivCard
Vasco
[etc.]
Typically the "two-factorness" of the authentication is a description of the relative strength of the authentication process. The process itself is one which authenticates users based on several criteria :
- Something you know [passwords]
- Something you have [tokens]
- Something you are [biometrics]
When Microsoft says its going to use "two-factor" authentication, they are really saying, "We are going to require users to authenticate using one-time number generators and also by knowing a password".Is this a good thing? Most people say, guardedly, "yes". But only because its better than just merely using passwords.
Darwinia Demo
And why would we want this?
You may not be aware, ok, actually you aren't aware that getting Tivo to run in Canada (or anywhere outside of the U.S.) is an extremely easy process!
All you need :
You get full Tivo functionality, including livetv pause, adaptive recording, seasons pass, etc.
I would happily pay for this service gladly in Canada. Unfortunately, its not available nor are there plans to do so, so I don't even get the choice. But, with obtaining cable tv guide info on the web and using this little program, my tivo is as happy as if it were in its home country. I will tell you, using Tivo has made me actually watch TV, versus having gone for years without. Incidentally, I am more exposed to television advertising (since, well, I'm actually watching the thing now).
The archaic days of blind tv broadcasting are essentially, and gladly, over.
Cheers,
Kafka
Woeful name for a publication, however, I perceive their reviews as being extremely honest and balanced. They won't hesitate to pan a game, and I definitely don't get the feeling that they are giving a bia$ed apprai$al. Their coverage is detailed and offers a refreshing maturity compared with most of the magazines that I've read out there.
Check it out :
Computer Games Online
Cheers,
Kafka
"Address of the place you are staying in the U.S."
Been asked directly many times to provide this address.
In addition, my girlfriend is non-North American (Australian). When she travels to the U.S., she has to answer the same questionnaire every single time containing the most laughably bizarre questions you've ever heard :
I cannot imagine the braindead fool that would ever answer YES to those questions. I cannot imagine the braindead fool customs agent that would take it seriously. "Excuse me sir, was your demolitions experience with C4 or TNT?"
Leave him alone, the girls have been telling him that for years! :-)
Yep, they're improving! The next mission broadcast will be hosted by Britney Spears and William Shatner.
One has to remember that the vast majority of exploration to the "New World" was motivated by the lure of gold and other riches, the competition from hostile neighbours and the promise of military dominance in the region. Discovering riches on other planets would most certainly change our approach, and we'd have the glorious and uncautious golden age of exploration that you yearn for.
An oldtime Slashdot favourite : Cryptonomicon, Neal Stephenson.
Includes a supplemental algorithm called, Solitaire, developed by crpto-researcher Bruce Schneier.
Relate this back to the industry. You're either at the top-level or you're in the trenches. A good security admin will bridge the two as best he/she can. Security fundamentally affects (and is affected by) almost every facet of an organization. I've seen through personal experience a "silo-like" mentality to security policy execution. The secadmins were in their own private bubble that attempted to be dictatory and impervious to external influence. This is wrong, wrong, wrong!
Unfortunately, the needs of the job amount to being a little political. The decisions must be participatory, or at least giving the appearance of being participatory. That is what gives you buy-in from your users. You might say, "Why should I?" Well, if you're saying that, then you might want to find another job. Its a necessary evil if you care about keeping your org secure. If not, you might be the one complaining after the fact, "They never listened to me". Even if you're merely sitting there explaining why you are doing what you're doing - at least people are involved. You might even be giving them bad news, but at least you're telling them that you're giving them bad news before you change their lives. The real challenge here is finding the right people to involve. :-)
Good security as much depends on the "how" of security versus the "what" of security. If your methodology is technically correct, cheap, and does the job, but you've dumped it on the organization, then guess what. It ain't gonna fly!
The article, in its efforts to be concise, has not really justified its claims. Trying to sway the course of one of the largest governments in the world indeed sounds like a recipe for frustration, but does not necessarily map back to the industry in general. Those seem like radically different things. I remember Richard Clarke seeming positively perky during the days of his assumption of cyber-security czar role. Look at him now.
Look at the UI. Look at the applications. The basic look and feel hasn't changed significantly since 1995. Almost every new technology "innovation" has been either bought or copied (poorly) by Microsoft.
OSS' growth has been more viral, more grassroots, more innovative than the top-down "we know better than you" approach that Microsoft has successfully imposed on its users in the last 5 years. It is with this suppression of innovation that Microsoft has directly spawned and contributed to the open-source revolution!
On another note, after 10 years on Wintel, I switched to Macintosh recently. After 5 minutes inside of OSX, I experienced more innovation and creativity than I had on Windows for as long as I can recall.
Thank-you Microsoft for helping me switch to truly useable applications.
If Google started to charge 10.00$ U.S. per month for unlimited use of their service, would you pay?