Jump to content

Developer Discussions: Alpha 17


Roland

Developer Discussions: Alpha 17  

1 member has voted

  1. 1. Developer Discussions: Alpha 17

    • Newly Updated
      1
    • Check out the newest reveals by Madmole
      0
    • Over 100 new perk books with set collecting and bonuses
      0


Recommended Posts

On paper money it's actually very common to have water marks and repetitive images / patterns (usually with tiny variations), as well as as a border that somewhat protects the relevant parts of the currency from wear and tear.

 

But I guess that's an old people thing. Today's kids don't know paper money any more. ;)

Link to post
Share on other sites
On paper money it's actually very common to have water marks and repetitive images / patterns (usually with tiny variations), as well as as a border that somewhat protects the relevant parts of the currency from wear and tear.

 

But I guess that's an old people thing. Today's kids don't know paper money any more. ;)

 

Until next regional power blackout

Link to post
Share on other sites
On paper money it's actually very common to have water marks and repetitive images / patterns (usually with tiny variations.), as well as as a border that somewhat protects the relevant parts of the currency from wear and tear.

 

It's also common for the denomination of notes to be in increments large enough to be useful to a majority of the population unless the country is in severe economic turmoil.

 

Oh look, my 64k map has downloaded...

 

 

 

Children+playing+with+stacks+of+hyperinflated+currency+during+the+Weimar+Republic,+1922+(1).jpg

 

 

 

Metaphors.... :-)

Link to post
Share on other sites
I think I took a left 2 metaphors ago.

 

You're lucky, my mind was ploughing on through to how certain types of blockchain-coin marketplace equate to a procedurally generated system with a universal algorithm passed as a tiny bit of data to the end user. This solves the old blockchain problem of having to download the entire economy before you can use it but requires a trusted source to keep track of changes :-)

Link to post
Share on other sites

I don't think there's currently a "good" way to have blocks emitting AOE buffs. Potential performance issue, too, if overused / spawned randomly.

 

I really hope there is one in the future. Also buffs should potentially apply on blocks. Yes, that's even more potential performance issues but so many cool ideas are possible with this.

 

Just look around. Some people would complain if the next iteration of RWG would print money. ;)

 

And they would be right: Counterfeit money is illegal. Printing money costs cpu power and RAM that is lost for map generation. Paper money is worthless, we want Dukes. :cocksure:

Link to post
Share on other sites
i really really hate it when webpages like github want to force me using special characters in my passwords.

I have a simple system i use for all my passwords.

 

As a example (with a diferent formula)

Github would be

 

7 for G

i overtaken from github

33 as a string i add allways on this place

hub again overtaken from the webpage

 

= 7i33hub

 

This way i can have different passwords for all my 50 Websites and other stuff i use passwords.

But NOOOOOOO a very smart ♥♥♥♥♥♥♥ of programmer means i am not allowed to do that.

 

So i set a password i am sure i forget in 2 months and i will never again be able to access my stuff

 

You have a fixed string in your password. Just add 2 special chars to that fixed string and it is compatible to all password regimes.

 

But as a word of warning. An attacker who wants to target you and has read this just needs one cracked passwort from one of the sites you frequent to crack all your webpage accounts now. Make sure your banking webpage is not among those 50.

Link to post
Share on other sites
You have a fixed string in your password. Just add 2 special chars to that fixed string and it is compatible to all password regimes.

 

But as a word of warning. An attacker who wants to target you and has read this just needs one cracked passwort from one of the sites you frequent to crack all your webpage accounts now. Make sure your banking webpage is not among those 50.

 

^^

if someone hacks my bank account he read

 

2009lmadzonkgoat.jpg

 

 

besides that my real formula is kind of self-encrypting.

Means even with a few Codes its nearly impossible to find out the formula (not impossible but far above appropriate)

 

but yes, good tip.

Specially for people who think now they overtake this system

Link to post
Share on other sites
^^

if someone hacks my bank account he read

 

2009lmadzonkgoat.jpg

 

 

They can't get at your money anyway without transaction numbers, but your account can be used in other ways. Depends on the motive of the attacker but the potential to get you into trouble is there.

 

besides that my real formula is kind of self-encrypting.

Means even with a few Codes its nearly impossible to find out the formula (not impossible but far above appropriate)

 

That's the fallacy, If they know enough rules about your password, they can easily brute force the unknown bits. For example they don't need to know that 'G' is 7 or 8 or 3, they just will try out all 10 numbers.

 

but yes, good tip.

Specially for people who think now they overtake this system

 

:fat: Nothing I said isn't known to the script kiddies who do this on a regular basis.

Link to post
Share on other sites

Dont want to go too much in the details.

But as a example

 

Steam = rijbz

 

Amazon = u15f1t1

 

Not very obvious, or ?

 

First the word backwards and then adding the digit sum to each Letter.

My real system is much easyer to calculate in the head but even a 4 Digit number result in a few million possibilities.

Link to post
Share on other sites
Just look around. Some people would complain if the next iteration of RWG would print money. ;)

 

Ofcourse they will, because you print them in American Dollar, but maybe they need Australian or Canadian dollars. There is always a reason to complain.

Link to post
Share on other sites
<snipped for space>

 

Length will help you more than complexity. Both long and complex is the preferred goal.

 

Anything less than a dozen characters and you're wasting everyone's time except the brute-force hackers.

 

https://en.wikipedia.org/wiki/Brute-force_attack

 

I use a public/private system. I have a simple public password for stuff I don't really care about but my sensitive stuff is behind a strong password.

 

This appeared today...

 

https://it.slashdot.org/story/19/02/15/0459230/8-character-windows-ntlm-passwords-can-be-cracked-in-under-25-hours

 

 

password_strength.png

 

 

 

^^The example in the xkcd comic is vulnerable to a dictionary attack.

Link to post
Share on other sites

Hmm that 8 Letters are no longer safe is indeed new for me (even if using a hardware rig that utilizes eight Nvidia GTX 2080Ti GPUs) says not sooo much, i know no Website that responds in such a rate. (Means as long as you have the data you want to encrypt not local available i guess 8 Letters are still safe enough for the casual)

 

But good info, means i lengten my passwords when i have some free time

Link to post
Share on other sites
Well, I'm an old fuddy-duddy who doesn't give a ♥♥♥♥ about the latest AAA games, so I have not one single game in my Steam library that is much over 10 Gb. And I like it that way.

 

But even if you accept 100 Gb games - remember that a) a significant number of players won't even give a ♥♥♥♥, so that's disk space wasted on nothing, and b) this is really only useful until RWG is not totally ♥♥♥♥ed (and TFP said RWG is high priority so I'm hoping that's a narrow window of time).

 

Plus, for most of the U.S. it takes about the same amount of time to download a 2.5G map as it does to generate it. (Thanks, Ajit Pai.)

 

That's why I think providing a seed is better - near-zero disk space/download times, and in the same time it would take to download a map, it's generated. No fuss, no muss.

 

Obviously there are more concerns from TFP, basically they'd be curating any included maps, so if they aren't at least up to Navesgane standards then tons of folks would bitch.

 

Well now your lying, i know hundreds of people in the states and not a single one has said their internet plans have degraded because of recent internet regulation changes. And im from canada and we have worse internet thats much more expensive, and 10gigs is nothing. I'm more worried about google and the UN cencoring the internet myself. To get back on track, you literally didnt address any of what i said, basically stated “oh its useless used up space” well i disagree. If they can get on the spot generated RWG maps made that are large in scale, then fine awesome, but if it ends up being limited to 4k or not much bigger then id rather have a set of pre generated large maps installed on the game. The extra space would literally affect no one besides “fuddy-duddy” people like yourself.

Link to post
Share on other sites
<snipped for space>

 

One solution, if we're intent on using splatmaps, is to have the server do all the heavy lifting of terrain generation and only pass the relevant tile data to the client upon request.

 

The client has no need to keep a copy of the map which is good from a cheater perspective because they can't just look at the splatmap data and find all of the good spots and also good from a generation perspective because the client doesn't have to generate or retrieve the map data.

 

That's still quite a bit of data to pass at runtime but it's certainly not going to measured in gigabytes.

Link to post
Share on other sites
Horde 14 Day random

...

First night

 

your settings were you sat it to happen at frequency of 1 day (which can and did happen on day 1) and the range set for 14 means there can be a 1-14 day variance.

 

so your settings were not saying day 14 horde on day 1.

 

the first time it was placed in game i tested that and damn it...

 

i got horde on first day as well only i started with a 7 day variance. so on day 1 i was only at gs3 and that was only 2 or so zombies for the wave.

 

we just didnt offer the right sacrifices to the RNG GODS. :)

Link to post
Share on other sites
Horde 14 Day random

...

First night

 

your settings were you sat it to happen at frequency of 1 day (which can and did happen on day 1) and the range set for 14 means there can be a 1-14 day variance.

 

so your settings were not saying day 14 horde on day 1.

 

the first time it was placed in game i tested that and damn it...

 

i got horde on first day as well only i started with a 7 day variance. so on day 1 i was only at gs3 and that was only 2 or so zombies for the wave.

 

we just didnt offer the right sacrifices to the RNG GODS. :)

 

Ah... He got it backwards. An easy mistake to make. :)

 

Thanks smerf!

 

But maybe Royal Deluxe really hates himself??? 00

 

;)

Link to post
Share on other sites
They can't get at your money anyway without transaction numbers, but your account can be used in other ways. Depends on the motive of the attacker but the potential to get you into trouble is there.

 

That's the fallacy, If they know enough rules about your password, they can easily brute force the unknown bits. For example they don't need to know that 'G' is 7 or 8 or 3, they just will try out all 10 numbers.

 

:fat: Nothing I said isn't known to the script kiddies who do this on a regular basis.

 

The Royal Gronkanoth Deluxe Meg / et al: If I may... (and, maybe this will explain the name mash-up...)

 

I believe both of you are on the right track. Humans are not prone to randomness. And security should not overly hinder the purpose for which the security is required.

 

Having an algorithm for passwords IS a good idea. Especially if it's for the person(s) to remember and utilize, but not prone to 'familiarization' or patterns. (This is true for short AND long passwords, just might be applicable to words more than characters in the case of long passwords.)

 

And length is becoming paramount. While utilizing extra characters (and differences) is better for security - it might not be better for humans. (NIST last Oct showed it's actually worse - because more people resort to writing them down.) But allowing for longer passwords not only increases security exponentially - it allows more types of 'friendly' algorithms for human use.

 

https://crambler.com/password-security-why-secure-passwords-need-length-over-complexity/

 

And, Gronk, while longer passwords of 'words' does increase the risk - the amount is infinitesimal. (See link above) Dictionary attacks work well on short passwords because the number of characters limits the number of words that need to be checked. Since 1,2, and quite a few 3 letter words are excluded from most dictionaries, only 4-8 letter words need be examined. And, at most only 2 words. (btw - we are intentionally leaving out multiple languages...)

 

If you increase the number of allowable characters, you have increased the number of words using more characters, more combinations of words, AND the possibility of humans now using those 1,2, and 3 letter words! Also, logons do not work like they do in the movies. A dictionary attack has to supply the entire password ALL AT ONCE. Not word by word. AND, almost all login processes now have timeout associated with incorrect attempts. Even with massive bot-net networks - long passwords will take a REALLY long time to crack.

 

But, the BEST thing anyone can do - is make sure that they don't use passwords repeatedly. Bad guys (mostly large criminal enterprises and nation states these days) and 'good guys' now have access to HUGE databases that have collated all information from 70+ major breaches in the past two decades.

 

Meaning they use AI to examine all records from one breach and compare it to another. If there is any kind of similar information in them (name, address, phone number, online name, security questions and answer, etc.) - they link them. AND, then ALL of that is used when a new company's data is exfiltrated!

 

That is why it's not even a good idea to even use the same security questions from different sites. AND, keep in mind, security question answers do not even have to be related to the question! (Think about it...)

 

Stay tuned next month when we cover rainbow tables, encryption (and cypher suites), and steganography. (Steganography is actually kind of cool/fun... Unless you're like Roland (or me), and REALLY, REALLY like math; then maybe rainbow tables and cypher suites would be a lot of fun.)

 

QB

Link to post
Share on other sites
One solution, if we're intent on using splatmaps, is to have the server do all the heavy lifting of terrain generation and only pass the relevant tile data to the client upon request.

 

The client has no need to keep a copy of the map which is good from a cheater perspective because they can't just look at the splatmap data and find all of the good spots and also good from a generation perspective because the client doesn't have to generate or retrieve the map data.

 

That's still quite a bit of data to pass at runtime but it's certainly not going to measured in gigabytes.

That could work, how long though would it take for the server to be booted up? Then again i guess thats not as big of an issue over people trying to join the server, once its up its up.

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Guest
This topic is now closed to further replies.
×
×
  • Create New...