Admin consoles: the soft underbelly of billion dollar software operations since...
Seriously, though: you almost certainly have one if you run a software business. Client side SSH certificates are your friend. If you're not able to do that, because it is really annoying, separate it from the main app and lock it down as much as possible. (Separate authentication from the main site/app's authentication scheme. Lock down access, ideally at the network level. Strongly consider two-factor auth.)
There are a few scenarios in which client-side certificates just aren't good enough by themselves.
So you have folks administering the servers. A certain percentage of them need root access. One of them gets his certificate revoked and then laid off -- in that order -- but he already installed a back door account. Okay, so you're a good admin and you check the logs and make everyone use "sudo" for everything.
* But maybe it won't even show up in the logs. Maybe he was editing a file in sudo with vi and ran ":! bash". Okay, so you're a good admin and disabled that.
* Maybe he was editing crontab one day and added a one-shot script to create a nefarious account. Okay, you are a good admin and you have tripwires.
* Maybe he knows where your tripwires are. Do you honestly think you know every possible attack vector someone with legitimate sudo access could use?
It's really hard to stop an inside job. The principle of least privilege is a nice maxim, but there's a cost to figuring out exactly what the least privilege is, and there's a cost to giving someone too little privilege -- downtime when they can't fix something they're supposed to fix.
One defense strategy that mitigates some of these threats is requiring all "back-door" access from the public internet to go through a few minimally-configured, easily audited bastion hosts. (As in, packets from outside to port 22 on machines other than the bastion hosts just get black-holed.) After which, of course, an audit is part of the process of locking people out, along with cancelling credentials on the bastion hosts specifically.
This doesn't cure everything, of course. There are a lot of places in many server environments where a determined miscreant can hide time bombs. (Oracle DBMS_JOBs anyone?) But it can be a useful component of defense in depth...
Agree strongly, and recommend this architecture to clients. If you can, get all this stuff behind a VPN too, so that the address of the bastion host is nonroutable.
I once wrote a tool to automatically connect to all the company boxes. I became actually frightened by it, because in the wrong hands the tool could destroy the company in a matter of minutes. I eventually just deleted it and discouraged anyone from building another.
How does this differ from tools like puppet or mcollective, which are commonly deployed in operational environments today, and almost necessary for day-to-day operations?
1) All sudo commands show up in the logs. You can put the logs on another server, possibly a server where only the head of IT has sudo privileges, possibly one that automatically replicates to other sites. Seeing a "sudo su", "sudo bash", or "sudo -s" in the logs could get you reprimanded, and if there's a security breach it could make you a suspect.
2) You can disable sudo -s, sudo su, and sudo bash. Maybe the people with root access only need to run a few commands and edit a few files as root, so you whitelist those. But as I mentioned, if they need to edit crontab you've probably given away the keys to the kingdom right there.
There are more attack vectors you can enable without knowing about it and you've got a business to run, so you make a cost/benefit analysis -- it's always a trade-off between efficiency and security.
Yes, I wasn't very clear when I said the following...
> Okay, so you're a good admin and disabled that.
What I mean is that you disable "sudo vi" access, and allow "sudoedit" access. Suddenly you only have write access to certain files. But which files? These people need to administer the server, but at the same time you want to prevent them from creating a backdoor, or at least you want to know about it if they do.
/etc/crontab is just an obvious example. Maybe you can get suborn a filter somewhere that runs as root, or poison the environment variables of a legitimate script.
It's just speculation that someone used GM powers to do this. Most likely they tracked down a boss mass wipe ability (i.e. kills all players within 30 yards) that was incorrectly flagged as useable by players. You can then write an AddOn that uses CastSpellByID() to give you that ability.
The GM interface requires a special build of the WoW client, a specially flagged account, and a two factor auth token to login. It's pretty hard to emulate the client as opcodes are randomly shuffled based on the hash of the binary itself.
Blizzard does use client side SSH certificates according to a dev at BlizCon 2 I think. If I had to hazard a guess, I'd guess that someone laid off in [1] took some of the family jewels with them which enabled [2] and ultimately this as well.
Take a look at Authy for a reasonably easy way to add two-factor auth to your normal SSH login. It's intended for website authentication, but there is a Github project for adding it to sshd.
Good advice, but I think you're underestimating the sort of attackers going after WoW. It's not going to be some drive-by script kiddies looking for an easy target... it's people specifically targeting this game. I'd be more worried about spearphishing and social engineering.
FWIW, we used client certificates for the Beijing Olympics ticketing system. I have to admit they were a giant pain in the ass, but I still have to image they saved us more pain than they created.
I think that there's something kind of fascinating and romantic about the idea that an entire world and the ongoing social affairs of thousands of people can fit on a single server blade in the middle of nowhere.
That's what makes EVE so much more interesting to me. There's only one server. The monthly fee can be earned in-game. The economy is tied to actual dollars because it's so reliable. There have been plenty of universe-spanning conflicts that impact the entire game with genuine political drama, and the dev team steps back to let it unfold with minimal intervention.
Can someone explain what EVE is? And explain it like I don't know anything about it (and I don't). Wikipedia, etc. don't cut it and I still don't understand what EVE is and why people like it.
Let's slingshot you into the future, where empires span hundreds of solar systems, spaceships abound everywhere, cloning technology is available to an elite class called capsuleers, and human beings still act human.
You're a capsuleer. A capsuleer is someone who can pilot certain specially designed ships. As someone who has ascended into virtual godhood by the benefit of effective immortality, you have entered a new plane of power dynamics. And because you're a gamer, the galaxy is an oyster to exploit for your amusement.
The simplest play is to fly around and shoot things. There are pirates, other players, other factions. They all shoot back, probably. Some of them do it better than others. Eventually, you run out of ammo, or your ship is destroyed, or you want something bigger and badder. That gets you to start thinking about how you shoot things and how to do it efficiently and effectively. That gets you thinking about which ship to fly, which guns to put on it, and so on... and how to get all those things cheaply, or at least for a smaller cost than it takes to make money with it.
The ships, the guns, the ammo: these all come from somewhere. Other players make it. They do it by stripping asteroid belts of resources, holding territory where they can conduct R&D, and build every bullet you expend, every ship you pilot. Some of those resources are more elusive: they come from gas clouds which are hard to detect, or components found in uncharted systems. There are ways to get there and exploit those resources, too.
And naturally, with so many moving pieces, so many different agents, you get hierarchical organizations, larger infrastructure, traders conducting arbitrage and moving freight, bigger and badder ships and bigger and badder groups to hold vaster tracts of territory. And with that comes opportunities to scam and con others, opportunities to be a leader or a spy, and so on.
And all of that is supported by the game. You're constantly going to have to deal with the social repercussions of whichever path you take: a lone pilot won't have support infrastructure from their corporation; an alliance leader has to maintain the interest of his members; time spent shooting things is time not spent mining asteroids; and so on.
What sounds cool? What do you want to do? Can you stomach what it'll take to be in that role? Can you understand mechanics and people well enough to make it happen? Then you can probably do it. That's EVE.
It sounds really cool, but I've done some reading and it sounds like the most amazing moments of emergent gameplay (like the hostile takeover of a monster in-game corporation a few years back) are brief and rare, and the rest of the time I'm told it winds up feeling like a second job.
I played for about two and a half years fighting in the big war leading up to that event. I'd say it was about 10% having really exciting and fun things happen, 60% plotting how to have future fun things with other people, and 30% feeling like a second job.
Thing is that the 60% is actually pretty fun too if you find people you like to hang around with and if you like thinking about how to optimize stuff and achieve goals. So all-in-all I enjoyed it a lot. But I don't recommend it unless you figure out who those people will be before you start.
I think obsession with EVE is yet another example of the kind of Stockholm Syndrome like devotion intentionally tedious MMOs engender in players (I speak as a recovering victim, although not of EVE which is unbelievably tedious and boring even by the pretty vaunted standards set by earlier MMOs).
As an EVE player I don't usually make a habit of defending it so sorry if this comes across as "fanboyish". I'm in one of the largest alliances in the game and general consensus is that it can be "a terrible game", but there is so many things that are wrong or is just misunderstood in that post that it would take me all day to go through them individually.
Setting aside all the inaccuracies and misunderstandings of basic game mechanics in it (which is in part due to the steep learning curve of the game I admit, so it's somewhat understandable) EVE Online at it's core is ultimately a geek social hierarchy with a thin veil of "science fiction video game" masked over it.
Nowhere in the post did it mention ever interacting with other players, let alone leaving the safety of high security space to join one of the established social powerhouses in player controlled space. This is where the real "game" takes place and which is why the retention rate of new players is so extremely low, they don't get to see it.
If you are wondering why people keep playing this game, it isn't because they are stuck in some kind of "WoW-like" grind trance and just want to see a progress bar inch forward. It's ultimately the chance to ruin another social groups day and proclaim that your social group or culture "is better then theirs". You can visibly view a generated map of player controlled space[1] and say "we own this, we took it from you". The large super capital ships used in these battles are also worth upwards of $1,000 USD. A battle not long ago[2] resulted in the destruction of somewhere around 13 to 15 thousand dollars worth of capital ships.
Ultimately, EVE Online is a social experiment first, a war simulator for privileged first world geeks second, and a science fiction video game somewhere down at the bottom of the list.
I am sure there are good things about EVE that keep players engaged, but the initial experience with the "game" is so terrible as to boggle the mind. It isn't sold as a "social experiment". (Its qualities as a "war simulator" I won't go into -- it's a simulator of its own assumptions, which aren't terribly interesting.)
As an aside:
Way back in the early 80s, I was acquainted with a fellow who ran a worldwide play-by-mail game called "Cluster II", and a number of my friends were players. There had been an earlier game whose title I leave as an exercise to the reader. The game was run using Australian Tax Office mainframes in downtime. It was conceptually kind of a gigantic interstellar conquest run using Traveller's "High Guard" combat rules, and it allowed players to operate as corporations, spies, or straight out interstellar empires.
Disclaimer: I haven't played Eve in about 5 years.
The learning curve at the start of Eve is pretty steep and just keeps getting steeper as it goes along. The first time you get your brand new cruiser that you mined rocks for 5 hours to afford destroyed by a pirate you might want to cry (Stuff that is destroyed in the game generally stays destroyed).
I'm not sure about "social experiment" but I do remember thinking Eve looked a lot like what I imagine an anarcho-capitalist society would look like. There is literally a price tag on anything.
I do think that Eve is something best played with others, even towards the beginning, if you want to survive it is best to hang around with a few "mentor" types who can help you get through the jump gates to low sec where all the interesting stuff is (the gates are usually camped by some alliance or other who tend to be trigger happy).
I quit playing the game because the time investment was not worth what I felt I was getting out of it but I don't think it's really fair to write it off as just another MMO.
And as long as there are new generations that want to spend their free time with such an experiment, history will repeat itself. Not to mention experiencing it in a new medium (heh, play-by-mail) and taking it to another scale. Hell, our alliance has it's own custom authentication application that strings together dozens of various applications that serve our coalition. We have a small team of system admins that run our services. A single jabber broadcast for a fleet reaches thousands of members instantly, followed by a flurry on logins to the game server.
As far as the "initial experience" being terrible, I completely agree with you on that one. CCP have put a lot of effort into improving the new player experience but it's still extremely lacking and I honestly don't think this will ever change.
I also admit choosing "war simulator" may not of been the best phrase. You're right, it's a simulator of something, but when you are in a science fiction setting where spaceship pilots are immortal, it's never going to represent any war we are familiar with. You're wrong about it not being interesting though, if it wasn't interesting, thousands of us wouldn't log in at one time to take part in a battle over a bunch of pixels.
In regard to your comment about it not being sold as a "social experiment", you'd be surprised. CCP went in that direction with their marketing material for a few years:
I appreciate the insights. I'm hardly immune to the alleged charms of EVE (I'm an old school tabletop/board wargamer and game designer), I just think the price (in terms of poor gameplay) outweighs those charms.
It didn't have 20k players, but beyond a certain point "scale" doesn't change much (most of the kinds of phenomena referred to in EVE occurred in Cluster II -- I know of no cases of real world crimes being perpetrated for in-game advantage though).
Who said anything about email? This was play by mail. Each turn comprised getting a combination state-of-your-holdings/order-form on computer fanfold, filling in and tearing off the order section, and sending it back. Some aspects needed to be handle out-of-band (e.g. if you designed new warships I believe they were verified legal manually -- one of my friends was given free play in exchange for verifying ship designs -- and then entered into the system).
I had a similar experience with WoW, except that mine was pre-launch. After following it for some time, it was announced that cities could not be captured and I realized it was just not going to be a deep enough game to be worth paying attention to anymore.
I did finally run a trial of it earlier this year, after I had tired of Rift and SWTOR, and it was about as vapid as I expected; I got to level 20 and stopped.
How did you find it in relation to Rift and SW:TOR? I tried the free version of Rift and found it cool but not worth a monthly fee. I got a few WoW characters up past level 50 a long time ago, but the only other MMO style game I've played since then would probably be Hellgate: London.
Unremarkable. Of the three, I'd rate SWTOR the highest because (1) crew skills are an interesting mechanic and (2) the sheer overwhelming quantity of effort they put into the story was palpable and very impressive for an MMO. I'd like to see a new MMO borrow the crew skill concept and take it to the next level; it was under-exploited in SWTOR. The story made it enjoyable as a single-player experience, but it was otherwise meh. (I didn't finish any storyline, though I did make progress on all 8. My consular nearly finished, but I quit.)
With Rift, the invasion mechanics feel like something I'd enjoy, but that's probably it. I find myself feeling a bit lost about the mix-n-match class structure, but that is more a lack of research on my part than Trion's fault. The invasion mechanic is probably just like EVE's incursion mechanic. Neither was novel to me, though I had never seen it done in formal phases before. (I have experienced masses of suddenly-spawned enemies in GM-directed waves.)
And in WoW... all I experienced was the 1-20 grind of quest lines and vague storyish backdrop. I didn't have a build worth remarking on or any hint of the endgame, so I'm sure my experience is easily dismissed by people who believe you need to be level 80 before you're fit to judge the game. /shrug
I've never tried Hellgate. I did try out The Secret World for a little, but horror as a genre bores me (existential terror doesn't really do anything for me), and I found it hard to figure out what to do in a lot of cases. I didn't put a lot of effort in it.
I actually made it a point not to focus on the brief and rare aspects. Exceptional events that make headlines are, by their nature, exceptional and often glossing over a lot of the necessary and boring foundation that makes it possible.
My chief advice for playing is to find a good group of people with whom to try to achieve something specific and ambitious. You're probably not going to make any headlines, but you're a lot more likely to have fun despite the grind.
EVE is a MMORPG, where people fly around a galaxy (this one: http://go-dl1.eve-files.com/media/corp/Verite/influence.png ), in spaceships. Unlike WoW, there are no player classes (warrior, shaman, mage, etc), there are just different spaceships you can fly. You can't jump into any spaceship you want right off the bat though, you have to spend skill points in order to have the skill "Pilot spaceships of type X". Also, some are horrifically expensive, and can take up to two weeks of real-world time to construct. If your spaceship dies, you have to buy a new one. A rule of thumb is never fly what you can't afford to lose.
Unlike WoW, there are no raids and bosss. There are NPC spaceships that you can kill for loot, but that sort of thing is small potatoes--there's no equivalent to a 40 man raid grouping up for a boss fight to get good loot. EVE has no stated goal, there's no endgame, except for what you make of it. Also, the mechanics of EVE let player created alliances control territory, in the form of star systems. Right now, I understand that Reddit and SomethingAwful are the two giants in the galaxy (Test Alliance Please Ignore, and Goonswarm Federation in the map I linked above). There's also a bit of the galaxy set aside for NPC space, where people are somewhat safe from other players, which is the bit in the middle of the map I linked.
Another interesting aspect of EVE is the economy, which is quite a bit more in-depth than other MMOs. Since I don't play EVE myself, I can't say much about it, but I do know that people can become fairly wealthy in-game, just by playing the market, even to the point of paying for their subscription. I'll just say that EVE is noted for it's economy, and leave it at that.
But the most notable thing about EVE is the politics. Because everyone is in the same game world (again, unlike WoW, where there are hundreds of identical Azeroths on different servers), the stage is set for conflicts on a huge scale. Also, the developers are notoriously hands-off. A spy infiltrated your alliance and stole your entire treasury? It's happened before, and it will happen again.
If you have the time, I think you should consider reading a little bit of this: http://www.teamliquid.net/forum/viewmessage.php?topic_id=881..., which is a snapshot of an interesting event in EVE, that I put together from various sources a few years back.
I just read through that entire EVE post and WOW was it long. It was a really good read, even if somewhat repetitive, and just wanted to say thanks for linking to it!
EVE Online's a space massively multiplayer online game. Unlike World of Warcraft, instead of there being multiple servers for a given areas (hence not everyone sees the same people in that area), EVE allocates one server per area, or something like that, meaning there is only one EVE online world. EVE's considered very interesting because there's a quite sophisticated virtual economy and a larger emphasis on trade.
I don't play the game though, so I might be wrong :)
If you don't know what a MMO is then you need to back up and ask that question first.
Eve is an single "shard" MMO with a starship piloting theme. Similar in ways to Elite http://en.wikipedia.org/wiki/Elite_(video_game) The economy (and related such as production, resource ownership, politics, warfare) are, to an extent not found in most MMOS, player driven. That is what sets Eve apart.
People are a varied lot and thus like it for varied reasons. There are several ways to enjoy game.
EVE is a spreadsheets with a chat. Why people like it? Because everything else is so much simpler and dull (except elves in armored bikinis of course). It's like comparing Lego Mindstorms to a Barby game set. The latter is way more popular though :) , just like WoW and Lineage vs EVE.
I don't think he means in terms of implementation detail like "how many machines are running the world": the idea is that there is only a single shard (to use UO terminology; I believe WoW calls these "realms"), which means that everyone is playing together in a single massive alternate universe.
I agree, that is probably what he meant, but it was factually incorrect.
Even so, in eve there are only small aspects that span servers simultaneously (the market place, and maybe other things too--I haven't played in a year or so).
The unique thing about eve is being able to jump between "realms" or servers or "shards." That gives the illusion of playing together in a much larger world.
I've never played WoW, so I don't know if you can jump between shards or realms, or if they are treated more like parallel dimensions.
It wasn't factually incorrect, you just didn't understand him because you're not using the video-game-specific meaning of the word "server."
As you suggested, it refers to multiple "parallel dimensions" between which the playerbase is split to avoid overpopulation; that's how almost all other MMOs work. Whether each of those runs on a single physical computer is irrelevant to anyone except the host.
Depends on the definition of jumping. Besides paid character transfer (which is a "true" jump from realm to realm) a lot of activities in WoW take place in "instances" and players from different realms may participate in the same instance (PVP matches, dungeons, raids). A few weeks ago crossrealm zones were introduced, so normal questing areas can now span several realms too.
It's kind of a hybrid between EVE's approach and classic UO's "shards as isolated universes" system.
WoW is not that sophisticated. Or perhaps a better way of thinking of it is that Blizzard wants to provide a highly predictable customer experience. The world has no real state so it's simply like being locked into parallel _identical_ dimensions.
Also a lot of EVE is actually played outside the game... think about traders and crafters and their excel spreadsheets or websites put together for trade networks.
And of course the spies! Their activities went so far as cutting an important fleet commanders electricity so his thousand-of-real-world-dollars titan could be shot down.
Um, my money is on this option: "(1) the human species is very likely to go extinct before reaching a “posthuman” stage"
I am going to wrote allmy papers like this, "Either some ridiculously unlikely scenario will never be reached, or some other unfalsifiable scenario is true."
"Server" refers to player load balancing, not hardware. Generally speaking, a group of solar systems is run on a single physical box. (If you search through their dev blogs, they explain it a little in the ones where they're improving performance.)
After reading the review I was afraid that it was going to be primarily about in-game action - but was relieved when I read it that the online game was mostly a backdrop and only a few scenes actually occur there. I absolutely recommend this book to anyone who has played a MMORPG for more than a few hours and enjoyed the concept of it - even if you were never addicted. It is not a masterpiece like Cryptonomicon or Anathem but a very enjoyable read.
this isn't the first time Blizzard have messed up like this: they originally set the "Game Master" access level by a bit transmitted client side, and the same socket bit twiddling could be used to get into their private alpha servers...
It's a historical event that affected millions and spawned research in at least 4 distinct fields. The wiki article cites several scholarly journals on top of BBC, Wired, Reuters, NPR and The Times. How much more notable could you want?
It was a short-lived bug in a video game. There were research proposals that never went anywhere because it was concluded that the model would be a poor match for the real world.
Plenty of things happen every single day that affect millions and are covered in multiple world news sources. They don't have their own pages, so clearly that's not the standard.
We were discussing whether this event met Wikipedia's notability requirements. Those requirements are that the topic be 'worthy of notice' -- that it's been mentioned by more than one verifiable, third-party source. Clearly that requirement has been met and this event is notable. The fame, importance or popularity of the subject are not considerations for Wikipedia's notability requirement.
Should you wish to discuss the event and the research it spawned, I'm sure you can find a discussion group for that. I'm not your research assistant, and I doubt the sincerity of your interest, given you dismissed these papers' existence outright mere hours ago.
The papers I have found were all proposals or investigations of the possibility of further research.
You seemed to be saying there was actual research based on the incident, and I wondered if you had found something different. I assume you did not.
Also, to directly quote the wikipedia page on Notability: "Notability is the property of being worthy of notice, having fame, or being considered to be of a high degree of interest, significance, or distinction."
Cutting the sentence off in the middle doesn't help your case.
"Determining notability does not necessarily depend on things like fame, importance, or popularity—although those may enhance the acceptability of a subject that meets the guidelines explained below".
I also note the page has been marked for merging, so I'm hardly alone in my opinion.
Two mentions in any medium make a topic notable for Wikipedia purposes. This event's article cites 19. The "notability police" wouldn't go near it. Why do you think I'm "making a case", or would need to? This discussion effectively ended hours ago, it's only continuing to muck up the real discussion on this story because you feel compelled to argue with me for some reason. If you feel the need to continue, tweet me or something, this pointless back-and-forth doesn't belong on HN.
I'll make one final point and then let it go. If you want the last word, it's all yours.
Two mentions in any medium is definitely not the standard for notability on wikipedia. Read the very page you linked for confirmation of that, there's quite a bit more about the standard there.
It's interesting to comprehend the amount of lives a hack like this will positively affect.
How many will pick up a book, or go for a walk, now that they no longer have their go-to fix of virtual reality. How many WOW addicts will have time to think "never again" and follow through.
Equivalent to all the cigarettes in the world vanishing for a few hours? Possibly. And equally as effective I say.
Chuckle. How many of those will go out and rob a liquor store? How many will perform an act of vandalism? How many will kill themselves because they are cut off from the only friends they've ever known?
While I can emphasize a bit (I used to play WoW, but "grew away from it" and now spend a large portion of my time in search and rescue and musical performance), I have to say that this is a very judgmental POV to take. You're seriously going to compare playing WoW to smoking? Even in the worst case, at least playing WoW is a step up from watching some inane TV show with no interaction. It's not like anybody suffers from second-hand MMORPG.
And you can always play moral superior: instead of reading a book, why don't they start their own company? Instead of going for a walk, why don't they run a marathon? Hell, I could see how someone could look down on the activities I choose ("why rescue idiots who got themselves into trouble? Let natural selection sort it out!" or "why perform music that's already been performed thousands of times before by better performers?"), but FFS, sometimes "wasting time" is some of the best time well spent.
"It's not like anybody suffers from second-hand MMORPG."
this is flat out wrong. Kids suffer when their parents can't bother to change them because they are in the middle of a raid and this boss hasn't been killed yet. Spouses suffer when the amount of time they can spend with their WoW playing spouse dwindles to zero. Parent's suffer when their kids grades head to zero.
So any behavior that can warp your life to that extent is a relatively poor choice with respect to any other behavior that does not.
> It's not like anybody suffers from second-hand MMORPG.
Addicts always say they're making a personal choice that doesn't affect anyone else, whether it's WoW or booze or blow. And they're always wrong.
The last AA meeting I went to, someone spoke for the first time and told a story about a typical night at the bar. Drinking, watching the game and minding his own business. Just like every night. Except this time, 8 beers deep, his daughter walked from home to the bar and tugged on his sleeve - there was nobody at home but her and she was scared.
Bet you'd never heard of "second-hand drinking" either.
Bet you'd never heard of "second-hand drinking" either.
Until someone gets a case of cirrhosis of the liver from someone else's drinking, there is no such thing as "second-hand drinking", just as there is no such thing as "second-hand carpal tunnel syndrome" from someone else playing too much WoW. I'll be the last to say that addiction doesn't affect others, and yes, I will agree that people can spend too much time playing video games (or getting drunk). But much like the alcoholic telling someone else they should never drink because it's "Evil", I won't take my advice from someone who obviously thinks that WoW is inherently evil.
I don't think WoW is inherently evil - were you referring to your parent poster, or me? I just think nearly everyone in this addiction subthread is woefully underinformed about the realities of addiction.
I prefer to run, and I sustain an average of 8 minutes per mile in 5ks so I'm not an unfit slob. I don't run marathons though, I just run and swim for fun and exercise's sake.
I do all of this because it's fabulous stress relief, it's a great time-filler when I don't have the space/time to work (e.g. cooking/restaurants, boarding flights, random 5 minutes at places, right before bed), and WoW in particular enables me to spend time with friends no matter where they're located. I can do this in the first place because I don't do things many people do such as watching TV.
It's funny how people are incredibly judgmental about WoW but they find it incredibly impressive I read a lot of books and sustain reasonable times in runs. I find more rational reasons to play WoW (reasonably, that is, and not by ignoring people to do so) than to read. They're both hobbies. Take anything to an extreme and it's bad. But WoW overall is not as bad as the one off horror story you'll read about about parents ignoring their kids to raid.
They are not all blogging. Very few do. Millions of WoW players are lazy slobs, who are tweeting their friends "bummer man" and maybe, just maybe, going out for a movie or a walk or something actually, concretely social for a change.
If someone watches football as obsessively as folks play WoW then I'd agree. But if your child falls over and needs attention you can get up and deal with it without "letting down your group/team/guild". I know of multiple cases of child neglect by players... indeed, my wife and I gave up WoW cold turkey when we realized one of our twins had a fever and we hadn't noticed for several hours because we were so engrossed in the game. Haven't played seriously since.
That is true of most team based activities. I think the difference with online games is kind of like working from home. Other people living with you may expect you to be present whereas really what you are doing is similar to being on a sports team. No one expects you to be present to do other things while out on the sporting field in the middle of a match.
Granted the time invested is likely a little different.
It comes not from arrogance but from an apparent difference in how you perceive addictive video games: harmless entertainment, or harmful addictive substances? I'm not going to put my chips down here, but the point is the original poster sees WoW on par with cigarettes and I think even many smokers themselves would wish they didn't get "enjoyment" out of smoking, but are trapped in an addiction.
I'm 24. I've been addicted to cigarettes, alcohol, cocaine, and WoW.
It's the same fucking thing. They use the same mechanics to tickle your dopamine receptors so you'll come back instead of looking out in the outside world for that same feeling of reward - family, friends, relationships all get fucked up because you spend your time seeking reward from {cigs, booze, drugs, WoW}.
You just wrote off everything I said except the word "dopamine." Given your outright advocacy ("anti-gamer") throughout this thread, it seems you aren't interested in a real discussion.
And you like to cherry pick what you deem relevant to the discussion and demonize a harmless diversion that millions of people dally in daily with no repercussions to the rest of their life.
Look, I'm sorry you've had a bad time and got addicted to WoW. That doesn't make it an inherently addictive thing. Some people can play it in their spare time without issue; others can't. Not everybody is the same.
I think there are (intentionally) qualities to the game that can be addicting to some people, but that's common of a lot of video games and not unique to WoW - though they do seem to have the formula down to a T. It comes down to the person playing, though.
Me, I can play a video game for 20 minutes and stop and go on to something else and not care. My husband used to play WoW for hours and hours at a time at the expense of work and family, to the point that it was having a negative impact on his health, his relationship with our child, and putting a huge strain on our marriage.
But I think WoW was just feeding the problem, not causing it. I think it was a reaction to a deeper depression and WoW was just something to get sucked into and escape reality.
He stopped playing WoW, switched jobs, and is going back to school, has friends over on a regular basis for some real interaction and is happier than he's been in a long time.
Now he sits down some nights and games for an hour or two after the kid's in bed and that's that, unless we have something else planned, and then he doesn't. The tendency to get sucked in for hours at the expense of all else has disappeared.
I think, in the wrong circumstances, that escape that WoW offers can be addicting, dangerous and damaging, but I think it's less often the game that's the actual root cause of the problem.
I think, in the wrong circumstances, that escape that WoW offers can be addicting, dangerous and damaging
Like anything, which is why it's not helpful in this context to cast the net so wide as to include cigarettes and all the other stuff that the above poster tried to shovel into his point.
Some people can go to Vegas once every couple of years and forget about gambling when they fly home, too. Does this make gambling any less "inherently" addictive for those who are susceptible to it? Most people don't get addicted to pain killers, but some do. Addictive substances by their very nature are a game of probabilities dependent upon the person involved, their temperament, and the availability of what they're addicted to. (Some things obviously more addictive to more people than others.)
In 10 years time certain types of video games that leverage addictive elements to hook users will be widely understood to be just as addictive as your average slot machine. They will have comparable awareness groups, treatment programs, etc as those seen for gambling or prescription drug abuse.
"Virtual reality?" This isn't 1993. Your plainly-spoken anti-gamer bias is insulting and ignorant. Cigarettes, no exercise, no "real" reading...and I'm not even a MMORPG or habitual gamer.
I'm not sure what they're doing but I bet none of them are posting disparaging comments about other people's hobbies. How people choose to entertain themselves in their free time is up to them (to the extent it doesn't cause harm to others). So let them enjoy their video game and you can enjoy whatever is you do when you're not knocking the hobbies of people you don't even know.
I just finished Carl Jung's The Undiscovered Self whilst comparing and contrasting his thoughts on spirituality to Nietzsche's scathing criticism of christianity's moral code leading to a slave mentality. Oh, and I hit level 60 on my Monk on Wow.
If I remember right, there was a post on HN here a while ago about how there's a dot pattern embedded in all WoW screenshots, so they can identify who the user is even if they remove the character name from the screen.
If they have the account information on this, I have to wonder if they could actually sue someone (instead of just banning them) for using this hack?
Those screenshots are probably the victims', anyway. While Blizzard probably does have enough logging to track this down on their end, it's fairly easy to get a trial account with bogus account information, so it would be back to grabbing their IP addresses and pleading with some ISP to reveal their real identity.
As it turns out there are a couple of guys publishing videos youtube of their, POV as the attacker/killer, so if the dot-pattern thing isn't a hoax then those guys are screwed...
but from what I read it sounds like it's a bunch of guys who are annoyed that the hack exists and so they're abusing it until Blizzard fixes it.
Interesting, if that is in fact related to this incident it suggests that they got a copy of the Game Master(GM) private key, they are activating GM only 'features' of the game. In this case the 'kill all' aura, another feature is to imbue your weapons/armor with arbitrary stats. Saw a character doing that in 2008 or so.
Just to clarify, death in WoW is something that happens all the time. It's very unlikely that it causes anyone more than a minute worth of inconvenience in this case, and certainly less than it would to take the servers down to apply a backup.
I am... very impressed. This is some pretty bad news for the current king of MMOs. I wonder if someone finally stole a GM's account or if this is a live hack. I'm more inclined to believe someone just made off with an account but hey crazier hacks have happened.
It looks like there were some videos posted from the point of view of the hackers. Doesn't Blizzard put watermarks in each of the clients? They can track it to the licenses which people bought, and probably to the people themselves, no?
The watermarks was only added, if you used the builtin screenshot-feature of WoW, and only if you didn't had it on quality-level 10 (max). So it won't work with videos and I guess that the hackers haven't used the builtin screenshot-feature, if they have released pictures.
Don't really need backups for that, death is not permanent. No one's going to lose anything but time and patience.
Edit to add: Players who get killed by this aren't going to lose anything, which is what the link was talking about, but I guess its letting people who are in on it exploit content too - some of them may be rolled back, banned, or otherwise dealt with other than just the thing getting fixed, whatever it is.
Seriously, though: you almost certainly have one if you run a software business. Client side SSH certificates are your friend. If you're not able to do that, because it is really annoying, separate it from the main app and lock it down as much as possible. (Separate authentication from the main site/app's authentication scheme. Lock down access, ideally at the network level. Strongly consider two-factor auth.)