
Manyland - antoinec
http://www.manyland.com
======
j_philipp
This is an infinite browser-based mmo universe where everything can be drawn
and placed into the world, wiki-style... give us a shout if you need anything!
You can also script blocks to have interaction or influence the environment
(for instance, here's an adventure:
[http://manyland.com/newpolis](http://manyland.com/newpolis) ).

~~~
linguafranca
This is so slow it's unusuable.

I've gotten to [http://manyland.com/info-speed-
issues](http://manyland.com/info-speed-issues) every single time.

And yes:

\- I'm using Google Chrome

\- This is my only tab/window open

\- The window is about 25% of the screen size on a 15" rMBP

\- I've disabled all extension windows

\- I have no anti-virus software (plz don't hack me every1)

~~~
j_philipp
Sorry for this! Could you please try running it in a smaller window and see if
that helps? If not, could you pls try using Firefox for a quick comparison? If
that also doesn't work, please email us at we@manyland.com so we can look at
it together.

------
beeker87
Saw this posted over on PH and checked it out, extremely impressive game and
I'm sure there's a ton of dev time on this. Good job and props to the
creators.

I wanted to notify you guys though of some security flaws within the game.

Probably the biggest issue I see is the lack of server side checks against
changes coming from the client. I only tested this out on the player object as
a PoC, but it only takes changing a variable within the player object to
modify things like player speed, mountable craft speed, etc.

For instance, while you obfuscated the name of the player object within the
ig.game object, it was easily found by checking for modifications to the
health variable, where another function listed it as ig.game.O1376. This name
for this player object is also static for every game instance, so it's easily
referred to every time.

Once the player object was found, it's easy to modify the variables and the
world (server side) accepts it. It was also easy, for the most part, to
identify what certain variables did as they were in plain text. To change
player jump height for example, all it would take is this piece of JavaScript:

window.ig.game.O1376.altJumpReducedGravityFactor = 0.1;

Now the player can super jump and the server is fine with it (verified by
numerous 'holy sh __! ' and 'wtf!?' comments from other players).

The second thing I see is just obfuscating the code more.

I would suggest first and foremost to do the server side checks. Even if you
left all your code in plain text, any modification someone tried to make from
the client would be seen, verified, and handled accordingly by the server.
Second I would try obfuscating all variable names that you can, especially the
class definitions like EntityPlayer. To go further on it, I would have it
produce the obfuscated names randomly on each load of the game script so
they're not easily referred to.

Just wanted to bring the issue up to you guys after finding it.

~~~
j_philipp
Thanks for these details! We added a client-side scripting option to
specifically increase your jumps, so if you want you can create an Interacting
for that. We also added flying mountables, triple jump wearables, parachutes,
insta-teleporting, a 100% invincibility armor, and everything one might want
to do. When you have a need, we try if possible to make it a feature, by
integrating it in the Interacting language. At rank 2, try creating an
Interacting block to see some of the things you can do. (If people find
someone doing something which somehow ruins things for them, they may flag
report a person though.)

Now as far as tweaking things which are harmful to others go, we try to base
it on friendship -- so e.g. if you pick up a weapon you can only harm people
who friended you (if your friends disagree with being killed, they can
unfriend, and unfriended people aren't affected by one's bullets) -- but if
you find anything that harms others even when not friended, please give us
some time to fix it and disclose it privately to: we@manyland.com (we do have
server-side checks for such things, so if something is not working there, we'd
really appreciate the tip) We aren't perfect and private disclosure is very
much appreciated.

Thanks again! Please let us know via email please if you find anything!

~~~
andygmb
Looks like you trust the client on their window.ig.game.O722.rank, which
allows people to remove blocks at the center and trap people. Check area 2, I
think.

~~~
j_philipp
You are right, sorry for that and thanks for the reminder. We just recently
changed that conceptually and haven't fully synced it -- for the first year,
everyone at any rank was able to edit anywhere in area 1 - 4, even in center.
We'll look at it soon, was quite a big wave tonight!

------
api
I love it! Lovelovelove!

I thought "what a nice wind sound effect" until I realized it was the CPU fan
in my laptop. Heh. But that's not really a big deal, at least for now, and I'm
sure you can optimize.

Experiments like this show us that graphics and VFX are overrated. It's true
for games, and it's true for movies too. Primer is still one of the best sci-
fi flicks I've seen in the last ten years, and they used what looked like
surplus air conditioning equipment as props. Sometimes too much FX actually
gets in the way of your imagination. When I visit a virtual world, I kind of
_want_ it to be unlike the physical.

I tried a Rift the other day too, and that has its appeal as well. But it's a
different appeal.

Noticed it was a tad laggy and then tracerouted and found that it's in London
and I'm in Southern California. I suppose that's understandable. I guess if
things take off you'd be able to geo-locate a bit via other cloud services.

~~~
j_philipp
> I thought "what a nice wind sound effect" until I realized it was the CPU
> fan in my laptop.

hehe... can I say we totally planned for that...

(sorry though! if you were around green mountain, that's actually our busiest
area. Hope you stick around with us, and let us know how the upranking to 5
goes, it should be smooth over the coming days, and then you can do everything
in the world.)

------
joshdotsmith
I became a cat. And I mounted a nyan cat.
[http://cl.ly/image/2G2X2P3j0C3M](http://cl.ly/image/2G2X2P3j0C3M)

My life is now complete.

------
mapleoin
Am I the only person who has no idea what's going on here? I'm just walking
around picking up stuff and sometimes changing into something else. What else
is there to do in this world? Besides building more stuff to wear or throw
around that is...

------
minikomi
Spent a long time wandering alone and eventually got to a very strange place..
[http://i.imgur.com/eNI8Cp2.png](http://i.imgur.com/eNI8Cp2.png)

~~~
skizm
Room of requirement.

------
fulafel
An skynet-free registration option would be nice.

~~~
Sosh101
[Other dev] I agree! We just recently added login free, but will look again at
the login options based on user feedback like this.

~~~
TazeTSchnitzel
I like Mozilla's Persona. I used it for my (now defunct) 2D chatroom.

~~~
swartkrans
Persona is also defunct:

[https://news.ycombinator.com/item?id=7364465](https://news.ycombinator.com/item?id=7364465)

[http://identity.mozilla.com/post/78873831485/transitioning-p...](http://identity.mozilla.com/post/78873831485/transitioning-
persona-to-community-ownership)

------
Folcon
This is fantastic, though I seem to be falling to my death fairly regularly,
loading to interlude screen and then clicking to get back. Are there going to
be consequences for dying? If not why have the interlude?

Also the falling to death kicks in much faster than I would have expected.

Other than those two, once more a great game. Reminds me of Wyvern
([http://en.wikipedia.org/wiki/Wyvern_(video_game)](http://en.wikipedia.org/wiki/Wyvern_\(video_game\)))
in some ways.

------
calgoo
Im getting script error as i block google-analytics in my firewall. Is it
really needed to play the game?

~~~
Sosh101
Oops! Likely related to some event logging experiments that we did. Thanks,
we'll fix that. Should definitely not be needed to play the game!

------
_random_
Reminds me of [https://bombermine.com](https://bombermine.com).

But for a not a fan of Minecraft like me kinda lacks a purpose.

Impressive demo scene though - making things like that with just some scripts
and a browser.

------
huhtenberg
Looks interesting, but it's laggy as hell. Running latest Firefox on a beefy
hardware. Got booted off twice already with "you have performance issues" and
a suggestion to switch to Chrome (haha). Just FYI.

~~~
j_philipp
Sorry for that! Can you please try this area and see if it's better?
[http://manyland.com/7](http://manyland.com/7) There's also some arrow signs
leading you to further portals

~~~
tripzilch
This one is much, much smoother.

 _Edit:_ but I still got kicked off after going through a portal where
everything was much slower. Maybe this laptop just isn't powerful enough
though.

------
cpeterso
Very cool. This reminds me of Lucasfilm's Habitat, the world's first (?)
graphical MMO, from the mid 1980s:

[http://en.m.wikipedia.org/wiki/Habitat_(video_game)](http://en.m.wikipedia.org/wiki/Habitat_\(video_game\))

which incidentally is being restored by booting the original servers found in
a collector's basement:

[http://www.gamasutra.com/view/feature/227045/rebooting_the_w...](http://www.gamasutra.com/view/feature/227045/rebooting_the_worlds_first_.php)

~~~
j_philipp
Absolutely! I loved Compuserve's Worlds Away back in the 1990s, it's rooted in
Habitat, and it was a big inspiration for Manyland. I've never seen Habitat
except in trailers, and it looks absolutely amazing... like much else of what
Lucasfilm did.

------
daddykotex
Damn that's nice, what is behind it?? It's quite impressive.

~~~
j_philipp
Great! It's html5/ canvas/ JavaScript/ ImpactJS/ websockets, on server nodejs
and mongodb.

~~~
daddykotex
Really good job guys. How many hours have you spent on this?

Is this an open-source project?

~~~
j_philipp
Thanks! We worked on this for 2 years by now.

One thing we pondered might be cool for the future is some kind of iframe-
sandboxed JavaScript to add object functionality, but already you can add to
the functionality using behavior scripts called Interactings.
[http://manyland.com/info-interacting](http://manyland.com/info-interacting)
This is the way you can currently extend the logic, and we're setting most of
our Interactings for tutorial purposes and such to 'clonable', meaning you can
collect the object and adjust and copy its graphic & code. Take a look at some
of the videos on the Interacting help page to get an idea, and please contact
us if you have any questions or suggestions!

------
Kiro
Very cool. How is input sent to the server? Is it one packet when you press
the button down and one packet when you release or constinuously sending
packets while you hold the button down?

~~~
Igglyboo
They're using WebSockets.

------
Gracana
I haven't figured out how to use it yet, but the 2D editor I saw in a video
that showed up when I sat on a bench was really cool. Efficient editing of the
world around you is a really neat feature to have. I think the Starbound devs
have an external tool to do that sort of thing, but having it internal is even
better.

~~~
NaNaN
You can find the FAQ on the bottom left corner (a button).
[http://manyland.com/info](http://manyland.com/info)

------
hardmath123
Shiny! It's like a mature Club Penguin.

------
sireat
Very cool, but the big test will be how this game handles the inevitable
4chan/something awful/reddit effect with masses and masses of genitalia on
screen.

I've seen similar collaborative sites ruined by the above.

This might not break the game but in large enough doses turn off large groups
of users.

------
plumeria
I get lost and cannot find back people! That's what I don't like about this
game.

~~~
j_philipp
Can you please try click this link, it puts you back at green mountain center:
[http://manyland.com/3](http://manyland.com/3)

------
paul9290
love the jump right in and play and along the way watch a youtube demo vid
while playing.

Great on-boarding!

------
qwook
Pretty cool, reminds me of games like Furcadia and Graal.

In Furcadia, you're allowed to create and upload your own world with your own
scripts, as well as upload your own images and avatars for use in the world.

Graal has player worlds and allows almost the same thing.

------
ninsen
Reminds me of Jet Set Willy in both style and the fact that it's also
incompletable;

[http://en.wikipedia.org/wiki/Jet_Set_Willy#Bugs](http://en.wikipedia.org/wiki/Jet_Set_Willy#Bugs)

------
tommoor
Surprised no-one has mentioned Glitch or GNE yet - love this kind of thing.

~~~
j_philipp
[co dev here] Interesting you mention this. When we saw Glitch closing, while
we never had a chance to try it, we did see the amazing community spirit of
the Glitchens. For our earliest launch, we invited Glitchens to give Manyland
a try, and they built the very first blocks!

------
nanoscopic
Seems awesome from what I am seeing so far from just poking around.

Could you add a way to import assets easily so that they can be developed
using other tools or imported?

~~~
Sosh101
Thank you! Early on, we decided not to include an asset import tool - there
were a number of factors, but mainly we wanted to nurture the in-game
creativity, and keep a level playing field. We will keep an open mind
regarding future direction though!

------
jzig
I have an X on my little hand thing by my name, along with a red question
mark. I'm unable to chat or interact with anything in the environment.

~~~
j_philipp
(Sorry for that, can you please contact us at we@manyland.com)

------
JJJollyjim
I'm confused as to why there would be a Kindle Fire app, but no Android app.
Aren't apps for the two platforms nearly identical?

~~~
j_philipp
We have the Android version ready, but we are waiting for one final feature:
the ability to target Android 4.4.3+ specifically (as it's the first with
Canvas hardware acceleration built in the web view, which we need).

Kindle Fire HDX on the other hand, we released through their 'html app'
option, meaning we can actually point to manyland.com and don't need to
provide a compiled project. Pretty neat from Amazon!

------
Chirael
Doesn't seem to work well from a phone or tablet, at least not that I could
figure out after a couple minutes trying

------
tolmasky
Impressive performance on mobile (safari).

~~~
shurcooL
Yeah, I was very impressed that it just worked and worked really well on my
iPad mini.

------
hellbanTHIS
Ah I'm stuck in an infinite death loop in the dodgeball room

Edit: it somehow fixed itself and gave me a skateboard

------
cbd1984
I wonder how many Hiro Protagonists will be running around after this really
begins to catch on.

------
yamaneko
Really cool!

Just a small suggestion: could the sound of forbidden actions be replaced by
something smoother?

~~~
Sosh101
[Other dev] Thank you! and suggestion noted (you are not the first mention
this ;)

------
kghose
This is awesome!

But I got on a horse, flew to the edge and now I'm falling for ever.

~~~
j_philipp
Oops. Can you please click this link? It points to green mountain center:
[http://manyland.com/3](http://manyland.com/3) (once you log in you can also
make snapshots to later teleport to, or teleport with the map)

------
tempodox
Seems to be a pure spam & noise generator. Where do I vote down?

~~~
chadzawistowski
HN is not built to allow downvoting of threads; only posts. If there is a
problem with the article it can be flagged for review by the moderators. In
this case I think your best bet is to simply not upvote it.

------
Jean-Philipe
If I had time to play, I would definitely hang out here!

------
linguafranca
Is this unusably laggy for anyone else? Or just me?

------
odc
Why is Firefox still to slow to play this?

~~~
Sosh101
[Other dev] You can use firefox, but chrome seems to run the game a bit
faster. Some of the busy areas have a massive amount of stuff in them, so you
might want to try some that are a bit more lightweight (e.g. try
manyland.com/5). We are working on improving client performance, so this will
get better over time!

~~~
Yoric
[Firefox dev] If you need help tuning, don't forget that we are available over
IRC (irc.mozilla.org, #firefox, for instance).

~~~
Sosh101
Yeah that would be great, thanks Yoric. (We love Firefox by the way!)

------
nakodari
Imagine having a hall where everyone can meet to pitch their startups in front
of thousands of other players.

------
endel
Awesome project. Loved it.

------
felixrabe
Minecraft 2.0? :)

~~~
Animats
More like Minecraft 0.5. It looks like a 2D sidescroller from the 1980s.

~~~
nawb
so perhaps Habbo

~~~
Animats
It does look a lot like Habbo. I've never actually played Habbo, but I know
about it because I track phishing scams. Phishing scams for "Habbo coins" were
popular a few years ago. (The good old days, when attacks came from kids in
their parents basement, not major intelligence services.)

------
fiatjaf
My computer cannot handle this.

~~~
j_philipp
Mind emailing us so we can look into this? we@manyland.com Please let us know
a bit about your system and browser, and the area you were in. Thanks!

~~~
fiatjaf
Oh, thank you, but don't mind that, my computer has very low memory, but it
actually ran pretty well after I commented that after a first impression.

------
yoodenvranx
Is there a reason why we often have shitty nondescriptive titles like this? I
almost always have to click on every link on the frontpage because it is
impossible to predict if I might be interested in the article/webpage behind
the title or not :(

~~~
petercooper
Back in "the day" the rules said you couldn't go crazy with editorializing the
title, but could improve it so it made sense. That rule disappeared from the
guidelines about a year ago(?) and HN seemed to go to a strict "title must be
verbatim" approach for a bit.

Now it seems the approach is that mods/people who run HN are the ones who
usually improve titles, which I think is a good idea (Techmeme does this),
although it's often not for some time after they hit front page too, sadly.
Maybe they can give a more official explanation of the policy though.

~~~
judk
We need hnify.com, a service to let a user give a title and brief summary for
a website, and autocreate a web page with that title/info, for submission to
HN.

