Rough Sea Games

Greg Costikyan is an idealistic game designer and critic who has been trying¹ to foster innovation in computer games since 2000. Back in 1994 he wrote a famous² game design theory essay: I Have No Words & I Must Design, with which I mostly agree… but I’m going to take a bit of it out of context and pick on it anyway. Here’s the quote:

If the game has more than one ‘resource,’ decisions suddenly become more complex[...] If I declare against the Valois, Edward Plantagenet will grant me the Duchy of Gascony, but the Pope may excommunicate me, imperilling my immortal soul.

These are not just complex decisions; these are interesting ones. Interesting decisions make for interesting games.

The resources in question have to have a game role; if ‘your immortal soul’ has no meaning, neither does excommunication[...]. Ultimately, ‘managing resources’ means managing game elements in pursuit of your goal. A ‘resource’ that has no game role has nothing to contribute to success or failure, and is ultimately void.

Costikyan is 100% right that dilemmas are interesting, but are the only interesting dilemmas game-mechanical? Well, when it comes to the current state of computer games, yes. “Hard core” players separate the game’s mechanics (e.g. the way the chess pieces move) from its “colour” (the pieces’ shapes and names) very quickly, and ignore the latter. But does it have to be this way? I say no! There are other ways to play. In a game that engages the player’s emotions — in particular a role-playing game in its true sense, in which the player strongly identifies with the character she controls – “colour” can dominate game-mechanics in the subjective play experience. Emotionally loaded decisions are interesting even if they do not affect your progress towards a goal — in fact, especially if they don’t: if the cowboy in the white hat accepted the reward for killing the bandits, he’d be a mercenary, not a hero³. Moral decisions become especially interesting if being virtuous actually makes the game harder.

The emotional impact of decisions increases if the game world reacts to them. For example, the quartermaster in Deus Ex reacts disapprovingly if the player decides to massacre all enemies in the first mission, although that is a game mechanically acceptable victory. Such reactions require a light touch to avoid becoming puerile and a lot of cleverness to avoid being very expensive (since the game developers must determine what behaviours they want to measure, how to measure them, and how to make the world react to them), but even in rudimentary form they are hugely rewarding for some players.

¹ And so far, alas, failing. In 2000, he hoped cell phone games, being cheap to make, were going to become a fountain of creativity. In fact, because potential players just see lists of titles (rather than demos or even a box blurb), licensing tie-ins or massive marketing are even more essential than in the “classic” games industry.
² “Famous” in a tiny niche of game design snobs, anyway.
³ Mercenary attitudes can be emotionally involving too, of course, but if they have no hidden heart, they get dull fast.

Popularity: 59% [?]

Hello everybody,

Finally you are able to read Part 2 of “Secure your Webserver”. Part 2 will be about Linux, Webserver and the other important services.

As I mentioned in Part 1, I will not write about Windows, MacOS or  other operating systems, because the most common one for a webserver  is Unix / Linux. Part 2 will have a part A and B. Today I am going to write about distributions,  user managament, user rights, secure shell and their enormous importance for security.

Before you start, choose the right distribution of Linux for your aims.  There are a lot of Linux versions (distributions) on the market. Most of them are free or have a free community edition. The most common free distributions are CentOS, Debian, Fedora, Gentoo, OpenSuse, Mandriva and Ubuntu. Of course there are also commercial destributions like Red Hat Linux Enterprises (RHEL) or Suse Linux Enterprises.

In general all these distributions are fine for a webserver. Their differences are minor and more a personal choice than a real technical question. A NEWBIE should maybe use OpenSUSE, Ubuntu or Fedora, as the support of the community seems to be bigger for them. Commercial products are usually superior to free distributions in their support system. They grant better support via phone, etc.

After you have chosen the right distrubtion for your purpose and installed it on your server machine, it is time to think about security.

1. User-Management and Shell-Access. (Secure Shell Daemon)

Linux security is mostly based on user rights. User rights are essential to the security concept of Unix and Linux systems. Usually all distributions are very strict and separate services (daemons), users, administrators, essential services like a webserver, MTA & MDA (Mail Transfer Agent & Mail Delivery Agent) into different groups and users.

All these groups and users have different write and read accesses. Usually groups are created to give a bunch of users the same rights. Therefore groups can make your administrator’s life far easier.

The most important “user” is called root. Root is the highest ranked user on a system. The “root user” has full read and write access. In the Windows world it would be the “Administrator”. This is the reason why it is not smart to use the root user in your everyday work. The root user should only be used for system critical and important parts. In all other cases it is wise to use a “normal” user, which you have created.
It is also possible to run root commands via your user account. Important commands for this purpose are “sudo” and “su”. Sudo runs a command line with a special user. The command su makes it possible to log in as another user via your own user shell. Of course you need the right password of the user to perform these actions.

It is common for Linux to allow remote login via secure shell (SSH), especially if your webserver is not reachable for you in person, e.g. a dedicated server in a data centre of your webhost. All connections via SSH are encrypted. It is nearly impossible to decrypt the data via your client and your server (Maybe the NSA or the CIA are able to decrypt this – who knows?). You should take care to choose the ssh version 2 protocol. This is safer, as recently some weaknesses were discovered in protocoll version 1. A common SSH-client for Windows is “Putty”.

It is possible to permit or forbid login via SSH for specific users or user groups. Maybe it is not wise to allow direct root login via SSH. It is also possible to login via a certificate. You create an public and private key. Upload the public part to your server (usually: /homedir/.ssh/authorized) and log in without password. Of course it is wiser to secure your private key with a passphrase. In this case you need to type the phassphrase to decrypt the private key to log in.

Next part will be about firewalls, virusscanners and how to avoid spam problems.

Popularity: 26% [?]

You can read an online interview about my comic project MAYA, which I am working on in my spare time, by clicking on the following image (which shows the main character of the series)…
In the interview I also was asked about my work at Rough Sea Games… so what are you waiting for?… check it out!

Chris

Popularity: 34% [?]