Quoting: whizse

Quoting: LachuI remember about Alky: Exe file recompiler to native Linux binaries. Alky been illegal after court process.

This Alky [External Link]?

There's no word of of any court process or lawsuit in the (very candid) post-mortem and links to the source code.

Thanks, a quick search turned up nothing of note and I was wondering what Lachu was talking about. Usually when things ends up in court there is a bit more noise.

View this comment - View article - View full comments

Tell stories through conversations: Every real-language conversation is generated based on your human’s unique situation. You can even craft your own conversations in-game.

Big claims right there. I can only imagine it being based on either premade logic blocks or LLM, neither of which would produce enjoyable results in my opinion.

View this comment - View article - View full comments

Quoting: triphora

Quoting: hell0It's a shame 7 (ish, inferring from the blog post) people got fired as a result of this. Hope they've been given sufficient time to find a backup plan.

You can send a private message to me if you want more information on that. Let's just say it was substandard.

Quoting: hell0Also, does anyone know how the "get 1200k, return 800k" part works? Sounds like investors just wrote off 400k out of good will.

The remaining 400k is now a special form of non-voting equity in the company. It is effectively worthless unless the company decides to go public, in which case it will be converted into voting shares.

Thank you for the clarifications. The whole situation sounded a bit more murky than "let's not be rabid capitalists, rejoice!", and it indeed is.

View this comment - View article - View full comments

Quoting: Crasben

Quoting: hell0Also, does anyone know how the "get 1200k, return 800k" part works? Sounds like investors just wrote off 400k out of good will.

It says in the comment from the founder of Modrinth that they've returned $800k in remaining investor capital. So they already had returned the 400k before the return of 800k

I read remaining as "what's left after we used the money during a year", but you might be right and it would make more sense.

View this comment - View article - View full comments

It's a shame 7 (ish, inferring from the blog post) people got fired as a result of this. Hope they've been given sufficient time to find a backup plan.

Also, does anyone know how the "get 1200k, return 800k" part works? Sounds like investors just wrote off 400k out of good will.

View this comment - View article - View full comments

Quoting: damarrinIs creating a good server-side anticheat solution even possible?

Story time, I used to run some private servers for fun. In case you don't know, private servers are emulators/leaked binaries which let you run servers for games which you are not meant to, WoW for example.

In one of the games I hosted, there were dungeons you had to go through to get your gear. In typical game code fashion, the server checked pretty much nothing. As a result, there was a popular cheat for this game which let you fly or go through walls. Of course using this cheat you could complete dungeons within minutes getting unfair advantages or even crashing the economy.

Sadly the code for this server was not fully available, hardening the server directly was not an option. However the server would log players' positions every few seconds. So I wrote a small program which would stream the log and constantly calculate the speed at which players were moving and check whether the coordinates were within normal values. When a player was producing suspicious data, I would check what they were actually doing. Within a few weeks of adding this system and refining it, cheaters would get banned within a couple minutes by the moderators.

Of course my small server was not a massively popular FPS, but I was a teenager with no access to the server code nor extensive programming knowledge. I believe companies likes EA or Valve would be perfectly capable of producing really good server-side anti-cheats.

View this comment - View article - View full comments

Quoting: udekmp69

Quoting: KimyrielleMaybe one day the developers of shooters will figure out how to design cheat-resilience into the game itself, instead of trying to take control over their customers systems, which won't ever work.

I think they need to stop focusing on client-side and develop a decent server-side solution.

Now that's something "AI" (aka neural networks) could be useful for, rather than spitting out humongous piles of somewhat believable texts or images.

View this comment - View article - View full comments

Quoting: pleasereadthemanual

If we do this, we are basically accepting these issues are unfixable for the next ten years (SDL4).

[...]

Shipping a broken default is the wrong thing to do. Unfortunately, that protocol is unlikely to be finished before SDL3's release (3+ months away).

Two bad options. There's suggestions of flipping the default later on in the lifecycle of SDL3 once this protocol is implemented, and that seems like what's going to happen. I'm not sure what the downsides of this are.

I'm not interested enough to go and read the whole debate. But is there really a 10 year life cycle for SDL? Or something preventing them from releasing SLD4 a year from now?

View this comment - View article - View full comments

Quoting: scaineGod I hate Microsoft products so much. My entire professional life has been cursed to limit their awfulness.

Quoting: tuubiI'm not going to debate this any further, simply because this is too close to stuff I have to worry about at work. Windows is bleak enough to think about even when I'm being paid for it.

Quite ironic how you guys seem to work with Windows way more than I do and loath it. Meanwhile I've been working exclusively with Linux for the past 8 years-ish and have a lot of beef to pick with its permission management. I guess the grass is always greener on the other side. I'll admit my initial statement is probably exaggerated in retrospect and should be read more along the line of "Windows also has had permission management comparable to what's found on Linux for a long time".

We are confident THERE IS NO RCE vulnerability within EAC being exploited.

But are there RCE vulnerabilities not being exploited? The "being exploited" might be PR speech but it is also really convenient. :whistle:

View this comment - View article - View full comments

Quoting: tuubiHow are these Windows permission management features much better than their Linux equivalents? Are there relevant studies, or maybe some solid metrics you used to rank them yourself? Or did you base your claim on something else entirely?

POSIX ACLs use the group permission as mask, this means non-ACL-aware programs can completely screw up permissions by changing what they believe to be something different. It is also impossible to set a default ACL that allows traversing directories but not executing files. There is also very little support for ACLs, you're pretty much stuck with "setfacl". Meanwhile, on Windows, you get a complete and robust tool by right clicking any file/folder.

It gets worse if you try to manage permissions over a large group of devices. Windows has Active Directory, on Linux you can sort of achieve something similar by slapping together LDAP and a bunch of other softwares but it's nowhere near as complete or easy to setup.

One point on which Linux is more advanced though is containerisation/sandboxing. Going back to the original topic, running steam through some sort of sandbox (flatpak, snap, appimage, firejail) could, in theory, limit the damage a RCE could do (disclaimer: as with all thing security, it's more complicated than just "use this and it's safe" so do your own research).

View this comment - View article - View full comments