Dominion Strategy Forum

Please login or register.

Login with username, password and session length
Pages: 1 2 3 [4]  All

Author Topic: FunSockets Livestream  (Read 26672 times)

0 Members and 1 Guest are viewing this topic.

blueblimp

  • Margrave
  • *****
  • Offline Offline
  • Posts: 2834
  • Respect: +1530
    • View Profile
Re: FunSockets Livestream
« Reply #75 on: August 24, 2012, 09:05:51 pm »
0

The included deck builder does not seem to allow sharing though (unless you're actually playing in the game).
Logged

Elysium

  • Steward
  • ***
  • Offline Offline
  • Posts: 26
  • Respect: +25
    • View Profile
Re: FunSockets Livestream
« Reply #76 on: August 25, 2012, 12:29:59 am »
+2

I mean, people on dominiondeck.com save the created sets of 10, I'm pretty sure this site's blog has used it for annotated games/the custom-made sets for the DominionStrategy tournament...

I know that in the beta there is a button to generate a random set before you play, but that's not what I was talking about, and it sounded more like Elysium was saying that the deck builder in general was a bad idea, not that it was poorly implemented.

Dominiondeck, not having any way to actually play the game, serves some function for people who are playing the game IRL.  Maybe they just use it as a much more convenient alternative to the randomizer cards, or maybe they just like to browse the cards/think about potential sets for their game session later that night when they are at work.  Also, it allows people to share and talk about certain combos and decks, in their forums or on here or whatever.  Even considering that, there are only 1600 saved decks for 477 users, which is a little over 3 saved decks per user (not very many), and most of those were probably only saved to show to someone else (or the forum) one time, not so they could remember it and come back to playing it for the 10th time.

When you are playing Goko, you can play a random set, but to get any specific card (other than hitting random until it appears) you HAVE to create a deck in the deck builder.  You have to go into the deck builder, build your deck, give it a name, save it, then load a game and load your deck.  The vast majority of people will never play their saved deck again, and will probably have to delete it later at some point.  You don't need the deck builder as a randomizer because the game will do that anyway, and you don't need it to share sets with your friends because you can't do that.  The game does not need a "deck builder."  You don't really need to save decks for later.  What you need is an easy and quick way to start games with whatever cards you want, and a way to randomize with controls for sets/attacks/villages/etc.
« Last Edit: August 25, 2012, 12:31:44 am by Elysium »
Logged

Beyond Awesome

  • Global Moderator
  • *****
  • Offline Offline
  • Posts: 2941
  • Shuffle iT Username: Beyond Awesome
  • Respect: +2454
    • View Profile
Re: FunSockets Livestream
« Reply #77 on: August 25, 2012, 01:48:29 am »
0

I mean, people on dominiondeck.com save the created sets of 10, I'm pretty sure this site's blog has used it for annotated games/the custom-made sets for the DominionStrategy tournament...

I know that in the beta there is a button to generate a random set before you play, but that's not what I was talking about, and it sounded more like Elysium was saying that the deck builder in general was a bad idea, not that it was poorly implemented.

Dominiondeck, not having any way to actually play the game, serves some function for people who are playing the game IRL.  Maybe they just use it as a much more convenient alternative to the randomizer cards, or maybe they just like to browse the cards/think about potential sets for their game session later that night when they are at work.  Also, it allows people to share and talk about certain combos and decks, in their forums or on here or whatever.  Even considering that, there are only 1600 saved decks for 477 users, which is a little over 3 saved decks per user (not very many), and most of those were probably only saved to show to someone else (or the forum) one time, not so they could remember it and come back to playing it for the 10th time.

When you are playing Goko, you can play a random set, but to get any specific card (other than hitting random until it appears) you HAVE to create a deck in the deck builder.  You have to go into the deck builder, build your deck, give it a name, save it, then load a game and load your deck.  The vast majority of people will never play their saved deck again, and will probably have to delete it later at some point.  You don't need the deck builder as a randomizer because the game will do that anyway, and you don't need it to share sets with your friends because you can't do that.  The game does not need a "deck builder."  You don't really need to save decks for later.  What you need is an easy and quick way to start games with whatever cards you want, and a way to randomize with controls for sets/attacks/villages/etc.

I agree with everything you said.
Logged

Polk5440

  • Torturer
  • *****
  • Offline Offline
  • Posts: 1708
  • Respect: +1787
    • View Profile
Re: FunSockets Livestream
« Reply #78 on: August 25, 2012, 09:14:12 am »
+1

I understand the need for some answers to be vague, but the answer to the security question (the only question I really cared about) was the final nail in the coffin for me. First of all, it was a falsehood. From everything else I've heard the security problems were still present in production during the failed launch. Trisha telling us they weren't was a bit insulting and hard to watch. Furthermore, even if what she said had been true, and the issues were only in the beta, that didn't make our computers/passwords any less vulnerable.

If they're going to earn my trust back, they're going to have to be explicit about exactly what security measures and policies are being put in place and who they're hiring to audit their systems. Just claiming that their policies will be "over and above the industry standards" is NEVER going to be enough. They've already lost my trust.

As of now, I plan to tell my family and friends to stay away from Goko. It's not a safe platform.

Is it possible that you are misinterpreting what she said? To me it seems like what she was trying to convey is that any password/account data that you may have had on the beta platform weren't transferred directly to the launch platform. So there wasn't a big leak of beta passwords to the general public. I don't think she or the company is denying that there were security issues in the launch -- they did pull the thing, so they know there's problems!

How could they possibly have convinced you with a verbal few sentence answer, anyway? All they can say is they care about security and to trust them. Believing the platform is secure relies on trust and an established record. Goko will simply have to build that from scratch and can't do it by answering your question.
Logged

philosophyguy

  • Minion
  • *****
  • Offline Offline
  • Posts: 575
  • Respect: +298
    • View Profile
Re: FunSockets Livestream
« Reply #79 on: August 25, 2012, 10:08:51 am »
+2

Goko will simply have to build that from scratch and can't do it by answering your question.

I agree with the first part and disagree with the second. At this point, all we've heard is that they're going to fix it and they care about security. Their actions and the fact that mistakes of this caliber made it through to a beta machine (let alone a production server) provide a good reason to think that security has not, in fact, been a huge priority thus far. I don't personally have the skill to audit code, and I highly doubt Goko is planning on opening their code for us to inspect anyway. So, the best way I see for them to regain that trust is to answer LastFootnote's questions. They need to tell us what procedures they have in place, concretely, to inspect and verify their code, since we can't trust their programmers to do it on their own. If they have an external auditor—and at this point they should—they should tell us that too. Basically, we need to know how their development process incorporates security.

Here's the kicker, for me. Having a process to ensure security is something that any non-fly-by-night programming operation does, already. We're just asking Goko to follow security practices that are commonly accepted. The only difference is that, because Goko hasn't followed those practices thus far, we are asking for the details of how they implement those practices. I think that's a pretty easy bar to clear, and if that's a contentious point for Goko, then I am running as fast as I can.
Logged

suncoursing

  • Pawn
  • **
  • Offline Offline
  • Posts: 1
  • Respect: +4
    • View Profile
Re: FunSockets Livestream
« Reply #80 on: August 27, 2012, 04:30:59 am »
+4

As of now, I plan to tell my family and friends to stay away from Goko. It's not a safe platform.
How could they possibly have convinced you with a verbal few sentence answer, anyway? All they can say is they care about security and to trust them. Believing the platform is secure relies on trust and an established record. Goko will simply have to build that from scratch and can't do it by answering your question.

That's simple. They could have said we're hiring a reputable security company (e.g., iSEC, Matasano, etc.) to do a security audit. Instead, it appears that they expect people to trust them while blatantly lying about whether or the XSS bug was fixed in the public version.

They've shown that they employ programmers who leak security bugs that might be acceptable, in a middle school programming project, but certainly not in a high school programming project, let alone something from a professional company. I have a hard time seeing how they can organically build trust after that. The good news, for them, is that most people don't care about security, so the issue will go away if they just keep lying. Like acquiring licenses to 150 popular games, it's a good strategy, even if I don't like the implementation.
Logged
Pages: 1 2 3 [4]  All
 

Page created in 0.067 seconds with 21 queries.