Hi everyone,
There's some really good feedback in here for us so, first of all, thanks for everyone chipping in regardless of whether the feedback is "no way" or "maybe" or "hey, it's getting better!" From our perspective it looks like the discussion you guys are having has been pretty fair.
A couple of specific points, because I didn't see any specific responses to these:
- Memory Leak -- we use a lot of 2d canvases in HTML5 and version 23 of Chrome had a memory leak bug (Google acknowledged this) where they weren't cleaning these up properly. We were not the only company effected, nor even the company yelling the loudest. Google fixed this issue in Chrome 24 beta, which is why we were recommending it. As of a few days ago Chrome 24 is now out of beta and is the standard release, so that 's good. In a future release we're also modifying the way we handle canvases to use less memory in any event.
- Firefox 17 slowness -- same deal here. Mozilla released Firefox 17 and we saw performance take a big hit (again, not only us). Firefox 18 is now released and it's really fast, so we're happy to be past Firefox 17.
- Card bugs -- we fix these as fast as we hear about them. We test fairly extensively with Donald X., then with the AI's, then on beta.goko.com, then we release. Sorry for not catching them all first time around but we're definitely trying to!
- Expansions -- Hinterlands: Faraway Lands is out to the people that pre-purchased. I expect we'll release in general in a day or two. We're testing Alchemy right now (but we still have a little work to do on Possession).
- Reconnect -- Also in a few days we'll be releasing a reconnect feature so that if someone loses their connection, it will reconnect seamlessly (note: this isn't re-join.... just reconnect). Obviously, there are *lots* of edge cases around this and some of them won't be covered but the majority cases will. As with any new feature like this there will be some hiccups but we'll be working to get those smoothed out asap.
- UI -- well, we even have disagreements internally about different pieces but overall the response has been positive. I get where the detractors are coming from but this tends to be a subjective topic. The UI of the game won't change much until the mobile version... the tablet version will be relatively the same.
On a larger topic -- Security. There were two major items we saw at launch back in August that we addressed shortly thereafter. In addition there were also a few of the "the client knows something it shouldn't about the other player's cards" that we addressed as well. These were definitely "Oh, s***" moments for us, we pulled back into closed beta, and we deservedly fell on our swords several times for not spotting these before launch. If you know of any security issues that weren't addressed since we opened up again, we would absolutely want to hear about them so email us directly at
help@goko.com. As for "what's different than before" in this regard, the responsible parties were let go about a week after launch and we refocused our efforts after that.
As many of you know, to enable us to let players play cross-platform we needed to build our own platform (think Apple's GameCenter). In addition, we have built several games (including Dominion) and we built some developer modules to make creating a game easier (like the meeting room and a few other common items). The platform is the thing that handles transactions like buying stuff, who owns what cards, logging in, achievements, ratings, leaderboards, etc. The security issues that we saw on launch day in August were generally in the developer modules (which send information from the client to our servers) as opposed to our platform (which lives on our servers). The developer modules were created by a 3rd party under our direct supervision, so ultimately our responsibility no doubt and we've addressed this.
One item the platform did have an issue with on launch day was some lower level networking stuff that didn't show up in the type of load tests we were doing leading up to launch. That caused the unavailability on launch day and we addressed that and developed other types of load tests since then. Not to say we won't get overloaded again at some point but we're trying to ramp up in a manageable way.
To answer one person directly, the platform was definitely built from the ground up with security in mind, including security penetration tests by 3rd parties, and so far so good but email us directly if you have any questions or doubts about this and I'll answer the best I can. I also think I saw one person post about IE9 complaining about insecure content. We force IE9 over into HTTPS mode and if any links we include are not in HTTPS mode (like "
http://www.goko.com/go-get-a-file") then IE9 complains that the overall page is not secure because that one link being included is not in HTTPS mode. To be honest, I personally have made that mistake a few times when patching something but generally it's just IE9 just trying to make sure everything matches.
As for payments, we don't see or save any credit card or paypal info... never have, never will. That all happens via 3rd party payment providers and we're not in the path at all (as is the case with most internet sites). Again, we've had security penetration testing on the interactions we do have with that 3rd party but we don't see any of that personal/credit card info.
For personal info, we do save the email addresses you give us when you register using an email address... and we use those both for login (obviously) and to send you information about the games, like I did the other day when telling people who had pre-bought Hinterlands: Faraway Lands that it was available to them early.
Ok, that was longer than I intended it to be but I hope I addressed most of the questions out there.
August was a very difficult time for us and there wasn't a lot of sleep to be found but the last few months are starting to see things come around, as people have pointed out. As we launch on Facebook and then iOS/Android we'll probably have some more long nights but we're very committed to deliver on the original vision and give everyone a great online game.
Thanks,
John Q.