Tears of Guthix – 180 tears

After doing tears of Guthix today I got 180 tears. With tears being 60xp per tear that equates to 10,800xp! Not bad eh? Because of the highness of this score being a new personal record, I – of course – thought I’d grab a couple of screenshots and show them on here….

180-tears

With this pic you can see how close my wife and I are :-) We are actually walking almost in perfect sync – as we often do in real. That or she has become a Goddess with extra hands and feet…….. (She wasn’t wearing the quest cape.)

…and, of course, here’s a close up of the tears. :-)
180 tears in tears of guthix

My guess is that my Karma is being smiled upon by the Runescape gods after rescuing Arrav’s heart the other day. I just hope Ali (The Wise?) doesn’t mistake it for a cooking ingredient…..

….and – obviously – I can wear that quest cape once again!

11:39 pm on July 23, 2009 by Primefalcon

Posted in Uncategorized | 2 Comments

Mobilising Armies, a review

I have been playing Mobilizing armies for quite a bit, actually since it first came out. I’ve been finding it rather enjoyable to my surprise. Unlike castle wars and pretty much every other mini-game Jagex has brought out, but this one is oddly addictive….

One thing I like is the fact that you still get some points even if you lose. The fact that you’re fighting against 3 other players means that a lot of the time you won’t win. That’s a one good reason just to dive into the fray rather than sitting back – which I’ve seen a lot of people do. With this game, the speed of games count…..

As for tactics, I’ve been diving in at one player and bombing them with that weird electro area damage thing, all 5 one after another. Then I charge in to finish them off. You know, weirdly enough, that tactic has been working. After I’ve slaughtered an opponent, if the other 2 are just standing there doing nothing, I have been sending one piece out to attack one side and then run it over to the opposing team to get them fighting. If the other two are fighting, I let them fight it out and charge in near the end to finish off whoever is still standing. The tactic seems to work… I have been winning far more games than I’ve lost……..

I am not convinced the items and the clothes are that worthwhile. I’d like to see better rewards. Maybe a teleport to an alternate plane where you can get the resources or something – I don’t know. The herb secondaries teleport is far to random to be useful at all. The game itself is amazingly fun.

6:12 pm on July 13, 2009 by Primefalcon

Posted in Runescape / Jagex | No Comments

What would you do for more bank space?

First of all – so many people are on the forums complaining about the concept of a Dongle for Bank Space that Jagex didn’t bother blocking my last post. There are a lot of upset people out there!

The following is a forum post by Andrew – an attempt to explain a bit more about that dongle. Later in the posts, Andrew tries to justify the offer of extra bank space but really gets shot down.

Post by Andrew on the Runescape forums

Hi,

I’ve noticed the Jagex Security Key poll is causing some heated debate, so thought I’d better pop in and post some clarifications.

The first thing to bear in mind, (which we really should have mentioned in the poll), is we are NOT looking to make a profit from this key. The price is to cover the cost of buying the device and shipping it. In fact these devices aren’t particularly cheap and if we do go ahead with this I expect we will probably LOSE money doing it. To be able to get it down to $10 we would almost certainly have to either heavily subsidize the cost of the key (i.e sell it at a loss), or buy in such huge bulk that we would end up with a large number we’d never sell (Still making a loss). So this really ISNT about making some quick money. The main reason for the poll is to see if there is enough interest to make it practical at all.

Now you’re probably wondering why we would even consider doing this if we would be losing money. The reason is simple, we’re in this for the long run, not for a quick buck, and therefore player satisfaction is extremely important to us. And a player who has had their account stolen (even though due to a keylogger/virus on their own computer) is generally not very satisified! We feel that the benefit of keeping our players safe outweighs the cost, and so we are willing to potentially take a bit of a hit on this.

Which brings us on to the ‘bank space’ incentive. Which is exactly that… an incentive.

The problem we face is the VAST majority of players don’t actually believe they need extra security (until it is too late), and it seems very hard to convince them otherwise. I’ve been working on computer security for years, and the problem is people assume if they have an antivirus and a firewall and don’t tell people their password they are bound to be safe. This ISNT true! It certainly makes you safer, and is a very good idea, but it sadly doesn’t make you invulnerable. Even if you are very careful – believe it or not you can still end up with a keylogger on your computer. For starters all of the commonly used web-browsers are written in C++, and repeatedly suffer flaws where if you visit a malicious webpage, even without clicking on anything your computer can be compromised. I’m more up to speed on computer security than most, but I still use a bank pin on my account, and will still be using a Jagex Security key on my account. Because I don’t suffer from the delusion that I’m somehow magically immune.

So the problem we face is we know lots of our players lose their passwords, we also know those very same players point blank refuse to believe anything bad could possible happen to them, and think they are secure (until it is too late), and therefore probably won’t buy a security key. The evidence for this is clear, just look at our own forums and all the people saying “I’m secure, I don’t need a key!”. So we started wondering what we could do about that. If we can incentive people to buy a key some other way perhaps we can still protect their account. Of course even if the key does ultimately protect them, they will probably never even realize that it happened, and will probably go on thinking that they didn’t need it, but at least their account is secure.

We chose extra bank space for the proposed incentive, because a) we already give extra bank space to members anyway, so this doesn’t unbalance things further in any way b) it kind of makes sense that the people with the fullest banks are the ones with most to lose, so the ones who most need a key.

So this isn’t about RWT (any more than the members game we already sell isn’t about RWT), and it isn’t about trying to make a quick profit. It really is simply about keeping our players accounts secure.

If we were in it for a quick buck we would just sell the bank space and forget the loss making key idea entirely (then we WOULD make lots of money), we’re not going to do that, because that’s not what this is about.

What is that I smell? Is there a bull around here somewhere? The smell wafting from that post surely smells like something took a dump……

Ok let’s start with the bit about browsers being written in C++…….

C++ is a base level computer language that nearly all serious applications are written from. Java is written in C, which is an earlier version of C++. Unfortunately, Java is mostly open source but was recently bought by Oracle and soon, might be obsolete because they might be charging for their updates. In other words, if anything new comes out of Oracle and they charge a fee, you may have to pay for if you want to keep using Java to run Runescape. Sort of puts Runescape in a minor bind as well because if they need to pay to use it, they will have to charge more as well.

Also on a side note C++ is faster. After you have written a piece of code, you use a program called a compiler to turn the human readable code into assembly code – or more commonly known as machine code. It’s a binary language that writes to an individual computer, which means the computer can read the code natively without having to use any other programs to try to understand the code. Java however compiles into a code specifically for a java virtual machine, which is a simulated computer inside your computer. This offers some flexibility because once you compile the code, it can run easily on any computer that can run java. Java’s main problem is that it has to run everything through this virtual machine and uses a major amount of the computer’s resources. Have you noticed that Runescape lags massively at times, yet other games that you buy with far better graphics don’t lag? That’s because those other games are written in C++ while Runescape runs in a virtual machine inside your browser rather than in your computer.

C++ is secure but like any other language out there, it’s about how well you can program. Any security holes in a program are left there by the programmer. The website exploits Andrew has been talking about on the forums have to do with Internet Explorers ActiveX functionality which allows websites to run code on your computer. Other browsers, such as Firefox, simply do not have this vulnerability since they do not run ActiveX. JavaScript (totally unrelated to Java), does not allow that level of inter-activity for exactly this reason. The simple fact that Andrew doesn’t get this makes me wonder about his programming abilities at all. Definitely leaves his security advice questionable right from the start.

Take a look at this – a direct quote from the Jagex site:

“9th January 2009 – Weak passwords must be changed.

We have noticed that a relatively large number of our users are using the same few extremely common passwords.”

Quote from Andrew on the Runescape News

We have noticed that a relatively large number of our users are using the same few extremely common passwords.

Using an extremely common password puts your account at significant risk, as it makes it extremely easy for someone else to guess it. In particular certain dictionary words and names are extremely common choices.

To help keep our users safe we have therefore today disallowed the use of the 500 most common passwords that people choose. You will no longer be able to use these very common passwords. If you already have one of these weak passwords, then you will be forced to change your password when you next try to login to the game.

For help on how to change your password: click here.

For guidelines on how to choose a good password: click here.

We recommend you use a combination of letters and numbers, and then write the password down and store it in a very safe place so you don’t forget it. Andrew.

Do you realize what they actually just told you? They are storing everyone’s password as plain text and can easily read them and therefore anyone hacking into their databases could also read them. For security’s sake, proper security etiquette dictates that all user passwords should be hashed – it’s called one way encryption. When you log in, the system hashes your password and compares the saved version and your current log in attempt, and then either oks it or dumps you back to the log in page. Jagex should not even have access to your password. This is standard security practice to deter those who would breach the system and try to steal the passwords. This really is basic security protocol and Jagex is ignoring it. As I said in my previous post, USB Dongle, Not Much More Than A Scam, there are better ways to increase security.

As for not doing it for the money…. Of course you are in this for the money. You’re a money making company aren’t you? You must run all those complex marketing tests before putting a product on the market. Those childish Runescape books and overpriced t-shirts aren’t losing any money – are they? Oh – what’s that? Raised eyebrow – oh they aren’t exactly selling very well? I have no problem with Jagex selling stuff, but just don’t turn this great game into just another copy cat of all those games that make players pay extra to unlock feature X, and then pretend you’re doing us a favor by doing it……..

2:01 am on July 12, 2009 by Primefalcon

Posted in Runescape - Leveling,Runescape / Jagex | No Comments

USB Dongle – Not much more than a scam!

Really. This is sounding like just another way for Jagex to coax more money out of their customers and turn the game into a “Just pay a small fee to unlock feature X – in this instance, unlock some extra bank space.” Just watch Jagex expand the concept to armour or some new item. “With just a one off small, tiny, minuscule, paltry fee, you will be able to own the newest demonic armour West of the River Salve!* This is sounding a bit like real world trading.

If Jagex were really concerned about security, they could implement a keyfile utilizing 256bit or more encryption which players could store on their own USB device if needed with no extra purchases necessary, which would only require a matching key phrase. This way Jagex wouldn’t have to charge a damn thing – that is if they were honestly concerned about security rather than just scamming their players out of more money…. They get ticked when you don’t want to view their pay-per-view ads, don’t they? How many players are there – I can’t remember that phenomenal number that earned them a place in the Guinness World Book Of Records for most played free online game….. and they are earning real world money from that, you know.

All they’d need is one good coder to implement this feature since this is actually recommended government level security and is basic practice for serious companies.

I’ve also posted this on the runescape forums here, but you can bet jagex will remove it one they get an eyeful of it….

10:01 pm on July 10, 2009 by Primefalcon

Posted in Uncategorized | 2 Comments