Did you know that Postgres has a max table size of 32TB? Its really really fun to find that out the Wednesday evening before Thanksgiving.
Make sure to prune old data from your tables. This one got to this limit because it eventually got too large that queries to delete old data would time out... so it just kept growing.
For 90%+ of our customers (small-to-mid sized US financial institutions), production is the only environment available to work with.
For the other 10%, we take them aside and politely explain that they almost certainly have an unusable staging environment per the scope of our B2B project.
Testing in production is a wonderful path if you are comfortable talking to business people and making lots of compromises.
The hotspot didn't provide real Internet connectivity, since there was no service - only the places' WiFi, but out of reach, and the phone can't connect to the WiFi and provide the hotspot at the same time.
So probably not. But if the lost phone was an iPhone, walking around with another iPhone would have reported it (once the walking one was connected to the WiFi back again).
I don't think it is. I recommend using a password manager that supports hardware 2fa. One of the main issues with the proposed paper mechanism are that it doesn't support rotating passwords individually. Another is sites that share second and third characters would share a password.
Please understand that this "company" and "CEO" are most likely a teen skiddie. I doubt they care about vulnerabilities in their software and I'm not sure if their users would know about them either.
I'd go further than that and suggest they have no interest in patching this because the product is working as intended, hence their aggressive response and banning of the reporter. Can't have people challenging both the business model of echo.ac and raising awareness of a feature they would prefer remain concealed.
All the compromised devices that participate in high-profile DDoS attacks that even Cloudflare can't mitigate are coming from somewhere. My guess is that they're selling access to this "vulnerability" for such purpose as a side business. Malicious apps have gone from turning on your webcam, to mining Bitcoin, to stealing your Bitcoin, and now we're at recruiting your device into a botnet.
(edit: didn't see the update-- "Update #2: He tried to DDoS me lol". Go figure!)
> you should know better, Josh, especially as you are the CEO of an Anticheat company - which requires the trust of your users to exist!
I remember being that idealistic. Children (and a lot of adults) will trust anyone. Trust so easily obtained is cheap to exploit, which the tech-empowered sociopaths among us have taken notice of.
I don't believe outright that it's a botnet (or maybe a botnet has separately taken advantage of it), but the CEO's reaction to me smells like a guy who either is completely incompetent and should not be writing security software, or a guy who wants to cheat, got his kernel driver approved by EAC and is mad about being found out.
I suspect the DDoS might also be coming from cheat users who are mad that light is being shined upon their incredibly powerful cheating method.
> smells like a guy who either is completely incompetent and should not be writing security software, or a guy who wants to cheat, got his kernel driver approved by EAC and is mad about being found out.
That's an interesting take. You think an anti-cheating tool might be being used for cheating? I hadn't considered that.
On further thought, in having such a backdoor present that isn't being exploited/resold, it does give the "proctor" unfettered access to the target device to legitimately look for cheating tools running with higher privileges than the user. I'm guessing most cheating tools need to run with system permissions to intercept API hooks and stuff, so you'd need a similar degree of access to detect that?
I don't think it's incompetence; the guy is clearly technically-minded enough to understand what the researcher is talking about and, rather than explain it, challenge him on it. I meet these types all the time-- he gets away with gaslighting kids all day, so when an adult who isn't placated by "you just don't understand"-type dismissals shows up and starts asking pointed questions, they get angry, hysterical and/or violent (the Phoenix Wright games capture this hilariously well). He's too defensive to not be hiding something; their collective response is too over the top.
If he's not selling access, the functionality of the product itself may well depend on this exploit, which would also be a compelling reason to suppress attention and refuse to address it.
It most definitely is being used for cheating (all current EAC-bypass tools use this driver), the question is if the guy did it in purpose to cheat himself or not. It's debatable to say that he needs a driver to look for cheats, especially when you consider the kind of "cheat detection" going on here, but it's not completely out of question to do it either.
The product need not depend on this exploit. There are common best-practices one may use to secure access to driver calls. He's implemented like 1 of them. I think he's just an asshat who doesn't like being called into question, but there's a very real possibility that he took advantage of his whitelisted driver and is now mad he lost that advantage. I genuinely believe he's not the one DDoSing though, that's more of a cheating forum thing.
It looks to be very relevant. CRLs are more frequently checked now due to bandwidth and compute becoming much cheaper. OCSP is a common solution for larger CAs. Cross-signing is becoming more common, and it still is a mess with clients validating it in different ways. Let's Encrypt used cross-signing when they rolled over to their own ISRG X1 root. There's a CA/Browser Forum group which defines rules and standards for browsers to trust public CAs and all major browsers use them to determine which roots to trust. Certificate Transparency logs are also a new development which is like a blockchain of issued certificates. CA/B Forum requires CT to be implemented by all publicly trusted CAs.
And, tbh, wtf does it matter if I wanted to "cheat" in single player mode? Oh no - it would be unfair to some AI NPCs? At one point "cheating" in single player mode was called modding -- and it drove communities and made software publishers money by keeping games fresher longer.
I agree. What I find unfortunate is that most single player games are now designed to be incredibly grindy: the developers want player retention so there’s more buzz about the game, resulting in more purchases.
I’m in my mid thirties, and I have career ambitions and hobbies and relationships that I want to nurture. While I would love something I can play and enjoy for 15-30 minutes every other day, I don’t have time for something that takes 5+ hours just to feel the slightest amount of reward. Cheats can take a game that’s designed to be grindy and addictive and instead make it something that can be enjoyed in smaller chunks.
An excellent example of this is Breath of the Wild. BotW requires a ton of slow terrain traversal (at least until you’ve unlocked more fast travel points, and even then the walking/gliding takes quite a while). Playing the game with a mod to enable 5x movement speed makes it a game that I can actually enjoy playing for 15 minutes at a time. Also, it takes something like 45-60 seconds for the game to reload when you die, so temporarily having an invincibility cheat on makes it feasible for me to figure out an enemy’s move set, whereas without I would either have to cheese the enemies or give up on the game entirely: what I’m not going to do is sit down with a hard cap of 15 minutes, die fifteen times, getting a total play time of maybe a minute of actual game play plus 14 minutes or so of loading screen, and then come back the next couple nights to do same thing over again.
A touch of cheats make modern games actually playable to someone who has a busy schedule, but still wants something to decompress with.
I vehemently disagree - single player games are generally far less grindy than they used to be (with significant exceptions such as Genshin Impact). Basically all single player games now have a story and a rather linear path through it, and tend to carefully design their progression such that completing that main story itself is enough to be able to take on the next steps in it, with at most a small amount of side-content. Even difficulty and saving options are usually tuned such that it is very rarely necessary to re-do the same content, you will almost always be able to finish it in the first try, or 2-3 at most.
A good example is in comparing the newer Final Fantasy games with the older ones. In the older ones, it was 100% required to occasionally run around the map and just fight random encounters to level up and be able to face the next bit of the story. The newer ones eschew this completely, and some don't even have random encounters for most of the time. Save points were also placed such that you would often have to redo an entire gauntlet of fights if you failed once, which is a thing of the past as well.
Also, your example of BotW is not an example of what is normally called grinding. The exploration, the terrain traversal, is, to most people I've seen praise it, the core appeal of BotW, not some repetitive grind the games makes you go through to enjoy the good bits.
On the other hand, I'm not trying to say "you're playing the game wrong". I fully agree that we all have a right to "cheat" in single-player (or LAN) games to make them fit our preferences, regardless of the designer's intentions or the preferences of other gamers.
Yeah. And it becomes silly the other way around as well. Take the WadjetEye adventures. People complain that the games are just 4 - 8 hours long. But on the flip side, it's 4 - 8 hours filled with charm, content and gameplay. It doesn't contain 30 minute dry stretches every once in a while. And for 10 - 20 euros, it's entirely fairly priced.
And the games tend to be structured by acts, so it's easy to play it for half an hour to an hour until an act is completed. Then it can sit for a day or two and then you continue through the next act.
Many roguelikes feel like they have a similar time structure in mind. Sigil of the Magi, Slay the Spire, Peglin and such have an hour run time generally and that's it. Game sizes like Witcher 3 have grown kind of disheartening to me, as much as I want to like it.
Breath of the Wild has probably in part been designed the way it was because Nintendo knew you could take your switch with you during travel; 15mn seems like a difficult goal to achieve for an exploration-focused game.
That said, I agree that anyone should be able to modify a local (that is, local coop/multiplayer or singleplayer) game's behavior to suit their needs.
Some metric on the steam marketplace used to put games on the front page include concurrent users and hours played. I've seen people actively coordinating their customer base to boost concurrent users. It's madness that games are falling in the advertisement trap and even indie need to play the ball to survive
I was with you and imagining you were talking about Ubisoft-style games (the last of which I played in 2014, but apparently they've been reskinning the same game since!). But Breath of the Wild's appeal to me is precisely the exploration! Why would you want to skip that x)
You can save anywhere, so you can make sessions as short as you'd like anyway. There aren't even classic Zelda dungeons anymore! Just 5-10min challenges in the form of a shrine.
Claiming that you can’t get to places quickly in breath of the wild before you’ve unlocked the warp towers implies to me you’re complaining that you can’t zip through new areas that you’ve never even explored before.
In a world where content is locked behind actual repetitive grinds of the same content for numbers to go up, this strikes me as a preposterous example.
I also can’t think of any game that asks for 5+ hours for any payoff for anything tbh.
> I also can’t think of any game that asks for 5+ hours for any payoff for anything tbh.
MMOs are usually an example of this, where there is rarely any true fun to be had in the opening hours (where either gameplay is extremely slow, many people are zipping through power-levelling, etc.). They're hardly an example of a modern game though.
Well, the argument with Diablo 3 was that the game had an in-game auction house on launch, where you could sell in-game items for real money. So the game had to be fully online to make sure items are only generated when really earned. Of course the auction house disappeared and the requirement to always be online didn't(having said that, the console versions of diablo 3 don't require being online - but from what I understand significant portion of the game was rewritten to allow the game to work online, on consoles, and with a gamepad)
The classic tetris scene has been crazy lately. Rolling (the name of the new strategy) allows players to easily play past the "kill"screen of level 29. Classic tetris matches are becoming endurance matches and we're seeing new records broken left and right of highest score and highest level in both PAL and NTSC versions. For Classic Tetris World Championships they're considering adding a second killscreen by editing the rom to limit the length of matches.
CTWC is yearly, and is neat, but most of the community and talent is developed at the monthy tournaments called Classic Tetris Monthly. The guy in charge, Vandweller, doesn't get nearly the credit he deserves for fostering the communtiy. If you're curious, here is the twitch. https://m.twitch.tv/monthlytetris They also upload to YouTube under the same name.
CTM is where rolling was first demonstrated. Eric getting to glitched colours happened during CTM. They also had a level 49 line cap (now 39) prior to CTWC this year because they had a full 10 months of tournaments showing the necessity for it. CTWC did not heed their experience, unfortunately. Also the past three champions are frequent winners of CTM. Except Joseph, who used to be a big part of the scene, but he's off to try other things.
Anyways, I recommend CTM over CTWC as a starting point if you're reading this and are curious.
NTSC being 60Hz and PAL being 50Hz, there is compensation implemented in code such as shorter autorepeat delay (16 to 12 frames) and rate (6 to 4 frames), as well as gravity drop speed past level 10 (-1 frame) to keep the gameplay sort of similar to casual players.
But then details matter at these insane player levels, NTSC is 1 row every 2 frames on levels 19 to 28 then 1 frame starting with 29, but PAL is 1 row every 1 frame ever since 19, so given that frames are not the same duration PAL is comparatively harder than NTSC starting with 19 but easier starting with 29 (... provided one can survive up to that).
So wall-clock PAL gravity ends up being 1.25x faster than NTSC (but with quicker DAS: 1.5x faster delay, 1.33x faster movement), then at 19+ is 1.67x faster, then at 29+ 0.8x "faster".
Just FYI, PAL and NTSC are field based, not frame based. PAL is 50 fields per second, and NTSC is 60; a field is either the odd or even lines of the display. So that's 525i/50 or 480i/60
The NES always sends the shorter type of fields, so for NTSC you actually get a little over 60fps with the same 240 lines every fields; it's not standard NTSC timings, it's 240p60; same deal with PAL. The SNES and Genesis could optionally output interlaced video, but only a handful of games did.
No. The killscreen was 29. They couldn't go past it. With rolling they can potentially go much further. To limit the length of games they decided to stop at level 49. Then recently the official kill screen decreased to 39. Any points after level 39 does not count.
Fans and players generally prefer having a lower killscreen, while keeping a high level of gameplay.
