next »

[Skofo]

When the tone of your writing style is misinterpreted by many people, it is a style that can be improved upon.

I used to argue in a way that ticked everyone off and that's mainly what got me banned from here for a year. Just a heads up.

EDIT: Hah, I found an argument of mine from a couple years ago that works against yours.

[bateleur]

That's a user error, you're not supposed to be logged in as an administrator all the time.

It's interesting to speculate concerning what fraction of PC users outside a corporate environment have more than one account on their system. The last three PCs I've bought have created exactly one account by default at startup, with admin privs. My guess is that most users never change this.

As such, I'm assuming your point is purely theoretical? That in an ideal world users wouldn't run everything as admin?

You play the games as a regular user and no permanent harm can come to you.

Out of interest, does this actually work on modern Windows PCs? (It certainly never used to, but I've long since given up on running potentially unsafe software on my PC.)

This is his Mission; to be the provider of clarity

You seem far more INTJ than INTP to me anyway. Not that it's relevant since one does not "clarify" something which contains errors, one "corrects" it. Which is the matter under discussion in the first place: Are your ideas about game deployment valid?

[Core Xii]

As such, I'm assuming your point is purely theoretical? That in an ideal world users wouldn't run everything as admin?

Yeah, pretty much. I only run one admin account myself. Terrible habit, really. Though Windows at installation does offer you like 5 fields to insert new account names into.

Out of interest, does this actually work on modern Windows PCs? (It certainly never used to, but I've long since given up on running potentially unsafe software on my PC.)

Honestly, I don't know. Windows isn't exactly known for its security, but I don't know how much of that can be accounted for user error. I've never had a fatal malware incident, and I'm no model citizen. Though I do have pretty good anti-virus running and I disable the unneeded Windows services just in case.

This is probably due to the lack of a sudo function as on Linux. There's some fast user switch thing but... Sounds inconvenient to me. I heard Microsoft tried to patent sudo or something so maybe they're planning on introducing an equivalent in the future. I should certainly hope so.

You seem far more INTJ than INTP to me anyway. Not that it's relevant since one does not "clarify" something which contains errors, one "corrects" it. Which is the matter under discussion in the first place: Are your ideas about game deployment valid?

Well this is the Internet so naturally you should take everything anyone says with mountains of salt. I'm an amateur indie developer with not much to show for so I can't blame you if you don't take my word for it.

According to this I definitely identify myself as an INTP when comparing against INTJ. I could go into detail about how I reached this conclusion but I suspect that that might be derailing the topic a bit too far.

[bateleur]

This is probably due to the lack of a sudo function as on Linux. There's some fast user switch thing but... Sounds inconvenient to me. I heard Microsoft tried to patent sudo or something so maybe they're planning on introducing an equivalent in the future. I should certainly hope so.

Fast user switch is indeed inconvenient, but in fact Windows Vista has a kind of sudo (haven't checked yet if it survived into Windows 7, but I assume so). Right click any executable icon and from the context menu select "Run as Administrator". If you run a commandline tool as Administrator then as you might expect all the commands you enter there also run as Administrator.

[george]

I do run everything as user in Windows, and run as... when installing, or run as... a terminal to do admin command line stuff (in a second admin account, I almost never touch the default admin account).

Also the first thing I do when getting a new computer is disable/delete all the anti-spyware/virus stuff.

Rarely there are programs that insist on writing to their install directories. If that's the case I put them in the user account (i.e. not Program Files or whatever). If that doesn't work I usually don't use them.

After ten or so years of this I had my first malware problem a couple of days ago, I think from a movie download. It was simple to remove from the user account, but still pretty annoying.

[oahda]

I do run everything as user in Windows, and run as... when installing, or run as... a terminal to do admin command line stuff (in a second admin account, I almost never touch the default admin account).

Also the first thing I do when getting a new computer is disable/delete all the anti-spyware/virus stuff.

Rarely there are programs that insist on writing to their install directories. If that's the case I put them in the user account (i.e. not Program Files or whatever). If that doesn't work I usually don't use them.

After ten or so years of this I had my first malware problem a couple of days ago, I think from a movie download. It was simple to remove from the user account, but still pretty annoying.

It's not like you can complain, downloading the movie illegally.

[Triplefox]

I think Triplefox noted up the thread, there's always haXe for javascript and as3 compilation from one source.

Yes, and there are various projects to cross-platform up things between some subset of Flash, JS, Neko, PHP, and C++. If you're new to haXe try browsing this page, haXe has a centralized package manager so you can see all the libraries in one place. Also check out the mailing list, it often has some exciting discussions and demos. Main problem is the community is too small to do everything it wants and build out mature, documented libraries, so lots of things get one poor release and then go unmaintained(I'm even guilty of a few of those, sigh), but even so, it's gained a ton of momentum in just a few years.

The engine I'm working on now(which is way more heavyweight than any other web-game engine I've seen out there) is pretty Flash-centric, but I've toyed with the idea of a Canvas port. But increasingly, I'm thinking that I'll have to just gut it for the useful bits when I make the switch. It's too easy to get sucked into using a "little bit" of the not-very-crossplatform APIs Flash offers.

[gimymblert]

I don't know if this was post before... no webgl this time i promise!

[jotapeh]

That's a user error, you're not supposed to be logged in as an administrator all the time. You play the games as a regular user and no permanent harm can come to you. Operating systems come with security, you just have to know how to use them properly.

OK.. this is a bit silly, now. As bateleur already pointed out, lots of computers are set up with admin as the only account, but even for those which aren't... pretty much every commercial game and software pops up the near ubiquitous "this software could blow up your computer. just sayin'" dialog. It's often promptly ignored and admin privileges are granted.

User error? Sure. It would also be user error if, in order to maximize your driving experience, you switched to a manual car and redlined the engine with a mis-shift, blowing it up. Does that mean you shouldn't be allowed to enjoy driving cars? Because you don't know how to use the machine without the software that protects you from your own mistakes? 

Flash does a pretty darn good job of shielding you from deciding which pieces of software are potentially harmful, and the average user will enjoy it just as much as they enjoy driving their automatic car. They don't care about maximizing performance. They don't care if it could have xyz shaders and q more customization options. They want to:

a) click on the game, play it for a bit, then
b) never have to think about it ever again, unless they like it

Your recommended strategy of two-click installs from a webpage would be valid if the user were not required to authorize a potentially damaging installation, and the user were not required to uninstall the game when they feel they've had enough of it. It's too much hassle with too much risk for too little benefit.

[Core Xii]

User error? Sure. It would also be user error if, in order to maximize your driving experience, you switched to a manual car and redlined the engine with a mis-shift, blowing it up. Does that mean you shouldn't be allowed to enjoy driving cars? Because you don't know how to use the machine without the software that protects you from your own mistakes?  

I fail to see how this is a relevant or indeed even valid an analogy.

Your recommended strategy of two-click installs from a webpage would be valid if the user were not required to authorize a potentially damaging installation, and the user were not required to uninstall the game when they feel they've had enough of it. It's too much hassle with too much risk for too little benefit.

I don't understand; First you say it's valid, then you say it's too much hassle.

[st33d]

Flash does a pretty darn good job of shielding you from deciding which pieces of software are potentially harmful

My companys url-lock forces a redirect to our site. Now that could be any site. Even one forcing a trojan down your throat.

You can do the same thing in javascript - popup blocker or no.

Potential for harm is not really a valid argument, all languages can be made to be harmful.


Language snobbery is silly though. It's like saying all foriegn films are shit unless they're dubbed into English or remade by English speaking people.

Scripting languages are here to stay. They are an important function in programming. Some are better than others, pretty much all of them have massive bugs in them (I'm looking at you Flash). But you will not get rid of them, or the developers who can work wonders in a language where they are free to express their ideas clearly.

[jotapeh]

User error? Sure. It would also be user error if, in order to maximize your driving experience, you switched to a manual car and redlined the engine with a mis-shift, blowing it up. Does that mean you shouldn't be allowed to enjoy driving cars? Because you don't know how to use the machine without the software that protects you from your own mistakes? 

I fail to see how this is a relevant or indeed even valid an analogy.

Your failure to understand does not invalidate the point. I will concede, however, that I have failed to communicate it to you. Taken out of context like this, of course, it does look irrelevant and you'll need to read the next paragraph in the same post (perhaps re-read) to understand the purpose.

Your recommended strategy of two-click installs from a webpage would be valid if the user were not required to authorize a potentially damaging installation, and the user were not required to uninstall the game when they feel they've had enough of it. It's too much hassle with too much risk for too little benefit.

I don't understand; First you say it's valid, then you say it's too much hassle.

Again, not sure what's not to understand here. "Would be valid if" has a conditional statement following it, which your recommended method fails. Either you are feigning ignorance, or simply scanning posts for weak points out of context, or deliberately misinterpreting - in any of these cases, I have to bring into question your "INTP mission" of seeking clarity.

Flash does a pretty darn good job of shielding you from deciding which pieces of software are potentially harmful

My companys url-lock forces a redirect to our site. Now that could be any site. Even one forcing a trojan down your throat.

You can do the same thing in javascript - popup blocker or no.

Potential for harm is not really a valid argument, all languages can be made to be harmful.

I disagree. Regardless of what site you redirect me to, automatic download and execution of said download is something still out of your reach. Which browser/platform combination permits this?

That said, if you can find a way to cause permanent harm to any computer, utilizing only Javascript, Flash and a standard Browser - I will gladly run said software and report the results via screencast. It is my hypothesis that the worst you could possibly do would be crash the browser. An annoyance, at best.

Of course we do agree on the point that language snobbery is silly but certain languages have strengths in different areas. Flash (and to a lesser extent, HTML5/Javascript,) is quite strong in delivering a scripting platform that works reasonably efficiently and extremely consistently across varying architectures and operating systems, with very little security risk to the host system and a delivery method to the end-user that is convenient and unobtrusive.

It pretty much boils down to use the right tool for the right job - and in a number of cases, where performance and local system access are not primary requisites, Flash is the right tool.

[st33d]

Pretty much most virus or phishing attacks these days rely on the victim logging on to a fake site. And there are always backdoors into the browser that are constantly being patched by updates. Even if you're not an idiot, one of your users will be, and then there's their contact list to deal with as well as all of their mates will then be victimised.

A case in point is Second Life, where it's possible to script virus like objects and grey goo monsters that knock out servers. But listened Cory Ondrejka talk about this at a conference, and he said that giving people the freedom to do dangerous things like that meant that people could be more creative.

You take away a person's ability to be destructive, and you limit what they can do.

[Cthulhu32]

That said, if you can find a way to cause permanent harm to any computer, utilizing only Javascript, Flash and a standard Browser - I will gladly run said software and report the results via screencast. It is my hypothesis that the worst you could possibly do would be crash the browser. An annoyance, at best.

Close to HTML5 & Javascript, a Java based exploit - http://www.computerworld.com/s/article/9175499/Hackers_exploit_new_Java_zero_day_bug (Quake2-GWT is written in Java and HTML5)

Also because this is a /rage thread, I'm only going to say I think the web-platform is fine for games. Saying that only executables should be games is completely silly, thats very Windows 95 mentality. When you run a binary, you are "trusting" the executable is not going to harm your machine. Vista/7 tried a few steps to stop too much harm, but getting Admin access while appearing to be a low-level program is simple: embed an admin-access executable inside a low access executable You will suddenly see the UAC shield disappear. In XP, you can even write device drivers and install rootkits without asking the user for permission hence SecuROM and other DRM software.

The big deal for me is moving from software-rendering to hardware-rendering. Every game platform should expose the computer's hardware capabilities, and Flash 10 does that and it sounds like HTML5/JS is catching up.

[Skofo]

Side note: the Java part of Quake2-GWT is never run in the browser. All Java is used for to compile the Java port of Quake 2 into JavaScript and for the server. Therefore, the Java exploit is completely irrelevant to Quake2-GWT.

Also, I have gotten viruses before just by simply visiting websites. I don't know if this is my web browser's fault or Flash's, but it happens.

[Cthulhu32]

Side note: the Java part of Quake2-GWT is never run in the browser. All Java is used for to compile the Java port of Quake 2 into JavaScript and for the server. Therefore, the Java exploit is completely irrelevant to Quake2-GWT.

Hmmm? I'm looking at the source right now, take a look at .\quake2-gwt-port\src\jake2\ and .\quake2-gwt-port\src\jake2\gwt\client in particular. You are saying the jar produced by these classes never runs on the clients machine?

[Skofo]

That is my understanding. GWT compiles Java to JavaScript. Jake2 is the Java port of Quake 2, which is compiled to JavaScript.

The port is based on the Jake2 project, compiled to Javascript using the Google Web Toolkit (GWT). Jake 2 is a Java port of the original Quake II source code, which was open sourced by id software.

There's so much hype surrounding Quake2-GWT exactly because it is able to run purely in the web browser, without external plugins such as Java or Flash.

[Cthulhu32]

That is my understanding. GWT compiles Java to JavaScript. Jake2 is the Java port of Quake 2, which is compiled to JavaScript.

The port is based on the Jake2 project, compiled to Javascript using the Google Web Toolkit (GWT). Jake 2 is a Java port of the original Quake II source code, which was open sourced by id software.

There's so much hype surrounding Quake2-GWT exactly because it is able to run purely in the web browser, without external plugins such as Java or Flash.

Ahhh, I gotcha. http://www.artima.com/lejava/articles/java_to_javascript.html  This also helped a bit to understand whats going on here. This whole GWT thing just became a LOT more impressive to me, I was thinking about how the hell you would debug a huge javascript dump, but using GWT you could write entire games with debugging and everything in Java then port them over. I wonder how heavy the limitations of the GWT are going to be in another year or two?

[st33d]

Programming in Java. There's your limitation for me. It's a pain in the arse.

[Tuba]

Programming in Java. There's your limitation for me. It's a pain in the arse.

I agree.. on the other hand, I find JavaScript quite enjoyable to program. Well, at least for web applications I like to use it.. doesn't sound so enjoyable for something like Quake 2 :/