The problem with passwords is that they are often easy to steal or guess, and that either you need to re-use simple passwords across multiple sites in order to be able to remember them all or use a password manager to store them, in which case spyware needs only copy the encrypted data file and keylog the master password in order to steal all of them.
I propose a solution in which a user would have a small USB device that contains an inaccessible storage microchip containing a unique identifier and private encryption key for each login, as well as a public section with the required software/drivers. When the user wants to log into a website or application, the server then uses the respective public key stored for that logon to encrypt a random string as an authentication challenge. The client then sends the challenge string and a master password to the USB device, which then decrypts and returns the challenge string based on the respective private key. This response is returned to the server, thus authenticating the user and triggering the server to commence the user's session.
If spyware should steal the master key to the tool it is useless as the private keys are permanently stored on the USB device and are never visible to either the client or the server. If someone were to steal the USB device it would be impossible to use as they would not know the master key (and even if they were to disassemble the device to get at the closed storage it would be a simple matter to encrypt it based on the master password). The odds of someone simultaneously stealing both the digital and physical elements of the system are very slim, thus greatly increasing security while reducing the number of passwords a user needs to remember to one.
Thoughts? (Assuming anybody has a clue what I'm talking about :P)
"And so Gold said 'LET THERE BE SPAMBOTS', and it was so."
It's somewhat lacking in features at present, but I've managed to get my API into a state where I'm comfortable publishing it. Master branch is stable versions only, dev branch is where I'll push my day-to-day changes. You'll need a few libraries to make it run, all listed in .classpath at present (if people want an easier way of using it out of the box I'll see about getting a .jar file and/or javadocs set up for it).
LESS THAN HALF THE FEATURES OF THE PREVIOUS VERSION!
TRULY THIS IS THE NEXT STEP FOR INDIE GAME DEVELOPMENT!!!
So, after six months of procrastination, I have finally finished refactoring my space game project in Unity and brought it to about the same level of functionality as version 0.1a. Barring the vastly better menu system (now that I've got it to actually work) there's not much to see as of yet, but there are a few things behind the scenes that should help in adding new features in the near future.
Controls are left/right or A/D to move, space to jump and escape to pause (note: does not actually pause the game).
Heading up to Center Parcs in Sherwood Forest until next Friday. I have my phone so I'll still be accessible, but I won't be able to get on Steam or do anything that requires more than basic Internet access until I get back.
Try not to blow up the site while I'm away!
When plugged into a computer and launched, the game uses the computer's MAC address to procedurally generate an environment unique to that particular computer. It then connects to a central server to download changes to that environment made by other users who have played the game on that computer, as well as uploading any changes you make so that future visitors would be able to find them - kinda like PMOG/The Nethernet but across physical systems rather than websites.
Internet cafes and public computers would become collaborative world-building projects, all without ever having to read or store files on computers you do not own/have write-access to. Players could go on quests across multiple computers in multiple locations to collect items or complete objectives. Finding items or creations in hard-to-reach worlds would become more of an achievement.
This has been a rambling game idea, brought to you by Gold Prognosticus.
AKA Gold's sort-of-unnamed attempt at making an 0x10^c alternative, AKA Betalands: Space DLC.
Arrow keys to move, Z to jump, and Q to toggle the debug stats (though those aren't much use outside of development). There's not an awful lot to see at present, but it represents the completion of most of the key framework elements of the engine (and completed faster than I have ever managed to do in the past to boot), allowing the development of more advanced fuctionality, and I figured I'd post it here so that in the event of this project ever making it past three or four public builds you can see the progression of the game throughout the development cycle.
You might need the XNA Redistributable or some other stuff to run it, but I don't have time to go find the links to them at present. If Google hasn't helped by morning I'll find the links then.
I'm sure you all know the drill by now. Server is running a new (I believe large-size) map to get the new terrain features, and I'll personally be starting a fresh character to go with it. The server is currently paid for a month of hosting, if people are still playing by then I'll decide whether or not to renew.
There are a lot of requested features building up that Francis does not have the free time to implement for us. Unless Francis chooses to release the current source code, our options are to make do with what we have, or to design our own system from scratch. Which leads me to the subject of tonight's debate: If an open-source, collaborative Nerr 3.0 was started, how many of you would be willing to help out, and in what ways? Obviously PHP and HTML work would be the primary job, but graphics would also be necessary for what we can't rip from the existing site. Organising all the required features into one place would also be very useful. And if Francis is reading this: Would you be open to making use of such a project officially if it actually gets off the ground? You're welcome to contribute if you like (perhaps integrating your Digi game system you've been working on).
It's not exactly Digibutter: The Game, but I feel that a project like this would really be beneficial for both the site and the community.
I am Gold Prognosticus, the one true holy script of Digibutter. The rulers of this site govern the land by my divine grace alone, and all blasphemers shall bear witness to my righteous fury. Heed not the false Prognosticii of Light and Dark, for one brings only death and one is not true prophecy. also those guys haven't been online in years, where did they go anyway?
I hereby appoint you as my High Prophet, for you to spread my word to the Dwarven peoples that they may rejoice in my merciful rule. Praise be the Light of Truth!
It was taken down a while back due to bandwidth overloading. Digi is a bit less active now, so would it be possible to get it re-enabled? The google search is fine for general use, but it's a pain for finding specific threads.
Behold the culmination of 4 and a half hours' work. Nerr_ebooks will, either by manual command or on its own over time, pull a random quote from the depths of Old Digi, squish it to fit 140 characters and post it to Twitter like a good little robot. It's completely pointless and certainly unoriginal, but it was a fun way for me to practice some coding and it may produce some amusing results as time goes on.