Okay so with the upcoming snoopers charter thingy (by which I mean the Investigatory Powers Act) going on in the UK a few people have asked for some thoughts on security and the net. Now I’m a sysadmin, I’m not a security expert, I’ve got a working knowledge of things so I can give an overview but may wind up wrong on some points. Continue reading
Okay so google drive is the commonly used solution for group editable document collections for roleplaying games. For many events Room 13 generates 2 documents per character: A background document (essentially a short work of fiction describing the characters history) and a character sheet (their stats, sanity, coping mechanism, and a brief rule summary). Now it’s the second one of these that concerns us.
For The Fete we needed to make a tweak to the sheets late in the process, and hence I had to personally go through about 30 documents making the same edit to each one, and ever since then I’ve been wary of it. So for Cluedothulhu 2016 I’ve decided to look into batch generating character sheets. Continue reading
Those of you who were in the ECR at all during the NFQ/Incident ### game may have noticed a black laptop on the west facing wall (that nearest to the directors office) which had some nice green text on a black backdrop that updated itself pretty infuriating slowly :) That was one of mine, and something I really had some fun putting together, although it was all a bit bodgey internally. So this is going to be a walk through a download of that anyone thinking of putting together something similar can see some of the weird tricks I used, I’ll also be talking about lessons learnt from the event and things I’d change next time.
Okay, so as alluded to a while back I was building two props for Aeon Horror’s game set inside the NFQ base called “Incident ###” and I kind of want to talk about them both. The longer one was the ECR computer system (that saw very little use in game, sometimes these things happen) the other was the background nose effects of foundling F5225 (aka The Suckerman).
Okay so this morning while in the library doing some printing and technically on holiday I was approached by a student helpery type doing a survey about designs of various signs featuring QR codes, at which I automatically rolled my eyes – and heres why.
Its not like I don’t like technology, and its not like I don’t like QR codes, I think they’re a pretty neat trick, but I generally find that when designers and QR codes interact you end up alienating a large chunk of your audience and looking like an eedjit because of some pretty basic flaws in the way they get used i.e. mostly when someone is designing a sign/poster/whatever with a QR code on it they take away all the actual information and just leave a tantalising headline and a QR code, which was the case (again) in the examples I was shown. When you do this you look like an eedjit for the following reasons:
- Anyone who cannot or chooses not to invest their resources in a device capable of using them thinks you’re an eedjit and an elitist for excluding them
- Anyone who doesn’t have a device capable of using them on them right there and then, charged up, with signal – thinks you’re an eedjit because you’ve given them no information, but specifically hinted there is some you won’t give them
- Anyone who has a device that is internet capable but doesn’t do QR codes thinks you’re an eedjit because you didn’t write the URL down anywhere they can get to it
- If all you’ve got is a QR code even without a title, context or any reason to assert you’re someone vaguely trustable then anyone with a device that understands them thinks your an eedjit because you may be trying to direct them to a URL hosting malicious information that will attempt to hijack or infect their device
- I have no idea of the accessibility implications of QR codes, but I’m going to guess that they require you to be able to see them and hold a device upright and steady long enough to scan them – suggesting you probably aren’t winning many prizes from some people who could otherwise instruct their devices to go to a URL.
So basically if you’re going to use QR codes at least try and include them in addition to actually useful information.
So there I was, suddenly remembering that I was supposed to do a job to unlock a door tomorrow. And I was at home. And our shitty ticketing system runs on Windows only with no good web interface (checked that first) and the only Windows box with the client is my VM at work.
“Shit” thinks I.
But wait! There is light at the end of the tunnel! Behold x11vnc!
Basically I did this to log into my work box and start it up:
$ ssh -t -L 5900:localhost:5900 workbox.example.com 'x11vnc -localhost -display :0'
Then this to connect to that, which opened my actual xorg desktop at work, while it was still running over ssh:
$ vncviewer localhost:0
Then nipped over to the VMware player, found the keyboard mapping wouldn’t let me input my password to log onto the damn thing, so poked the VM to enable its remote access (VNC) on port 5901 and then did this from the home box:
$ vncviewer workbox.example.com:1
And Roberts your fathers brother, access to the grumpy VM and from there the ticketing system to remember the times.
Well I talked about posting this recently and its been becoming more obvious in recent weeks so I figured I’d make a short post about the technological phenomenon of a walled garden, which wiki defines as:
In the telecommunications and media industries, a “walled garden” refers to a carrier or service provider’s control over applications, content, and media on platforms (such as mobile devices) and restriction of convenient access to non-approved applications or content
And heres the recipe, edited 2009-07-03.
Just because I threatened to post this as an example, heres part of a sendmail.cf that I think was responsible for causing issues this morning (somewhere else, we prefer to use servers with legible configs)
Although if they’re using a public key directory for passports (and storing all the data on the passport itself) why are we getting sold an ID card scheme based on a giant central database again?