Raph just blogged about Just Leap In – a new embeddable 3D world client.

In addition to agreeing on Raph’s comments about the high barrier of entry to authoring content on a world with 3D assets looking like this (see the video below), the demo video made me wonder what purpose has the product been designed for? The demo video has zero social interaction. This, combined with the technical mumbo jumbo for the content authoring, makes me think the project is run from purely technical perspective and nobody has thought the users as part of the design process. Sad, really. I thought the collective wisdom for building virtual worlds would soon have reached the point where neutron bomb worlds are the way of bye bye.

PlayNoEvil pointed to an interesting old story about analysing a seeming innocent-looking shuffle algorithm for Texas Holdem’. Makes for a very good read. And proves that the behavior of most code is not fundamentally understood even by the person who wrote the code.

This reminded me of an old bug I reported on PHP, which was causing similar huge security issues on a number of website, the owners of whom ended up never knowing they had had a problem. The issues was that a number of open source PHP-based applications used the following algorithm (which was also suggested in PHP website) to generate random passwords who registered or wanted their passwords reset:

password = “”;
$array = array(‘a’,’b’,’c’,’d’,’e’,’f’,’g’,’h’,’i’,’j’,’k’,’l’,’m’,’ n’,’o’,’p’,’q’,’r’,’s’,’t’,’u’,’v’,’w’,’x’,’y’,’z’,0,1,2,4, 5,6,7,8,9);
shuffle(&$array);
for ($i=0; $i<6; $i++) { $password .= $array[$i]; } Looks innocent, right? An array of wanted characters is shuffled to random order and the first six are concatenated to form the new password. The issue here is, the programmer assumes the shuffle is actually random. And on some systems, it was, some it wasn’t. The c-language implementation of PHP’s shuffle sorting at the time was the following: (php_rand() % 2) ? 1 : -1 where php_rand was actually using the platform’s native rand() call. The cunning reader notices the algorithm really only uses the least significant bit of the generated random number, and hence relies on the stream of least significant bits being random. This is the point where the chain of assumptions failed. On Solaris and Linux of the time (and maybe still!), the least significant bit of the generated random numbers wasn’t random at all. If you generate a sequence of random numbers on these systems with rand(), the LSB always follows one of the following four patterns, depending on which point in the sequence in the grand scheme of things you start iterating: 1001, 0011, 0110 or 1100. Now where does this leave our password algorithm? The answer is, on the affected systems the above algorithm only ever generated four different passwords, because there only were four different shuffles. These four looked random, but weren’t. And any user could generate the four combinations by just requesting a password reset a few times, after which you could request the password of someone else be reset. To resolve the issue, PHP was changed to use an algorithm that generates a more random sequence of LSB’s. One could also point that sending passwords to users when they register or want one reset is exceedingly stupid, but I’ll leave that as an exercise to the reader. I’d be interested to know how many pieces of software still use the LSB from rand(), though. Update: reading what I wrote made me think the story is a bit strange, coming from someone working as a concept designer. But hey, knowing a broad range of stuff can’t hurt.

Times Online has a video clip of a wholly computer generated talking head which some people have gotten excited about. The page itself claims the animation leaps the uncanny valley but I totally disagree. It’s impressive, right, and looks like a step into the direction, but uncanny it is. The individual still are very good but the movement just isn’t right. Maybe they hired a robot to play the woman for the capture?

The interweb is full of WAR related stuff now that the NDA was lifted. I have to say I _love_ some aspects of the stuff that are coming up. Like the copywriting! The advancement paths for Orc tanks are:

Path of Da’ Brawler – You’z gud at stabbin’ things.
Path of Da’ Toughest – You’z gud at survivability. Mor’ killin’ later!
Path of Da’ Boss – You’z gud at da group support, cause everyone ‘as some killin’ ta do.

The bad parts of the deal is of course that the game is again split to separate US and Europe servers so I can’t actually play in a group with friends from both continents. And for some reason the WAR Europe website hasn’t been tested on any browser except for Internet Explorer (just failed to register due to crap javascript forms that FAIL on Firefox). Looks like it’s going to be an awesome game, but again a project that’s failed to realize the web exists. Shame.

Awww, this breaks my heart.

(View the full story if you see no video.)

It’s been interesting to read the blogosphere reaction to Paul Barnett’s presentation at Develop where he mentioned he doesn’t play Word of Warcraft and recommends his design team to do the same. I personally do play WoW, although not nearly as much as, say, Damion.

I actually was there and had the chance to go to lunch with Paul at Develop, so I thought I’d share a bit. I think the writing out there isn’t doing him a justice, given it’s based on a relatively short quote from a presentation where he didn’t explain his rationale very thoroughly.

In his words, the point of the comment was I am all for debate and exchange of ideas, I just don’t want people slavishly copying wow mechanics.

My interpretation of the reason he’s discouraging laying WoW is he thinks playing too much of one game starts to constrain one’s thinking when designing a new game. It’s totally fine to play a game if you can actually be objective about it, but unfortunate we’re all human and tend to get excited about ideas that might not be so good. Some designs patterns are just addictive, despite being bad designs. And I would assume there’s plenty WoW players on his team, too, so if he wants to know how a mechanic works there, the answer is readily available.

An example Paul gave during the lunch was the travel point system in WoW. The way the system works is (as you probably know), to be able to fly to a place in the world quickly, you need to walk there first. There’s nothing that justifies this artificial limitation, aside from it a) making players explore more and b) makes you play for more hours. Point A is moot since people who like to explore do it regardless of whether you can avoid it or not, and enforcing player to something they don’t like is not a good idea in general. Point B can be a valid business tactic, given the recent blogging about the average hours it takes for a player to reach level 70 in WoW – if the walking can push you to the next month of subscription, that’s good money right there.

It seems even Blizzard has figured this was pissing players off, as Burning Crusades included a number of new methods for instant teleportation to locations within the world. However, Lich King seems to going backwards on this, as players apparently can’t use their hard earned flying mounts in Northrend.

Now, going back to the point collection system, it doesn’t make WoW any better so he doesn’t want to copy the mechanic to WAR. However, he’s been having arguments with people who think it’s such a strong design idea, they can’t imagine a game not mimicking the design. If that’s what WoW does to designers, I think I’d better stop playing – the fact that a product had a design working in a certain way can’t be the rationale for using the mechanic somewhere else. You need to be able to justify the design fitting your game and it’s players on it’s own, no matter where you picked it up from. WoW is not the culmination of game design in all aspects, despite being hugely successful commercially.

Personally, I’m all for being able to fly anywhere. Heck, you could price the first trip to a location so expensive I can’t afford to fly to the Wrong Place in the beginning. That’s just as effective as preventing me from going, only it doesn’t feel so frickin artificial. Now, where’s my Frequent Flyer points in WoW? And could I just please be able to buy the Business Class ticket that’s three times faster without the detours meant to show me the art I’ve seen a hundred times already?

Update: Paul’s written a reply on his MySpace page.

The Beckett Massive Online Gamer magazine has a new annual article series titled Top 20 Most Influential People in MMOs and I’m deeply honored for having been chosen in the first set of people.

Raph is covering this, having been listed. :) Congrats to everyone!

Incidentally I got a copy of the magazine and enjoyed the _other_ articles as well. Wonder how I can get my hands on the Mabinogi beta.

Laughed so hard there’s tears coming out of my eyes. Classic!

Downloading the patch as I’m writing. The downloader is complaining I’m behind a firewall (which it hasn’t before) so it’s dog slow and hitting the More Info link shows me the following:

which I guess means the support site has crashed. It’s shown the same message for over an hour. Hope the patch is slightly better quality than the install experience.

Tim Sweeney on PC games market: “World of Warcraft has DirectX 7-class graphics and can run on any computer. But at the end of the day, consoles have definitely left PC games behind.”, followed by “The biggest problem in this space right now is that you cannot go and design a game for a high end PC and downscale it to mainstream PCs. The performance difference between high-end and low-end PC is something like 100x.”

In other words: “Those damn mass market gamers must be blind for not demanding 64-bit HDR! My business built on pushing more and more polygons to the screen every year is going bust! Must be those PC manufacturers not promoting the 3D accelerators enough!”

Dear Tim, the games industry is shifting. You have very, very cool technology but it’s aimed mostly at the core gamer. Most companies have now realized there’s more money to be made aiming at the mass market. Instead of whining about this, how about cashing on the phenomena? I’m sure you could.