This is an infinite browser-based mmo universe where everything can be drawn and placed into the world, wiki-style... give us a shout if you need anything! You can also script blocks to have interaction or influence the environment (for instance, here's an adventure: <a href="http://manyland.com/newpolis" rel="nofollow">http://manyland.com/newpolis</a> ).
Saw this posted over on PH and checked it out, extremely impressive game and I'm sure there's a ton of dev time on this. Good job and props to the creators.<p>I wanted to notify you guys though of some security flaws within the game.<p>Probably the biggest issue I see is the lack of server side checks against changes coming from the client. I only tested this out on the player object as a PoC, but it only takes changing a variable within the player object to modify things like player speed, mountable craft speed, etc.<p>For instance, while you obfuscated the name of the player object within the ig.game object, it was easily found by checking for modifications to the health variable, where another function listed it as ig.game.O1376. This name for this player object is also static for every game instance, so it's easily referred to every time.<p>Once the player object was found, it's easy to modify the variables and the world (server side) accepts it. It was also easy, for the most part, to identify what certain variables did as they were in plain text. To change player jump height for example, all it would take is this piece of JavaScript:<p>window.ig.game.O1376.altJumpReducedGravityFactor = 0.1;<p>Now the player can super jump and the server is fine with it (verified by numerous 'holy sh<i></i>!' and 'wtf!?' comments from other players).<p>The second thing I see is just obfuscating the code more.<p>I would suggest first and foremost to do the server side checks. Even if you left all your code in plain text, any modification someone tried to make from the client would be seen, verified, and handled accordingly by the server. Second I would try obfuscating all variable names that you can, especially the class definitions like EntityPlayer. To go further on it, I would have it produce the obfuscated names randomly on each load of the game script so they're not easily referred to.<p>Just wanted to bring the issue up to you guys after finding it.
I love it! Lovelovelove!<p>I thought "what a nice wind sound effect" until I realized it was the CPU fan in my laptop. Heh. But that's not really a big deal, at least for now, and I'm sure you can optimize.<p>Experiments like this show us that graphics and VFX are overrated. It's true for games, and it's true for movies too. Primer is still one of the best sci-fi flicks I've seen in the last ten years, and they used what looked like surplus air conditioning equipment as props. Sometimes too much FX actually gets in the way of your imagination. When I visit a virtual world, I kind of <i>want</i> it to be unlike the physical.<p>I tried a Rift the other day too, and that has its appeal as well. But it's a different appeal.<p>Noticed it was a tad laggy and then tracerouted and found that it's in London and I'm in Southern California. I suppose that's understandable. I guess if things take off you'd be able to geo-locate a bit via other cloud services.
I became a cat. And I mounted a nyan cat. <a href="http://cl.ly/image/2G2X2P3j0C3M" rel="nofollow">http://cl.ly/image/2G2X2P3j0C3M</a><p>My life is now complete.
Am I the only person who has no idea what's going on here? I'm just walking around picking up stuff and sometimes changing into something else. What else is there to do in this world? Besides building more stuff to wear or throw around that is...
Spent a long time wandering alone and eventually got to a very strange place.. <a href="http://i.imgur.com/eNI8Cp2.png" rel="nofollow">http://i.imgur.com/eNI8Cp2.png</a>
This is fantastic, though I seem to be falling to my death fairly regularly, loading to interlude screen and then clicking to get back. Are there going to be consequences for dying? If not why have the interlude?<p>Also the falling to death kicks in much faster than I would have expected.<p>Other than those two, once more a great game. Reminds me of Wyvern (<a href="http://en.wikipedia.org/wiki/Wyvern_(video_game)" rel="nofollow">http://en.wikipedia.org/wiki/Wyvern_(video_game)</a>) in some ways.
Reminds me of <a href="https://bombermine.com" rel="nofollow">https://bombermine.com</a>.<p>But for a not a fan of Minecraft like me kinda lacks a purpose.<p>Impressive demo scene though - making things like that with just some scripts and a browser.
Looks interesting, but it's laggy as hell. Running latest Firefox on a beefy hardware. Got booted off twice already with "you have performance issues" and a suggestion to switch to Chrome (haha). Just FYI.
Very cool. This reminds me of Lucasfilm's Habitat, the world's first (?) graphical MMO, from the mid 1980s:<p><a href="http://en.m.wikipedia.org/wiki/Habitat_(video_game)" rel="nofollow">http://en.m.wikipedia.org/wiki/Habitat_(video_game)</a><p>which incidentally is being restored by booting the original servers found in a collector's basement:<p><a href="http://www.gamasutra.com/view/feature/227045/rebooting_the_worlds_first_.php" rel="nofollow">http://www.gamasutra.com/view/feature/227045/rebooting_the_w...</a>
Very cool. How is input sent to the server? Is it one packet when you press the button down and one packet when you release or constinuously sending packets while you hold the button down?
I haven't figured out how to use it yet, but the 2D editor I saw in a video that showed up when I sat on a bench was really cool. Efficient editing of the world around you is a really neat feature to have. I think the Starbound devs have an external tool to do that sort of thing, but having it internal is even better.
Very cool, but the big test will be how this game handles the inevitable 4chan/something awful/reddit effect with masses and masses of genitalia on screen.<p>I've seen similar collaborative sites ruined by the above.<p>This might not break the game but in large enough doses turn off large groups of users.
Pretty cool, reminds me of games like Furcadia and Graal.<p>In Furcadia, you're allowed to create and upload your own world with your own scripts, as well as upload your own images and avatars for use in the world.<p>Graal has player worlds and allows almost the same thing.
Reminds me of Jet Set Willy in both style and the fact that it's also incompletable;<p><a href="http://en.wikipedia.org/wiki/Jet_Set_Willy#Bugs" rel="nofollow">http://en.wikipedia.org/wiki/Jet_Set_Willy#Bugs</a>
Seems awesome from what I am seeing so far from just poking around.<p>Could you add a way to import assets easily so that they can be developed using other tools or imported?
Is there a reason why we often have shitty nondescriptive titles like this? I almost always have to click on every link on the frontpage because it is impossible to predict if I might be interested in the article/webpage behind the title or not :(