Don

Turns out the fix was reinstalling the official Nvidia driver. I did have a usable 0ad from svn a couple of months ago, and suddenly got these symptoms without changing the video driver. My guess is, the video driver must be reinstalled whenever there's a kernel upgrade. I knew I'd updated 0ad, didn't know I'd updated the kernel, and nothing was obviously broken other than 0ad, so the wrong conclusion seemed right.

I gather I'm the only one with this problem at game startup http://trac.wildfiregames.com/ticket/2261 since no one else is complaining that they haven't been able to play the game for weeks. I've done the obvious things, svn update, update workspaces, rebuild. And on startup I see: $ binaries/system/pyrogenesisCache: 500 (total: 2012) MiBTIMER| InitVfs: 465.525 msSound: AlcInit success, using OpenAL SoftTIMER| CONFIG_Init: 408.641 msTIMER| InitScripting: 175.653 msX Error of failed request: BadWindow (invalid Window parameter)Major opcode of failed request: 137 (NV-GLX)Minor opcode of failed request: 4 ()Resource id in failed request: 0x2e0000fSerial number of failed request: 36Current serial number in output stream: 36UserReport.cpp(515): Assertion failed: "!m_Worker"Segmentation faultIs this a problem someone else has already overcome? Is there something else I can try?

I'm not making a claim about any particular implementation. I'm saying that in general, open source software is more secure because more people have reviewed the source. Closed-source software has been generally been reviewed fewer times by fewer people. And we have a long long history of proprietary software makers who simply ignore security problems with their products, even after they've been notified. I am particularly suspicious of closed-source security software, since the risks are higher, and since we have seen examples of trojans disguised as security software. Nothing personal against you; it's just that you've been preceded by a lot of charlatans.

I categorically reject security technology whose design is hidden. You should too.

I saw CLIPS in use at Union Pacific Railroad, where they do some really elaborate processing of data from locomotives and from trackside sensors. An advantage of using it would be that we could avoid writing the rules engine and concentrate on the rules themselves. We might or might not be happy with the speed of execution, but then I've only watched CLIPS work with vast data sets. I've done a little twiddling with the JS code for Aegis, mostly learning what I could strip out to get a do-nothing AI. Just that much is difficult (for me) without documentation of the API. If I were setting priorities I'd put documentation of the AI system near the top.

An undesirable side effect of assigning an IP address to a malicious user, is that innocent people using the same IP (for example, a Tor exit node) will be unable to use it to connect to the Wordpress server. Obviously that's less of a problem if the block time is shorter. Probably any block time, even minutes, is sufficient to make the attacker move on to another target that can be attacked efficiently. An alternative approach is in place on many UNIX-like systems: if the username/password combination is incorrect, just wait 5 seconds or so before giving the bad news. A brute force attack under those conditions wouldn't be able to try more than a dozen username/password combinations in an hour (assuming no other defenses, like disconnecting the attacker after three attempts). I don't have the data, but I would guess that would make it difficult to break in---the job of hours or days.

By "stop a client" I assume you mean, refuse connections from a particular IP address that has been seen to try multiple wrong passwords. I wouldn't have a problem with that, if it were time-limited. Wouldn't stop a determined attacker from using Tor to attack from multiple IP addresses, but it would inconvenience the bad guy at least a little.

I guess the point of my post was to say that I don't see how "stopping a malicious user" is different from locking an account for a period of time. Perhaps you could explain the difference.

Wait, attack-move works?? How do I use it?

There are two threats here. One is the denial of service attack (locking accounts by trying to break in), the other is successfully breaking in and taking over one account. It's not clear how identifying a "malicious user" (i.e., an account owned by an innocent person, which is the target of a breakin attempt), and preventing login, is more useful (or even different) than locking the account. It's also not clear how you could increase the difficulty of a brute-force attack leading to a successful breakin, other than by the obvious means of requiring strong passwords (non-dictionary words, special characters, minimum length, yadda yadda yadda).

OK, so if I were crazy enough to proceed with developing my own AI---which I assure you, I'm only considering because I don't want to mow the lawn---how would I turn off the fog of war to watch what the AI is doing?

I'd be interested in playing around with the AI, but without docs on the API I'm struggling to come up with the right question. Probably neither of these is the right question: Is there a skeletal do-nothing AI example in the code base, one that does nothing useful but contains the most basic components? I'd like to create a new AI implementation, and watch it fight AegisBot (and lose). Is it possible to create a new AI in one C++ module, or must I write JavaScript?

Domestic meat animals might be more interesting if they required land as an input, rather than food. This could be fenced or not, but the land surrounding the Stable would be unavailable for buildings or farm fields. The player would then have to consider which terrain might be useful for grazing, but perhaps too rocky or hilly or wet for row crops.

Ah, so I can go back to losing soon! I'll svn update every few days then.

I'm playing from a recent SVN update. Not sure what you mean by your second sentence. Did you mean "the AI is becoming too loose?" I build towers as soon as I get to Town Phase, expecting the bad guys to arrive any moment, and lately they never show up.