No rest for the wicked

A sud­den jolt woke Paul from his slum­ber. He start­led and sat up pro­perly, unsure what really woke him, but couldn’t find anything that should have unsett­led him; and he was quite sure that not­hing phy­si­cally shook him.

The train was rum­bling along bet­ween cities in the Rhein/Ruhr-Megaplex. The whole Ruhr­ge­biet had always felt like a par­ti­cu­larly big city, but since those reforms a couple of years ago after the hou­sing expan­sion, the whole area has been offi­ci­ally mer­ged into one big municipality.

Buil­dings were fla­shing past the win­dows, too fast for the eye to dis­cern any more than flee­ting details. Paul dug in his pockets for his mobile phone, which told him that he was some­where bet­ween Düs­sel­dorf and Duis­burg. Nobody new could have boar­ded since he was awake when they stop­ped in Düs­sel­dorf itself.

Yet he couldn’t shake the fee­ling that someone was loo­king for him, and he could’t just pre­tend this was any kind of nor­mal paranoia.

After all, there’s no such thing as ran­dom para­noia when you know that there really were people out to get you.

All of this could only mean one thing: this pro­bably is a ste­alth grab, and they’re going to get Paul before the train arri­ves in Duisburg.

Again he che­cked the crowd, almost too casually, with an eye open for anyone who might alre­ady be eye­bal­ling him. But there wasn’t even one remo­tely sus­pi­cious per­son around.

But then again, that would make it way too easy, wouldn’t it.

He briefly con­side­red that this was just a see­king ent­an­g­le­ment pro­du­ced by an espe­cially vigo­rous con­duc­tor star­ting his round of che­cking the traveler’s tickets, but no — this felt way too spe­ci­fic for that and this wasn’t like any of the other ticket checks he’d been in. [In gene­ral, most ticket checks were way more intense than air­port secu­rity checks, too — even the employees didn’t seem to think very much of those.]

Besi­des, he had a valid ticket. Luckily for him, these weren’t per­so­na­li­zed yet, or else he’d be in all kinds of shit by now.

Paul came to a deci­sion. It star­ted with stan­ding up.

Shuf­fling side­ways to the aisle came next, and hea­ding down to the toi­let fol­lo­wed suite.

And there the pro­blems began. Paul had to dodge a pair of reti­rees which were sud­denly stan­ding up wit­hout loo­king around or bothe­ring to check if they’ll bump into anyone, as they usually do, and almost kno­cked him over. Next was a pile of bag­gage that he could have sworn was not there before and which requi­red some ela­bo­rate clim­bing to cross. Clam­be­ring down, he barely mana­ged to dodge a stream of puke sud­denly erupt­ing from a child next to him, which had been noti­ce­ably happy and obnoxiously un-sick just a few moments ago.

So. Now he could defi­ni­tely tell someone was on to him, and they weren’t mes­sing with their obstruc­tion field — else going down the aisle to the toi­let, of all pla­ces, wouldn’t have trig­ge­red such a strong reaction.

The toi­let its­elf was stuck — of course — but mer­ci­fully, it wasn’t occu­p­ied. Then again, this might just be the field’s ploy to lock him inside and leave Paul as a nice package for his pur­su­ers, but he had to take that risk.

With a bit of man­hand­ling, he got the door open and locked him­self inside. The almost tran­quil calm of the mostly sound-proof toi­let was­hed over him, and Paul tried his best to relax. Then he opened his sen­ses to the world.

In the first rush, he con­tem­pla­ted the fact that they were put­ting up such an effort to cap­ture him. With such a bla­tantly strong alte­ra­tion active, it meant that they were eit­her very cocky — or very effec­tive. Pos­si­bly both, but let’s not explore that ave­nue. At least they were con­fi­dent enough to assume that they’d catch him before the train arri­ved in Duis­burg and didn’t assume that there’s a need to hide from their prey.

He then chose to actually per­ceive with his heigh­te­ned sen­ses, opening his con­scious­ness to the per­cep­tion. He was floo­ded by impres­si­ons of all kind, with images being the stron­gest due to the fact that he was suf­fe­ring from some­thing cal­led being human. Other thing that were swam­ping his mind inclu­ded that he could feel the thoughts of the people around him, hear their brea­t­hing and their heart bea­ting, smell their move­ment (which was some­thing where he couldn’t even remo­tely figure out how those two are rela­ted) and taste their emotions.

All in all, Paul was hand­ling more infor­ma­tion that any nor­mal human brain could have any hope of hand­ling. The key word in that sen­tence is the “nor­mal”, though.

And wit­hout a doubt, he could also feel the gravity-like pull of the rea­lity alte­ra­ti­ons his pur­su­ers were employ­ing. He still couldn’t believe that nor­mal people weren’t able to feel this.

A mayor pre­cau­tion against being now was to prac­tice emis­sion con­trol. Paul clam­ped down hard on any “signals” he gave off to the environ­ment which would imme­dia­tely regis­ter as irre­gu­lar. There was always a kind of back­ground sta­tic pro­du­ced by him not fit­ting quite into the “nor­mal” rea­lity of the world, but its effects were all but unde­tec­ta­ble from a few metres away.

At the moment, Paul and his pur­su­ers were enga­ging in some­thing which could clo­sely be descri­bed as some­thing like a World War II sub­ma­rine fight, with Paul being a lone sub­ma­rine and the others the cir­cling des­troy­ers above him, hun­ting for any sign of their quarry.

Which means that as long as he wasn’t being obvious, the enemies nee­ded to use some kind of sen­sor to find them, and that sen­sor also gives them away. In his­to­ri­cal cases, this role was fil­led by sonar scan­ners, which worked by sen­ding out sound waves through water and then mea­su­ring where the signals came back ear­lier than expected.

But also, when it hit the sub­ma­rine the sonar was try­ing to find, it regis­te­red with a cha­rac­te­ristic “ping” sound heard in all kinds of submarine-themed movies. And if you heard that sound, you knew that your situa­tion just went from bad to worse, but at least you’d know about it.

And could initiate counter-measures like hug­ging the ground, run­ning silent and simi­lar methods.

Kno­wing that he was being hun­ted kind of stream­lined his opti­ons down to two cour­ses of action. The dra­ma­tic option would be to hide whatever’s giving you away by mas­king your­self with your sur­roun­dings and hoping you won’t be noti­ced. In your run of the mill movie, this is the point where ever­y­thing is tur­ned off, and the hus­hed crew just cowers inside their still water­tight metal tube, wait­ing for the depth char­ges to go off around them — hoping that there won’t be the lucky charge that hits them.

Luckily for Paul, there was no such thing as an ana­lo­gue to depth char­ges that threa­tened him. Unluckily, there was also no kind of depth to hide in.

Option two, of course, is to bolt away as soon as you know someone’s fol­lo­wing you. Against supe­rior num­bers, this is actually the best course of action, since you want to be the one that deci­des where the show’s going to be, not have the choice forced on you. But most of these sce­na­rios do not involve being stuck on a moving train, a fact which is known to exces­si­vely hin­der esca­ping from said scenario.

And if you think about it, that’s pro­bably the rea­son why they didn’t board the train alre­ady scan­ning — he could have just slip­ped out in Düs­sel­dorf and lost them at the train station.

Well, there’s still option three, but from their per­cei­ved level of arro­gance, fight­ing them right out was pro­bably just a crea­tive way of com­mit­ting sui­cide. That and the fact that Paul didn’t like odds along the lines of “there’s quite a lot of them, and I’m alone”.

There might be a few select cir­cum­stan­ces where he could over­whelm then, but if the pur­su­ers are worth their money, they’re pro­bably run­ning a opti­mistic deri­vate gene­ra­tor, which would make it all but impos­si­ble for him to have the necessary kind of luck.

Back to option two, then. And he can alre­ady feel the pull of the searcher’s need get­ting stron­ger, which means he’s get­ting closer.

He sur­veyed the lay­out of the train and then dia­led down his per­cep­tion to a level slightly above aver­age — which still gave him an advan­tage over almost ever­yone he would encoun­ter. Paul got into a slight moment of panic as the toi­let door wouldn’t open, but then it sud­denly bud­ged and he could get out.

Hea­ding back to his seat again, Paul again had to struggle, but mostly with lug­gage this time; no ani­mate objects actively blo­cking him, and even the kid was loo­king healthy again. (That, and ever­y­body seems to have for­got­ten that he just puked all over the place.)

Paul was just lea­ning over to pick up his back­pack as a voice behind him clea­red its throat — sur­rep­ti­tiously, yet unmistaka­bly direc­ted at him.

He froze, and only when he slowly tur­ned around he noti­ced that that con­duc­tor was smi­ling at him. “Guten Tag, die Fahr­aus­weise bitte!” Ticket check.

At pre­ci­sely that moment, the pull hit him full force, and he knew that it came from the conductor.

Slightly flab­ber­gas­ted, he pro­du­ced his ticket from some­where inside his back­pack and showed it to the con­duc­tor, and as soon as she nod­ded and than­ked him, the pres­sure went away.

Why did he just think people were out to get him? Was he actually get­ting para­noid? Why was he being so over­sen­si­tive? He was con­vin­ced the Inqui­si­tion was about to get him, but it was just a bloody ticket check.

Paul rela­xed and sat back down, let­ting his head sink back into his neck and rest against the chair.

“Nächs­ter Halt: Duis­burg Haupt­bahn­hof. Aus­stieg links” the announ­ce­ment robot said, indi­ca­ting that they were close to stop­ping at Duisburg.

He stop­ped sta­ring at the cei­ling, and deci­ded he needs to get out at Duis­burg any­way. The train would drive him crazy if he stayed on any lon­ger. Paul looked ahead, in the direc­tion of the doors.

There were two men stan­ding there. He was still using his heigh­te­ned sen­ses, and he noti­ced that they weren’t just your regu­lar blo­kes wait­ing to get off. They were ten­sed and ready to move at a moment’s notice. And they were carrying.

Paul glan­ced back, in the gene­ral direc­tion of the conductor.

She was hol­ding a fin­ger to her ear, which, he now noti­ced, held a small headset.

And with a sud­den thun­der clash, men star­ted run­ning in his direction.

Their pull became stron­ger than back­ground level and almost tore him apart. They had mana­ged to keep it sup­p­res­sed. They were good.

Paul went into auto­ma­tic mode. He pul­led hard at the iso­la­tion seal of the win­dow next to him, rip­ping it clean off, and with ano­ther decisive shove, the win­dow sprang out of the frame and cras­hed on the track bed.

He grab­bed his back­pack and swung him­self outs­ide. His pur­su­ers were still strugg­ling their way to him, shouting and pul­ling wea­pons. Their obstruc­tion field fai­led to over­power his need for survival.

Paul drew on his powers and enhan­ced him­self — no use being sub­tle now. He grab­bed onto the train and clim­bed up the side with a couple of strong pulls which sent him fly­ing upward.

He looked around and found no-one atop the train. Silly bug­gers were trai­ned good, but not good enough.

Loo­king for­ward, he saw the train slo­wing as it ente­red the station.

Paul broke out into a sprint and with one giant leap jum­ped over onto a small buil­ding next to the track, lan­ding with a roll and lea­ving a dent in the ground. His pur­su­ers took a few potshots at him, but they went wide.

He sig­hed a breath of relief. They had good men, but their tac­tician had sucked balls. Else he wouldn’t have got­ten out of the toi­let alive. Thank crea­tion for small gifts.

Paul jum­ped down from the buil­ding and star­ted run­ning away. The adre­na­lin rush doesn’t float him any lon­ger than it does any nor­mal human, so bet­ter use it now before he cras­hes and starts sobbing.

He had stop­ped coun­ting how often his days ended like this.

In a sense, it never got old.

Value of two-factor authentication in MMOs

Cypher­punks ever­y­where know that using two-factor authen­ti­ca­tion, when done right, is inher­ently more secure.

Not­hing can be said against the secu­rity of wisely-used one-factor authen­ti­ca­tion, but care must be taken to ensure the ongo­ing secu­rity of that fac­tor. If you use a pass­word, you need to choose a secure one — and if you don’t change it regu­larly, it logi­cally gets wea­ker, too.

I know of at least one WoW player who is posi­tively para­noid about expo­sing their pass­words to someone, even though they don’t exhi­bit that beha­viour elsewhere.

And then, of course, there’s the people who com­plain about having their accounts hacked, even though they used a secure pass­word like their birth­day. Or abcde.

A miti­ga­ting fac­tor against people being too stu­pid to use pass­words secu­rely, then, is nee­ded. And that’s where two-factor authen­ti­ca­tion comes along.

Two-factor authen­ti­ca­tion, in essence, means that there you need to prove your own iden­tity by two dif­fe­rent means. This isn’t like using two dif­fe­rent pass­words. The com­mon exam­ples for fac­tors include “things the user knows” — like a pass­word, PIN, etc, “things the user has”, like some form of phy­si­cal secu­rity token, and “things the user is”, i.e. bio­me­tric veri­fi­ca­tion methods.

Bio­me­tric veri­fi­ca­tion is more “com­for­ta­ble” to use, but does have two major drawbacks:

  1. it requi­res spe­cia­li­zed equip­ment (in most cases)
  2. it is vul­nera­ble to replay attacks

So, mainly for rea­sons of prac­tica­lity, owning an authen­ti­ca­tion token is the best method of get­ting a second fac­tor into the mix.

But why would a com­pany like Bliz­zard, for example, cough up the effort to actually enable some­thing like authen­ti­ca­tors — not only via device, but by mobile phone, too — and then go ahead and reward play­ers (in the form of an in-game pet, but nevert­he­l­ess) for using an authen­ti­ca­tor — merely to save people from their own stupidity?

Sim­ple enough: to help battle against “eco­no­mic” abuse, and to help pro­tect their own inte­rests by having to deal with less “hacked account” cases.

Even though the lat­ter rea­son might just be enough to imple­ment it, the for­mer is actually the most import­ant one. Gold far­ming is a serious pro­blem for online gaming com­pa­nies, and even under­de­ve­l­o­ped eco­no­mies like that of WoW can suf­fer greatly from such manipulation.

If you want to read a fic­tio­nal example of a near-future vision on the import­ance and con­cepts of gold far­ming, you should read up on Cory Doctorow’s “For The Win”. Even though it’s a bit over the top com­pa­red to the cur­rent state of the game, it might very well be simi­lar in the years to come.

Of course, the battle.net authen­ti­ca­tion token Bliz­zard dis­tri­bu­tes does seem to have relia­bi­lity pro­blems, the mobile authen­ti­ca­tor — a Java app­li­ca­tion — seems to work fairly well, and, com­pa­red to the DIGI­PASS Go 6 authen­ti­ca­tors used by Bliz­zard, actually has a reverse-engineered spec avail­able.

Even though the DIGI­PASS algo­rithm was, to the author’s know­ledge, not bro­ken so far, the fact that the deve­lo­ping com­pany does not dis­close the DIGI­PASS source code to non-customers, along with a rather cheeky atti­tude, should serve as suf­fi­ci­ent indi­ca­tors to avoid their products.

Using grub2 to recover your system

grub2 is hai­led as the all new, super modu­lar cure-all remedy for all boo­ting pro­blem you’ve had, have and will have. At least that’s the way the deve­l­o­pers and some enthu­si­asts see it, whe­reas most blo­kes who’ve actually had to use it with more than arrow keys and enter will paint a slightly dif­fe­rent picture.

The thing with grub2 is that even though in theory it sounds like the end of all things boo­ting, it’s about as well-documented as the ques­tion for life, the uni­verse, and everything.

And as I today had to try to fight my way through goog­ling for necessary infor­ma­tion again, I’d thought I’d create a quick step-by-step refe­rence with all the most inte­res­ting bits you’ll ever need alre­ady there.

Thusly, the ingre­dients nee­ded to resur­rect your com­pu­ter with grub2. The gist is that you have the goal of boo­ting one spe­ci­fic ope­ra­ting sys­tem on your com­pu­ter, from wher­ein which you’ll use wha­te­ver methods you deem necessary to update your grub in the “right way” — usually a down­grade to an older ver­sion and wait­ing for the dust to blow over.

  1. A boo­ting grub2. If your grub2 alre­ady fails to boot because of some ran­dom error, you need to get a grub in smel­ling dis­tance of your BIOS. One of the most pro­ven methods is to
    1. Down­load a USB res­cue image like grml (usually from Your Other Com­pu­ter or that of some­body else)
    2. Put it on an USB stick (dd if=grml-variant_version.iso of=/dev/sdx in most cases, with appro­pria­tely cho­sen variables)
    3. (Re)boot, even­tually adjus­ting the prio­rity for your USB HDD/USB key

    And that’s it, you’re in a grub. Also note that it’s recom­men­da­ble to have an USB stick with a res­cue image lying around for the times when you can’t just easily down­load it.

  2. Enter the com­mand line/shell mode by pres­sing ‘c’.
  3. Do an ‘ls’, which will give you a lis­ting of reco­gnized devices. Doing an ‘ls device’, e.g. ls (hd0,1) will give you more infor­ma­tion about that device.
  4. If the infor­ma­tion by your ls isn’t com­plete, you will have to load some modu­les (by using insmod modulename). Here’s a checklist:
    1. If you do not see any other devices which look like your hard drive(s), e.g. you only have an (hd0) device from your USB medium, then load a device dri­ver. They will allow you to find the actual devices. Exam­ples include:
      • bios­disk
      • scsi
      • fs_uuid
      • pci
      • raid
      • mdraid
      • dm_nv
    2. If you have devices, but no par­ti­ti­ons, you’ll need a par­ti­tion dri­ver. It seems the default grub con­fig does not load any par­ti­tion dri­ver, and debug­ging this is just a bit annoy­ing. But there’s two easy choices for most people:
      • Load the module “part_msdos”.
      • If this doesn’t help, try “part_gpt”.

      These are the two most com­mon par­ti­tion tables (at least for next to ever­yone rea­ding this guide in need) and should help your grub find its par­ti­ti­ons again.

    3. Even­tually, you will also have to load your file­sys­tem dri­vers. I pre­sume you alre­ady know which those are, but for the sake of completion:
      • Almost all Linux use ext2
      • Most cur­rent Win­dows will use ntfs, but fat is also an option.
      • Mac users will use hfsplus for newer sys­tems, hfs for older ones.
    4. The next step depends on exactly what you want to do. There’s a fork in the road — if you just want to load your pre­viously unboo­ta­ble grub, you will try to load its con­fi­gu­ra­tion file, else you’ll try to boot your ope­ra­ting sys­tem kernel.

    5. To search for a file, you use the search -f filename com­mand, which will give you results on where files of that name are stored. Use root device to set the resul­tant device as the root device for your fur­ther ope­ra­ti­ons. If you only want to load your old grub con­fig, type in configfile filename, whe­reas filename will usually be some­thing like /grub/grub.cfg or /boot/grub/grub.cfg.
    6. Should this fail to resolve your pro­blem, or not be what you’re aiming for, you’ll need to find the ope­ra­ting sys­tem. For most Linu­xens, you’ll pro­bably have a file cal­led /vmlinuz or /boot/vmlinuz to search for. For Win­dows ope­ra­ting sys­tems, look for /Windows/win.ini. For Mac: no clue. When found, set your root device (with root device).
    7. Now methods will become diver­gent, as ope­ra­ting sys­tems dif­fer in the way of boo­ting them.
      Linux
      1. kernel kernel_filename
      2. initrd initrd_filename [most cur­rent ker­nels come with an “initial ram­disk” hol­ding modu­les etc.]
      3. boot — if all goes well, you’re set.
      Win­dows
      1. chainloader +1
      2. boot
      MacOS
      Pro­bably the same as Win­dows, using the chainloader.

    And that’s it. It should cover most cases you’d need to res­tore your capa­bi­lity of boo­ting your ope­ra­ting sys­tem. You’ll pro­bably want to fix/install your boot­loa­der after this, though.

    A hel­pful tool for debug­ging your cur­rent grub state is probe, which will allow you to check what dri­vers are assi­gned to devices.

vimium mapping for Dvorak layouts

I recently stum­bled upon the rather neat vimium exten­sion for Chrom(e|ium), which does much the same as the vim­pe­ra­tor exten­sion for Fire­fox. The pro­blem, though, as with vim­pe­ra­tor and vim its­elf, is that the default key­board map­pings are a bit of a pain in the arse for Dvorak users, as hjkl isn’t on the home row any­more, much less next to each other.

The­re­fore, it needs some remap­ping to get in a half­way fami­liar and Dvorak-compatible lay­out, which would look like this:

unmapAll

map r reload
map e removeTab
map u restoreTab
map h scrollDown
map t scrollUp
map d scrollLeft
map n scrollRight
map <c-h> scrollPageDown
map <c-t> scrollPageUp
map <c-u> scrollFullPageDown
map D goBack
map N goForward
map T nextTab
map H previousTab
map <c-y> createTab
map gg scrollToTop
map G scrollToBottom
map gf toggleViewSource
map zi zoomIn
map zo zoomOut
map yy copyCurrentUrl
map i enterInsertMode
map f activateLinkHintsMode
map F activateLinkHintsModeToOpenInNewTab
map / enterFindMode
map . performFind
map , performBackwardsFind

Just paste it in the remap field of the extension’s “advan­ced opti­ons” menu.

D&D rules lawyering: cover and stealth

I was recently rea­ding up on the ste­alth and cover mecha­nics, and even though I was fairly cer­tain about what is and what is not pos­si­ble, I found out that one edge case isn’t par­ti­cu­larly well-documented.

The rules, to be exact the Ste­alth rules cor­rec­tion from Player’s Hand­book 2, state:

Beco­m­ing Hid­den: You can make a Ste­alth check against an enemy only if you have supe­rior cover or total con­ceal­ment against the enemy or if you’re outs­ide the enemy’s line of sight. Outs­ide com­bat, the DM can allow you to make a Ste­alth check against a dis­trac­ted enemy, even if you don’t have supe­rior cover or total con­ceal­ment and aren’t outs­ide the enemy’s line of sight. The dis­trac­ted enemy might be focu­sed on some­thing in a dif­fe­rent direc­tion, allo­wing you to sneak up.

So, what it espe­cially says is that “supe­rior cover” works as a basis to get hid­den behind. Accor­ding to the Dun­geon Master’s Guide on deter­mi­ning cover for ran­ged attacks:

Choose a Cor­ner: The atta­cker choo­ses one cor­ner of a square he occu­p­ies, and draws ima­gi­nary lines from that cor­ner to every cor­ner of any one square the defen­der occu­p­ies. If none of those lines are blo­cked by a solid object or an enemy crea­ture, the atta­cker has a clear shot. The defen­der doesn’t have cover. (A line that runs par­al­lel right along a wall isn’t blo­cked.)
Supe­rior Cover: The defen­der has supe­rior cover if no mat­ter which cor­ner in your space you choose and no mat­ter which square of the target’s space you choose, three or four lines are blo­cked. If four lines are blo­cked from every cor­ner, you can’t tar­get the defender.

So, in theory, if you’d have a situa­tion where you’d have supe­rior cover from an enemy, e.g.
Illustration with a player behind two allies, and lines of sight to an enemy.
you’d be able to ste­alth your­self and gain com­bat advantage.

The only thing that really denies this pos­si­bi­lity are, again, the Ste­alth updates from Player’s Hand­book 2, this time the “Remai­ning Hid­den” sec­tion [empha­sis mine]:

Keep Out of Sight: If you no lon­ger have any cover or con­ceal­ment against an enemy, you don’t remain hid­den from that enemy. You don’t need supe­rior cover, total con­ceal­ment, or to stay outs­ide line of sight, but you do need some degree of cover or con­ceal­ment to remain hid­den. You can’t use ano­ther crea­ture as cover to remain hid­den.

Many thanks to @Milambus for loo­king up that pas­sage. [And making me feel stu­pid for not having found it mys­elf, by the way.]

And that’s the only pro­blem. So, you could gain ste­alth moving behind enemies, but imme­dia­tely lose ste­alth sta­tus again by being only behind a creature.

In a sense, this is balan­ced, since your rogue strikers could then just con­ti­nue to camp behind your own figh­ters and shoot sneak attacks at enemies from just behind their bud­dies (since they don’t block for the player), which would make com­bat encoun­ters quick enough, but also a bit boring.

Then again, as my player rogue poin­ted out, when there’s two huge dra­gon­born war­ri­ors poun­ding away at an enemy, how are they not sup­po­sed to be able to hide behind them? They aren’t 5′ wide, surely, but cer­tainly big­ger than a half-elf in every other dimension.

I just think that with a fur­ther update (yuck), we might be able to get a bit of cla­ri­fi­ca­tion on the fact how allies grant cover, but can­not grant supe­rior cover.

D&D Characters: Shamorn Fallenheart, Tiefling Bard

As a bit of a side occupa­tion, I like to engage in some cha­rac­ter design for role-playing games, as it just comes as a natu­ral exten­sion of being a hobby-ish wri­ter person.

Thus, I pre­sent: Shamorn Fal­len­he­art, a tief­ling bard from High Imaskar.


Birth — and over misgivings

Shamorn was born in Gheld­an­eth, the fading Mula­nian metro­po­lis of High Imas­kar, and his par­ents belie­ved in the pro­phe­cies sta­ting Shamorn to bring forth bet­ter times for the tief­ling folk of the Gheld­an­eth slums. Being rai­sed in a com­mu­nity of hired hands to accom­pany adven­tu­rers on dan­ge­rous tre­a­sure hunts through the depths of the sun­ken city, hopes were laid on him, and him alone, to libe­rate them from this life of unof­fi­cial slavery.

Early life

Our young tief­ling was always a bit pam­pe­red. The male role models of the com­mu­nity were often too busy get­ting kil­led on a foolish quest, as was Shamorn’s own father — shortly before his fourth birth­day. As it were, there was none of the usual goading and tes­ting a tief­ling endu­res as part of gro­wing up. The con­se­quen­ces of this, as well as the pam­pe­ring he recei­ved by his mother and other “faith­fuls”, would be dire indeed.

Thus Shamorn grew to be a young adult, hel­ping out ever­y­where in the com­mu­nity, wit­hout ever taking up a real job. He had many on and off teachers, ver­sing him in skills as @skills and the heri­tage of the tief­ling race, trai­ning him in the use of wea­pons and tel­ling sto­ries of heroic deeds throug­hout time.

Con­stantly sur­roun­ded by an app­re­cia­tion for life, for hero­ism, the history and cul­ture of his people and a will to bring good to them, it came as a great sur­prise to many that Shamorn Fal­len­he­art, Pro­phe­sied Saviour of the Gheld­an­eth Tief­lings, came to start trai­ning to be…

a bard.

There was a wan­de­ring Elven Bard in Gheld­an­eth at the time, and Shamorn choose to app­ren­tice him­self to him, belie­ving that beco­m­ing a bard, a herald of their people, would be worth much more than sim­ply slaugh­te­ring any would-be opp­res­sors or being a lea­der to guide the people to their Pro­mi­sed Land.

As was to be expec­ted, his deci­sion did not sit well with some, if not most, of his elders. His mother came just short of disin­heri­t­ing him, and he was fore­ver bran­ded as a wimp by most others. Still, there were some people who still belie­ved in him, and he mana­ged to stay in the com­mu­nity, even though ever­yone tried to for­get about any kind of pro­phesy laid upon him.

The turning point

His app­ren­ti­ce­ship was going well, all things con­side­red. But his teacher, unbe­kno­west to him, was a bit of a brag­gart and igno­rant, that is to say: not a very good bard. Still, Shamorn mana­ged to mas­ter his natu­ral graps of the Arcane under his tutor­ship, even though the social values might have been slightly distorted.

Sadly, this dis­tor­tion and the infu­sion of heroic tales led to an unfor­t­u­nate inci­dent. A rough band of tre­a­sure hun­ters, with a fierce repu­ta­tion for their harsh effec­tiv­en­ess and rumours of a bru­tal and unrelen­ting man­ner towards oppo­si­tion, sought out their enclave to hire some of their men for help. So, after a few minu­tes of shouting, waving of wea­pons and dragging people out of their hovels, Shamorn thought it was time to act.

Bra­vely step­ping for­ward, he con­fron­ted the lea­der of the sca­ven­gers, deman­ding of him to cease these des­pica­ble acts and appealing to his good sense, as a man, to respect his people’s wishes.

The screams as the leader’s mini­ons star­ted slaugh­te­ring the women and child­ren are still stuck in Shamorn’s head. He still only has vague memo­ries of that moment, but there is one thing he is quite con­fi­dent of:

As his mother’s life­l­ess body was thrown in front of him, crump­led up in a heap, he snap­ped. Shamorn went into a rage, slamming into the mini­ons and fight­ing them fier­cely. It see­med the demon in him had taken con­trol, for he was full of laugh­ter at the slaugh­ter he was cau­sing, taun­ting his enemies as he smas­hed their faces in with his $wea­pon or embed­ded his dag­gers into their hearts, even just rip­ping into them with his claws and bit­ing as he went along.

It did not take long for him to cut through the mini­ons, emer­ging bathed in blood, eldritch powers abound and fla­mes crack­ling around his body. His Elven mas­ter bard was asto­nis­hed at the dis­play, and reco­gnized the poten­tial of a war­lock in him should he have even been trai­ned thusly. As it was, the teacher pre­fer­red to cower in fear and observe what hap­pened next.

Shamorn con­fron­ted the lea­der of the sca­ven­gers who was just stan­ding there, sho­cked to his core.

“This is what hap­pens when you try to com­pel my folk, human!” the bard sta­ted in an almost neu­tral voice, only a hint of a burning dark­fire notica­ble in the voice. And with that, he slew the lea­der of the group that brought death to his kin.

And as if by mira­cle, Shamorn imme­dia­tely cal­med down to his usual, naive self. The only hint at his mons­tro­sity was the fact that he sur­veyed the slaugh­ter he had cau­sed wit­hout fear, shame or dis­gust. Loo­king around him, he found few people left alive. Some were cower­ing inside their hovels, eit­her hiding their faces or sta­ring out at him with fear. Others seem to have run a way, and it was eerily silent.

Shamorn clea­red his throat. “My mas­ter, I will be lea­ving now. Do you wish to accom­pany me?”

His mas­ter, still shaking slightly, replied “No, my app­ren­tice. I do not think that you need me any fur­ther. Con­sider your trai­ning complete.”

And with these short words, the recently orpha­ned Shamorn Fal­len­he­art set out into the Realms, ven­tu­ring forth to herald his people — and to leave this bligh­ted home which has been cur­sed by his deeds.


The cha­rac­ter sta­tistics will fol­low as soon as I have access to the rele­vant docu­ments again. I might also write a short story or two detailing the back­ground or later adventures.

pisg: patch to irssi parser for euIRC ‘admin’ user mode

As pisg is ill-equipped to handle sup­port for ‘admin’ users in the stan­dard con­fi­gu­ra­tion, I went on a quick code hunt to find the bit of code responsi­ble for strip­ping nick modes from a log line. A bit counter-intuitively, this func­tion is cal­led normalline, and not some­thing like normalize or strip_mode.

Anyhow, here’s a small patch to fix the pro­blem for the Irssi par­ser module:

--- modules/Pisg/Parser/Format/irssi.pm.old	2008-02-13 21:40:25.000000000 +0100
+++ modules/Pisg/Parser/Format/irssi.pm	2010-03-16 02:29:42.000000000 +0100
@@ -10,7 +10,7 @@
     my ($type, %args) = @_;
     my $self = {
         cfg => $args{cfg},
-        normalline => '^(\d+):\d+[^<*^!]+<[@%+~& ]?([^>]+)> (.*)',
+        normalline => '^(\d+):\d+[^<*^!]+<[@%+~&! ]?([^>]+)> (.*)',
         actionline => '^(\d+):\d+[^ ]+ +\* (\S+) (.*)',
         thirdline  => '^(\d+):(\d+)[^-]+-\!- (\S+) (\S+) (\S+) (\S+) (\S+)(.*)',
     };

Or you could just down­load the diff directly.

A new reason for leaving Ubuntu

So, if you’re won­de­ring your­self: “Why, Ubuntu is in the pro­cess of making ever­y­thing quite a bit more annoy­ing and fucking things up”, yet still think “that might just be mis­jud­ged opi­nion”, then fret no more. There’s an easy way to now know that Cano­ni­cal has offi­ci­ally gone bonkers.

The Ubuntu One Music Store.

After instal­ling an annoy­ing App Market-like “Soft­ware cen­ter” by default, swit­ching users over to a IM cli­ent that’s only remo­tely usa­ble, try­ing to sell you a cloud-based sto­rage solu­tion and swit­ching to Yahoo as the default search engine, you really have to won­der what the guys responsi­ble are up to.

So.

In short, Cano­ni­cal is on the verge of going Apple. Just bail boat while you still can.

D&D item: Martyr’s Collar

See­ing how ever­yone else is cur­rently crea­ting inte­res­ting items, I thought that I should throw one of my ideas into the mix. And after a bit of tin­ke­ring with how it should work, I present:

Martyr’s Col­lar Level 5

Res­ting tight against the throat, the wea­rer is always remin­ded of the price of sacrifice.

Lv 5   1.000 gp

Item slot:
Neck
Pro­perty:
This item can mean instant death for the cha­rac­ter. To wield it, the cha­rac­ter must suc­ceed at a hard will­power check. After three failu­res, the cha­rac­ter needs to take an exten­ded rest before try­ing again.
Power (At-Will ♦ Necrotic):
Stan­dard action. A con­scious and wil­ling cha­rac­ter may activate the col­lar while it is around their throat. The col­lar magi­cally con­stricts, seve­r­ing the user’s head from their body. The user’s life energy ser­ves as a power source for the col­lar and sends every attu­ned ally in range (burst 10) to the point defined by the attu­ning pro­cess.
Being able to sur­vive the deca­pi­ta­tion does not save the user, as all of their life energy is used up to power the collar’s magic.
The allies do not need to be wil­ling, con­scious, or even alive. If, for wha­te­ver rea­son, the desti­na­tion is not reachable, the col­lar will not activate. After the tele­por­ta­tion, the col­lar expands to its nor­mal pro­por­ti­ons and loses any attunement.
Power (Daily):
Stan­dard action. Every wil­ling ally in a burst 5 are attu­ned to the col­lar, and the item its­elf is attu­ned to the loca­tion. When the at-will power is used, all allies attu­ned and in range are trans­por­ted back to the cur­rent loca­tion. The col­lar does not need to be worn to be attu­ned; any cha­rac­ter tou­ch­ing the item can initiate the pro­cess. When pas­sing bet­ween owners, the item does not lose con­nec­tion to any attu­ned user or the attu­ned location.

Nobody really knows how these devices ever came to be, but they seem to have been used by devout and loyal war­ri­ors throug­hout time to save com­ra­des from cer­tain death by using their own life to shield them. The ulti­mate heroic sacri­fice, most souls sacri­fi­cing their bodies this way ascend to the Astral Sea.

Trusting self-signed certificates with Google Chrome on Linux

Update: added the “C” flag to SSL attri­bu­tes which I acci­den­tally for­got to include.
Also chan­ged $HOST to $host, as $HOST is the shell para­me­ter for the cur­rent hostname…

If you’re not really sure about how you can stop Chrome from per­man­ently remin­ding you that the ser­ver you’re con­nec­ting to is a bad boy (read: using a self-signed cer­ti­fi­cate), you’ll pro­bably end up loo­king at CACert’s Brow­ser Cli­ent page by way of Google. With a bit of rea­ding docu­men­ta­tion, you can pro­bably find out how to import a self-signed cer­ti­fi­cate and mark it as trus­ted, but since you’re pro­bably lazy, you’d rather just copy and paste a few instructions.

First, I have to stress is that blindly trus­ting a cer­ti­fi­cate you down­load off the inter­net is a Bad Idea. But expres­sing a cer­tain laissez-faire atti­tude: if you’re stu­pid enough to copy and paste blindly, you deserve it.

Second, sim­ple copy and paste instructions:

openssl s_client -connect $host:443 -showcerts > temporary_file
certutil -d sql:$HOME/.pki/nssdb -A -t CP,,C -n "$host" -i temporary_file

Third, expla­na­ti­ons:

  • s_client just con­nects to the given host­name, 443 being, as you should know, the (default) HTTP SSL port.
  • –show­certs shows all kinds of infor­ma­tion about the cer­ti­fi­cate, inclu­ding the cer­ti­fi­cate its­elf. You will pro­bably have to hit ^C/^D to stop s_client.
  • If you get mul­ti­ple (and dif­fe­rent) cer­ti­fi­ca­tes, first one will be the ser­ver cer­ti­fi­cate, and second one the CA certificate.
  • cer­tu­til (package hint: libnss3-tools can be used to manage your local «Net­work Secu­rity Ser­vices» SQLite database.
  • The spe­ci­fied argu­ment for cer­tu­til are:
    1. The data­base to use (in this case, the user-specific NSS database).
    2. The flag to add some­thing to the data­base (-A).
    3. The “trust types” for the cer­ti­fi­cate, in “SSL, S/MIME, CA” noti­fi­ca­tion: “P” for a trus­ted peer, and “C” for a cer­ti­fi­cate aut­ho­rity that may issue ser­ver certificates.
    4. A short­name to iden­tify the cer­ti­fi­cate in the data­base. The host­name works well and is fairly obvious.

Next Page »