Recent Posts

3776

Post New Requests Here / Re: Login in Facebook

« Last post by Deozaan on January 15, 2014, 03:03 AM »

Google Chrome allows for multiple users to be signed into the browser at the same time. Each user has their own cookies, etc. You could use this to set up multiple profiles, each having their own Facebook logins.
 (see attachment in previous post)

-Deozaan (January 14, 2014, 05:57 PM)

Firefox lets you too be logged in two or more gmail accounts. But for some google services you have to decide what is the only active account, like google drive.

-Contro (January 14, 2014, 06:40 PM)

That is not what I said. I said you can have multiple Chrome profiles. This is not the same as being logged into multiple Google/Gmail/Calendar/Drive/whatever accounts. That's why I included a screenshot of what I was talking about, so you could see that I didn't mean switching Gmail accounts.

3777

Official Announcements / Re: NANY 2014 - OFFICIAL ROUNDUP OF ALL ENTRIES

« Last post by Deozaan on January 14, 2014, 06:04 PM »

Nice job to everyone who entered an application in this year's NANY. There are some very useful new programs in the world, thanks to you folks.

3778

Post New Requests Here / Re: Login in Facebook

« Last post by Deozaan on January 14, 2014, 05:57 PM »

Google Chrome allows for multiple users to be signed into the browser at the same time. Each user has their own cookies, etc. You could use this to set up multiple profiles, each having their own Facebook logins.

3779

Living Room / Re: email provider for multiple accounts

« Last post by Deozaan on January 14, 2014, 02:12 PM »

or an alternative email (which I don't want to give)

-kalos (January 12, 2014, 04:55 PM)

http://mailinator.com/

3780

Post New Requests Here / Re: Login in Facebook

« Last post by Deozaan on January 14, 2014, 02:05 PM »

What's so hard about logging out of your currently signed-in profile and then logging into your other profile?

3781

Living Room / Re: DonationCoder & Cody themed art compilation thread.

« Last post by Deozaan on January 14, 2014, 01:24 PM »

I found a link to the NANY 2011 Mugs and added that to the original post.

3782

Living Room / Re: The Amazing Video for Bob Dylan's "Like a Rolling Stone"

« Last post by Deozaan on January 12, 2014, 06:27 PM »

I'm not impressed. It's just a bunch of videos playing simultaneously that you can switch between at your leisure. Not at all mind-blowing and amazing as it was made out to be in the months previous, IMO.

3783

Living Room / Re: Interesting funding discussion regarding JayIsGames.com

« Last post by Deozaan on January 12, 2014, 04:15 PM »

What makes you think so few JayIsGames visitors are using adblockers?

Admittedly, most people I know don't use them, but they're not the kind of people who would be visiting sites like JayIsGames anyway.

3784

Living Room / Re: Programming/Coder humor

« Last post by Deozaan on January 11, 2014, 04:08 PM »

Users:

3785

N.A.N.Y. 2014 / Re: NANY 2014 Release: Blasteroids

« Last post by Deozaan on January 11, 2014, 01:26 PM »

It's a lot harder now to break the 10k mark. (But I done it - eventually...)

-tomos (January 11, 2014, 12:54 PM)

If you play perfectly (without dying) I believe that you should clear 10k points on Level 7.

I have had the experience a couple of times lately where the brand new ship gets killed before I can even start - i.e. the 'repulse' effect doesnt work - this is hard when it's your last man ship - could that be because I dont have the mouse button fully pressed (dont think so but I'm not sure).

-tomos (January 11, 2014, 12:54 PM)

This is an intended feature of the game. It's a bit unfun to experience as a player, but it adds a little bit of "luck" factor in there. The "repulse effect" (as you call it) greatly reduces the chance of this happening, but it does still happen sometimes.

It happens when the asteroids are too close to the new ship when it first appears, there is then no replulse effect -- ship dead before it can even get going.

-tomos (January 11, 2014, 12:54 PM)

It should be noted that the repulse effect still happens (and you'll probably notice the asteroid start to spin wildly due to it), it's just that due to the proximity of the asteroid, it's not able to effectively push it away and the ship respawns in the same location that the asteroid is currently occupying.

On another note - I'm curious how the scoring works:
one time I got to level #9 with only 6.5k points - my highest score is over 12k - but only at level #8 (?)

-tomos (January 11, 2014, 12:58 PM)

Points are awarded based on three factors:

1. What size of an asteroid is destroyed.
2. What level you're on.
3. How many extra lives you have.

The reasons for this are:

1. The smaller asteroids are harder to hit, so they give more points than the larger ones.
2. The further you progress in the game, the more you're rewarded.
3. The better you play the game (i.e. the less you die), the more you're rewarded.

So in your case where you got to level 9 with only 6.5k, you probably died a couple of times in the first few levels, greatly reducing your score. When you got over 12k on level 8, you probably played a nearly perfect (no deaths) game up until level 7 or 8.

I think I've mentioned it before in this thread, but if you play a perfect game, you should reach just over 7k points when you start level 7.

3786

Living Room / Re: YouTube finally forces creation of google+ A/C to comment

« Last post by Deozaan on January 10, 2014, 06:17 PM »

Google is today making a change to Gmail that will further bake in Google+ to its webmail product in a way that’s actually somewhat practical, though also potentially invasive. Going forward, you’ll now be able to directly email your Google+ contacts from Gmail, even if you don’t know their email address. And by default, anyone on Google+ will be able to email you as well, thanks to this new option, if you don’t adjust your settings.

-http://techcrunch.com/2014/01/09/new-gmail-feature-allows-anyone-on-google-to-email-you-vice-versa-but-opt-out-is-provided/

Actually, it's kind of cool. Now I can get people to email me without giving out my e-mail address and risk them including it in a mass-forwarded-whatever, spreading it out even further into the recesses of the internet for spambots to find.

People who I have already screened (by adding them to my circles) and who want to e-mail me can send me a message without me taking on any risk associated with giving out personal information. And I can easily block them from sending me more messages. What's not to like about that?

3787

Living Room / Re: PSA: Using OAuth on apps and sites

« Last post by Deozaan on January 10, 2014, 06:02 PM »

Thanks. I removed a bunch of apps that were authorized to access my Twitter account that I haven't used or touched in quite some time.

3788

Living Room / Re: YouTube finally forces creation of google+ A/C to comment

« Last post by Deozaan on January 10, 2014, 02:12 PM »

It's easy to operate multiple Google/Gmail accounts on one device.

But of course when you buy/install something on the Play Store it is linked to only one account. Otherwise you could put all your friends accounts on your device and buy an app/movie/album and everyone would have free access to it.

3789

Living Room / Re: Why George Orwell wrote 1984

« Last post by Deozaan on January 09, 2014, 04:46 PM »

Very intriguing. Thanks for sharing.

You don't happen to have the source(s) for those James Madison quotes, do you?

3790

Living Room / Re: Evernote, the bug-ridden elephant.

« Last post by Deozaan on January 08, 2014, 02:50 PM »

I use it quite extensively... on several different platforms.  And I've not experienced anything like what he says.  If it was so endemic, especially being a web application used quite extensively by the userbase that he quoted, wouldn't there be more of a record of said lapses?  More people rising up as their data was lost?

Inquiring minds wonder...?

-wraith808 (January 04, 2014, 01:02 PM)

About a year ago (last February or March), I was visiting my parents in another state. We attended a church conference where my mother was asked by a friend who was hard of hearing if she could make a recording of the conference so it could be played back at a later date, presumably after being amplified or something similar. My mom put me in charge of running her friend's recorder. The conference began and I started recording. But I soon noticed a big problem. It seemed as though the digital recorder only had enough free storage to record the first few minutes. As the time ticked down, I had the brilliant idea to make a recording using Evernote on my phone. For about two hours I tried to make sure my phone was properly angled such that it would pick up the sound well, etc. For two hours I worried whether my phone's battery would last long enough to record until the very end.

Fortunately my battery did last long enough. The conference ended, I titled the note and saved the file, and we went home. When I got home the audio note was missing. What I figured happened was that because I didn't have data on my phone at the time (I was paying for it, but I was traveling out of state, so my phone was "roaming" while I was at the conference), it didn't upload the note to the server while I was gone. Then when I got back to my parents' home where I could connect to wifi, I figured the phone synced, but the wrong way. I figured that the local note on the phone was overwritten by the... er... lack of a note, online. That was the best logical explanation I could come up with at the time.

So yeah, I've experienced data loss with Evernote. I'm not sure if it's the same issue this guy mentioned in the article, but it put me off using Evernote, and I haven't really used it at all since, especially since Google Keep was released.

3791

Developer's Corner / Re: How to seamlessly verify a unique identity without requiring username/password?

« Last post by Deozaan on January 07, 2014, 12:24 AM »

You know this falls under the scope of things i'm trying to solve with my Mewlo system - to make it easier for people to create community-based custom web services.

-mouser (January 06, 2014, 10:26 PM)

Yeah, it kind of does. But I think for a web service you can just integrate OAuth or OpenID (or both). Since you're already in the browser it's not that big of a deal to redirect to Google or Yahoo or Facebook or whatever asking for authorization and then redirect back to the Mewlo content to finish logging in.

But in my case, I want players from inside a fullscreen program (my games) or on mobile devices to be able to sync to their accounts without having to be redirected to a browser. And it's seeming to me like it would be a lot easier to have them type in their e-mail address, be sent a link they can click to associate their account with that e-mail, and have it all done automatically for them so they never even need to login.

This would require a few things on the server backend:

1. A new account would automatically be created for each device (GUID) the game was run on.
2. Accounts would need to be easily merged/linked to each other. (i.e. multiple GUIDs per user/email address). This includes non-destructive syncing, so that only the best data is synced (i.e. no progress is lost, best times/scores are not overwritten with worse ones, etc.)

I would recommend creating the GUID once, and then storing it, rather than trying to link it to hardware identifiers.
That way, as long as the user doesn't blow away the config files your UID won't change.

-kamahl (January 06, 2014, 10:43 PM)

My question is more about how the GUID is created. I wouldn't know how to go about generating a guaranteed unique ID, but apparently that's already a feature Unity provides for me. I just don't know if it creates it using hardware identifiers or what. But I think I'd just store it, like you said, and only access it if/generate it if there's no data already there.

The reason I suggested email addresses is that they are something that would be personal enough that people can't impersonate you. 
There would be nothing more irritating than if someone were to get their PC associated with my account, and sell all my items/get me banned from chat/other such effects.
A salted/hashed email is fine.  Just as long as there is a way for the user to be sure nobody else can associate to their account without their knowing.

EDIT: If someone were to clone said config files, and impersonate your GUID, that would still be an issue.  But such things can only really happen with physical access - And when that's true, it's generally easy enough bypass further restrictions anyway.

-kamahl (January 06, 2014, 10:43 PM)

So this is what I'm picturing would be necessary to do it this way:

1. On each device, they'd need to enter in their e-mail address.
2. They are sent an e-mail (for each device) to link the game to their account.
3. They click the link and the server adds a salted hash of the email address to that GUID, and if any other GUIDs have the same hash, all the GUIDs are linked into the same account.

This way if the server is ever compromised, there will be no personal information that can be used to ruin their life elsewhere. No passwords to use to login to their bank account (or whatever), no email addresses to spam, etc.

3792

Post New Requests Here / Re: IDEA: Lan Alarmclock or Timer

« Last post by Deozaan on January 07, 2014, 12:05 AM »

This is thinking outside of the box a bit, perhaps, but if you have a smartphone that you carry with you, you can set a timer on it.

On Android you can open up Google Now and click the microphone button (or say "OK Google") and then say "Set timer for 2 hours" and it will sound an alarm ringtone two hours from then.

I imagine that Siri on iOS can do something similar.

3793

General Software Discussion / Re: BrowserID - Mozilla's solution to the password problem

« Last post by Deozaan on January 07, 2014, 12:02 AM »

I tried it out and found that you can link multiple email addresses to the same Persona. And then you can login to sites using any one of those addresses you want. So you still don't necessarily have to give out your primary address to login. I think I'd like it a lot more if it was more widely used. But like you said, it's used virtually nowhere, so it's kind of worthless. )c:

3794

N.A.N.Y. 2014 / Re: NANY 2014 Release: Blasteroids

« Last post by Deozaan on January 06, 2014, 11:40 PM »

I just updated the game to fix that feature, and put in a couple other bugfixes/niceties:

1.140106.0 NANY

• Quitting while in-game now takes you back to the main menu.
• Death explosions no longer affect bullets.
• Extra life awarded for ever increasing score amounts.

3795

Developer's Corner / Re: How to seamlessly verify a unique identity without requiring username/password?

« Last post by Deozaan on January 06, 2014, 10:08 PM »

I think that's part of OAuth or OpenID.

-Deozaan (January 06, 2014, 07:24 PM)

You can do it with both.  OAuth would be much more useful for a non-browser app.

However, my solution would be this:

• Each device/profile gets a GUID on first run.
• Player is prompted to link profile to an email address.
• If they do, send a confirmation email, and add the GUID to a database: [Email address]<[GUIDs]
• Merge data from local profile to email address

The profile ID is a unique identifier. This essentially means you don't need a password, because having the device is enough proof.
Linking to an email address should be optional. Only required if a user wishes to merge to GUIDs into a single profile.
Other than a once off association (Which is optional), the user doesn't need to see the login process again.

-kamahl (January 06, 2014, 07:41 PM)

This sounds very much like it could accomplish what I want to do. However, I see two potential problems with it:

1. I'd really prefer not to have any personal information about the players. This includes email addresses. Though I suppose I could store a seeded hash of the email address and compare it, and if it matches then merge accounts or whatever.
2. I hear stories about people changing some of their hardware (often their GPU) and it invalides their DRM-enabled program (usually a game) because they suddenly have a new GUID or something similar. Though I suppose I don't need to access the GUID every time the game runs. Just the first time to link to their online account and then I can simply store a reference to their account number or whatever and not rely on the GUID.

Are these problems anything I should even be concerned about? If so, do my own suggested solutions seem like they would reliably circumvent the problems? Are there other problems with my ideas that I should be aware of?

3796

Developer's Corner / Re: How to seamlessly verify a unique identity without requiring username/password?

« Last post by Deozaan on January 06, 2014, 07:24 PM »

It seems like these days another common solution is to let people "log in" and identify themselves via their facebook/twitter/google id.

-mouser (January 06, 2014, 07:15 PM)

I think that's part of OAuth or OpenID.

3797

Developer's Corner / How to seamlessly verify a unique identity without requiring username/password?

« Last post by Deozaan on January 06, 2014, 07:12 PM »

OK so here's the situation:

I program games. Nothing fancy. Nothing popular. Nothing that anybody except my mom has played. (Thanks, mom!)

But I do occasionally have ideas for games that would work better with certain "community" features. A few examples:

• Cloud saves.
• A game with a level editor, where players can submit and download user created levels.
• A racing game where not only are best racing times recorded (leaderboards), but also "ghosts" which you can download and race against.
• Asynchronous turn-based games that will require some sort of account system to keep track of who is playing against who, and prevent players from playing games/turns they shouldn't have access to.
• Friends lists to make it easier to start a game with people you know.
• A game with automatic matchmaking based on an Elo-like rating system^w.

Naturally, I'd need some sort of database/account system to keep track of which data belonged to which player. But I really don't want to make the players of my games have to deal with creating yet another account, or deal with password resets or things like that. I just need to verify that the player is who they say they are, and then let them play. This should be a one time process, per device/profile. i.e., if they install my game on their Android device, they'll need to authenticate once, then the app itself will store the token locally and access their game data that way. But if they also install the game on their PC, they'll need to authenticate once on the PC, too. And if they make another profile on the PC (if I am smrat and make the game support multiple profiles) then the profile will need to be authenticated for the new person.

I don't want or need any personal information. If hackers get access to my database, I want it to only contain non-personal information. Only game related stuff like scores, ghosts, friends lists, games, etc. This way a security breach isn't really a problem. All the data will essentially be public anyway, so the only thing I'd need to be worried about is if the hackers decided to delete the data.

Yes, there are third-party solutions that offer leaderboards and the like, but in my experience both as a player and as a developer, they have 2-3 big problems:

1. They are unreliable, smaller companies which disappear after a year or two, thus breaking all game functionality that relied on them.
2. They are reliable, huge companies (Google, Steam, Apple) but are not cross-platform.
3. They are reliable companies, but charge more money than I'm willing to pay since it's just going to be my mom playing my games.

My thoughts were to use OpenID, but that was designed to be used in the web browser, redirecting to the provider's page, then back to the content. I can't exactly do that from within a game. So maybe I want to use OAuth? Even then, I'm not sure. This is because, again, I don't wan't access to any of their account information from the OAuth provider. I just want a way to verify they are a specific, unique person, then automatically access their game account details from there.

In other words, once they are logged in, the account information would be mostly behind the scenes. I'm thinking that all I'd need is a unique token that never changes (so they can login again after a reinstall or on another device) and that token will be the key/index to the rest of their account information in my database.

Am I going about this the right way? If so, how would I go about using an already existing service provider to provide me with a token which I could then tie to the player's account, without requiring the player to create a username/password to login with every time they launch my game? I think I could even use something like a time-limited code (like what we often see in 2-factor authentication) so that they only need to type in a relatively short numeric code and it will grab all their details automatically. But again, the question is how do I do this seamlessly from within the game, without requiring them to use a browser for authentication?

So what should I use? OpenID? OAuth? WebID? Persona? Something else entirely?

3798

N.A.N.Y. 2014 / Re: NANY 2014 Roundup Prep

« Last post by Deozaan on January 05, 2014, 01:07 AM »

I did a video of mine already.

Blasteroids:

3799

General Software Discussion / Re: Persona - Mozilla's solution to the password problem

« Last post by Deozaan on January 03, 2014, 07:10 PM »

NECRO THREAD REVIVAL!

Well, it's been a couple of years since BrowserID was first introduced. But I stumbled across this thread again today while looking for information about OpenID and looked into BrowserID. Apparently it's now called Persona.

More technical details about it can be found here: https://developer.mo...la.org/en-US/Persona

Any new opinions on the matter since this was originally discussed 2.5 years ago?

3800

Found Deals and Discounts / Re: You Need a Budget 4 - 75% off (Steam version)

« Last post by Deozaan on January 01, 2014, 06:14 PM »

I like how the video calls it an "unexpected wedding anniversary" as if they just pop up at random instead of always happening on the same date each year.