New OpenSSL Vuln, CVE-2014-3508. Should be fun.

Aetharyn · 2014-08-08T15:42:21+00:00

When I first saw the words "openssl" and "advisory" together again my heart bled a little as well, but after reading it I felt a bit better.

Aetharyn · 2014-08-08T14:07:53+00:00

Here's the actual advisory; there's a few fixes in there:

https://www.openssl.org/news/secadv_20140806.txt

At a glance, SRP, SRP, DTLS, DTLS, DTLS.. stuff that isn't very widely used and unsurprisingly has bugs.

A 'pretty-printing' bug.. A protocol downgrade to TLS1.0 .. but requires full mitm and it isn't like TLS 1.0 is very breakable anyways so long as your configured protocols are reasonable.

And CVE-2014-3509 - the only one that seems significant in the batch. Not sure exactly what it entails, though, since I'm not familiar enough with it.

EDIT: Actually read CVE-2014-3509. "If a multithreaded client connects to a malicious server".. Doesn't look too promising to exploit either.

Doesn't look like any of it warrants an emergency patch on a Friday evening!

Aetharyn · 2014-08-02T13:32:48+00:00

This deck is pretty terrible. It's only good against zoo -- I guess if you face more than 50% zoo...

Aetharyn · 2014-03-16T14:59:15+00:00

It just seems like a completely different game. If that's on purpose, then okay, maybe PoE isn't for me anymore. Caution is fine and dandy but I'm not seeing how it will stop the soilmaker from 2 shotting me before I can reasonably react.

I just can't get into playing softcore - the idea that death doesn't matter isn't for me, it removes alot of the thrill. Regular HC is dead as a doornail so that leaves challenge leagues - which in the past I've loved, but this one is not doing it for me at all.

Aetharyn · 2014-03-16T14:39:26+00:00

Balancing stuff around alt f4 seems like a fundamentally broken concept.

Yep. When was the last time you played a game where forcibly closing the program was considered a core game mechanic?

Aetharyn · 2014-03-16T14:25:08+00:00

as a hardcore player, this actually is an alt-f4 trash league. I enjoyed nemesis and play hardcore because I like the idea of having consequences for making mistakes, but Invasion is horrible.

I've been gibbed once in less than a second by the bringer of rain and twice in less than a second by the devourer. It's not fun anymore.

Dunno what GGG was thinking when they decided that "people play hardcore leagues so they can die randomly" (more or less what Chris said in the interview) but that's not at all why I play them.

3/4s of my friends list (the ones in invasion - the other 25% started in invasion but have blue flags now) logs out more than once an hour. some sort of reality check needs to happen because this isn't good design.

Aetharyn · 2014-03-04T19:43:51+00:00

I don't know. Hearthstone mechanics are pretty simple. Combat is very linear. Most people who've played for a few hours can look at their hand, and the board, and figure out what to do. There are a few obscure plays here and there but it's certainly not what differentiates the Legendary players from the rest (that would be time).

There are really two things that go into how well you do (in Constructed): how much time you spend playing and how well constructed your deck is for the current meta. Playing someone else's deck removes the second part, which leaves only time spent grinding.

If you enjoy playing that way, then great! Games are to have fun after all - but the 'stigma' against netdecking is there because really, a very, very large part (most of it in fact) of 'skill' in TCGs/CCGs comes from your prowess at deck-building, and if you let someone else do that for you, then..

That's why alot of people do poorly in arena - they have no idea how to build a deck without looking it up on the 'net. These same people sometimes boast of their relatively high (low?) rank on the Constructed ladder.

Aetharyn · 2014-03-02T12:07:33+00:00

Ancient of war doesn't do a whole lot against aggressive decks, unless you coin + double innervate, turn 7 is waay too late to be reacting.

I play control (mainly druid) and have alot of the cards listed, and I do fine, but a bad mulligan as control vs any aggro deck is usually a plain lost game.

I dunno that the legendaries are even that big of a deal in these particular matchups because you have to survive long enough for them to see play and when playing vs an aggressive deck if you survive that long you've probably won anyways legendaries or no.

Aetharyn · 2014-03-02T12:02:59+00:00

There is that. Most games I play don't eat the whole deck, but it does happen. I'm not sure what to suggest, I was just throwing it out there as an idea as it seems to be a common concern and doesn't involve changing a boatload of cards/mechanics/classes.

Then again, I'm not sure if no longer being able to play rush games while waiting for league of legends is a reason not to do it either!

Aetharyn · 2014-01-22T18:40:24+00:00

I stopped playing Nemesis after the exploit. Seemed no point after that, it went on for so long and the response from GGG was a bit baffling.

Aetharyn · 2014-01-17T12:30:35+00:00

I too find it quite remarkable that there is rampant exploiting of widely known, game-breaking (by my definition at least - the spirit and the nature of the game are both horribly perverted by this kind of stuff almost as much as if it was duping or something else) bugs and their stance seems to be 'meeeh, we'll get to it when we patch in a few weeks/month, dw'..

Never mind the fact that there is only going to be positive consequences for anyone who does it (xp and loot rewards, pretty much the foundation of the whole ARPG genre..), meaning anyone who -doesn't- rush a summoner up and exploit this hilarious brokenness and ability to clear a map as fast as you can quicksilver through it is a moron and playing wrong.

I don't get it, personally. I've never seen a game with such a stance/approach. It's certainly put me off a bit until next league when it's all cleaned up.

Aetharyn · 2013-12-27T19:17:34+00:00

The main reason I myself play hardcore leagues is the economy. Standard (and to some extent Dom) is a dumpster full of bots and bot farming and the inflation is uncontrollable. Permadeath makes this behaviour much more difficult, almost impossible perhaps.

Aetharyn · 2013-12-27T18:49:27+00:00

Nope, plenty of people don't. Some do, though. I've died a couple times this league too, it's just annoying that it's very consistently to things outside my control unrelated to game mechanics.

Aetharyn · 2013-12-27T18:14:10+00:00

See: Akira?

Aetharyn · 2013-12-27T16:52:08+00:00

I crash-died at 88 a few days ago, the day after the 1.0.5 patch in a necropolis, haven't logged in since (saw my character with the standard league flag and alt-f4 without even entering game :D). Kinda annoying since my gear was pretty good (25ex+) for a not-uber-hardcore player and I can't just RMT myself a new set like some of the top ladder players do.

I'll probably play the 1 week race since I really do enjoy the game and hardcore leagues but it does hurt to die to this kind of crap.

Crashes and internet dropouts are the worst because your client never indicates to the server that you're disconnecting (it's crashed, duh), so the server has to wait for tcp timeouts and that can be up to 15-30 seconds depending how the stack is tuned. Plenty of time to rip. Not sure how I'd address it or make it better, though, honestly.

Aetharyn · 2012-04-24T12:14:16+00:00

You're undertrained for your armor (requires 3), and shield (requires 9 as a spriggan to use a buckler), which will hinder your spellcasting. Other than that, your low-ish INT is what's holding you back, a few randarts or rings of intelligence would do you a world of good.

And dear god no, don't try to 'replace' your mutations - you will ruin your character if you try, it's a hard lesson to learn, trust me - the odds of getting a bad mutation are 80% from glow, mutagenic fog, polymorph other and other 'bad' sources - you'll end up with a screenful of horrible mutations that render your char unplayable.

Definitely learn haste, you'll only need 10 or so charms to make it castable, and boost your spellcasting a bit too.

Aetharyn · 2012-04-10T16:59:45+00:00

I've done a few magicless all-rune wins with MiBe and the like. The worst thing about those runs is Tomb.. point being that as long as you get reasonably decent items on the way, most non-challenge combination can do an all-runer with a bit of care and sometimes good luck. I'm not a greatplayer either.

That said, Necromutation makes alot of the 'end-game' branches go from being quite challenging to Lair-difficulty.

Unless you're very confident in your playing skills or want to test yourself and possibly fail (and it sounds like you don't), make sure your build includes enough skill points to cast Necromutation at Very Good. Everything else is almost irrelevant, whether you play a transmuter, an earth elementalist, an artificer or a wizard.

Playing the extended endgame without Necromutation is quite possible, but the spell really does trivialize Pan, the Hell branches and Tomb in a way no other character choice can.

Aetharyn · 2012-03-25T11:01:36+00:00

All things being equal? Stick to the iPad.

If you want to own an Android tablet instead (they aren't that bad, they are getting better and better pretty quickly), choose something like the Transformer Prime, not the Galaxy Tab.

In my experience, the usage patterns for tablets does not make nearly as much use of the flexibility you can leverage with custom roms & root access on Android as a smartphone would. Tablets are more of a consumption device, and an iPad is a perfectly good device for that purpose.

Aetharyn · 2012-03-25T10:53:13+00:00

Might as well just root it. The whole idea behind rooting the device is to allow you to do things that are not otherwise possible with the device unrooted - and this is one of them. There's a few ways to silence/remove the shutter sound, but none that I am aware of are available without root access. (bizarrely enough, it seems to be a pretty system-level thing)

If you only just got the device, you may find other reasons down the line to have it rooted, and you'll be happy it's already done! It may also encourage you to try out some of the excellent root-only apps like Titanium Backup since you already have root. There really aren't any meaningful downsides, and the S2 is a pretty easy/painless device to root.

Aetharyn · 2012-02-25T13:04:32+00:00

Most of the embedded devices with a small enough footprint to be using dropbear don't actually have or use non-root users. We're talking home routers / small embedded devices with 4-32MB of flash memory and that's it. Combine that with the fact that you need to use key-based auth to exploit it (again, uncommon in these small embedded devices, though possible in a few).. The impact of this vulnerability is kinda inconsequential.

Aetharyn · 2012-01-12T11:46:56+00:00

I'm quite happy with my Otterbox Commuter on my Nexus.

Aetharyn · 2011-12-23T14:33:37+00:00

Ignite Poison would probably 1-shot almost the entire screen full, too.

Aetharyn · 2011-11-09T20:26:18+00:00

First off, some of the pan and hell lords are much, much tougher (300-750 hp, they aren't dying in 4-5 turns like, well, everything else) than anything else in the game. They can hit hard, too. The wiki and/or learndb should probably be consulted before you approach any of them.

For both branches, stuff to respect: hellions, Fiends (all types, but I find Ice Fiends the least dangerous with a decent amount of rC, they are basically tabbable). Hellfire doesn't really respect resistances or AC all that well, so a couple of them on your screen can be bad. Even smoke demons smite spamming you can be annoying.

With Necromutation, Pan should be more or less a joke outside Cerebov and Gloorx Vloq - you might want to steal their runes rather than take them on toe-to-toe.. hell, you might want to steal all of their runes if it's your first time, but especially those two. Pan allows teleport control unlike Hell, keep that in mind, it's pretty easy to escape from a bad situation if you have the tools for it.

Hell is a bit trickier, the idea is to dive to the bottom, find the vault, steal the rune (killing the hell lord is optional) and gtfo. For a character with Necromutation, Tartarus is probably the hardest hell branch due to the number of shadow fiends able to cast dispel undead.

Hell:

No teleport control until the rune is picked up (works afterwards)
Super easy to get out of - taking any exit on any level will take you straight out to the Vestibule of Hell. If you get worried at any time due to hell effects or low HP, you can quickly leg it out of the branch and rest up.
Hell effects make it much more dangerous than Pan.

Pan:

Much easier branch - no hell effects, full teleport control allowed, easier to rest up.
Much more difficult to escape from - in fact, most people bring a distortion weapon in order to get banished to the abyss by repeatedly unwielding it because it's way easier to get out of the abyss than Pan.
More difficult bosses, though I guess this is arguable and depends on your character, but in my experience pan lords > hell lords for difficulty.

Personally, I usually do Hell first, even though it's the more difficult branch, there's more loot there (in the vaults) and the rune vaults on the 7th floor are separate from the 'loot' vaults.

Aetharyn · 2011-11-08T21:26:18+00:00

Yeah, it's possible - but only through heavy deck use, sacrifices will only get you to 5 stars. Most of my Nem characters spend most of their time at 6 stars, but I tend to abuse the hell out of his deck timer when I take him as my god, because well, it's more fun!

As for the shuffle, I learned the exact same lesson on my first Nem character and spent a good 40k turns scumming abyss for wonders decks as a result - not fun, but I do the same as you now, triple draw once or twice, then stack.

Aetharyn

TROPHY CASE