Matrix Games Forums

ORIGINAL: NeverMan
.zip file format is pretty standard and there are a ton of free use code samples already on the internet, all you have to do is grab one.

There are not many that are

1) Supported and stable
2) Free, and
3) Able to be licensed to run inside of another 3rd-party application

However, if there is an API into Microsoft Windows' "compressed file" format, that might do the trick. But, I've looked for interfaces, and there do not appear to be any published.

ORIGINAL: larrywrose

I ran a Play by Email baseball league from 2000 to about 2004 and one of the options in the game was to set up a secure ftp site.

FTP is never secure (it's a design flaw). SFTP, though, might work. Or, FTPS.

The problem with FTP isn't the gamers. It's that the hacker community is offered a way into a server, which means they're one step closer to turning the server into a zombie.

There's also the problem of management: Who pays to keep this server running? That's an expensive job. I would think Matrix would want to contract with a 3rd party (Google, for example) to do the maintenance. Again, adding costs.

ORIGINAL: Jimmer

ORIGINAL: NeverMan
.zip file format is pretty standard and there are a ton of free use code samples already on the internet, all you have to do is grab one.

There are not many that are

1) Supported and stable
2) Free, and
3) Able to be licensed to run inside of another 3rd-party application

However, if there is an API into Microsoft Windows' "compressed file" format, that might do the trick. But, I've looked for interfaces, and there do not appear to be any published.

First, LZMA (7-zip) SDK comes to mind, http://www.7-zip.org/sdk.html

EDIT: There are MANY others, worst case scenario you have to code one yourself, shouldn't take more than a few days (at most!!).

ORIGINAL: Jimmer

ORIGINAL: larrywrose

I ran a Play by Email baseball league from 2000 to about 2004 and one of the options in the game was to set up a secure ftp site.

FTP is never secure (it's a design flaw). SFTP, though, might work. Or, FTPS.

The problem with FTP isn't the gamers. It's that the hacker community is offered a way into a server, which means they're one step closer to turning the server into a zombie.

There's also the problem of management: Who pays to keep this server running? That's an expensive job. I would think Matrix would want to contract with a 3rd party (Google, for example) to do the maintenance. Again, adding costs.

Well, there are two easy options, IMO:

1. turn a players' comp into the file server using some 3rd party freeware
2. use some 3rd party free hosting server
3. There can't be that many EiANW PBEM games going on at the moment, seriously, I don't think it would cost much for Matrix to have a server to do this. Bandwidth would be relatively low and file storage would be minimal (just clean them based on date).

The average lifespan (connection time without being compromised) of an unprotected system directly connected to the Internet is less than 3 minutes. Hardening a computer against those attacks can take anywhere from a couple of hours to several weeks, depending on how impervious to attack one desires it to be and how robust the infrastructure is that will contain the server. The people capable of doing such hardening cost $125/hour if hired as full-time security employees (more if part-time or contract). Absolute minimum outlay just for the security design  and implementation aspects is $500. This estimate does NOT include any hardware or maintenance for the server itself, and in fact assumes a server expenditure of something like 4k in order to be feasible. This estimate is only for the design of the infrastructure security architecture. IF you happen to hire a good guy, that should keep your system safe for something between 6 months and a year. Somewhere in that time span, IF the security is not monitored, the system WILL be compromised.

For a game server, the problem is compounded by the fact that the target audience contains over 50% of the worlds hackers. Granted, they're not the professionals one really must worry about, but they still try. Regularly. THIS game's players are probably not in that classification, but Matrix cannot afford to do this for just one game. Other games they have almost certainly will attract a segment of this crowd.

In this server's favor, though, is that it would be serving a purpose that shouldn't attract special attacks. The administrators probably will have to deal with gamer cheaters and typical zombification attacks primarily, assuming no other kinds of data got stored on this server.

Finally, you need a network pipe to the Internet. It may be that standard DSL will work for this, if dedicated, so they're looking at maybe $75 per month. Maintenance for the server will be around $100/mo. Maintenance for the security will be around $150/month.

Bottom line: $5,000 initial plus $300 monthly to maintain. Divide by the generous estimate of 1000 customers that this game has and, well, you figure it out.

ORIGINAL: Jimmer

The average lifespan (connection time without being compromised) of an unprotected system directly connected to the Internet is less than 3 minutes. Hardening a computer against those attacks can take anywhere from a couple of hours to several weeks, depending on how impervious to attack one desires it to be and how robust the infrastructure is that will contain the server. The people capable of doing such hardening cost $125 if hired as full-time security employees. Absolute minimum outlay just for the security design  and implementation aspects is $500. This estimate does NOT include any hardware or maintenance for the server itself, and in fact assumes a server expenditure of something like 4k in order to be feasible. This estimate is only for the design of the infrastructure security architecture. IF you happen to hire a good guy, that should keep your system safe for something between 6 months and a year. Somewhere in that time span, IF the security is not monitored, the system WILL be compromised.

For a game server, the problem is compounded by the fact that the target audience contains over 50% of the worlds hackers. Granted, they're not the professionals one really must worry about, but they still try. Regularly. THIS game's players are probably not in that classification, but Matrix cannot afford to do this for just one game. Other games they have almost certainly will attract a segment of this crowd.

In this server's favor, though, is that it would be serving a purpose that shouldn't attract special attacks. The administrators probably will have to deal with gamer cheaters and typical zombification attacks primarily, assuming no other kinds of data got stored on this server.

Finally, you need a network pipe to the Internet. It may be that standard DSL will work for this, if dedicated, so they're looking at maybe $75 per month. Maintenance for the server will be around $100/mo. Maintenance for the security will be around $150/month.

Bottom line: $5,000 initial plus $300 monthly to maintain. Divide by the generous estimate of 1000 customers that this game has and, well, you figure it out.

So how did they do it before? To download the beta versions they used an ftp site, I guess Matrix wasn't too worried about corruption then?

To top it off, like I said this game's bandwidth is seriously low, particularly if compression is enforced. Who pays 75/month for DSL? Jesus, where do you live? (jk)

ORIGINAL: Marshall Ellis

Dunno? I need to investigate a little deeper to see what works best. I want something that would be more standard as opposed to me compressing.

If you can find APIs into Microsoft's compression code that is built into the operating system, that would be ideal. But, I've searched and so far have been unable to find any.

You could then drop to the model NM proposed: Use a freeware product and build it into the game. This carries risks, both in coding issues and in legal issues (for Matrix). So, this carries a larger startup cost. Still Matrix may already be using this kind of concept for other games, and it may prove trivial.

If it requires you to write your own compression routine, I submit that it is not worth the time. Instead, produce a list of "required components" the user needs: They would need to buy their own ZIP product(s), and the game could tap into those. This would require YOU build the APIs to the ZIP product for "supported products". Again, probably not worth it.

ORIGINAL: NeverMan
So how did they do it before? To download the beta versions they used an ftp site, I guess Matrix wasn't too worried about corruption then?

To top it off, like I said this game's bandwidth is seriously low, particularly if compression is enforced. Who pays 75/month for DSL? Jesus, where do you live? (jk)

"Before" was 5 years ago. The Internet was quite a bit "safer" that long ago. Viruses and trojans were the big problems, and all worms were high-profile (i.e. you read about them in the paper). Today the hacker situation is very different. Time on zombie nets is billed by 100,000 system-hour units. Couple that with the lower profile target in the past, and a game company could get away with it. They were still most likely getting hacked, but nobody cared enough to fix it, and it really couldn't damage anybody (much). Getting hacked today means you run afoul of some very expensive legal requirements unless you perform "good faith" or "due diligence" attempts to keep it secure.

A business cannot connect a server to a DSL line (generally) without paying "business class" rates. If they do and get caught, the line can be shut down for violation of terms. This is true of pretty much all DSL providers (and cable and every other kind as well). Try reading the license agreement that came with your (consumer) ISP connection software.

ORIGINAL: Jimmer

ORIGINAL: Marshall Ellis

Dunno? I need to investigate a little deeper to see what works best. I want something that would be more standard as opposed to me compressing.

If you can find APIs into Microsoft's compression code that is built into the operating system, that would be ideal. But, I've searched and so far have been unable to find any.

You could then drop to the model NM proposed: Use a freeware product and build it into the game. This carries risks, both in coding issues and in legal issues (for Matrix). So, this carries a larger startup cost. Still Matrix may already be using this kind of concept for other games, and it may prove trivial.

If it requires you to write your own compression routine, I submit that it is not worth the time. Instead, produce a list of "required components" the user needs: They would need to buy their own ZIP product(s), and the game could tap into those. This would require YOU build the APIs to the ZIP product for "supported products". Again, probably not worth it.

I already posted a perfectly good public license SDK to use, what is the problem there?

ORIGINAL: Jimmer

ORIGINAL: NeverMan
So how did they do it before? To download the beta versions they used an ftp site, I guess Matrix wasn't too worried about corruption then?

To top it off, like I said this game's bandwidth is seriously low, particularly if compression is enforced. Who pays 75/month for DSL? Jesus, where do you live? (jk)

"Before" was 5 years ago. The Internet was quite a bit "safer" that long ago. Viruses and trojans were the big problems, and all worms were high-profile (i.e. you read about them in the paper). Today the hacker situation is very different. Time on zombie nets is billed by 100,000 system-hour units. Couple that with the lower profile target in the past, and a game company could get away with it. They were still most likely getting hacked, but nobody cared enough to fix it, and it really couldn't damage anybody (much). Getting hacked today means you run afoul of some very expensive legal requirements unless you perform "good faith" or "due diligence" attempts to keep it secure.

A business cannot connect a server to a DSL line (generally) without paying "business class" rates. If they do and get caught, the line can be shut down for violation of terms. This is true of pretty much all DSL providers (and cable and every other kind as well). Try reading the license agreement that came with your (consumer) ISP connection software.

I totally disagree that the internet was "safer" 5 years ago, it wasn't, it was just as unsafe then as it is now.

Yes, I understand the "business class" rates. I didn't make myself clear that I was refering to a player in the group making an sftp site, not Matrix. Sorry if I didn't make this clear, in that situation the "business class" woudl NOT APPLY!!

ORIGINAL: NeverMan
I already posted a perfectly good public license SDK to use, what is the problem there?

Support. Matrix is a business: They can't afford to have forum support for products they integrate into their products.

ORIGINAL: Jimmer

ORIGINAL: NeverMan
I already posted a perfectly good public license SDK to use, what is the problem there?

Support. Matrix is a business: They can't afford to have forum support for products they integrate into their products.

now im confused.

ORIGINAL: NeverMan
Yes, I understand the "business class" rates. I didn't make myself clear that I was refering to a player in the group making an sftp site, not Matrix. Sorry if I didn't make this clear, in that situation the "business class" woudl NOT APPLY!!

That would be different.

Then the question becomes how to integrate the mechanics of the sftp site with the game, so that you can have the game perform the mechanics. Hmmm

There's a potential possible problem for Matrix if they integrate it with a single site and then the site experiences problems as a result. BUT, if they merely integrated basic FTP type stuff (or SFTP or whatever), and had the USER choose the server location, that could work. Now the onus would be on the players to find an appropriate site. In fact, they could even use FTP in that case, because you wouldn't have nearly the security concerns if the users are merely the players in a single game. Plus, if third-party sites are used, the players are already tapping into the "already completed" security model of the vendor which houses the server.

Are there any third-party FTP servers out there?

Alternately, one could set up ones OWN FTP server. One would have to be careful, though. An FTP server is, by definition, a server. Putting one on a typical consumer broadband line will almost certainly be caught by the vendor eventually. Their reaction could be to shut the connection down. I've known several people who have had this happen. Still, some vendors may not have such policies in force. For example, Comcast uses bandwidth limits instead (I think). The game is, as you say, fairly low-profile in that regard, so it might work.

ORIGINAL: NeverMan
now im confused.

Go to the website you posted and read their support practices. Tech support is by forum (only, I think, but there may have been some buried documentation on other kinds of support -- I couldn't find any, though).

(further thoughts on posts 29 and 32):

The server could also be an HTTP server. This is a lot less efficient than FTP, but also far more available.

Is there a command-line interface into Google Groups, for example? I don't know, but if their search engine is any indication, I have to guess there is one. Or, is there an FTP-type interface to it?

ORIGINAL: Jimmer

ORIGINAL: NeverMan
now im confused.

Go to the website you posted and read their support practices. Tech support is by forum (only, I think, but there may have been some buried documentation on other kinds of support -- I couldn't find any, though).

Well, you're not going to get business like support from a free product, period. That's fact. It's a stable SDK that is known to work in a known, good, free product.

I guess I just don't see the big deal in that. Marshall writing his own is pretty much out of the question and paying for one is also out of the question, so they aren't going to get business level support anyways.

ORIGINAL: NeverMan
Well, you're not going to get business like support from a free product, period. That's fact.

Thank you for repeating my key point.

Adding two more requests to my list.

10. In the game log add the Money and Manpower Total collected each economic phase by each country.
11. In the game log announce the start of each phase, using a different color/text/ or even Bold would also be a nice touch.

Thanks
Larry W. Rose

Thanks Larry! I like those ideas.
To be safe, guys ... is money/manpower public info?

Manpower is public. Money banked or loaned should not be public. All other monies should be public.