|
30.5 Days posted:The game industry is a weird place and works really differently from companies like amazon and I think that's the source of the issues here. At amazon and similar companies, the workers don't just do all the work, they also organize the work, schedule the work, write up arguments why the work ought to happen, etc. The managers, in contrast, do.... well, I'm not sure what the managers do. They definitely talk to each other a lot. At amazon, the managers do organize the work. At least when it comes to fulfillment centers. Also for scheduling the work. What happened here more than anything is a guy that decided to jump head first into a new opening for amazon and decided to follow the tenet of frugal religiously. Instead, amazon's process is one of blowing cash to break in and then iterate through dozens to thousands of kaizens to streamline the process. So this guy jumped a few steps in amazon's process which is why you have the mess you have now. Helpfully with the fact they bought the abortion code that is cryengine. And I assume that only happened because it was the only thing on the shelf to buy outside of trying to start their own. I'm guessing amazon was adverse to using unreal engine. Even though they could have offered an add on bundle for hooking into aws for server tech. Grow your company by becoming the defacto place to house a mmo isn't a bad idea. With all the duping and other issues, I feel like this game should just be crucibled. That is to say, flip it back to beta and then get to work restructuring everything. Will they do this? Probably not. Even if they did flip back to beta, will they stomach it long enough to patch up and re-release in a year? Even less likely. I was wrong on my memory a few posts back btw. New World technically isn't using anything of the actual lumberyard fork. At least according to the ex-ags person. Lumberyard is apparently a cleaned up functional thing while ags got left working with the original mess. There was another game that got cut codenamed nova. That was supposed to have a really big world. Like, big enough each area/zone had its own server (reminding me of eq1/eve online there). The spaghetti code wouldn't support this and wasn't server auth so they rewrote it to be server auth among other features they needed. Most likely why it got killed (netcode took too long with no art/demo to keep management happy). But the code was done. Crucible was in the middle of having that code (novanet) transplanted in when it got canned.
|
#
?
Oct 30, 2021 08:42
|
|
|
|
| # ? Jun 8, 2024 08:04 |
|
|
ok yeah they didnt fix it completely
|
|
#
?
Oct 30, 2021 09:31
|
|
|
JuffoWup posted:With all the duping and other issues, I feel like this game should just be crucibled. That is to say, flip it back to beta and then get to work restructuring everything. Will they do this? Probably not. Even if they did flip back to beta, will they stomach it long enough to patch up and re-release in a year? Even less likely. they already did do this, it's why the game kept getting delayed over and over to the point we were making GBS threads on the people who kept waiting for this game anyway it doesnt seem like the year+ of delays fixed much lol
|
|
#
?
Oct 30, 2021 09:36
|
|
|
furiously searching stackoverflow for how to text filter out any html inputs
|
|
#
?
Oct 30, 2021 09:38
|
|
|
finally realised that i couldn't do codeye and nut was because \n and \r are being processed as blank chars lol edit: \t too edit x2: nvm forwardslash works lol Kill All Cops fucked around with this message at 09:48 on Oct 30, 2021 |
|
#
?
Oct 30, 2021 09:43
|
|
|
Ad by Khad posted:they already did do this, it's why the game kept getting delayed over and over to the point we were making GBS threads on the people who kept waiting for this game anyway I'm aware of the delays because they shifted directions for what the game was going to be already. Like I said, they should. But their track record has obviously been of the reverse though.
|
|
#
?
Oct 30, 2021 09:44
|
|
|
the huge delays after closed beta werent a directional shift though. it was a "we need to fix this poo poo" attempt to buy time. the major delays during the years-long alpha, yeah absolutely those were. but there were more delays than that
|
|
#
?
Oct 30, 2021 09:51
|
|
|
|
|
#
?
Oct 30, 2021 09:51
|
|
|
I wonder if this means they just can't disable HTML in their chatbox. Something that every single forum software have been able to do for literal decades.
|
|
#
?
Oct 30, 2021 10:09
|
|
|
something that was supposed to be disabled in the forum software yet it still worked anyway is how gangtags came about it could happen to you
|
|
#
?
Oct 30, 2021 10:15
|
|
|
i would assume stuff like that would require a game patch, and their software devs are working OT to fix the vast amount of bugs related to crafting, trading post and server transfer whereas setting a chat filter would be something a community manager could do with their CMS and have it take effect immediately, just should've hired one with rudimentary knowledge of html
|
|
#
?
Oct 30, 2021 10:17
|
|
|
think im done trying to find funny stuff in these paks now  e: 
Kill All Cops fucked around with this message at 11:25 on Oct 30, 2021 |
|
#
?
Oct 30, 2021 11:20
|
|
|
I'm still curious if there are other things not found so far you can inject with this. You can do images obviously along with mucking up item look up tags that'll crash the client. Also reports of hot linking a quest such that it auto completes when you hover over it. The video mentions gold, but I'd imagine xp could be farmed that way as well. Just wondering what else can be done. And how much of this needs the chat window. Is there some way to hook into the client to send these actions to the server and the server agreeing with it. Particularly in regards to faking quests for xp or gold.
|
|
#
?
Oct 30, 2021 11:36
|
|
|
images still work since they didn't filter out every which way to display an image in HTML, the quests completion and therefore free gold on hover doesn't seem to work anymore since they blocked out <a data= and </a>, im not sure what other attributes are allowed for anchor links within new world chat. I assume most tags and attributes need to be whitelisted in, not sure why images were available in the first place unless its required for the hover links
|
|
#
?
Oct 30, 2021 11:39
|
|
|
Kill All Cops posted:images still work since they didn't filter out every which way to display an image in HTML, the quests completion and therefore free gold on hover doesn't seem to work anymore since they blocked out <a data= and </a>, im not sure what other attributes are allowed for anchor links within new world chat. I assume most tags and attributes need to be whitelisted in, not sure why images were available in the first place unless its required for the hover links I’m going to take a wild guess that their chat isn’t a micro service hosted separately and is instead part of the same service as their whole interface. Someone probably also decided that separating out the trading post and tutorials was too much work so those are part of the same core services and codebase. Crafting is probably also stitched into it. So disabling images would break all of those other parts of the interface. Lol. Lmao.
|
|
#
?
Oct 30, 2021 13:31
|
|
|
new worlds looking like a strong contender for most entertaining game of the year
|
|
#
?
Oct 30, 2021 13:35
|
|
|
havent played in a few weeks and decided to check out the state of the game and just lol forever
|
|
#
?
Oct 30, 2021 13:59
|
|
|
oh hey, my world just came off 3h maintenence! time to see what the devs fix-
|
|
#
?
Oct 30, 2021 14:45
|
|
|
Lawlicaust posted:This hatchet damage bug is incredible. With berserk my heavy attacks hit for over 3k at 48. Everything dies in two swings. Just ran through some 45 corruptions solo like they were nothing. followed my buddy around elite zones power levelling my healing staff. I went from 14 to 18 in like 90 minutes, loving 
|
|
#
?
Oct 30, 2021 15:01
|
|
|
Haha, what are cod eyes a resource for
|
|
#
?
Oct 30, 2021 15:11
|
|
|
If you had told me I could pay $40 just to watch an MMO collapse in on itself I’d have said “make it a full $60”
|
|
#
?
Oct 30, 2021 15:28
|
|
|
lol
|
|
#
?
Oct 30, 2021 15:31
|
|
|
This game’s best content is this thread and it makes work so much better. 
|
|
#
?
Oct 30, 2021 15:49
|
|
|
Kill All Cops posted:images still work since they didn't filter out every which way to display an image in HTML, the quests completion and therefore free gold on hover doesn't seem to work anymore since they blocked out <a data= and </a>, im not sure what other attributes are allowed for anchor links within new world chat. I assume most tags and attributes need to be whitelisted in, not sure why images were available in the first place unless its required for the hover links I'm curious about this. Wouldn't the same workarounds for images work for this? Hell, what did this even look like?
|
|
#
?
Oct 30, 2021 15:56
|
|
|
I don't have the game or plan on buying it, so just cheering from the sidelines here. But maybe I can give some inspiration: Anyone knows the middleware / library they use for rendering the HTML? Also anyone already checked if you can inject Javascript?
|
|
#
?
Oct 30, 2021 16:17
|
|
|
Goon Boots posted:Haha, what are cod eyes a resource for Potions
|
|
#
?
Oct 30, 2021 16:35
|
|
|
Even if this game has no population, I think I would still run around and gather since that is my thing. And then post eye balls.
|
|
#
?
Oct 30, 2021 16:58
|
|
|
Wanted to try outpost rush but lol at logging in right now
|
|
#
?
Oct 30, 2021 17:08
|
|
|
FrostyPox posted:Yeah that's the loving hysterical thing. You think they could've gotten someone in the company who works on Amazon's server tech who probably would've said "Jesus Christ no what the gently caress are you doing??" You forget that Amazon has a very, stupidly powerful, top down culture. Like for as Flawed as EQ or UO was, you had a named game dev and the buck stopped there in terms of how to make a coherent game people could understand. Amazon instead has teams of PMs, Product Owners, and god knows what else, all wanting there pet project included in this massive game. The man at the top is then replaced by a committee with no one fully in control. So the game was built by committee with all kinds of people going around saying "That's not my job" on interconnecting the systems. O and they must have fired the security team, and told the QA team to run test scripts and not report anything not found in your script.
|
|
#
?
Oct 30, 2021 18:17
|
|
|
just need to find out where they've hidden pig poop balls in the client.
|
|
#
?
Oct 30, 2021 18:29
|
|
|
30.5 Days posted:
As a inside tech worker I can tell you this is even worse than you think. At Google any idea you have must go through a process of peer review and consensus, like the entire team needs to agree this is the correct way to do X give the teams resources. Totally find when building Google maps and you have the funds to pay interns to drive EVERY SINGLE ROAD. This gets worse, Everyone on the team has there own set of goals for the next 6 months - 1 year. These goals are absolutely crazy in some contexts like producing code for Google. So if your consensus team proposes a 3rd party code base (say Unreal for the code stack) and your proposal was for a home grown engine, you might win because Google really badly wants to own EVERYTHING they make. End of the day the kids in 'Lord of the Fly's' can probably manage things better. PS: Having driven choices to top leadership, I have gotten the response of (and I poo poo you not), "Have you interacted with Team X in your proposal as they are possibly affected by this" and then punting the issue for 2 more weeks. Then 2 weeks later my team gets laid off.
|
|
#
?
Oct 30, 2021 18:33
|
|
|
The issues with the client-server architecture really do smell more like management malpractice over developer incompetence. It's likely they were either handed an existing code base and told to make it work in a terribly short timespan; or the top-down design of the game for things like action combat and collision detection necessitated heavy client authority, but without the willingness to implement kernel-level anticheat. The idea that even a team of freshmen devs were clueless about the dangers of client-authoritative online games just seems ridiculous.
|
|
#
?
Oct 30, 2021 18:40
|
|
|
PyRosflam posted:PS: Having driven choices to top leadership, I have gotten the response of (and I poo poo you not), "Have you interacted with Team X in your proposal as they are possibly affected by this" and then punting the issue for 2 more weeks. Then 2 weeks later my team gets laid off. I mean all managers are cowards, you would have gotten that reacharound at any big tech corp.
|
|
#
?
Oct 30, 2021 18:54
|
|
|
Goa Tse-tung posted:you would have gotten that reacharound at any big tech corp. what
|
|
#
?
Oct 30, 2021 18:57
|
|
|
Yeah, no big tech company I’ve worked for/with would give me the courtesy of a reacharound. They just hosed me until they were done and walked away.
|
|
#
?
Oct 30, 2021 19:00
|
|
|
Im thinking they meant to post 'runaround'
|
|
#
?
Oct 30, 2021 19:11
|
|
|
Goa Tse-tung posted:I mean all managers are cowards, you would have gotten that reacharound at any big tech corp. I mean they hired me to fix this very specific problem. Like Google "Hates" hiring from other industries (I came from Consulting). But it turns out they hate more is to many smart people in the middle ranks with non google methodologies. At my "layoff meeting" my poor manager was crying, I was like, I have 3 projects who want to hire me, Just give me an end date and I'll be on my way. Google and likewise Amazon have a way they want to run things, dammed if the entire subindustry they are getting into runs in some other way. And if you need a really funny example Just look at the company using Google Cloud services getting a call on a friday asking for the CFOs credit card or they will shut off and remove the account in 48 hours. Turns out they used the same billing system rules for enterprise customers as for regular mom and pop customers. Ya that rolled a few heads.
|
|
#
?
Oct 30, 2021 19:14
|
|
|
30.5 Days posted:It's not unusual to style chat (or user input!) as HTML, but boy is it unusual to just send raw HTML to the server which it then transmits unmodified to be displayed in other clients. Wow has its own little item link markup dealie that is used to actually represent the links. You can modify item links to say silly things in the chat message, though. Pretty much every MMO has that by now, I'd figure. It's a solved problem.
|
|
#
?
Oct 30, 2021 19:28
|
|
|
Vermain posted:The issues with the client-server architecture really do smell more like management malpractice over developer incompetence. It's likely they were either handed an existing code base and told to make it work in a terribly short timespan; or the top-down design of the game for things like action combat and collision detection necessitated heavy client authority, but without the willingness to implement kernel-level anticheat. They do have this - EAC is a rootkit. However, the bugs here can be literally hand entered in chat, you don't need to inject a dll or modify memory. Random parts of this game appear to be entirely made by completely separate groups. The network transport itself is done pretty well - fully encrypted, certificate pinned, using DTLS for all traffic and a custom AGS certificate authority, automatically banning for MITM, largely correct. Then you have unsanitised HTML in the chat box for whatever loving reason. Impotence fucked around with this message at 19:38 on Oct 30, 2021 |
|
#
?
Oct 30, 2021 19:36
|
|
|
|
| # ? Jun 8, 2024 08:04 |
|
|
there are no bugs please stop sullying the good name of AGS
|
|
#
?
Oct 30, 2021 19:37
|
|