SoylentNews

A journal by NCommander the other day got me thinking (I know, dangerous but I was bored) and what we need here is a Gamer's Corner for fellow Soybeans users to post what games they are playing, build teams, trade in game items, etc. I think this would help build unity and community while at the same time helping the users hook up and do better in their games.

Anyway until one of the admins gives us a true gamer's corner section I figured we could use this post as a starting point so feel free to post what games you are playing you'd like to have others join, in game gear you'd be happy to give away/swap, basically anything to do with games and gaming feel free to post it here.

Allow me to get the ball rolling with a little gift for the fellow Soybeaners...if you recently picked up Borderlands II GOTY off the Steam sale and haven't maxed your character yet? I have plenty of orange items from the great loot hunt last year, lvl 50-70 and I'll be happy to work out times to hook up in game and dole out the loot. Drops will be limited depending on how many folks respond and will go on until the loot is gone, I don't have enough of each weapon to take requests for specific guns but feel free to ask and if I have it its yours, also have some sweet blue and purple weapons like the Morningstar sniper rifle I'll be happy to drop and if you prefer a particular type of weapon, like say shotgun or rifle I'll be happy to look and see what I have.

So, it appears we have quite a community of DF players here at SN, and enough I think to warrent getting a succession game going. For those who are unaware, succession games are when one plays for one year (Spring to Spring traditionally), then passes off the fort to the next player in line. Boatmurdered is perhaps the most famous of the succession games ever done, though there are others, such as Battlefailed, Failcannon, and .

I'm interested in doing this, especially since it requires relatively little in infrastructure to setup. I'd like to do it on SN itself, perhaps either with a shared account as journals, or just creating a new section on the site. Obviously I'm going to have to tweak the codebase to allow images, and it gives a way to help build our community out. So, if we do this, here's what we need to decide:

• What version of DF? 2012, or wait for the new release

• What type of biome?

• Any mods?

And probably some other stuff. I've been playing a fort which is at war with the elves, and I find its quite a bit of fun since you regularly get seiged, and requires that we have a badass military to survive (and there are ways, even in stock, to get military training to work and start churning out Lords and Masters relatively quickly.

I recommend we apply bugfixes to the raws such as elven treecap diplomacy, and human merchants, which seriously helps getting the supplies we need. I've had good look with Accelerated Modest Mod for bug fixes, and preventing FPS death even in crud hardware so its my vote if we just don't go vanilla. I also recommend we also use all the DFHack fixes (the patrol bug one is almost essential).

Post below if you're interested, turn list is first come, first serve, but you can sign up for a second turn after your first (likely necessary since I expect only 5-6 players). Regular updates, and timely turns are a must as well. Beyond that, the sky is the limit.

Managed to kick out the first draft of the bylaws, they're here on the wiki http://wiki.soylentnews.org/wiki/Incorporation/Bylaws for anyone who wishes to take a look. I need to fill out some more paperwork, then submit the entirity of the mess to a lawyer. I got a few recommendations, so mostly now is lawyer shopping.

Here at the shop I get to use and try more gear than most and one thing I've noticed is that AMD driver 14.4 is to be AVOIDED at all costs! they have already issued one fix so far but even the "fixed" driver just doesn't work. I use a lot of the HD77xx series cards (liked them so much myself and my family are all on HD77xx) and the new drivers are just terrible on those cards, it makes boot slow to a crawl, many formats of video just don't play, even seeing BSODs when playing some H.26x formatted vids.

If I had to guess its the new HSA or Mantle causing the teething problems but until they figure out the cause its best to stick with 13.12 which is rock solid.

For those that haven't tried it lately Comodo Internet Security has added a bit of brilliance...a virtual machine desktop! With this even your most clueless users/friends/relatives can have the added security of surfing in a VM without having to know squat about OSes and VMs, here is how...

1.- Give them the free Comodo IS, 2.- If they don't have it install MSFT Silverlight (no worries about zero days and the like though, because the VM runs in a locked down sandbox), 3.- Show them where the big button is that says "virtual desktop". For the most clueless Comodo comes with a widget on the desktop with most functions including virtual desktop. 4.- There is no step 4, let your user enjoy a virtual desktop loaded with Google apps and Comodo Dragon for surfing while you enjoy not having to worry about infections on their system. Hell it even comes with Angry Birds to give 'em a reason to start using it!

For years we've known that using a VM locked down and separate from the OS was a good thing but its just been too complicated for Joe and Jane, well Comodo hs that problem licked, I have handed it to some of my most clueless and virus prone customers and so far? Clean as a whistle. Its easy, increases security by a large amount, and its free...what's not to like?

I realize this is a bit of a longshot, and I don't want to run a QA on the site for this, but does anyone have a lead on a lawyer in New Hampshire to help me through incorporation? I'm also looking for a CPA, but those are relatively easiler to locate.

I've looked at various services such as Harbor Compliance, but they don't seem to be legal help, just document filing services ...

Wooo, that nearly killed me to finish it. It's going living at 20:00 UTC (4PM EST), which is the start of our peak hours. We'll be revising it based on community feedback and if other important points come up as time goes on.

Of course, words means only as much as the actions taken behind them, but I think we've been relatively consistent in meeting the goals I outlined. Here's a small sneak preview for those who read my journal til the whole thing goes live

Statement of Purpose

Our aim is to stand in stalwart opposition to these trends. We will be the best site for independent, not-for-profit journalism on the internet, where ideas and free discussion can take place without external needs overshadowing the community.

This is a generic journal entry posted entirely so that you can tell me I'm awesome, call me a dick, or impart useful information since SN lacks a messaging feature and I'm not giving out my email address.

So ... I've recently gotten back into minecraft, and figured that perhaps there are other MC players here at SN, so I wanted to know if there was enough interest to setup a MC server in general. I'd probably use CraftBukkit, and I'm open to running mods if others are interesting. Leave a message below if you'd be interested.

Mods I'd like to run:
  * Traincraft
  * Railcraft
  * Mystcraft (useful for getting new ores without having to reset maps; age creation would be restricted to admins though; mystcraft is a server hog).

Leave your thoughts below.

Since we've got a fair number of complaints about us running too many site news articles, I'm going to condemn this to my journal, then link it next time we *do* post something about the site. For a large portion of today (4/16), SoylentNews users had issues with commenting, and moderation was completely hosed. This was due to a backend change; we shifted the site behind a loadbalancer in preparation of bringing up a new frontend and give us considerably more redundancy and latitude with working with the backend.

This change had been setup on dev for the last week with us testing it to see what (if anything) broken, and it was discussed and signed off by all of the staff. Last night, I flipped the nodebalancer to connect to production instead of dev, then changed the DNS A record for the site to point at the loadbalancer.

I stayed up for several hours at this point to ensure nothing odd was going on, and satisfied that the world would keep spinning, I went to bed. What I found though was I broke the formkeys system. Slash knows about the X-Forwarded-By header, a mechanism for when a site is behind a proxy on how to relay client IP information (this mechanism was already used by both varnish and nginx), however, for security reasons, we strip out the XFF header from inbound connections unless its on a specific whitelist. On both dev and production, we had whitelisted the nodebalancer to pass this header in properly.

Or so we thought. Linode's documentation doesn't mention, but the IP address listed in the admin interface is *not* the IP used to connect to the site; instead it uses a special internal IP address which isn't listed or documented anywhere. Our security precautions stripped out the X-Forwarded-By header, and made it appear that all inbound users were coming from the same IP. This wasn't noticed on dev as slash ignores the formkeys system for admins, and the few of us beating on it with non-admin accounts weren't able to do enough abuse to trigger the formkey limiters.

Our peak hours are generally evenings EDT, which means the low traffic at night wasn't enough to trip it either (or at least no one on IRC poked me about it, nor were there any bugs on it on our github page. However, once traffic started picking up, users began to clobber each other, commenting broke, and the site went to straight to hell. When I got up, debugging efforts were underway, but it took considerable time to understand the cause of the breakage; simply reverting LBing wasn't an easy fix since we'd still have to wait for DNS to propagate and we needed the load balancer anyway. After a eureka moment, we were able to locate the correct internal IPs, and whitelist them, which got the site partially functional again. (we have informed Linode about this, and they said our comments are on its way to the appropriate teams; hopefully no other site will ever have this same problem).

The last remaining item was SSL; we had originally opted out of terminating SSL on the loadbalancer, prefering to do it on the nginx instance, so Port 443 was set to TCP loadbalancing. This had the same effect as there is no way for us to see the inbound IP (I had assumed it would do something like NAT to make connections appear like they were coming from the same place). The fix was utlimately installing the SSL certificate on the load balancer, then modifying varnish to look for the X-Forwarded-Proto header to know if a connection was SSL or not. I'm not hugely happy about this as it means wiretapping would be possible between the load balancer and the node, but until we have a better system for handling SSL, there isn't a lot we can do about it.

As always, leave comments below, and I'll leave my two cents.