Feed aggregator

Review & Commentary Lich Lords Adventure Module By Lynn Sellers of Mayfair Games's Role Aids for Advanced Dungeons and Dragons First Edition & Your Old School Campaigns

Swords & Stitchery - Thu, 02/27/2020 - 05:55
"After countless millenia, A DARK POWER AWAKENS.You have been summoned to appear before your king, who was once a great man, but is now held fast in the icy grip of fear. Trembling, he tells of mighty earthquakes to the north that destroyed villages and unearthed the... FORGOTTEN CITY OF THE LICH LORDSEnter the catacombs of this buried city and find the way to destroy the evil before it brings Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

1378

Looking For Group - Thu, 02/27/2020 - 05:00

The post 1378 appeared first on Looking For Group.

Categories: Web Comics

Books matter - OSR Campaign Setting Flip - World War I Godzilla - Prelude To War of the Worlds

Swords & Stitchery - Wed, 02/26/2020 - 20:11
"And we men, the creatures who inhabit this earth, must be to them at least as alien and lowly as are the monkeys and lemurs to us. The intellectual side of man already admits that life is an incessant struggle for existence, and it would seem that this too is the belief of the minds upon Mars. Their world is far gone in its cooling, and this world is still crowded with life, but crowdedNeedleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

Fans First: My Love of Rick and Morty

Cryptozoic - Wed, 02/26/2020 - 19:50

In the second installment of our "Fans First" blog, I'm going to tell you about my love of Rick and Morty and how Cryptozoic ended up doing nine amazing tabletop games and three trading card sets based on the series.

Categories: Tabletop Gaming Blogs

A small rescue

Yarn Harlot - Wed, 02/26/2020 - 18:14

This morning as we made waffles and chatted about our business, Elliot and I discussed the weather.  There is a big snowstorm coming, I explained to him. It is snowing now, and it is going to snow all day, and all night.  Elliot looked at me, then looked out the window at the bleak landscape, and rather seriously said “and all summer” with the exact kind of pessimism that settles into a Canadian heart at this time of year.  We learn it young, here in the frozen North.

We are all also on high alert today, because as any birth worker can tell you, this is exactly the sort of weather that babies prefer to arrive in.  Not now, not while the roads are still pretty clear and it’s not too terrible to drive around in, but later – at 2am, when everyone is tired and there’s 20cm of snow on the ground and it’s still coming down hard.  If there is a moment of lowest possible visibility, and you’re looking out the window thinking “mercy I hope I do not have to travel in this” that is when they are possessed of a sense of urgency. I have it on pretty good authority that every midwife in the city woke up this morning, looked at the weather and thought “Right then” and went straight away to make sure that all their ducks are in a row and they still have that shovel in their trunk.

I have my bag packed and ready to go (and there is already a shovel in my trunk) and I’m going to spend the whole afternoon working on the blanket (as soon as I can skip out on the rest of my work.)  Last night Elliot did not go down early (thanks dude) and it took me a little longer than expected to get around the corner of the edging (if by a little longer you understand I mean about 90 minutes) so the blanket is almost the same as when I showed it to you last.  I’m officially only about 1/4 of the way through the edging.  In short -weather and blanket status combined,  it is a perfect day for a baby to arrive, if you have a neonate’s sense of humour.

I promised to distract us all from Baby Watch 2020 with a little show and tell about an old sweater, so here goes.  I save things. Not a lot, you understand – I  part with objects fairly easily and (yarn and patterns aside) have few hoarding tendencies.  My mum was the same, and she saved very little from when we were babies, but she did have the good sense to tuck away a few bits, and I’ve been able to pass them on to Meg – along with some stuff that she and her sisters wore as bairns. My mum didn’t knit, and neither did my maternal grandmother, but my great-grandmother did, and she was really pretty good at it. When I was born, she knit me a tiny little layette set in a newborn size, despite the fact that I was born in June. (See above comments re: Frozen North. All babies get woollies.)

Considering that it is a 52 year old sweater set worn by six babies, it is in pretty good shape.  It’s a soft baby wool, slightly yellowed by age and felted by washing, and  it was white (or natural) when it was new. (I can tell because the ribbons don’t match.)  I took it out to pass it on to this baby, and found that in the almost three decades since it graced a little one, something’s had a bit of a snack on it.  It looks to me like carpet beetles, rather than a M**h – the holes are clean and look like they were drilled through – and the damage is localized. Three distinct spots, two on the bonnet and one on the sleeve of the sweater. Apparently this beastie cares not for bootees. I gave it a good wash and a little dose of sunshine, and started.

When I make a repair, usually I have some of the old yarn, or can salvage some from the garment. Unpick a cast off and pull back a row or two… then cast off again, but this is a little felted so that wasn’t going to work.  I needed a fine, softly spun wool in a matching colour.  I knew I had nothing like that in the stash (rather unbelievably) but I did have a yarn that was the right colour, though not the right weight.

Undaunted, I took just one ply of the worsted weight I found, and it worked just fine. There was a tiny hole in the brim of the hat – that took just a stitch or two to fix, I simply worked duplicate stitch over the missing bit.  The larger hole in the bonnet was a little harder, a combination of darning and duplicate stitch made that one go away.

The hole in the sleeve was another matter.  One whole column of stitches was absent – it’s missing all the ladders in that column- so I couldn’t just ladder it back up like a dropped stitch, it was too wide to just sew up, and it wouldn’t look right if I darned it.

I thought about knitting a patch, a little heart or something, and sewing it over the hole, but then I had another idea. I used a technique that I teach in my Fix is in Class.  *

Working back and forth, I gave myself the ladders that I needed, one for each missing row, then inserted my tiny crochet hook in the intact stitch at the bottom of that section, and laddered it up like it simply was a dropped stitch, anchoring it at the top with a single stitch of grafting to the intact stitch at the top.  Voila!

You can’t even tell it was ever munched.  When I was done I took the ribbons out and thought about replacing them, but though they’re a little ragged, they’re the originals, and silk, and serviceable enough that I didn’t want to swap them out. They got a little pressing, and I put them back in. The whole things looks almost as good as new, or as good as a 52 year old sweater set can.

Now my little grandchild can wear something I did, and that their mother did, and it was lovely to work on something my great-grandmother made with her own two hands.  It felt really good to be able to be responsible for restoring her good work like that, and I think it will feel even better to dress a babe in something her great, great, great grandmother knit. I know it’s a wish of mine that the things I make will last this long and be this loved.

That’s her – Dorothy, in the back next to my Great Grandfather Archibald. My Grandmother Kathleen is on the left, and there’s my mum Bonnie, holding me.

(PS. At the Spring Retreat I’m going to teach this sort of repair, our theme is the letter E, and that covers “Errors” and this comes up in that section. All the workshop spots are filled up, but we still have a few spots for textile artists who’re able to spin and knit. For the record, and because people always write to us and ask, you do not need to be a very experienced knitter or spinner for these retreats. They’re learning experiences, and it’s just fine to be a beginner in both departments.  Everyone always says “maybe when I’m good enough” and there’s no reason to wait. This sort of thing is supposed to help you become that good. More info here if you’re into it.)

Categories: Knitting Feeds

Fraudsters cloak credit card skimmer with fake content delivery network, ngrok server

Malwarebytes - Wed, 02/26/2020 - 17:03

Threat actors love to abuse legitimate brands and infrastructure—this, we know. Last year we exposed how web skimmers had found their way onto Amazon’s Cloudfront content delivery network (CDN) via insecure S3 buckets. Now, we discovered scammers pretending to be CDNs while exfiltrating data and hiding their tracks—another reason to keep watchful eye on third-party content.

Sometimes, what looks like a CDN may turn out to be anything but. Using lookalike domains is nothing new among malware authors. One trend we see a fair bit with web skimmers in particular is domains that mimic Google Analytics: Practically all websites use this service for their ranking and statistics, so it makes for credible copycats.

In the latest case, we caught scammers using two different domains pretending to be a CDN. While typically the second piece of the infrastructure is used for data exfiltration, it only acts as an intermediary that attempts to hide the actual exfiltration server.

Oddly, the crooks decided to use a local web server exposed to the Internet via the free ngrok service—a reverse proxy software that creates secure tunnels—to collect the stolen data. This combination of tricks and technologies shows us that fraudsters can devise custom schemes in an attempt to evade detection.

Inspecting code for unauthorized third-parties

We identified suspicious code on the website for a popular Parisian boutique store. However, to the naked eye, the script in question looks just like another jQuery library loaded from a third-party CDN.

Figure 1: Compromised online store, with source code showing a CDN like domain

Although the domain name (cdn-sources[.]org) alludes to a CDN, and unveil.js is a legitimate library, a quick look at the content shows some inconsistencies. There should not be fields looking for a credit card number for this kind of plugin.

Figure 2: A malicious third-party library impersonating a legitimate one

To clear any doubts, we decided to check an archived copy of the site and compared it with a live snapshot. We can indeed see that this script did not exist just a couple of weeks prior. Either it was added by the site owner, or in this case, injected by attackers.

Figure 3: Snapshots comparing online store before and after the hack

The script checks for the current URL in the address bar and if it matches with that of a checkout page, it begins collecting form data. This typically includes the shopper’s name, address, email, phone number, and credit card information.

Figure 4: Another fake CDN domain used as part of the data exfiltration process Data exfiltration via ngrok server

Once this data is collected, the skimmer will exfiltrate it to a remote location. Here, we see yet another CDN lookalike in cdn-mediafiles[.]org. However, after checking the network traffic, we noticed this is not the actual exfiltration domain, but simply an intermediary.

GET https://cdn-mediafiles.org/cache.php HTTP/1.1 Host: cdn-mediafiles.org Connection: keep-alive Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Referer: https://www.{removed}.com/checkout/onepage/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Connection: keep-alive Content-Length: 36 Ly9kNjgzNDRmYi5uZ3Jvay5pby9hZC5waHA=

Instead, the GET request returns a Base64 encoded response. This string, which was already present in the original skimmer script, decodes to //d68344fb.ngrok[.]io/ad.php which turns out to be the actual exfiltration server.

Figure 5: Customer data being stolen and exfiltrated to ngrok server

Ngrok is software that can expose a local machine to the outside as if it was an external server. Users can create a free account and get a public URL. Crooks have abused ngrok to exfiltrate credit card data before.

To summarize, the compromised e-commerce site loads a skimmer from a domain made to look like a CDN. Data is collected when a shopper is about to make a payment and sent to a custom ngrok server after a simple redirect.

Figure 6: Traffic flow, from skimming to data exfiltration

The above view is simplified, only keeping the key elements responsible for the skimming activity. In practice, network captures will contain hundreds more sequences that will make it more difficult to isolate the actual malicious activity.

Blocking and reporting

We caught this campaign early on, and at the time only a handful of sites had been injected with the skimmer. We reported it to the affected parties while also making sure that Malwarebytes users were protected against it.

Figure 7: Malwarebytes blocking the skimmer on the checkout page

Threat actors know they typically have a small window of opportunity before their infrastructure gets detected and possibly shutdown. They can devise clever tricks to mask their activity in addition to using domains that are either fresh or belong to legitimate (but abused) owners.

While these breaches hurt the reputation of online merchants, customers also suffer the consequences of a hack. Not only do they have to go through the hassle of getting new credit cards, their identities are stolen as well, opening the door to future phishing attacks and impersonation attempts.

Indicators of Compromise

Web skimmer domain

cdn-sources[.]org

Web skimmer scripts

cdn-sources[.]org/jquery.unveil.js
cdn-sources[.]org/adrum-4.4.3.717.js
cdn-sources[.]org/jquery.social.share.2.2.min.js

Redirect

cdn-mediafiles[.]org/cache.php

Exfiltration URL

d68344fb.ngrok[.]io/ad.php

The post Fraudsters cloak credit card skimmer with fake content delivery network, ngrok server appeared first on Malwarebytes Labs.

Categories: Techie Feeds

Scrum Con 2020 is this Saturday!

Zenopus Archives - Wed, 02/26/2020 - 13:57


The second annual Scrum Con is this Saturday, and you may want to attend if you are in DC Metro area. This year it has moved over to the Silver Spring Civic Building in Silver Spring, MD, just north of DC. The general info page for the con is here: Scrum Con 2020.

Tickets are $15 each, and there are are two sessions of games, from 10-2 and 3:30-7:30. Doors open at 9 AM.
The game sessions are evenly split between RPGs and Miniature Wargames. This close to the event most seats are taken, but there are a few open due to cancellations in the last week. For the latest availability, check the Events Schedule on Tabletop Events. As I write this, there are:
1 seat in Dragon Hunt (Miniatures) from 10-21 seat in WaT a Nice Village (Miniatures) from 10-22 seats in Incident at Space Station Accipiter (Miniatures) from 11-1 (2 hour game)1 seat in B8 Journey the Rock (B/X RPG) from 3:30-7:30
I will be running a session of In Search of the Brazen Head of Zenopus in the afternoon, but the seats are all filled currently.
In the morning I will be helping to give out badges to attendees. If you attend, make sure to say hello! 
Categories: Tabletop Gaming Blogs

Black Pudding #6 / Underground Down below

Ten Foot Pole - Wed, 02/26/2020 - 12:14
J.V. West Random Order Creations OSR Levels 3-6

Black Pudding #6 is a zine and I’m reviewing the eight pagepointcrawl adventure “Underground Down Below”, with map by Evlyn Moreau. It’s got 36 encounters described over eight pages, if you count the one page map. Imagine a REALLY large cavern with mesa’s and stuff in it. That’s this. IE: an underground valley hemmed in on all sides with some plateaus in it. It;s very imaginative. And it lacks inciting incidents.

Have you ever been to an art forward gaming con? I have. They’re great! I’m thinking specifically of Con on the Cob. Art people are relaxed, not up their own asses, and know how to have fun and know how to run a game. The afterhours DCC games at GenCon are another great example of this as the ZZ Top gang run for fun. This has that kind of vibe. Mostly. But it’s lacking that certain motivating aspect that drives the adventure forward. It feels more like an Ed Greenwood adventure where there’s lots of interesting shit going on, that you CAN interact with, but why would you? 

The map depicts a kind of isometric view of a large underground cave. Very big. Lots of shit going on on what is, essentially an “art map” rather than your usual gaming map. Nothing wrong with that, I love me some on map detail. There’s no scale but it is, essentially, a pointcrawl. I don’t know, maybe the cavern is lit by purple or green light or something, so the party can see points in the distance to travel to. That’s not mentioned but would work. I’m a big fan of “the party sees something interesting” so that they can then decide to travel to it. The isometric view (is that the right word? I think I’ve used it in this context since that DL1 map) does a good job of showing elevation and the map is chock full of little drawings (it’s an art map, remember) that allows the Dm to describe vague half-seen shapes in the (I’ve now added) pale green light. I see the back half of a shadowy colossal stone head up ahead in the pale green light? Let’s go there! This kind of “expansive view in the distance” is invaluable, for those situations in which it’s warranted. For these “I can see a lot so what do I see?” sorts of situations i love a map like this or a brief overview text in the adventure to help orient the players. This does that well.

The little vignettes are pretty imaginative, some interconnected and some not. The first location is a dozen little people washing and feeding and worshipping a giant fire beetle and her three dog sized babies. Her poo glows. Or giant centipede people. Or a cave mouth with teeth that can bite you. Giant demon statues that spit out gems. Giant people buried in rock. Hmmm, come to think of it, there ARE a lot of giant rock people/buried/made of stone elements in the adventure. Whatever, who doesn’t like a giant cracked egg with something squirming inside of it? Or a village that sacrifices every ninth baby to the giant squid monster in the lake and drain their old people of blood to make protein cakes? 

But, they lack a certain something and I’m not sure I can fully describe what. It feels a little like one of those Ed Greenwood adventures where you can look but if you touch you die. There doesn’t seem to be much reason to interact with the various locales other than, maybe, the innate desire of the party to fuck with shit.  Village of stoic philosophy dwarves. Uh. Ok. And? The priestess lives inside that teeth cave? Ok. So? 

There’s a hint, here or there, of something for the party to be driving towards. A 20,000p diamond and an unguarded, but cursed, ancient red dragon hoard. Ok, so, maybe that’s what the party is here looking for? But, still, why am I interacting with the dwarves again? Just like a Greenwood adventure, there’s as much trouble for the party as they make for themselves. (I played with Jim Ward once and his adventure felt the same way. Just don’t fuck with shit. Maybe fun for a one shot you are ok with dying in 90 minutes in to a four hour game, but hard to sustain.)

There are little “hit point tracker” bubbles after each creature and I can’t help but wonder what if those were not there and instead there was just one more sentence? Something to drive the action forward? 

What this needs is just a little more for each encounter. Maybe. Or maybe some kind of global overview and/or “what everyone knows and who likes/hates who and what they want” or something like that. There’s no background or intro at all to this, just a few tables scattered in the adventure. “How did we get here?” “a wizard did it”.or  “You fell through a hole” and so on. 

You could steal a lot from this adventure. Do you want to steal? By which I mean, are you looking for inspiration? That sounds an awful lot like “Adventures for Reading” to me. But, there’s also room in life for Art, right? Is this just art? Art that you’re inspired by? To run a great game? Isn’t that what I implore designers to do? But … is that art? Can it be art AND a good adventure? Sure. But is this everything it could be for the DM? Not without a shock rope attached.

This is Pay What You Want at DriveThru with a suggested price of $2. There’s no preview, but, hey, you can download it for free, so the entire zine if the preview.

https://www.drivethrurpg.com/product/303613/Black-Pudding-6?1892600

Categories: Tabletop Gaming Blogs

June 18-20, 2021: Calgary Aikikai 40th Anniversary Seminar 2021 with Waka Sensei

Aikido News - Wed, 02/26/2020 - 10:20
June 18-20, 2021: Calgary Aikikai 40th Anniversary Seminar 2021 with Waka Sensei
From: Andrew James Barron posted on 26. Feb 2020, 10:20am

Calgary Aikikai is happy to announce that we will be celebrating our 40th Anniversary with a seminar on June 18th to 20th 2021 in Calgary, Alberta Canada. We are honoured that Waka Sensei, Igrashi Shihan 7th Dan and Shirakawa Sensei 6th Dan will be teaching. Plan on joining us on the mat and taking the opportunity visit the Canadian Rocky Mountains. This is a great opportunity to join the event and combine the seminar with excursions to famous Banff, Yoho and Jasper National Parks. All martial artists are welcome. Complete information will be available soon at www.calgaryaikikai.com

  • Submit an Aikido News Item

  • Categories: Aikido

    War of the Worlds Godzilla 1914 - Years Zero 1912 -1913 A Troll Lord Games OSR/ Victorious rpg Campaign

    Swords & Stitchery - Wed, 02/26/2020 - 04:40
    "At any rate, in all the bodies of the Martians that were examined after the war, no bacteria except those already known as terrestrial species were found. That they did not bury any of their dead, and the reckless slaughter they perpetrated, point also to an entire ignorance of the putrefactive process. But probable as this seems, it is by no means a proven conclusion. Neither is the Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
    Categories: Tabletop Gaming Blogs

    War of the Worlds Godzilla 1914 - The Opening Salvo A Troll Lord Games Victorious rpg Campaign

    Swords & Stitchery - Tue, 02/25/2020 - 23:39
    "At any rate, whether we expect another invasion or not, our views of the human future must be greatly modified by these events. We have learned now that we cannot regard this planet as being fenced in and a secure abiding place for Man; we can never anticipate the unseen good or evil that may come upon us suddenly out of space. It may be that in the larger design of the universe this Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
    Categories: Tabletop Gaming Blogs

    Let's Talk Scale

    The Splintered Realm - Tue, 02/25/2020 - 22:52
    One of the challenges I have always run into when designing RPGs around the ants is the idea of scale. One of the strengths of the setting is the scale - the idea that everything is happening in measurements of millimeters. This works in the smallest increments; it makes sense to have the ant heights in mm instead of feet - so a cm becomes the rough equivalent of ten feet which is great for ranges and distances in combat. It’s actually a pretty clean conversion from human to ant scale in this way.
    However, it breaks down when we start talking about travel, flight, and vehicle speeds. Because the scale is millimeters, this also means that a meter is the rough stand-in for a mile (very rough, because it is actually about one sixth of a mile - making it quite a bit off). Since a wasp can fly about 40 kilometers per hour, we end up in trouble - that wasp can travel 40,000 meters per hour, making it as fast as superman within the game scale. In effect, the game world (which is maybe a few hundred meters across) is easily traversed in a short time by many insects. I always feel like I need to make the game world bigger.
    However, I had not also considered the similar scale compression of time. An insect doesn’t live long. A red ant can live for 2-5 years, so a year is roughly two decades to the ants - and some other insects have much shorter life spans. In this compression, a month is two years, meaning a week is six months, a day is a month, and an hour is a day. A human lives an average of 70 years, so 70 x 365 = 27,375 days. An ant lives an average of 3 years x 365 days x 24 hours = 26,280 hours. So, in ant scale, an hour is equal to a day. Giving a speed in meters per hour may as well be giving that speed in meters per day. It would be ridiculous for us to give speed in miles per day; I am going 1500 miles per day! That sounds fast - it’s just normal highway speed. The default distance has been changed to the millimeter; the default time has to be changed to the minute. The one-minute turn is not only the default measure of game time; it is the default measure of insect world time as well. 
    Back to our wasp. He can fly 40,000 meters per hour, so he flies 650 meters per turn. It’s still fast, but at this scale it sounds like helicopter fast, not superman fast. According to Google, an ant can walk 3 inches per second, so that’s about 7 cm per second, or 420 cm per minute. An ant can walk 4 meters in one minute. So, with a move of 4, you can travel 4 meters in one turn. However, 4 cm in a round (one second) is actually a little on the slow side; an ant should be able to move twice that in one round pretty easily.
    What if the default setting of a round is that an ant gets two actions? More? What if a creature gets a number of actions equal to its level? Dang… a level 6 bug gets 6 actions per round? That seems crazy… but it’s also aligned with the source material. In action movies, the hero is taking five or six attacks to the mook’s one. This means that winning initiative, especially at higher levels, becomes vital. 
    However, it also means that at higher levels you should have abilities to neutralize enemy attacks, automatically block, or to do some damage reduction. At higher level, you are going to have to get your opponent to exhaust a variety of resources in order to start landing your good shots. Against minions, you can mow down squadrons in short order; against an enemy commando, you are going to have to get past his luck, his tenacity, and his cool under fire in order to start hitting him.
    Time for some play testing!

    Off The Shelf – 6” Joe

    Looking For Group - Tue, 02/25/2020 - 19:55

    Normally I review toys I own for Off The Shelf, but last weekend was Toy Fair and I’m too excited about toys I will own to focus on all of the little plastic people I, y’know, already own and love. […]

    The post Off The Shelf – 6” Joe appeared first on Looking For Group.

    Categories: Web Comics

    Am I winning yet

    Yarn Harlot - Tue, 02/25/2020 - 18:24

    There is not yet a baby, which is a good thing in the knitting department and I’m quite pleased by it, though Meg less so, to be truthful.

    I’ve been quietly sending “not quite yet sweetie” messages out into the universe, and so far it’s working.  I did decide, after the last blog post to add another repeat of the lace – it seemed silly to make a short term knitting decision when this will be a long term grandchild, and I knew I’d be happier in a year with this choice than I was with it in the moment – so my nine rounds to go turned into 25 rounds to go, and I poured on the burn.

    (I know, that is such an incredibly hip thing to say that you can hardly stand it.)  I dedicated a few days of really intense knitting to the thing, and I’m happy to announce that the body is done, and I, gentle readers, have made it all the way to the edging.

    This blanket has almost a thousand stitches in a round now – and that means I have to work around two thousand rows of the edging to get around the thing and have it cast off. It’s about 55 repeats of the edging pattern, plus a little more to get around the corners. I’m almost to the first corner now, which means I am at the exact point in the process where it feels completely hopeless.  Elliot’s coming for a sleepover tonight and that’s always good for a chunk of knitting time – he goes to bed early and easily, bless him. (He remains the sweetest child to ever walk the earth, I tell you. It makes me wonder if this next babe will be the end of all peace, but let’s worry about that when we see what sort of vibe the kid is rocking.)

    I took a little blanket break earlier in the week, partly because I was bored to the point of chewing my own arm off, and also because almost everyone I know who’s ever had a knitting injury can point to a wicked knitting jag that did it. I think it’s pretty important for your hand health to keep mixing it up.  (Do you know what makes it hard to get a repetitive strain injury? Not repeating things. It’s not like I’m going to knit less, but I can keep knitting with variety. That wee break meant that I finished the sweetest little onesie.  So darling I can hardly stand it. Soft and warm, perfect for the first few weeks or so.

    Pattern:Tiriltunge Newborn Onesie Yarn: Rosy Green Wool Merino d’Arles in Mistral. It took about 1.5 skeins, and I used a 3mm needle.

    It is just about  perfect.  I loved this yarn a lot, and the result is charming, cozy, was pretty easy to knit if you keep your wits about you (and I do.)  I think it’s going to fit too – and may be a hair big, which is perfect, because new humans grow so quickly.

    I also spent a little time restoring some old knits, ones that were mine when I was a baby, of all things – but I’ll tell you about that tomorrow.  Trust me, we’re going to need something to break up the blanket monotony.

    Categories: Knitting Feeds

    Biotech health care innovations meet security challenges

    Malwarebytes - Tue, 02/25/2020 - 17:54

    The level and speed of innovations taking place in the biotech industry are baffling. On the one hand, it makes us hopeful we can quickly reduce the number of illnesses and their consequences through technological advancement—saving thousands of lives. On the other, concerns about the application of Internet-connected technology leave us wondering: at what cost?

    Where does the mix of technology and medicine lead us? Advancements in genetic therapy have reshaped cancer treatment as we know it. Yet, other applications, such as automating medicine intake by measuring biometrics, may introduce whole other problem sets the medical and security world haven’t solved for.

    Knowing that every human body is unique and may react in another way to the same procedure, it seems prudent to draw the line at a certain amount of automation. But how do we determine where to draw the line? Is it smart to leave that decision to the big pharmaceuticals? Let’s have a look at the developments in biotech that require bigger picture thinking from the security and privacy perspectives.

    Developments in the health care industry

    Some of the most promising health care developments in late stages of refining or even already in use are techniques where sensors are attached to or inserted into the patient’s body. The sensors are designed to transmit data about certain bodily conditions back to healthcare personnel.

    One such technology is inserted directly into patients’ medication via chip. These “smart pills” send biometric data from within the blood stream. When the patient ingests the pill, the chip will be detected by a patch on her stomach the moment it is digested. If the patch doesn’t receive the appropriate signal, it alerts the patient’s doctor.

    A big step forward for the future of smart pills will be the automation and timely administering of medicine; something currently in development. These smart pills are being designed to make patients life’s easier by embedding a tracking system in the pill that trigger the release of the drug in a timely manner, so you can’t forget.

    Smart pills could also be programmed to release the medication when certain circumstances are met. A system similar to this already exists for diabetes. Insulin pumps for type 1 diabetics are in use that release insulin when a low blood sugar is detected, basically by mimicking the way the pancreas would behave for healthy people.

    Diagnostic biotech

    Existing bio-sensors are internal measurement devices that broadcast body metrics like blood pressure, pulse, oxygen saturation, blood sugar, etc. These bio-sensors and sensors measuring the presence of other substances in the blood can be used to finetune the administration of drugs. But what if anybody else can receive these transmissions?

    The feasibility of multiplex biosensors for bloodstream infection diagnosis has been under investigation for a few years and is another development that could lead to transmissions concerning our health from inside our body to a “smart” device.

    Pharmaceutical companies have already released digital smart pills containing computer chips. The first digital cancer pill, which was released in early 2019, contains a chip and capsules filled with capecitabine, a cancer chemotherapy that patients need to take several times a day.

    Other biotech innovations

    The human genome has been almost fully mapped and we are rapidly finetuning the ability to read the map. But what does this prospect bode for the future of the information that can be extracted from the DNA samples we provided for various different reasons?  Will donating blood or participating in a DNA test now result in a privacy nightmare later on? Will the risk we take now grow on us as science finds out more about the information stored in our DNA.

    Genetically detectable diseases

    With greater understanding of our genetics comes greater capacity for their manipulation. And gene editing currently stands as one of the most exciting, and worrying, areas within the biotech industry.

    Another worrying advancement is the use of artificial intelligence (AI) to make the development of new drugs faster and cheaper. AI particularly can be used to reduce the amount of trial and error needed to design a drug candidate once a promising disease target had been identified. It can also be used to investigate and find unexpected use cases for drugs that fail in clinical trials. Promising changes, for sure. But what might AI miss that the human mind would catch? And how much would morality come into play if machines are conducting all of the testing?

    Remote control of artificial limbs and animals

    The advancement of modern prosthetics has gone hand in hand with the upcharge in rapid developments in the biotech health care sector.

    In a combination of robotics and neuro-engineering scientists are working on a new robotic hand that could be a life-changing device for amputees. The goal is to read and transmit intended finger movement read from the muscular activity on the amputee’s stump for individual finger control of the prosthetic hand.

    In the military field sharks and other animals have been given brain implants that makes them remotely controllable. These sharks could for example be used to find enemy submarines.

    Communication protocols in biotech

    The smart pill, produced and patented by Proteus and called Abilify MyCite, sends a simple pulse from the pill to the patch as soon as the pill gets absorbed by stomach acid. No problem there, but then the patch sends data like the time the pill was taken and the dosage to a smartphone app over Bluetooth. The data is stored in the cloud where the patient’s doctor and up to four other people chosen by the patient, can access the information. The patient can revoke their access at any time.

    In 2017 the FDA stated it was planning to hire more staff with “deep understanding” of software development in relation to medical devices, and engage with entrepreneurs on new guidelines, because it expected to get more approval requests for digital pills. This was after the approval of Abilify MyCite, which is a typical symptom of legislation running after technical innovations without ever truly catching up.

    In 2018 hackers demonstrated they could install malware on an implanted pacemaker after they had discovered bugs Medtronic‘s software delivery network, a platform that doesn’t communicate directly with pacemakers, but rather brings updates to supporting equipment like home monitors and pacemaker programmers, which health care professionals use to tune implanted pacemakers.

    Bluetooth and medical devices

    Bluetooth is ideal for the short-range, continuous wireless connection, that we use for streaming audio and data. The most commonly used Bluetooth protocols in medical equipment are Bluetooth Low Energy (BLE) and Bluetooth Classic

    BLE is a Bluetooth protocol that was launched in 2010, it was designed to achieve goals of low power consumption and latency while accommodating the widest possible interoperable range of devices. The downside is that it can behave differently depending on smartphone platforms. This is because the device advertises on a schedule for smartphone response. When the smartphone responds, a handshake (bonding) is made, facilitating a confirmed transfer of the data packet to the smartphone before closing the connection. This saves energy, but it’s also responsible for unpredictable data transfer speed.

    BLE also does not require paring between the sender and receiver and it can send authenticated unencrypted data. We understand the benefits of saving energy:

    • Devices can stay longer in the body without having to be replaced
    • Batteries can be smaller, so easier to insert and less obtrusive

    But depending on the nature and particularly the sensitivity of the transmitted data, other considerations might come into play. Unfortunately BLE devices have also been found to be impacted by SweynTooth vulnerabilities.

    Recommendations

    Developers of medical devices who intend to use Bluetooth as the technology to connect devices with each other and with Wi-Fi should consider carefully which Bluetooth protocol is right for their system. To do this, it is important to have a clear understanding of the needs for the system and the available options.

    Medical devices should be easily updatable for those circumstances where new vulnerabilities are found and patches or other important updates need to be applied.

    Maybe the healthcare industry should even consider designing a new protocol similar to Bluetooth. Combining the Low Energy properties with some extra security measures might pay off in the long run.

    Cloud solutions that are used to store sensitive personal and medical data deserve to be held against a high security standard.

    We recommend only giving up your DNA samples to trusted organizations and only for reasons of utmost importance like your health.

    Machines are not without fault or as smart as we might think. Blind trust in machines when it comes to healthcare can end in a catastrophy. There is an area where personal attention does a lot more good than the fully automated application of medicine can ever do.

    Stay safe, and stay healthy!

    The post Biotech health care innovations meet security challenges appeared first on Malwarebytes Labs.

    Categories: Techie Feeds

    Return to Dwimmermount - Tides of Blood & War - Cha'alt & ACK's Dwimmermount

    Swords & Stitchery - Tue, 02/25/2020 - 17:52
    Its been a very busy morning but last night I wanted to get back to ACKs Dwimmermount within my Godbound/Cha'alt campaign. Way back in 2017 I stumbled upon this thread about Dwimmermount on the General ACKs forums.  There are a few changes that would be made right off the get go. The fact that Astonishing Swordsmen & Sorcerers of Hyperborea's rpg system Hyperboreans & the Thulian Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
    Categories: Tabletop Gaming Blogs

    Introducing Lock and Code: a Malwarebytes Labs podcast

    Malwarebytes - Tue, 02/25/2020 - 17:27

    Intrepid Labs readers might be happy to know that we’re stepping into territory long-requested and desired: we’re launching a podcast.

    Malwarebytes researchers and reporters are on the front lines of cybercrime, delivering both fast-breaking news and thoughtful features on our blog to raise awareness and help users stay safe and private online. We want to take what we do here and bring it to a new medium so that even more folks can incorporate cybersecurity lessons into their daily lives.

    As our real world and online world continue to blend, staying secure and aware are ever more critical in defending against attacks from criminals and encroachment on privacy from big tech. And that’s why, every two weeks, we’ll be breaking down the top headlines into easily digestible soundbytes and inviting marquee experts, both in-house and outside, to dive deep into some of the more complex issues.

    Take a listen to the trailer for our podcast—Lock and Code—for a taste of things to come:

    Lock and Code, a Malwarebytes podcast

    Tune in next Monday, March 2, for the first episode of Lock and Code, where host David Ruiz will break down news from the RSA floor, plus talk with the annual conference’s Director of Content and Curation Britta Glade on this year’s theme: the human element.

    The post Introducing Lock and Code: a Malwarebytes Labs podcast appeared first on Malwarebytes Labs.

    Categories: Techie Feeds

    5 Ways Magic the Gathering Changed the Rules of D&D

    DM David - Tue, 02/25/2020 - 12:00

    Magic the Gathering designer Richard Garfield rates Dungeons & Dragons as the most innovative game of all time. Nonetheless, in any ranking of influential games, Magic’s revolutionary design surely vies for a top spot. You might suppose that a card game like Magic would differ too much from a roleplaying game to have any influence on D&D’s rules, but Magic’s design shaped the D&D editions to follow. Today, innovations from Magic extend to the roots of fifth-edition D&D.

    5. Templated text changed how rules get written—and the 3rd-edition design team.

    When Magic’s designers faced the problem of bringing order to countless cards, they used templated text: they described similar game rules with consistent wording imposed by fill-in-the-blank templates. Today, the patterns of templated text appear throughout modern D&D’s rules.
    But the move to templated text also lifted a D&D-outsider to lead the game’s third-edition team. Ben Riggs tells this story in a convention seminar.

    Early in the development of third-edition D&D, Wizards of the Coast purchased TSR. Skaff Elias had served as a designer on several early Magic sets and ranked as Senior Vice President of Research and Development. Skaff felt that the upcoming D&D edition could fix “sloppiness in the rules” by using templated text. Skaff and Wizard’s CEO Peter Adkison told the D&D design team to switch the spell descriptions to templated text, but the team kept resisting his directives.

    Eventually, the D&D team readied the release of a playtest document that still lacked templated text. They claimed rewriting all the spell descriptions according to formula would prove impossible because hundreds of spells would need templating in 48 hours to meet their delivery deadline. Nonetheless, Adkison and Skaff took the challenge themselves, working through the night to rewrite the spells and meet the deadline. Even after that heroic effort, the rules document that reached playtesters lacked the templated descriptions from the CEO and the Design VP. The design team had simply ignored their bosses’ hard work.

    The failure infuriated Adkison. He lifted Jonathan Tweet to the head of the third-edition team. Designer Monte Cook remembers Adkison’s new directive: “If Jonathan says something it’s as though I said it.” Unlike the TSR veterans on the rest of the team, Tweet had started his career by designing the indie roleplaying game Ars Magica and the experimental Over the Edge. As a member of the D&D team, he convinced the team to adopt some of the more daring changes in the new edition.

    4. Keywords now get careful use throughout the rules.

    Much like Magic, D&D uses keywords to describe many elements in the game. Often the keywords bring few rules of their own, but other things in the game interact with the keywords. So Magic has no rules specifically for “white” or “green,” but cards with “protection from white” work in a special way.

    In D&D, conditions like “charmed,” creature types like “beast,” and descriptors like “melee” work as keywords. Such keywords power templated descriptions like, “While charmed by this spell, the creature is…” and, “The next time you hit a creature with a melee weapon attack…” In early editions of D&D some words got treatment that resembled keywords. But before Magic proved the technique’s power, keywords in D&D hardly saw the pervasive, rigorous treatment they do now.

    3. Specific beats general came from Magic, but started in a hugely-influential board game nearly as old as D&D.

    In Magic, the text on any card can change the rules of the game, so a card like Platinum Angel can say, “You can’t lose the game and your opponents can’t win the game.” Among traditional games where all the rules fit on the underside of a box lid or in a slim pamphlet, this made Magic revolutionary. The original Magic rules explain, “If a card contradicts the rules, the card takes precedence.” In other words, specific beats general. Similarly, page 3 of the Player’s Handbook explains how when a game element breaks the general rules in some way, it creates an exception to how the rest of the game works.

    Earlier editions of D&D included game elements that broke general rules, but the unwritten principle left new players to struggle with the apparent inconsistencies. Judging by how frequently D&D lead Jeremy Crawford restates the principle, players still struggle with it.

    The principle of specific beats general dates to the revolutionary 1977 game that inspired Magic the Gathering and countless others. Bored with the familiar patterns of their Risk games, the designers of Cosmic Encounter wanted a game where every play felt different from the last. In Cosmic Encounter, each player controls a different alien species able to break the general rules of the game in some specific way. With more than 150 rule-breaking alien species in the game and its expansions, Cosmic Encounter offers endless, disruptive combinations.

    2. With more reliance on rulings, D&D does less to separate flavor from rules.

    Magic the Gathering cards typically fill any space left after their rules text with italicized flavor text. So, Platinum Angel might say, “She is the apex of the artificer’s craft, the spirit of the divine called out of base metal.” Other Platinum Angels share the same rules, but different flavor text.

    Traditionally, D&D mingled rules and flavor text, but fourth edition fully adopted such separation. The power descriptions even duplicate the practice of putting flavor in italics. This practice fit fourth edition, which defined combat powers as tightly as cards. The designers aspired to create a game where flavor never bent the rules, so a DM never needed to decide if, for example, you can take ongoing damage from cold and fire at the same time.

    In fifth edition, the separation mainly appears in the monster books, where rules appear in formal boxes while flavor comes between the rectangles.

    1. Reactions came from Magic’s instants and interrupts by way of D&D miniatures.

    In Magic the Gathering, players can act at any time, stopping another player with cards originally called interrupts. The constant activity helps make the game so compelling, but it forced the designers to develop rules to make sense of the actions and reactions.

    In early editions of D&D, players might interrupt another turn for an improvised action, but such acts needed a DM’s ruling. By third edition these actions counted as free and still mainly relied on a DM. Counterspells used the system’s only means of interrupting—the readied action.

    When Wizards planned a line of D&D miniatures in 2003, the company aimed to expand sales beyond roleplayers to gamers who favored competitive wargaming. The Miniatures Handbook turned third edition’s combat rules into “a head-to-head skirmish system for fighting fast, tactical battles.” The book’s authors included D&D designers Jonathan Tweet and Rob Heinsoo along with Magic designers Skaff Elias and Mike Donais. The new miniatures would come boxed in randomized assortments complete with cards describing rules for each figure, so in ways, the package resembled Magic. The competitive skirmish game could no longer rely on a DM’s rulings to resolve interruptions, but the team wanted some of the richer play suggested by a game like Magic.

    The design collaboration worked. Elias and Donais brought experience from a competitive game with strict rules for timing interrupts and reactions. “While designing Miniatures Handbook, we realized that free actions hid a potential smorgasbord of cool new mechanics,” wrote designer Bruce R. Cordell. “We subdivided the free actions into immediate actions (a free action you can take when it isn’t your turn), and swift actions (a free action you can take when it’s your turn).”

    Swift and immediate actions entered the D&D roleplaying game through Cordell’s Expanded Psionics Handbook (2004). “The concept that swift and immediate actions could serve as one more resource available to a player opened up new vistas of possibility, expanding options in the game.”

    In fifth edition, swift and immediate actions evolve into bonus actions and reactions.

    Categories: Tabletop Gaming Blogs

    Setting The Stage of Mythology With Monsters of Myth & Legend by Greg Gorden and Neil Randall, Published By Mayfair Games

    Swords & Stitchery - Tue, 02/25/2020 - 07:25
    "Monsters of Myth & Legend is a supplement describing over 100 monsters drawn from the American Indian, Australian Aborigine, Chinese, Greek, Irish Celtic, and Norse mythology. Each includes game statistics and legendry; most are illustrated. Monsters of Myth & Legend is a sourcebook play aid containing encyclopedic listings of dozens of creatures and deities to add to an existing fantasy Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
    Categories: Tabletop Gaming Blogs

    Concerning Bat in the Attic Games

    Bat in the Attic - Tue, 02/25/2020 - 04:33
    I want to thank everybody for their support and appreciate the solidarity that was shown. It wasn't 100% but it was very high. Keep that in mind as we move on and the debates begin.

    Moving on is what this post is about. What I will be doing with Bat in the Attic Games.

    The Royalty Waiver
    Mr. Bledsaw granted me a royalty waiver in March of 2018 and it applies to royalties beginning on July 1st 2017. I ran the numbers and it looks like I am 66% towards reaching the cap. I don't feel comfortable with providing the numbers due to wording of my license agreement. However what owed to me was computed on the basis of what I was paid for the first nine maps plus a fee for the CSIO map. I owe Judges Guild a royalty report in April.

    I already modified batintheattic.com and took down the items on my Lulu store. It been nine months since I sold a copy of anything on Lulu. However all Bat in the Attic products are still available on DriveThruRPG.

    The Product Line
    I sell twelve products and eleven of them have Judges Guild IP. The two Majestic Wilderlands related products can be replaced with works without Judges Guild IP. However the other nine are Wilderlands of High Fantasy related, they will eventually be delisted and the files turned over to Judges Guild per my license agreement. This leaves just Blackmarsh after everything is delisted.

    The Immediate Future

    The Wild North
    First I will finish the Wild North. I am aiming for a spring release. Luckily this was my next project. This setting is to the north of Blackmarsh and it is loosely based on Russian and Slavic folklore. Much like how the core rules of classic D&D are based on a fantasy medieval Europe.

    This was originally released as Map 19 in Fight On #3, however two years ago I decided to revamp it to fit the loose setting behind Blackmarsh and the two Points of Light books. This involved redrawing the southern edge of the map to fit Blackmarsh and write new material to bring it up to the standards of Blackmarsh. The map will be four times the size of Blackmarsh.

    The first draft is finished. I am in the midst of drawing the color version of the map along with various smaller maps that are needed.

    Scourge of the Demon Wolf
    The Scourge of the Demon Wolf will be revamped to fit the loose setting behind Blackmarsh and the two Points of Light books. This means changing a couple of references and replacing the Barony of Westtower mini-setting in the supplement half.

    Deceits of the Russet Lord.
    The draft adventure that is furthest along is Deceits of the Russet Lord. It involves star crossed lovers, corrupt monks, rebellious peasants, tyrannical lords, orcs, and the Russet Lord, the faerie lord that behind it all.

    The Long Term

    The Majestic Fantasy Realms
    This will replace the Wilderlands of High Fantasy books in my product lines. It will likely be based on the loose setting behind Blackmarsh. It will definitely take advantage of DriveThruRPG ability to print 18" by 12" posters for the maps. Other than that I am still feeling my way through how to best approach this.

    The Majestic Fantasy RPG
    The Majestic Wilderlands supplement in 2009 was just the beginning of my work with Swords and Wizardry. In the ten+ years since I have run several campaigns and expanded the rules beyond what in the supplement.

    My challenge is twofold. First I strongly believe that Swords and Wizardry by Frog God Games is an excellent system for many. I want to supplement Swords and Wizardry not replace it. Second there are many other fine OSR rule systems out there as well. As result most OSR referees I know often kit bash the rules they use for their campaign. Taking most from a single system but the rest from different sources.

    As a result my goal for the Majestic Fantasy RPG is to make it easy for people to use sections of the Majestic Fantasy RPG in their campaigns, whether it is Swords and Wizardry or another system. But also still function as a system in its own right. I am still working on what form this will take.

    I do know at some point I will need an overview to summarize how it all hangs together. Hence my release, for free, of the Basic Rules for the Majestic Fantasy RPG.

    The Majestic Stars
    I am  bound and determined to improve at writing science fiction adventures. Once I figure it out I plan to release the results as the Majestic Stars.

    5th edition 
    When reviewing my work folder I found I had quite a bit of 5th edition material. It not organized into a coherent whole like the Majestic Wilderlands supplement was. But it looks there is enough for a small number of zine type supplements. Basically bits and pieces I created for the two 5e campaigns I ran along with playing around with the system.

    Wrapping it up
    Again I appreciate the support that was shown. I will be keeping everybody updated on my progress. I also would like to thank Goodman Games and Frog God Games for their support.
    Categories: Tabletop Gaming Blogs

    Pages

    Subscribe to Furiously Eclectic People aggregator