Feed aggregator

How to manipulate narratives when telling stories in role playing games

The Disoriented Ranger - Sat, 08/24/2019 - 12:33
Hey there. Long time no see ... This blog is not deserted, it's just really slow right now. So many things to do, like, working on getting my first role playing game published or writing short fiction. Most people don't realize, I think, how much time it actually takes to write a complete game from scratch. Anyway, I'm already digressing. What I want to talk about today connects loosely to the last post I had published here, but instead of talking about how to tact combat a bit differently, I'd like to shed some light on how to narrate stories. Or at least how I do it. This applies to all role playing games ...
The Basics
We all have a basic understanding of stories and how timing is the crucial element in everything we tell or listen to or look at. Even with totally random occurrences we tend to interpret our surroundings towards patterns we believe to recognize. We are also able to re-calibrate and update narratives as soon as new information manifests.
There is a beat to it, and even if you are not able to reproduce it, we all know how to recognize it. The reproducing part, however, is what's crucial when participating in the games we play, as all participants are helping to make the narrative manifest. Actually, they will do so if they want or not. I guess that is an important point to make: it's not that we are not contributing, it's how well we are contributing that we have to look at.Timing is everything ... [source]It does matter if you tell bad jokes all the time, if you constantly miss the beat or if you try to contribute, but constantly run in the wrong direction or disrupt the game ... Everything that happens at the table is part of the manifesting narrative. Everything. The lighting, that one player's smelling feet, the divorce story another player keeps telling. It all contributes and part of a DMs job is to navigate and even manipulate the flow of information input towards an engaging experience which then will lead to a memorable narrative (which then, in retrospective, will be called "the story").
That's why groups "cast" players or why people want to keep the chatter to a minimum or why breaks are necessary or why we can only play for so long before the game starts falling apart at the fringes. That's, ultimately, why DM's need tools and systems to enhance their games.
I've said it before and I'll most likely keep saying it: the way I see it, we use the rules of our games as the extension to what we communicate during the game and as described above, it all actually matters, the lingo and terms, the resolve mechanisms, it all helps shaping the game through altering the narrative. The art of writing proper rules, then, needs to include an awareness how telling engaging stories works and how to improve on that. It always boils down to this.
So that's the basics. Everyone contributes all the time, and we should aim to improve and manipulate the flow of information towards a better game.
How to Weave a Narrative
"Weaving" is the key analogy here, I think. Everything is always everywhere on hand, same goes for the moment at the table and it moves and changes constantly. The game gives you a rhythm to apply (good games do), so you have random encounters occurring either in intervals or when probable. Fights have structure to enhance the tension, there are some fail conditions and recognizable patterns to manipulate and extrapolate from on all levels (not only on a meta-level). You have campaign arcs, quest goals, advancement ... The list goes on.
Rules I like to add to the games I'm designing also generate abstract patterns to apply to the manifesting narrative. Tools to manipulate the flow or weave the narrative. I call them "narrative encounters", as in, not a creature or NPC the characters are encountering, but a twist in the story or an unexpected impulse to the narrative.
There are three, in my opinion, crucial benefits for a DM to extend control over the narrative to some form of external system: (1) it offers changes the DM might not have come up with on his own (as we get stuck easily in patterns we like to reproduce), (2) the sum of those impulses helps to conjure the overall impression of, say, genre and (3) it allows foreshadowing from seemingly random decisions happening at the table, since you not necessarily need to now where things are going and instead know what it's going to shape towards.
The Hero's Journey is a prime example of having a pattern like this, but I like to push it all a little further, actually, as I think it's so abstract that, while obviously working, still will reduce a game to just one pattern. It can be applied to the overall structure of a campaign. Easily and to great effect. But I like a bit more random in there. A bit more Tarantino or Pynchon, if you will. As I see it, our games tend to manifest as picaresque, naturally so due to the different sources contributing to the narrative.[source]I have talked about this on length here on the blog, actually (read it all here). What I didn't do, though, was actually talking about what it takes to make it work. It sure is implied, but (as we do so often) I assumed it being obvious. Part of the reason to write this here post is the realization that it needs a little more than "just" the theory and all the pieces.
For now, just remember: if you weave something, you don't only do sowith what you have, you also do it towards a goal. However, there is still more to that ...
Recognizing the Elements of Stories  The first thing we need to be aware of, is THE STAGE. It's the concepts that make the world the game is set in or the understanding and knowledge of the pieces that make a campaign. In a sense, it means narrowing down the expected outcomes of certain patterns (we have magic and no modern weaponry, people believe in fatalism, capitalist theories are banned or hard SF versus Space Opera ... stuff like that).
However, as a stage, it needs to be more concrete than that. It needs details about the area the characters are exploring, to a degree that the players can make informed decisions about their characters and so that the DM is in a position to have lots of moving pieces he can use without harming the Suspense of Disbelief (basically informing the players about possible negative outcomes or ramifications of actions, at least in general enough terms for them to have them believing in those pieces interfering as the narrative responses to their actions).
The Stage, in a sense, is the part of the sandbox around a group they can be aware of and the toys they can interact, with some horizon for their expectations.
THE CHARACTERS are the second big element of each story. The player start with the same process of choice eliminations when deciding what character they are playing. Characters come with certain patterns how they interact with their surroundings. When players make characters, they agree to apply those patterns by interpreting their character's actions towards them (not necessary to follow them, but to play with them in a way that is recognizable by all participants ... the cleric falling from grace, the fighter not willing to fight, stuff like that is within that realm of possibilities).
Each player has a pattern (or several, depending on the complexity of the characters) to contribute to the manifesting narrative as part of an ongoing dialogue, or rather, moderated argument what's going to happen next and why.
THE CHARACTERS are the tools with which the players are able to interact with THE STAGE. Their senses, if you will.
The third major element are the NARRATIVE IMPULSES a DM gives to all those interacting pieces. Some of it comes from the system (or his use of it), some of it comes from the hints he provides the characters with (as in "invitations to act"), some of it comes from moderating all the offerings the players make to interact (when he interprets their ideas to his concepts of how things work on THE STAGE), but the main part of his work is, imho, the twists he is able to weave into the story, the timing.

Be that bambus ... [source] The last crucial aspect is a BELIEVABLE REALM OF POSSIBILITIES, which means that players need to believe that their decisions have real impact. Some of that is carried by the rules (and in that regard, rules benefit from complexity in that they extent the REALM), but a huge part of that is actually down to a DMs flexibility to streamline all the impulses manifesting at any given moment during the game with his own NARRATIVE IMPULSES towards believable outcomes in the perceivable future of the STAGE the narrative is manifesting on. Not only what's happening, but (far more importantly, where it's happening towards.
If all the aforementioned are to a huge degree craft (system mastery, planned management of expectations and moderation) and knowledge about how we actually perceive stories (so we can manipulate them towards seeded expectations), that last one is where the art is. It's like Jazz. It's the ability to recognize and weave randomly emerging patterns into a cohesive and ongoing narrative that actually seems to go somewhere, all that on the fly. There's lots to talk about there.
The Taoist Approach: Doing Without Doing
Once things are set into motion, once players start interacting with their narrative surroundings, a DM is best advised to hold back and react spontaneously as the game dictates and offers opportunities. If he has no agenda beyond what is already established and a loose idea how it might change in the immediate future, he'll have it easier to recognize the patterns as they emerge. It puts him in a position where he can react instead of needing to act all the time to keep the game afloat. That's what "Doing Without Doing" means.
In a sense it means the DM is leaning back and observing what is happening, always only adjusting the game towards the established and letting the rest run its course until an opportunity arises to enhance the game in another direction. A bit like fishing, if you will.

It's all about opportunity ... [source]As established above, part of being able to maintain this state, is having an idea where the pattern is going to. Not in a concrete way, but as an abstract narrative encounter area the game is gearing towards. How about an example: betrayal. To have a betrayal, it needs a situation where someone is getting betrayed. The Narrative Generator linked to above will also deliver genre-appropriate agents for the betrayal or vague reasons for it. Conditions, in a way, that need to be met to make the narrative encounter manifest.
So the DM takes his time, letting the game flow, manipulating it gently towards a situation where the betrayal could be placed most effectively. It also doesn't mean that the characters need to be betrayed, it can mean that they hear a story about someone being betrayed, get an opportunity to intervene with a betrayal or even, that they need to betray someone to reach a goal. Just as the pattern emerges and opportunity dictates.
In my games, I have at least 3 such narrative encounters prepared for each session. How it all manifests is the campaign log. The important bit is to keep this as vague as possible to be able to apply it to what is actually happening at the table. In that regard, it doesn't matter what the characters are doing, betrayal will be part of the narrative in the immediate future (just like encountering goblins would be with a random monster encounter). It's all the characters' decisions and the DMs spontaneous reaction to it, guided by some vaguely predetermined shifts in the narrative that are accepted within the realm of possibility.
The amount of tact and timing you are able to put into this determines to a huge degree the quality of the narrative that is manifesting at the table and the stories being told about it afterwards. 
The Limits of Control
As outlined above, I firmly believe that we don't need a grand narrative. Not in a sense that a DM needs to know he concrete outlines of a campaign (it is a matter of debate if something like this is even possible without a great deal of manipulation towards what the players want ...). There are limits to the control a DM can (or should) have over the manifesting narrative.

The course is the campaign, the trainer is the DM. the players ... [source]DMs define a realm of possibility, players decide how they interact within that, DM reacts to that. Being too specific in that regard will result in a (too) simple win/fail mechanic and the mindset coming along with that. It is bound to be disappointing.

Accepting those limits can open up the game for the DM in a way that has him in a spot where he can play as well. Let's go with the betrayal above and say the DM has a specific NPC in mind that will betray the characters, but they never interact with that NPC again for some reason or another. The DM is now in a situation where he created something he's not able to use unless he forces it upon the characters for some reason.

An easy out here would be to have someone tell the characters a story about that character betraying someone else, which might at least have the characters thinking they dodged a bullet there. However, that's not the point. It rather should illustrate how dependent a DM is on the course of action the players decide on and how prepared he is to deal with it. Or better: where his focus lay in preparation.

The limits of control for a DM are with the specific outcomes of the narrative impulses over multiple instances. If you think something along the lines of:
 "A needs to happen, so B can happen and I can hit them with C, gearing the game towards G ..."you are two steps ahead too far, because what will always happen is more along the lines of:
"X will happen and you have A to gear it towards. which will result in XAY and you having a B to navigate towards, which will have, of course, the result of XAYB and you having C already in sight, so ..."ABC and so on is what you have control over. They are impulses, which is what has us coming full circle to the point I made in the beginning, as those impulses will have an impact on the narrative. They inform genre and if that realm of possibilities is chosen well, the sum of the possible results will give you your Grand and Epic Narrative! The play reports I'm writing here can be examples of that, I think. If nothing else, the stories described there are completely a result of what I described above (you want two good examples, check this one out and this one).

And, done ...

That's it, folks. I'm of the opinion that we need to go places with our designs that accomodate A DMs work where it really counts. It's not all intuitive, although it can be, but most of all, needs to be with most games since that kind of support is missing. It can be explained how we tell better stories in our games. And if we are able to explain it properly, other can learn it as well and get beter at it.

I hope I'm getting closer to offer some valuable insight into how we need to push a little harder when exploring what the games we play actually do and how to make that better. It's one area where we still can innovate, in my opinion.

I'll leave it at that, for now. I get a feeling that I circle the same ideas for some time now (for the simple reason that I need answers for the games I write) and I'm not sure that it still makes for endearing reading anymore. One realisation of late I had is that  might have to change the direction of the blog somewhat away from writing about my ideas of design and more towards something more, idk, easily digestible?

I have an idea for that as well ... We'll see if I can pull it of. I have to chose wisely what I have to write for the rest of the year, as it already shapes up to be a busy couple of months. However, if things go as planned, you'll have a lot more to read in another format in a couple of months. Until then, friends and neighbours.

Soon ...

Categories: Tabletop Gaming Blogs

Family Comic Friday- Dear Justice League

Stash My Comics - Sat, 08/24/2019 - 01:51
Review by Tony Dillard Family Comic Friday is thrilled to present to you a graphic novel that has been on top of our wish list ever since it was first announced earlier this year! Have you ever wondered why Green … Continue reading →
Categories: Comic Book Blogs

Ransomware continues assault against cities and businesses

Malwarebytes - Fri, 08/23/2019 - 15:00

Ransomware continues to make waves in the US, forcing multiple cities and organizations into tough choices. Pressed for cash and time, local government organizations are left with few options: Either pay the ransom as soon as possible and encourage criminals to continue bringing essential services to their knees, or refuse and be left with a massive cleanup bill.

When a $50,000 ransom becomes millions of dollars in cleanup, forensics, external tech assistance, and more, sadly more and more organizations are throwing up their hands and paying the ransom.

Doing so almost certainly encourages the same or similar threat actor groups to come back around again at a later date, applying claims for their daily dose of extortion racket money. So what should these cities do?

We take a look at the most recent attacks, how US and international cities have handled them, and our advice for dealing with the aftermath.

A cone of silence: Texas

Twenty-three (23) local government organizations in Texas were recently hit by a coordinated attack likely from a single threat actor. Unlike some previous assaults on city infrastructure where information was released quickly, here officials are keeping their cards close to their chest. No word yet as to which networks, devices, or other technological infrastructure were affected, which family of ransomware was behind the attack, how defenses were penetrated, or if a ransom was paid.

According to WIRED, response teams from “TDIR, the Texas Division of Emergency Management, Texas Military Department, Department of Public Safety, and the Texas A&M University System’s Security Operations Center/Critical Incident Response Team SOC/CIRT” are all working to bring systems back online. This may suggest they held out on paying the ransom, and either the scam pages were taken down (meaning no ransom could be paid), or they missed a deadline and all systems were permanently locked out.

Either way, it could be that Texas is trying a new tactic: regardless of outcome, prevent the endgame of the attack from gaining oxygen. Simply hearing that someone paid or held off and had their network crushed makes it a lot easier for future potential attackers to figure out what worked, what didn’t, who paid up, and who is more likely to give nothing in return.

While it’s unlikely we won’t hear more and at least find out which files were used in the attack, it will be interesting to see if this tactic pays off for at-risk organizations or simply digs them a deeper hole.

Paying up: Florida

Florida has been hit particularly hard by ransomware attacks, and in just one month no less than three Florida municipal governments have been dumped on by the triple threat of Emotet, TrickBot, and Ryuk ransomware. Sadly, all three cases were triggered by the age-old trick of a booby-trapped attachment sent via email. Lake City was for all intents and purposes knocked out of digital commission, having to revert to pen and paper in place of locked-out computer systems. Emergency services remained untouched, but everywhere else—from email and land lines to credit card payments and city departments—chaos reigned.

Eventually, they ended up paying some US$460,000 in Bitcoin to the ransomware authors to release compromised systems. Riviera Beach, struck by a similar attack, ended up paying a cool US$600,000 to fix their hijack. These are incredible amounts of money to send to attackers who may simply have lucked out getting their infection files on the networks of big fish targets, but a drop in the ocean compared to the clean up costs—and that’s why cybercriminals keep getting away with it.

Some of these payments are covered by insurers, with many offering ransom protection as part of their services. As many have noted, paying the ransom is bad enough in that it essentially encourages attackers to keep going. Turning payments into an accepted cost of doing business removes much of the threat from organizations and probably means many simply won’t bother to spend on upgrading their network protection. After all, if the insurance companies are going to pay, then why bother?

However, complacency from organizations will only result in bigger and bigger fines from emboldened cybercriminals, who will most certainly capitalize on the opportunity to squeeze more money out of cities and companies. Eventually, insurance companies will drop organizations or require excessive monthly payments if the attacks keep happening.

Anthony Dagostino, global head of cyber risk at Willis Towers Watson, told Insurance Journal magazine, “We’re already getting word that some insurance companies are not providing the coverage or are adding to the deductibles.”

A state of emergency: Louisiana

Regardless of who pays and who doesn’t, make no mistake: People are taking these attacks seriously. We’re at the point where governors are declaring a state of emergency when these assaults on crucial infrastructure take place. After attacks on multiple school districts, Louisiana Governor John Bel Edwards called it in. Prior to that, Colorado gained some level of cybersecurity fame by issuing the the first-ever state of emergency executive order for a computer-centric attack.

A global threat: Johannesburg

The US may be grappling with the lion’s share of ransomware attacks, but let’s not forget this is a truly worldwide problem. In July, Johannesburg in South Africa found itself unable to respond to power failures after a successful ransomware attack. It potentially affected up to a quarter million people, preventing customers from buying electricity, causing issues with electrical supplies, and even stopping energy firms from dealing with localized blackouts.

Businesses under ransomware threat

Unlike the hugely-popular band Radiohead, who can choose to give away their ransomed music instead of succumbing to extortion attempts, organizations faced with a ransomware attack have no similar alternative. Pay up, or deal with the mess left behind is all that’s available. And as attacks ramp up, if they don’t look at preventative action, they may be forced to make a call between bad and worse.

It’s not just hospitals under attack from ransomware – all manner of healthcare can be impacted. No fewer than 400 dental offices were recently brought to their knees by what is claimed to be Sodinokibi. With the attack in full swing, payments, patient charts, and the ability to perform x-rays were all unavailable. Around 100 practices were able to get back online, and there’s some debate as to whether some organisations actually paid the ransom. Given emergency patients in severe pain would need an x-ray to proceed with treatment, this is quite a nasty attack to contemplate.

As our most recent quarterly report highlights,

Over the last year, we’ve witnessed an almost constant increase in business detections of ransomware, rising a shocking 365 percent from Q2 2018 to Q2 2019.

That’s quite a bump. Some other key findings:

  • Ransomware families such as Ryuk and RobinHood are mostly to blame for targeted attacks, though SamSam and Dharma also made appearances. 
  • The ransomware families causing the most trouble for businesses this quarter were Ryuk and Phobos, which increased by an astonishing 88 percent and 940 percent over Q1 2019, respectively. GandCrab and Rapid business detections both increased year over year, with Rapid gaining on Q2 2018 by 319 percent.
  • Where leading ransomware countries are concerned, the United States took home the gold with 53 percent of all detections from June 2018 through June 2019. Canada came in a distant second with 10 percent, and the United Kingdom and Brazil followed closely behind, at 9 percent and 7 percent, respectively.
  • Texas, California, and New York were the top three states infected with ransomware, ganged up on with a combination of GandCrab, Ryuk, and Rapid, which made up more than half of the detections in these states. Interestingly, the states with the most ransomware detections were not always the most populous. North Carolina and Georgia rounded out our top five ransomware states, but they are not as heavily-populated as Florida or Pennsylvania, neither of which made our list.
Where to go from here

The pressure is most definitely on. Businesses and local governments must ensure they not only have a recovery plan for ransomware attacks, but a solid line of layered defense, complete with a smattering of employee training in the bargain. When so many attacks begin with a simple email attachment, it’s frustrating to think how many major incidents could’ve been avoided by showing employees how to recognize phishing attempts or other malicious emails.

Of course, securing the line of defense and taking preventative action is just one part. The growing willingness to pay the ransom and on some fundamental level encourage threat actors to do it all over again is not helping. However, with the ever-present threat of budget cuts and a lack of funding/security resources in general, it’s difficult to pass judgment.

More and more government officials will need to make their case to the board on why cybersecurity is an important business investment. And the board will need to listen. Otherwise, ransomware authors will continue to dine like kings. 

Think you may have been hit with Ryuk ransomware? Download our Ryuk Emergency Kit to learn how to remediate the infection.

The post Ransomware continues assault against cities and businesses appeared first on Malwarebytes Labs.

Categories: Techie Feeds

Watanabe Nobuyuki Passes Away

Aikido News - Fri, 08/23/2019 - 10:23
Watanabe Nobuyuki Passes Away
From: Jun Akiyama posted on 23. Aug 2019, 09:23am
URL: http://www.aikikai.or.jp/eng/about/information/detail.html?news_id=260

I have just been informed that Watanabe Nobuyuki (8th dan, Aikikai Hombu Dojo) passed away at the age of 89 years old on August 20, 2019. Watanabe started aikido at age 22 in 1952 before becoming uchideshi at Aikikai Hombu Dojo. He was known for his "no touch" aikido techniques demonstrated at the All Japan Aikido Demonstration (video here). Watanabe was featured in AikiWeb's "It Had to Be Felt" column series with an essay by Ellis Amdur (available here). My condolences go out to his family, friends, students, and loved ones.

  • Submit an Aikido News Item

  • Categories: Aikido

    Gamers' Notebook Grid/Hex Version is Live on Kickstarter

    Oubliette - Thu, 08/22/2019 - 17:43
    I've just launched a new campaign on Kickstarter to fund the final print run in a series of three of our Gamers' Notebooks. This time One side will have 7mm hexes with a outline for a 15 hexes high superhex. The facing page will have a 6mm grid. Both pages will have lines at the bottom of the page for writing notes.


    Categories: Tabletop Gaming Blogs

    MooglyCAL2019 – Afghan Block #17

    Moogly - Thu, 08/22/2019 - 15:00

    The newest block in the MooglyCAL2019 is here, courtesy of Beatrice Ryan Designs! I love the way this square reminds me of quilts – and a square of squares is pretty meta too! Here are all the details on Block #17! Disclaimer: This post includes affiliate links; materials provided by Red Heart Yarns, Furls, and...

    Read More

    The post MooglyCAL2019 – Afghan Block #17 appeared first on moogly. Please visit www.mooglyblog.com for this post. If you are viewing this on another site they have scraped the content from my website without permission. Thank you for your support.

    Categories: Crochet Life

    The lucrative business of Bitcoin sextortion scams (updated)

    Malwarebytes - Thu, 08/22/2019 - 15:00

    Update (2019-09-04): A new wave of sextortion emails purporting to have originated from a group of hackers called ChaosCC—a play on the legitimate European white hat hacking community, Chaos Computer Club (CCC)—has recently caught the attention of the security world. Below is a sample email we captured in our honeypot.

    Reports against the Bitcoin address, 1KE1EqyKLPzLWQ3BhRz2g1MHh5nws2TRk, started pouring in to Bitcoin abuse sites in late August just last week. As of this writing, this address has received a total of more or less 2,500 USD worth of Bitcoins.

    After a quiet period following a surge in late 2018 to early 2019, the online blackmail scheme known as sextortion scams are back on the radar and on the uptick.

    According to a report from Digital Shadows, a leading UK-based cybersecurity company that monitors potential threats against businesses, there are several resources available to embolden novice criminals to a life of extortion. These resources include: access to credentials leaked from past breaches, tools and technologies that aid in creating campaigns, training from online extortionists, and a trove of DIY extortion guides that exist on the dark web.

    The report also finds that these fledgling extortionists and accomplices are incentivized with high salaries if they are able to hook high-earning targets, such as doctors, lawyers, or company executives—information that can be gleaned by scouring LinkedIn profiles or other social media accounts.

    With a number of creative ways to wring money out of Internet users, the high potential of a hefty payout, and many helping hands from professional criminals, we shouldn’t expect online sextortion scams to stop (permanently) any time soon. Just ask the Nigerian Prince how well his retirement is going.

    To look at what motivates threat actors to adopt sextortion scams as part of their criminal repertoire, we did what all good detectives do when trying to break open a case: We followed the money. Find out what we discovered on the trail begun by a single sextortion campaign.

    The spam

    We were able to determine several Bitcoin sextortion schemes being implemented in the wild, but for this post, we looked at its most common distribution form: email spam.

    The sextortion email, with its message embedded as an image file—a common tactic to avoid spam filters.

    The full text of this email reads:

    Hi, this account is now hacked! Change your password right now!
    You do not heard about me and you may not be most likely surprised for what reason you are reading this letter, is it right?
    I’mhacker who crackedyour email boxand devicesnot so long ago.
    You should not make an attempt to contact me or try to find me, it’s hopeless, since I sent you this message using YOUR account that I’ve hacked.
    I set up special program on the adult videos (porn) site and guess that you enjoyed this site to have a good time (you understand what I mean).
    When you have been taking a look at vids, your internet browser started out to act like a RDP (Remote Control) that have a keylogger that granted me ability to access your desktop and web camera.
    Consequently, my softwareobtainedall info.
    You have typed passwords on the online resources you visited, I already caught them.
    Of course, you could possibly change them, or perhaps already changed them.
    But it doesn’t matter, my malware updates needed data every time.
    What actually I have done?
    I generated a backup of your every system. Of all files and personal contacts.
    I formed a dual-screen video recording. The first screen demonstrates the film you were watching (you’ve got a very good taste, haha…), and the 2nd screen shows the movie from your webcam.
    What should you do?
    Great, in my opinion, 1000 USD will be a reasonable price for your little secret. You’ll make your deposit by bitcoins (if you don’t recognize this, search “how to purchase bitcoin” in Google).
    My bitcoin wallet address:
    (It is cAsE sensitive, so just copy and paste it).
    You have 2 days to perform the payment. (I have an exclusive pixel to this e-mail, and right now I understand that you’ve read this email).
    To monitorthe reading of a letterhead the actionsin it, I installeda Facebook pixel. Thanks to them. (Anything thatis usedfor the authorities may helpus.)
    In the event I do not get bitcoins, I shall undoubtedly offer your video files to each of your contacts, including relatives, colleagues, etcetera?

    There are many variations of this spam content, but they all follow a similar template: We’ve hacked your account, we have video proof of you visiting porn sites and watching sexual content, and we now demand payment or we’ll release the video of you to the public. In fact, Cisco’s Talos Security Intelligence & Research Group was able to retrieve an email spam template, which they said the extortionists mistakenly sent out to their targets.

    The Electronic Frontier Foundation (EFF) also keeps an updated record of variants of Bitcoin sextortion messages that you can look up in this blog post.

    As we followed the money in this investigation, the only relevant piece of information we needed from the sextortion email was the Bitcoin address, which in this case is 163qcNngcPxk7njkBGU3GGtxdhi74ycqzk. This is our starting point.

    The investigation

    To better understand the next steps in our investigation, readers should first grasp the basics of how cryptocurrency and the blockchain work.

    Paper money and coins are to the real, material world as digital currency is to the online, electronic world.

    Bitcoin is one of thousands of digital currencies available online to date. Specifically, it is a virtual currency—because it is controlled by its creators and used and embraced by a virtual community—and at the same time a cryptocurrency—because it uses strong encryption algorithms and cryptographic schemes to ensure its resistant to forgery and cryptanalysis.

    The blockchain, as the name suggests, is a collection of data blocks that are linked together to form a chain. This system, commonly likened to a ledger, is used by several cryptocurrencies—Bitcoin is one of them. Each block in a chain contains information on multiple transactions. And each transaction has a transaction ID, or TXID. Because of the way cryptocurrency wallets and sites record Bitcoin inputs to addresses, a single TXID may contain multiple entries in its record.

    While real-world ledgers are private and exclusive only to organizations and individuals that keep financial records, the blockchain Bitcoin operates in is not. This makes it easy for anyone, including security researchers, to look up cryptocurrency transactions online using publicly available tools, such as a block explorer.

    In a Bitcoin block, transaction information includes the sender and receiver—all identified by Bitcoin addresses—and the amount paid in Bitcoin.

    Keep these concepts in mind as we go back to the sextortion campaign at hand and navigate the trenches of Bitcoin transactions.

    Going with the (Bitcoin through the blockchain) flow

    The Bitcoin address in our sextortion email, 163qcNngcPxk7njkBGU3GGtxdhi74ycqzk, actually has a small transaction history.

    The brief transaction history of 163qcNngcPxk7njkBGU3GGtxdhi74ycqzk

    However, we were able to take a closer look at these transactions and uncover additional addresses, giving us further insight into this particular campaign.

    According to TXID 94c86a55bb3081312d6020e67202e8c93a43d897f4a289cc655c0e9e6d9e31b4, the balance of 0.25924622 BTC was sent to another Bitcoin address, 3HXdb3HAw1wVzU9b7ZSigvGaStd8KoZ3zJ on March 13, 2019. During that time, this BTC value was worth approximately US$1,000, which is the amount demanded in the ransom email.

    This TXID also contains 23 additional inputs from other Bitcoin addresses, which are likely also under the control of the same actor(s) behind the sextortion campaign, to 3HXdb3HAw1wVzU9b7ZSigvGaStd8KoZ3zJ. Naturally, all BTC values from these inputs were combined, totaling 4.16039634 BTC (approximately US$16,100 at time of investigation).

    2The 24 total inputs from other Bitcoin addresses in one TXID. Notice that most input values are similar to the ransom demand actors extorted from targets.

    Looking closely at 3HXdb3HAw1wVzU9b7ZSigvGaStd8KoZ3zJ, we found it has 11 other transactions that follow a similar pattern to from the transaction we just reviewed.

    3HXdb3HAw1wVzU9b7ZSigvGaStd8KoZ3zJ and its transaction history. Highlighted here is the aforementioned TXID 94c86a55bb3081312d6020e67202e8c93a43d897f4a289cc655c0e9e6d9e31b4.

    We can confirm that that each of these transactions contains extorted funds. Take, for example, TXID b8ae16d604947f67d2b27774e6cfa7afcdb7ede651bdd539b5a5dc555be302aa:

    Inputs within TXID b8ae16d604947f67d2b27774e6cfa7afcdb7ede651bdd539b5a5dc555be302aa

    All Bitcoin addresses in this TXID have been reported as associated with criminal activity on Bitcoin-Spam, a public database of crypto-addresses used by hackers and criminals. Here are links to their respective scam reports and the amount of money they received based on the Bitcoin price as of this writing:

    Further analysis past the consolidation address becomes difficult as the thieves begin a laundering process to hide their illicit gains by splitting and mixing the stolen funds.

    This particular scam campaign appears to have been most active between February 1, 2019 until March 13, 2019, collecting a total of 21.6847451 BTC, which is a little over US$220,000 at current exchange rates.

    Money, money, money

    When it comes to email sextortion scams, suffice to say, business is unfortunately incredibly good. While the simplicity and profitability of the scam may serve an invitation for would-be criminals, the more users become aware of the scheme, the less we’ll be lining the bad guys’ pockets with our cryptocash.

    But more importantly, this should be a wake-up call for users. A lot of people, even those who consider themselves Internet-savvy, are falling for or are rattled by the extortion messaging, especially those emails that make use of old passwords to scare innocent people into parting with their money.

    If you or someone you know may have received sextortion emails, know that it’s highly likely they’re not watching you. What threat actors describe in their emails is not actually taking place.

    Furthermore, don’t panic. Do your due diligence and secure accounts that have been affected by massive breaches in the past (if you haven’t already). And lastly, if you want to do as little hoop-jumping as possible, just delete the email and file them away in your mind as harmless spam.

    The post The lucrative business of Bitcoin sextortion scams (updated) appeared first on Malwarebytes Labs.

    Categories: Techie Feeds

    Don’t Bug Out

    Torchbearer RPG - Thu, 08/22/2019 - 13:00
    Bridge to Nowhere by Todd James

    Hello friends!

    You know what you can never have enough of as a Torchbearer GM? Monsters. I’ve been experimenting with some fun new critters inspired by the arthropods all around us, and Luke has been experimenting with a new stat block. I can’t replicate it exactly in WordPress, but this is a close approximation.

    I’d love to hear your thoughts on both!

    Fire Beetle Nature 3Might 2Burrowing, Feeding, ScuttlingInstinct: Scavenge for food.Type: Beast

    Special Rules: Fire Gland. Each gland gives off light equivalent to a candle. If skillfully removed (Hunter, Ob 3), the glands (hand/carried 1 or pack 1) will continue to provide illumination for some time (at the beginning of each new adventure phase, roll 1d6; on a result of 1 or 2, the luminescence fades). If the glands are ruptured, the chemical inside will burn flesh, wood and cloth.

    Hit Points Kill
    7Drive Off

    Other Conflict Hit Points: Within Nature: Roll Nature, add successes to Nature rating. Outside of Nature: Roll half Nature. Add successes to Nature rating.

    Armor: Carapace (protects on a roll of 3-6; arrows, spears and bolts ignore this armor).

    WeaponConflictADFMBurning MandiblesKill
    Drive Off+1s — — — BurrowingFlee/Pursue+1D — — +2D Fire Beetle Description

    These red and black beetles are between 2 feet and 3 feet long. Each has three glowing glands—two above their eyes and one near the back of their abdomen. They can burrow and are found deep underground. Their mandibles are coated with a natural chemical that causes burning pain.

    Formian Guardian Nature 4Might 4Burrowing, Hunting, Spitting AcidInstinct: Lurk in a burrow and wait for preyType: Beast

    Special Rules: Ambush Attacker. Formians like to burrow into the earth and lurk just below the surface, waiting for prey to walk upon their hunting grounds. When they sense the vibrations of footsteps, they strike from below! If characters fail to detect the presence of an Formian, the first one to walk into the ambush must roll Health vs. the Formian’s Nature. Suggested failure result: Twist. The character is buried in the earth by the Formian’s eruption and trapped until rescued or eaten.

    Hit Points Flee/
    7Drive Off

    Other Conflict Hit Points: Within Nature: Roll Nature, add successes to Nature rating. Outside of Nature: Roll half Nature. Add successes to Nature rating.

    Armor: Chitin. Absorbs one point of damage from an opponent’s attack or feint. Once successes are counted and before damage is applied, reduce damage by one. After use, roll d6: on a 1-3, the chitin is damaged and doesn’t provide further benefit. On a 4-6, the chitin is still usable. Maces and warhammers negate chitin’s effect, but the Formian must still check for damage when hit by them.

    WeaponConflictADFMCorrosive AcidKill
    Drive Off — — +1D — Crushing MandiblesKill
    Drive Off+1D — — — Grasping LegsKill
    Drive Off — — — +1sTremorsenseFlee
    Pursue+1D+1D — — Formian Guardian Description

    A massive six-legged arthropod the size of a pony, with a voracious taste for flesh. They are blind but are extremely sensitive to any sort of vibration. Formians burrow into earth and lurk below the surface, waiting for vibrations to indicate prey is above. Formians are capable of spitting a corrosive acid that turns their prey into a viscous jelly ready for consumption.

    While Formians are usually solitary predators, some shell-shocked adventurers tell tales of venturing into the Below and discovering nesting caverns swarming with the horrifying insects.

    Giant Centipede Nature 4Might 3Creepy-Crawling, Hunting, ScavengingInstinct: Paralyze them and devour later.Type: Beast

    Special Rules: Paralyzing Venom. The giant centipede’s paralyzing venom incapacitates victims. Anyone knocked out of a conflict with a giant centipede can only be brought back into a conflict if the Breath of the Burning Lord invocation is used upon the character. The Defend action cannot replenish the disposition of paralyzed attackers who have not been treated by the invocation.

    Hit Points Flee/
    8Drive Off

    Other Conflict Hit Points: Within Nature: Roll Nature, add successes to Nature rating. Outside of Nature: Roll half Nature. Add successes to Nature rating.

    Armor: Rubbery hide. If targeted by a successful or tied Attack or Feint in a fight, roll a d6. On a 4+, the rubbery hide absorbs one point of damage. On a 1-3, the rubbery hide fails to protect you. You can only make this roll once per fight. Spears, bolts and arrows ignore this armor.

    WeaponConflictADFMParalyzing VenomFlee/
    Drive Off+1D — +1s — Scuttling LegsFlee/
    Drive Off — — — +2D Giant Centipede Description

    A three- to -six feet long predatory segmented arthropod with many legs. Some grow even bigger. They have a set of savage, pincer-like legs just behind the head that they use to inject their prey with a paralytic venom. They are often found creepy-crawling and feeding among the corpses of recent battles and massacres, especially in dungeons.

    Giant Wasp Nature 2Might 2Buzzing, Nesting, StingingInstinct: Sting! Kill! Rawwr!Type: Beast

    Special: Painful Sting. A wasp’s sting automatically impedes its victim (-1D to opponent’s next action following a successful Attack or Feint).
    Vulnerable to Fire. Wasps suffer an extra point of disposition loss against fire (torches, balefire, etc.).

    Hit Points Flee/
    5Drive Off

    Other Conflict Hit Points: Within Nature: Roll Nature, add successes to Nature rating. Outside of Nature: Roll half Nature. Add successes to Nature rating.

    WeaponConflictADFMBuzzing WingsFlee/
    +1s — — +1D
    +1s Buzzing WingsDrive Off
    Kill — — — +1D
    +1sStingerKill+1D — +1s — Giant Wasp Description

    These aggressive insects are as large as a human’s head and armed with a deadly stinger. They live in elaborate hives made of paper-like material (good for starting fires or making incendiaries).

    Categories: Tabletop Gaming Blogs

    Eberron & the Jackelian Sequence

    Sorcerer's Skull - Thu, 08/22/2019 - 11:00

    The announcement of a 5e Eberron book got me thinking about a similar setting that I like better than Eberron: Stephen Hunt's Jackelian series. I wrote about it back in 2011. Hunt wrote a few more novels in the series after that point, but it's a shame there has never been an rpg.

    Anyway, the novels are well work checking out.


    Looking For Group - Thu, 08/22/2019 - 04:00

    The post 1324 appeared first on Looking For Group.

    Categories: Web Comics

    From Whence the Magic Comes (Siege Indigo)

    3d6 Traps & Thieves - Wed, 08/21/2019 - 17:25

    Start with the campaign premise of, “What if magic was not meant for humans?” A setting where “demihumans” wield magic naturally (in their own distinct ways) but humans have to settle for unreliable scraps and their own ingenuity. Not to say that humans won’t be ruling great kingdoms in this setting – they’re just not particularly magical when compared to the domains of the dwarves, elves, gnomes, and halflings.
    Last of the “Color-Titled” post-Avremier setting variants.

    To be honest, that was the whole of my premise. Sometimes, I want a game where magic is – magical. Where you don’t have magic shops available for the shopping convenience of treasure-laden adventurers. Where magic is rare, and weird, and non-generic. Where the non-human races seem truly non-human – not just fantasy caricatures of humanity. Besides, look at some of the famous protagonists of fantasy fiction.
    ·         Merlin) But, look – the most famous human wizard of all! Except, that Merlin was half-demon, a heritage from which his supernatural abilities sprang.·         Conan) A magic-hating human barbarian that lived by his sword and his own free will.·         The Fellowship of the Ring) A ranger, a fighter, an elf, a dwarf, four halflings, and a wizard. For the record, Gandalf was not human. Also, just about all the magic items were made by elves, dwarves, or Sauron.·         Elric) Powerful magician, but not a human.·         Kane) Human warrior somewhat reliant upon alien technology and forbidden magic that turned on him more often than not.·         Fafhrd and the Gray Mouser) Another mighty-thewed barbarian, and a talented sneak thief who dabbled unsuccessfully in magic before giving it up mostly for the sword and his own wit. Each has a wizardly patron – neither of which is human.
    If you want a magic-using character in this setting, you’ll need a background similar to that of a comic book superhero origin story. From whence does your magic originate?
    ·         Accident) Were you bitten by an enchanted spider and now find yourself with mystical spidery powers and attributes? Were you born on a dying world and sent to this one for your own good? Maybe a falling star impacted near the place you were born at the moment of your birth.·         Blood) Do you have powerful magical forebears? Are you part demon? Fae? Angel? Elemental? Something else? Of course, there’s always alchemy – maybe your blood is no longer entirely blood.·         Bookish) You somehow learned how to read some dead language and later discovered that all magical tomes and scrolls are written in this language. So, through accumulating pages of this stuff, you struggle to master the meagerest of magicks.·         Gumption) If you look hard enough, you might be able to find some old, forgotten, forbidden, hidden, dangerous alien magic or magic-like technology. Those who can’t do – steal.·         Patron) Perhaps you are supported or guided by a supernatural entity that lends you magic from time to time.
    In any case – there are options.
    Categories: Tabletop Gaming Blogs

    Bluetooth vulnerability can be exploited in Key Negotiation of Bluetooth (KNOB) attacks

    Malwarebytes - Wed, 08/21/2019 - 15:56

    Those who are familiar with Bluetooth BR/EDR technology (aka Bluetooth Classic, from 1.0 to 5.1) can attest that it is not perfect. Like any other piece of hardware or software technology already on market, its usefulness comes with flaws.

    Early last week, academics at Singapore University of Technology, the CISPA Helmholtz Center for Information Security, and University of Oxford released their research paper [PDF] on a type of brute-force attack called Key Negotiation of Bluetooth, or KNOB. KNOB targets and exploits a weakness in the firmware of a device’s Bluetooth chip that allows hackers to perform a Man-in-the-Middle (MiTM) attack via packet injection and disclose or leak potentially sensitive data.

    The Bluetooth vulnerability that KNOB targets is identified as CVE-2019-9506. According to the paper, Bluetooth chips manufactured by Intel, Broadcom, Apple, and Qualcomm are vulnerable to KNOB attacks.

    What causes a KNOB attack?

    The researchers have identified two circumstances of Bluetooth programming that allow KNOB attacks to be successful.

    Firstly, Bluetooth inherently allows the use of keys that have a minimum length of 1 byte, which may hold 1 character. Think of this as a one-character password. Such a password would have a low entropy—meaning it would be easily predictable or guessed. Although keys with low entropy can still keep a Bluetooth-paired connection secure, hackers can easily circumvent them with a brute-force attack.

    Researchers said that the 1-byte lower limit was put in place to follow international encryption regulations.

    And, secondly, Bluetooth inherently does not check changes in entropy, which occurs when two devices start to “negotiate” the key length they will be using to encrypt their connection. Worse, this pre-pairing phase isn’t encrypted. The device receiving the pairing request will have no choice but to accept the low-entropy key.

    Essentially, this leaves users expecting that they can safely exchange potentially sensitive data with a trusted paired device over what they thought was a secure connection—but it is not. And there is no way for them to know this.

    How does it work?

    The researchers implemented their attack via an illustration of people named Alice, Bob, and Charlie, with the first two as potential targets and the last as the attacker.

    1. Alice, who in this example is the owner of the master device—the Bluetooth device trying to establish a secure connection with another Bluetooth device—sends a pairing request to Bob, who is the owner of the slave device—the Bluetooth device receiving the request. A master can be paired with many slaves, but for this example, we’ll only use one, which is Bob’s.
    2. Before the two devices are paired, Alice and Bob must first agree on an encryption key to use to secure their connection. This is where the negotiation takes place. Alice would like her and Bob to use an encryption key with 16 bytes of entropy.
    3. Charlie, the man-in-the-middle attacker, intercepts this proposal and changes the entropy value of 16 bytes to 1 byte before sending it off to Bob.
    4. Bob receives the modified request for the use of an encryption key with 1 byte of entropy and sends an acceptance message back to Alice.
    5. Charlie intercepts the acceptance message and changes it to a proposal to use an encryption key with 1 byte of entropy.
    6. Alice receives the modified proposal and accepts the use of an encryption key with 1 byte of entropy and sends an acceptance message back to Bob.
    7. Charlie drops the acceptance message from Alice because, to the best of Bob’s knowledge, he didn’t send any proposal to Alice that would merit an acceptance.
    8. The pairing between Alice’s and Bob’s devices is successful.

    Unfortunately, Alice and Bob would have no idea that they are relying on a poorly-encrypted Bluetooth connection that Charlie can easily infiltrate while they exchange data.

    While these may sound simple enough, it’s highly unlikely that we’ll see someone performing this kind of attack—random or targeted—in watering holes like coffee shops and airports. Implementing a successful KNOB attack in the wild and over-the-air needs some expensive devices, such as a Bluetooth protocol analyzer and a finely-tuned brute force script. It is also exceedingly difficult to implement an over-the-air attack, which is why the researchers admitted to opting for a simpler, cheaper, and more reliable means of testing the effectiveness of a KNOB attack in their simulations.

    Does KNOB affect me?

    Researchers surmised that, as KNOB attacks Bluetooth at the architectural level, its vulnerability “endangers potentially all standard compliant Bluetooth devices, regardless [of] their Bluetooth version number and implementation details.”

    Fortunately, the team already disclosed the vulnerability to the Bluetooth Special Interest Group (SIG)—the organization responsible for maintaining the technology and overseeing its standards—the International Consortium for Advanced Cybersecurity on the Internet, and the CERT Coordination Centre in Q4 2018.

    In a security notice, SIG announced that it has remedied the vulnerability by updating the Bluetooth Core Specification to recommend the use of encryption keys with a minimum of 7 bytes of entropy for BR/EDR connections.

    To know if your Bluetooth devices are vulnerable to the KNOB attack, recall if you have updated them since late 2018. If you haven’t, chances are that your devices are vulnerable. The researchers were positive that updates after that date fixed the vulnerability.

    If you’re still unsure, Carnegie Mellon University put together information on systems that KNOB can affect.

    How to protect your Bluetooth devices

    Patching all your Bluetooth devices is the logical next step, especially if you’re unsure if you have since late last year.

    Here is a concise list of security update notices from product vendors of Bluetooth-enabled devices you might want to check out:

    When it comes to sharing potentially sensitive data with someone else, Bluetooth isn’t the best technology that truly guarantees a safe and secure exchange. So as a final note, you’re better off using other more secure methods of sharing data.

    As for your Bluetooth headphones, should you be worried? Maybe not so much. But you might want to think about your IoT devices, mobile phones, and smart jewelry.

    Stay informed and stay safe!

    The post Bluetooth vulnerability can be exploited in Key Negotiation of Bluetooth (KNOB) attacks appeared first on Malwarebytes Labs.

    Categories: Techie Feeds

    Sleepy Blocks Blankie Tutorial

    Moogly - Wed, 08/21/2019 - 15:07

    The Sleepy Blocks Blankie Tutorial demonstrates how to crochet this cuddly, soft, practical, and very zen crochet pattern – free on Moogly, both right and left-handed! Disclaimer: This post includes affiliate links; materials provided by Red Heart and Clover USA. Sleepy Blocks Blankie Tutorial: How to Crochet the Sleepy Blocks Blankie – Right Handed How...

    Read More

    The post Sleepy Blocks Blankie Tutorial appeared first on moogly. Please visit www.mooglyblog.com for this post. If you are viewing this on another site they have scraped the content from my website without permission. Thank you for your support.

    Categories: Crochet Life

    Wednesday Comics: A New Episode of Bronze Age Book Club

    Sorcerer's Skull - Wed, 08/21/2019 - 11:00
    Here's the latest episode, taking on Adventure Comics #462. Oh, and we're now on Google podcasts and Apple podcasts. Like! Subscribe!

    Listen to "Episode 3: ADVENTURE COMICS #462" on Spreaker.

    Injury frustration comes good

    Aikido Blogs - Wed, 08/21/2019 - 06:29
    So more rambling nonsense thoughts.

    I started this blog with the intention of filling it and look where that got me. Not very far.

    So I recently had a very minor injury of a torn ligament at the end of one of my fingers, no big deal rest it up and it will be fine. Oh no splint for 4 weeks to keep it straight and then no contact sports for 2 more weeks or it might end up in the splint again or bent for life. My job is in healthcare of eyes so I have to be pretty dexterous and can’t afford to lose that.

    So here we are 4 weeks of hell is over and the splint is off and I can finally do things again! But not aikido. It is driving me some what insane. I am practising weapons at home and trying foot work drills and some Qi gong but it’s not the same as being on the mats. I have missed our weekly summer school of training. Felt very frustrated and angry at the unfairness of it all.

    It is however what it is and once I have come through it with the help and support of my aikido family I have come to realise that there can be more to training than the physical act of training and as such I have tried to begin the journey of mental and spiritual training with aikido. I began reading more, listening to more podcasts and generally reflecting more on my thoughts and attitude to aikido, those I train with and myself. I ha e no real firm thoughts or conclusions yet and doubt I ever will as things are always in flux, but I will try to broaden how and what I study, and try to record here thoughts as they occur to me.

    If you happen to have read this, firstly sorry for wasting your time. Secondly happy training.
    Categories: Aikido

    A Brief Glimpse of Forever (Violet Grimoire)

    3d6 Traps & Thieves - Wed, 08/21/2019 - 01:52

    A central MacGuffin for the setting, this volume of work is said to contain the secrets of true immortality. A legendary treasure (artifact) that has been the goal of countless adventurers and other seekers. It has been the lifelong pursuit of Andraeun Nemacae, with the reluctant support of his wealthy, influential, and eccentric family.

    The reality of the Violet Grimoire is variable – depending on the goals and flavor of the campaign. The Grimoire offers immortality, but of what kind – and, at what cost? Let’s list some possibilities.
    1. Accursed: You are immortal – in one form or other, but at a terrible cost.
    2. Avatar: Your physical form is a vessel for some outer being or divinity. It is possible that your body will be altered to better suit the occupant. It is also possible that your body will not survive the transformation.
    3. Immortality: You do not age. You are impervious to most forms of harm. You have no need to eat, drink, or breathe. You are no longer mortal.
    4. Possession: Your physical form is the shared host for a being that preserves you as best it can for its own good.
    5. Regenerating: Not only have you stopped aging, but you regenerate from harm. You are very difficult to kill. In fact, you would have to be destroyed utterly to keep from being restored.
    6. Reincarnation: Yes, you can die – but you will somehow be reborn in a new form, with the memories and experiences of your previous lives.
    7. Spirit: You are a disembodied spirit. You will not pass on to the afterlife and are able to possess the living with effort, for limited periods of time.
    8. Transference: Your intellect and consciousness are placed inside an alternate physical shell. In theory, this can be continued indefinitely as long as there are viable shells available and the means of transference.
    9. Unaging: You do not age. Period. Barring incident, you could live for a very long time.
    10. Undead: You become some sort of free-willed undead monster, like a vampire or lich.
    Categories: Tabletop Gaming Blogs

    Zenopus Game at Dragonflight 40

    Zenopus Archives - Wed, 08/21/2019 - 01:34

    Above are two photos from a "Beneath the Ruined Tower of Zenopus" game that was run at Dragonflight 40 in the Seattle area this past weekend. This is a venerable con, held every year since 1980, the era of Holmes Basic itself. From the event listing for the session:

    "50 years ago, the citizens of Portown battered the wizard's tower to rubble. But has an even greater evil arisen? Pirates grow bold, the innocent have vanished, and ghastly screams are heard from the abandoned graveyard near the ruins. An adventure using the original (1977) Dungeons and Dragons basic rules. Pregens provided (or roll your own)."
    The shots were taken by Scott M. of the Halls of Tizun Thane blog, who played in the game. Scott reports they used some of my Holmes Ref sheets; I can see the 1-page Character Creation Worksheet. I also see print-outs of Paleologos' Map of Portown.

    Scott reports that during the game "[w]e followed a rumor of scratching noises at a ladies' house with her dead husband's loot in the basement" and "[I] sent in my guy Gutboy Barrelhouse (Dwarf) and a Hobbit first. We eventually got to a place where we saw flickering lights (which rats can't make) so we got the rest of the party to follow (hands and knees at first)". After that they "[e]nded up exploring the dungeons most of the session".

    That sounds like Portown Rumor #18! It's great to hear about this stuff being used.
    Categories: Tabletop Gaming Blogs

    Hookin On Hump Day #197: A Yarny Link Party!

    Moogly - Wed, 08/21/2019 - 01:00

    I think there must be a chill in the air – because this round of Hookin On Hump Day is taking us into autumn with gorgeous blankets and garments! Get all 5 of these lovely patterns below – and then add your own to the HOHD link party on Moogly and Petals to Picots! What...

    Read More

    The post Hookin On Hump Day #197: A Yarny Link Party! appeared first on moogly. Please visit www.mooglyblog.com for this post. If you are viewing this on another site they have scraped the content from my website without permission. Thank you for your support.

    Categories: Crochet Life

    On Downtime and Demesnes

    Hack & Slash - Tue, 08/20/2019 - 18:08
    Hey, this is really important.

    I made a good thing. You can see the whole thing for a dollar. It's maybe the best work I've done. If you read "On Tricks, Traps, and Empty Rooms" and thought, "this is useful" you should check this out.

    On Downtime and Demesnes

    You know, OTTER is a real useful tool for designing spaces before players engage in them. This is something better. ODD is about what happens in play that make your players feel like addicts. I think I dun good. Go check it out.

    We've got a ton of top flight creators on board for the project stretch goals, and I hope you'll join us for this whirlwind ride. 10 Days! Let's go!!!

    Hack & Slash FollowTwitchNewsletterSupportDonate to end Cancer (5 Star Rating)
    Categories: Tabletop Gaming Blogs


    Subscribe to Furiously Eclectic People aggregator