Feed aggregator

Xanadu, D&D adventure review

Ten Foot Pole - Sat, 11/14/2020 - 12:28
By Vasili Kaliman Singing Flame OSE Levels 2-3

A cult in the temple of Xanadu has opened a portal to another dimension. It was activated by adjusting the hands of three pendulum clocks in a particular sequence. Once the veil of reality was ruptured between this world and another, The Tooth Fairy stepped through, a winged creature from a dimension made of sweet stuff. The Tooth Fairy slaughtered everyone in the temple for their teeth, which she extracted and ate like candy. Rumors are circulating about unusual happening involving the temple, many are concerned. The Tooth Fairy is currently in her dimension, her appetite is ravenous, waiting to be summoned again. Rewards and riches may await those who venture forth to explore the temple, or dare to perform the ritual!

This forty page adventure features a one level dungeon with about 33 rooms described in about 23 digest pages. Good interactivity is complimented by good layout and organization to create an environment that is easy to run and fun to play in, with a hefty complement of Creepy Shit thrown in. 

It’s digest and it’s full of hipster 8-bit art, as a throw back to the early era of computer rpg games. It’s also a good adventure.

Interactivity is a hard beast. I comment frequently that it’s one of the three main pillars of a good adventure. There’s two sorts of interactivity in an adventure. The first is the back and forth between the party and the DM. This is the soul of every RPG; the art of the DM providing information and the party following up. Adventure text can support this. But I’m usually using the term interactivity in terms of Things To Do in the dungeon. Stabbing people. That’s pretty much a given. I like stabbing people, but that can’t be the totality of the dungeon, otherwise it’s just a tactical minis game … which could be fine if you’re in to Warhammer, but this is an RPG. You can talk to people before you stab them. I always like that. It’s not always required but it does provide a few more opportunities for the players to exploit the monster and the monster to exploit the player before (potential) stabbing starts. But then, what’s next? Traps, maybe? Puzzles? Yes to both! You want things in the dungeon for the party to mess with. This creates a risk/reward structure and delicious delicious tension as the party, hopefully, sits on the edge of their seats waiting for a result to their actions, with shouts of glee when things go well and groans of despair when they don’t. 

How about a statue holding a bowl? With gemstone eyeballs Obs, you want to put something IN the bowl! Also, the statue is carved from compressed human teeth. Hmmm, I wonder what goes in the bowl? That’s good interactivity. Secrets to discover! Hints in a mosaic that reveal deeper truths further inside the dungeon! A chess game to play! You need this sort of stuff in your dungeon. I don’t care if it’s 5e, Pathfinder, Warhammer, or something else, you need things for the party to play with and explore. And this adventure has that. Not quite every rooms, but enough stuff in the dungeon that you feel engaged as a player.

It’s also using one of my favorite style for laying out/organizing rooms. [Standard disclaimer: this is not the ONLY way to do a good job, but I do think it’s an intuitive way to do it for a new designer.] The first paragraph of each room generally provides a quick little overview of what the party sees, with certain keywords bolded, like “wall paintings”, “dead bodies” “candles” and the like. There are then bolded section headings for each of those points, with the details of them under each section. Thus the DM can easily locate the overview to relate to the players and then find the follow information instantly. I’m a fan. The Hall of Everlasting Light has the general description: “Pillars, running down center. Wall paintings throughout. Candles, high up on walls, regular intervals, piercing blue flame. Dead bodies, 2d4 of them, randomly distributed around room. Smells fragrant, like fresh air.” It’s a nice job.

Most of the decisions made in this adventure by the designer are great ones. Monsters are new, and creepy, to keep the players on their toes. The map is a good one (although light sources could be shown …) there is a good overview of the adventures, themes notes, major enemies, what the party can accomplish in terms of mysteries to solve. There’s a little map overview key … I like it a lot. 

The descriptions could be punchier. The “Wall Paintings” above, reads “Full-body portraits of multiple races, including beings not of this world, all wearing red robes, emblazoned with the cult symbol.” Not exactly the punchiest of descriptions, and tending to the abstract side of the spectrum. A good evocative description, kept short, is a hard skill though, and one of the hardest to master, I think, after imaginative interactivity. The outside of the temple doesn’t really get a description, for those would be “use the back door” crowds. 

And, there are a lot of If/Then statements. This is a writing style that just clogs up writing. “IF a read magic spell is cast ..” “is something is put in the bowl …” or “if a search for traps is made …” This is actually a stylistic choice made by the designer, so it’s not just poor writing, as it usually is. Actions are preceded by an IF as a formatting decision, consistent throughout. I don’t think it’s good. I think it adds words to read and parse while you are digging through content, but, hey, that’s just me. The reviewer.

Still, even with some weakness in the descriptive text, it’s a great adventure. Lots oto explore, Easy to run. Really good interactivity (OOOO! Glass coffin!”) and just a tough of gruesomeness (teeth related, generally) to keep the theming together and let you know they ARE baddies for a reason.

This is $3 at DriveThru. The preview is fourteen pages. You only get to see the first two rooms, since it’s the first fourteen pages. I would have preferred a couple of more rooms to look at as well, but you can get a good idea of the writing style, layout, interactivity, and so on from the preview, so it’s a decent preview.


Categories: Tabletop Gaming Blogs

Pan Tangian Memories - Deeper Reflections into the Stormbringer rpg & OSR Campaign

Swords & Stitchery - Sat, 11/14/2020 - 07:48
 The nation of Pan Tang is by far one of the biggest threats within the Young Kingdoms in the Stormbringer rpg. But those glorious Games Workshop Eternal Champions figures were awesome. For someone in America staring at these figures from the works of Michael Moorcock made them more then a bit exotic. As some of my comtemporaries have said Games Workshop's Stormbringer rpg was both a Chaos god Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

The Pay What You Want OSR Resource - Five Swords From Harbinger Games For Your Old School Campaigns

Swords & Stitchery - Fri, 11/13/2020 - 23:49
 Five Swords From Harbinger Games is one of those supplements that fills a niche as a DM that you wish you have thought to have written. Its a damn useful little product with five magical blades. The title includes their history, powers, bits and pieces, all of the useful bits about the weapons and its all done up in a nice concise and well organized package from Harbinger Games. These are not Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

BIG FINISH: Eric Roberts returns as The Master in a new series

Blogtor Who - Fri, 11/13/2020 - 15:00

More than two decades on from his clash with Paul McGann’s Eighth Doctor, Eric Roberts’ malevolent incarnation of the Master gets his own full-cast audio series in March 2021. Actor Eric Roberts returned in a spooky new video teaser playing the Doctor’s nemesis for the first time in 24 years. Watch that video here > […]

The post BIG FINISH: Eric Roberts returns as The Master in a new series appeared first on Blogtor Who.

Categories: Doctor Who Feeds

Forgotten Futures: Stanley Weinbaum

Sorcerer's Skull - Fri, 11/13/2020 - 12:00


I've mentioned the science fiction of Stanley Weinbaum (1902-1935) on this blog before. I was pleased to discover that the free rpg for public domain setting, Forgotten Futures has a Weinbaum adaptation: Forgotten Futures XI: Planets of Peril. If nothing else the worldbook is great. 

You might want to check out the other Forgotten Futures rpgs are well.

It All Begins In A Pirate Town - 'Sea Kings of The Of the Purple Towns' by Fred Behrendt For Both The Stormbringer rpg & Your Old School Or OSR Campaigns

Swords & Stitchery - Fri, 11/13/2020 - 03:28
" Between the Oldest Ocean and the Eastern Ocean lies the Isle of Purple Towns, the center of commerce and trade in the Young Kingdoms.Sailing into port, visitors are impressed with the magnificent buildings, the splendid markets, and friendly people. Few see the undercurrents, the dirty deals, and the politics which threaten to rip apart the apparent serenity of the island.The Isle of Purple Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

Hat trick for Google as it patches two more zero-days in Chrome

Malwarebytes - Thu, 11/12/2020 - 21:16

Slightly over a week ago we advised you to update your Chrome browser. That warning came only a week or so after we advised you to update your Chrome browser. Things are getting a bit repetitive round here.

Today, we are compelled to repeat that statement as Google has issued patches for two new zero-day vulnerabilities. Someone tipped Google off about them, although the source(s) wish to remain anonymous. Again, the vulnerabilities being zero-days means they are already being used in real life attacks.

Zero-days are a valuable commodity for cybercriminals since there are (until yesterday) no patches for the vulnerability and every unpatched system is another potential victim. Which is exactly why we advise to update your Chrome as soon as possible.

What is the problem that’s being fixed?

Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) list—a dictionary that provides definitions for publicly disclosed cybersecurity vulnerabilities and exposures. The goal of CVE is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services).

In this case, the two vulnerabilities were catalogued as:

CVE-2020-16013: Inappropriate implementation in V8. Sound familiar? V8 was also the subject of CVE-2020-16009 where researchers stated it must have something to do with the way the Chrome browser handles Javascript.

CVE-2020-16017: Use after free in site isolation. Site isolation is the feature that makes every website run in a separate process without interaction with each other. Each will be running in a sandbox which provides an additional line of defense. Use after free may indicate that after closing a site the memory location for it may not be freed up properly.

How do I install Chrome patches?

The easiest way to do it is to allow Chrome to update automatically, which basically uses the same method as outlined below but does not require your attention. But you can end up lagging behind if you never close the browser or if something goes wrong, such as an extension stopping you from updating the browser.

So, it doesn’t hurt to check now and then. And now would be a good time, given the zero-day vulnerabilities. My preferred method, which also allows me to keep track, is to have Chrome open the page chrome://settings/help which you can also find by clicking Settings > About Chrome.

If there is an update available, Chrome will notify you and start downloading it. Then it will tell you all you have to do to complete the update is Relaunch the browser.

What version do I need?

After the update, your version number should be 86.0.4240.198 or later. You will now be protected against the vulnerabilities. Google states that the stable channel has been updated to 86.0.4240.198 for Windows, Mac, and Linux which will roll out over the coming days/weeks. Also keep an eye on your Chromium based browsers (Opera, Edge, and others) since they may require updates as well.

Stay safe, everyone!

The post Hat trick for Google as it patches two more zero-days in Chrome appeared first on Malwarebytes Labs.

Categories: Techie Feeds

REVIEW: DALEKS! 01: The Archive of Islos – The Doctor Who Baddies Conquer YouTube!

Blogtor Who - Thu, 11/12/2020 - 21:04

Daleks conquer and destroy in the new animation from the Doctor Who: Time Lord Victorious team! But with the new Dalek Golden Emperor win fans’ hearts?   The Daleks are here! The long awaited animated Doctor Who spin-off DALEKS! has finally premiered on YouTube. And it is, in a word, glorious. And it’s a story […]

The post REVIEW: DALEKS! 01: The Archive of Islos – The Doctor Who Baddies Conquer YouTube! appeared first on Blogtor Who.

Categories: Doctor Who Feeds

BIG FINISH: Back to the 1970’s with The Third Doctor Adventures – Volume 7

Blogtor Who - Thu, 11/12/2020 - 20:35

As exclusively revealed in Doctor Who Magazine issue 558, the Third Doctor is returning on audio in May 2021, and he’s going to be reunited with some old friends. Expect epic UNIT action-adventure and classic base under siege tension in a brace of brand-new full-cast audio dramas based on two periods of the Jon Pertwee […]

The post BIG FINISH: Back to the 1970’s with The Third Doctor Adventures – Volume 7 appeared first on Blogtor Who.

Categories: Doctor Who Feeds

Surviving college distance learning during the pandemic: a cybersecurity guide

Malwarebytes - Thu, 11/12/2020 - 16:45

Social distancing, the wearing of face masks, practicing hand hygiene, and disinfecting often-touched surfaces have become human necessities during the pandemic era. For schools, they’ve also had to adapt quickly to incorporate distance learning methods that let students continue their studies.

But being in crisis management mode didn’t give higher educational institutions much time to think carefully and plan around issues concerning cybersecurity and privacy, even though it was a struggle for them pre-pandemic. The thing is, cybersecurity and privacy isn’t just a job for the school’s IT department, students and staff have a responsibility to stay secure, too, especially with distance learning in full or partial effect.

So, what’s the TL;DR version?

Wondering how to stay secure while in your online classes, or doing homework? Try a multilayered approach.

What do we mean by this?

In privacy and security, a multilayered approach is about using multiple methods of security. It’s considered the best way of protecting yourself, whether you’re an entity that wants to protect everything important that belongs to you or you’re a person who wants to keep their data safe. A multilayered approach is paramount because a single failure in one layer wouldn’t automatically lead to the complete breakdown of security.

So, how can you create security layers to stay protected while attending classes online and/or doing homework? Before we break that down, remember that these steps not only protect you, your machine, and your data from potential cyberattacks, it also protects others as a consequence, such as your school network and everyone else who connects to it.

Protect your device

Whether you’re using your own computer or one provided by your school, it’s vital that you:

  • Keep your device in a space where it can be physically safe and away from potential theft, or be accessed by other people in your home or flat.
  • When you need to step away from your computer, ensure that you lock your screen. You can do this by setting up a password—or, in some cases, a picture password—and never share it with anyone, so that only you can access your own machine.
  • Enable a firewall on your device.
  • Download and install endpoint protection if your school hasn’t provided this, and confirm it’s running in real time.
  • Ensure that all software installed on your device is up to date. And while you’re at it, uninstall software you don’t use as they could become security risks if you don’t update them.
  • Turn off your device when not in use.
  • Do non-school related browsing or other activities within a virtual environment. Using your personal computer for distance learning shouldn’t hinder you from using your computer like you normally do. But whether you keep school files on your computer or not, it’s best to get used to scrolling the internet within a virtual network in your personal time. This lessens the chances of you getting your computer infected if you encounter online threats.
Protect your Wi-Fi network

Whether you’re using your own internet or the Wi-Fi hotspot your school provided, it is vital that you:

  • Check you are not using your router or hotspot’s default admin credentials. Using them only makes it easier for those with ill intent to hack into your device and network.
  • And, while you’re there, ensure your router or hotspot is secured with a strong password—that’s at least 20 random characters long. These characters shouldn’t follow a pattern. If you don’t want to sweat this out, much less remember a complicated string without writing it down, a password manager can help you with these.
  • Set up a reminder to yourself to change your router or hotspot password. This will help keep potential attacks against these devices at bay. A password manager can come in handy here, too.
  • Turn on your router’s firewall.
  • Enable the highest encryption option available for your Wi-Fi hotspot/router, which could be the WPA2 (Wi-Fi Protected Access 2) or WPA3 (Wi-Fi Protected Access 2) protocol.
  • Change your default SSID (service set identifier), which is the network name broadcasted by your wireless router for your computer and/or device to see and connect to.
  • Keep your router/hotspot firmware updated.
  • Disable features that would allow any device that isn’t your own to connect to the school-provided hotspot. We’re referring to WPS (Wi-Fi Protected Setup) and UPnP (Universal Plug and Play) here.
Protect your school’s network

Infecting your school’s network—whether knowingly or unknowingly—is the last thing we want to happen. Both students and staff alike are expected to adhere to rules, which may look like the following, when connecting to a school network:

  • Whatever computing device you use for distance learning, make sure you scan it first with endpoint protection software before connecting to your school’s network.
  • Never download and run or share files that are of questionable origin. This includes email attachments.
  • Remain informed about the types of online threats students like you might encounter. This includes phishing attempts, scams, and ransomware infections.
Protect your data
  • Back up your data, especially if you’re using your own computer for studying.
  • Use two-factor authentication on your school-related accounts.
  • Use a virtual private network (VPN) when connecting to your school’s network.
  • Avoid reusing passwords.
  • Never share school-related account credentials with anyone.
Protect your virtual class sessions

A number of Zoombombing attacks have happened because students shared their Zoom details with third parties via a public, social space (think Discord, Reddit, Twitter, and even Instagram). And recordings of these Zoombombings have been floating around on YouTube and Twitch.

Please do not share your Zoom or other video communication software details to anyone. It might seem fun and that there’s “no harm done there really”—plus the class gets to be suspended for the day woo!—you’re not only hindering your other classmates from learning, you’re also getting yourself in trouble.

Understand that Zoombombing is a federal offense, and anyone found involved in such an act could be prosecuted and imprisoned. Nowadays, affected schools are encouraged to report any Zoombombing incidents to law enforcement, which may include the local or state police department and the FBI’s Joint Terrorism Task Force, to kickstart investigations. Here’s a great post containing tips on how to curb Zoombombing.

College cybersecurity is a student’s responsibility, too

Schools have the duty and responsibility to physically protect their students and staff from harm, especially during this ongoing pandemic. The same is true for ensuring that students have what they need to continue their studies in the best conceivable way they can. This includes protecting systems that house confidential information and financial data.

Yet some schools are unequipped to address every cybersecurity and privacy challenge they encounter, even before COVID-19 struck. In fact, they can only do so much. Students and staff must start recognizing their part in keeping their school network safe from cyberattacks.

Security is everyone’s responsibility. And there’s no better time than today to take this duty seriously.

The post Surviving college distance learning during the pandemic: a cybersecurity guide appeared first on Malwarebytes Labs.

Categories: Techie Feeds

Cracking The Spine - Quick Impressions of Games Workshop's Stormbringer rpg & The OSR

Swords & Stitchery - Thu, 11/12/2020 - 09:05
 Its been ages since the spine of my Games Workshop Stormbriner rpg was opened in this blog entry we're going to talk about some on the spot observations from the book. The Stormbringer rpg put out in 1987 by Games Workshop and Chaosium Inc. was typical of their collaberations of that era. Just on the cusp of the Golden era of Old Hammer Realms of Chaos & Realm of Chaos: The Lost and the Damned (Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs


Looking For Group - Thu, 11/12/2020 - 05:00

The post 1452 appeared first on Looking For Group.

Categories: Web Comics

WE’RE BACK! Doctor Who Series 13 Has Begun Filming!

Blogtor Who - Wed, 11/11/2020 - 21:39

BBC Studios have confirmed that Jodie Whittaker’s third season as the Doctor is underway! The Thirteenth Doctor is on her way back as filming for series 13 of Doctor Who is now underway. With Jodie Whittaker once again reprising her role as the Doctor, fans can look forward to seeing her on her adventures once […]

The post WE’RE BACK! Doctor Who Series 13 Has Begun Filming! appeared first on Blogtor Who.

Categories: Doctor Who Feeds

RegretLocker, new ransomware, can encrypt Windows virtual hard disks

Malwarebytes - Wed, 11/11/2020 - 20:20

Cybersecurity researchers discovered a new ransomware last month called RegretLocker that, despite a no-frills package, can do serious damage to virtual hard disks on Windows machines.

Through a clever trick, RegretLocker can bypass the often-long encryption times required when encrypting a machine’s virtual hard disks, and it can close any files currently opened by a user to then encrypt those files, too.

Chloé Messdaghi, vice president of strategy at Point3 Security, described RegretLocker as having “broken through the speed-of-execution barrier for encryption [of] virtual files.”

She continued: “[RegretLocker] actually seizes the virtual disk and is much faster in execution than previous ransomware attacking virtual files.”

Despite the ransomware’s state-of-the-art machinery, its appearance remains quite plain.

RegretLocker does not offer its victims a lengthy ransomware note—a common practice for many ransomware types today—and it asks victims to contact threat actors through an email address. That email address is hosted on CTemplar, which, according to Silicon Angle, is an anonymous email hosting service based in Iceland.

The short note that victims receive, titled “HOW TO RESTORE FILES.TXT” contains the following text:

“Hello, friend.

All your files were encrypted.

If you want to restore them, please email us : petro@ctemplar.com”

As of Tuesday, our threat intelligence team only knew of one in-the-wild reported sample, with no known or reported victims. However, this ransomware should still be watched because of its ability to quickly encrypt virtual hard disks, a potential breakthrough in ransomware capabilities.  

Often, ransomware avoids any attempts to encrypt virtual disks found on machines because those virtual disks can be enormous in size, and the time to encrypt those files would simply delay the ransomware’s purpose—to get into a machine and lock it up.

RegretLocker treats virtual disks differently, though. It utilizes the OpenVirtualDisk, AttachVirtualDisk, and GetVirtualDiskPhysicalPath functions to mount virtual disks as physical disks on Windows machines. Once the virtual disk has been mounted, RegretLocker encrypts the disk’s files individually, which speeds up the overall process.

RegretLocker’s virtual hard disk mounting capabilities potentially came from research that was recently published on GitHub by the security researcher smelly__vx. The researchers at MalwareHunterTeam also analyzed a sample of RegretLocket and found that it can run offline as well as online.

Further, RegretLocker can tamper with the Windows Restart Manager API to terminate active programs or Windows services that keep files open. According to IT Pro Portal, the same API is utilized by other ransomware types, including Sodinokibi, Ryuk, Conti, Medusa Locker, ThunderX, SamSam, and LockerGoga. Files encrypted with RegretLocker use the .mouse extension.

Malwarebytes users should know that we protect them from this new threat, as shown below.

The post RegretLocker, new ransomware, can encrypt Windows virtual hard disks appeared first on Malwarebytes Labs.

Categories: Techie Feeds

OUT TOMORROW: Doctor Who Magazine Issue #558 – The Collectables Issue

Blogtor Who - Wed, 11/11/2020 - 17:30

Doctor Who Magazine celebrates the show’s best-loved collectables, plus there’s an exclusive Series 13 update from Chris Chibnall in the latest issue, out tomorrow (Thursday 12th November) The newest issue of Doctor Who Magazine has been billed as ‘The Collectables Issue‘. It features an 18-page celebration of Doctor Who‘s best-loved collectables, which explores a whole host […]

The post OUT TOMORROW: Doctor Who Magazine Issue #558 – The Collectables Issue appeared first on Blogtor Who.

Categories: Doctor Who Feeds

GFL – Page 0039

Looking For Group - Wed, 11/11/2020 - 17:23

Grouping For Looks is a page-by-page retelling of the Looking For Group saga through the lens of a mirror universe where Cale is a goateed tyrant and Richard is a holy soul trying to set him on a good path. […]

The post GFL – Page 0039 appeared first on Looking For Group.

Categories: Web Comics

Insights & Inspirations From Different Worlds issue #31 'The Bastions of Balo' by Ken St. Andre For The Stormbringer Rpg

Swords & Stitchery - Wed, 11/11/2020 - 16:52
  In Different Worlds issue #31 'The Bastions of Balo' by Ken St. Andre  things got very hairy & wooly for our group of cut throa umm adventurers. Different Worlds issue #31 'The Bastions of Balo' how shall we put this nicely?! A nasty little Stormbringer adventure wrapped in a velvet glove. This is another one of those let's strip the PC's down to the bare essentials & see if they can survive Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs


Subscribe to Furiously Eclectic People aggregator