Feed aggregator

It's Splintered April

The Splintered Realm - Sat, 03/30/2019 - 12:45

This April, I’ll be releasing not one, not two, not three, but FOUR updates for Tales of the Splintered Realm. Each of these 8-page supplements will be a pay-what-you-want expansion for the niftiest RPG ever inspired by the niftiest RPG ever. Each of these will be released on consecutive Saturdays, starting with April 6:
Module B1: 66 Dungeon Dwellers. This ain’t your momma’s monster manual. (unless your mom is THAT cool). Drops on Saturday, 4/6.
Module C1: Trove of Treasures. A list of treasures. A percentile die. Fo sho. Drops on Saturday, 4/13.
Module D1: Into the Lost Halls. It’s a big dungeon. We’re just living in it. Drops on Saturday, 4/20.
Module E1: Against the Goblins. These goblins are bat poop crazy. That’s probably from the bat poop. Drops on Saturday, 4/27.

Using The Castles & Crusades Monsters and Treasure book & The Siege Engine For An A.Merritt Lost World Campaign Gap

Swords & Stitchery - Sat, 03/30/2019 - 00:25
So today's been one of those days where I've taken a step back & been looking into the frame work of my campaign. Last night I popped a beer & had a phone call with an old friend about my Victorious rpg /Amazing Adventures! Rpg campaign. His recommendations were very interesting to say the least.So out comes Castles & Crusades Monsters & Treasure  & we start going over the ins & outs of someNeedleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

Palladium offers the Megaverse!

Gamer Goggles - Fri, 03/29/2019 - 16:30

The Megaverse® Insider is back!
– A gonzo, Limited Time Pre-Sale Offer – Rifts® Bestiary™ Vol. One

People enjoyed our past Megaverse® Insider Offers, so we decided to do one for Rifts® Bestiary™ Vol. One and other select, upcoming titles that deserve star treatment, like Rifts® Bestiary™ Vol. Two in a few months, and possibly others.

What is a Megaverse® Insider Offer?

Besides fun and unique opportunities for you, the Rifts® Bestiary Megaverse® Insider gives you the chance to get one or more of the following depending on which bundle(s) you purchase. But do it fast because you only have about 2 weeks before this deal ends. Available only at PalladiumBooks.com in the online store!

  Your name listed as a supporter in the finished published book.

The chance to acquire an advance PDF before it is offered to the public.

The chance to purchase one or two limited edition collector hardcovers available ONLY via this Megaverse® Insider offer, and limited in number to those purchased by Insiders plus some extra; see full details below.

Bundle deals with all kinds of extras, see full details below.

Unique opportunities the likes of which you rarely see anywhere. Many are very limited in number due their uniqueness and limited availability.
– Your name listed as an unstatted character in the book.
– The acquisition of original artwork/concept sketches.
– Name a monster and more.

ALL of these items are only available during the short TWO WEEKS that we are offering them. Most will NEVER BE OFFERED AGAIN for that product. THIS IS YOUR ONLY CHANCE TO GET MANY Of THEM. Offer ends April 8, 2018. And some bundles are very limited.

Many items, like the two hardcover editions, should become instant collectibles worth more than what you paid for them. Why? Because if our Megaverse Insiders only purchase 220 copies, or 50 copies, then that (plus a few dozen for staff, friends and special promotions) is ALL we are printing. There are no more to be printed. Not ever. This is it. ONLY those of you Insiders who buy one or two (plus the few dozen extra for Palladium’s own use) have a copy of that super-rare, super-limited, exclusive hardcover!

That makes you a true “insider” and the item special and rare. Since this is the only print run and there are so few printed, the resale market value should be instantly more than what you paid for it. The Palladium RPG® Crimson Hardcover and the original Rifts® Gold Hardcover sell for $300-$600 on the collectors’ market, and they had press runs of 500 and 600 copies, respectively. (FYI: The Rifts® Ultimate Gold Edition had a press run of 1,500 copies and it still regularly commands three and four times the original selling price.) Note: We may also do a limited Gold Edition available to the public, separate from the two super-limited hardcovers in this Insider offer, or not. Haven’t decided yet.

The Megaverse® Insider is hosted right here on the Palladium Website. You make advance purchases of select items, bundles, and special opportunities the same as any Palladium product in our online store.

One last thing, please spread the word to your gaming friends and post about it online wherever you can think of. We are only advertising this to YOU – our Palladium fans and insiders – and the offer is for a very short time: Now thru April 8, 2019. Become a Megaverse® Insider.

– Kevin Siembieda, Publisher and Your Inside Man

The Rifts® Bestiary™ Volume One

This is the first big “Monster Book” reference ever done for Rifts®. Rifts® Bestiary™ Volume One collects nearly 100 animals, and offers more than a dozen new beasts found across North America. Presented in alphabetical order with the first third or half appearing in the 224-256 page Volume One, and the rest appearing in Volume Two. Actually, we may need a Volume Three because there are so many monsters and exotic animals in Rifts North America alone! Each highly detailed and expanded, offering adventure ideas, and accompanied with a map that shows were they can be encountered, at a glance.

Rifts® Bestiary™ Volume One is nearing completion. There are only the last couple dozen creatures requiring updating and final writing, the finishing of the maps for each, then layout and printing. As soon as it arrives back from the printer, we ship it to you!

All upcoming Rifts® Bestiary™ books will be great resources for players and G.M.s alike, with creatures that can be used as familiars, pets, riding animals, guard animals, and in some cases, even unlikely allies. Others are slobbering monsters or ravenous predators who include humans and D-Bees among their prey. All will give you plenty of spice to add to your characters and adventures. And each has a map that shows at a glance exactly where to find these beasts.
Monsters and animals of Rifts North America organized into two (maybe three) big, easy to use sourcebooks.
  Updated descriptions and information for existing monsters.
  Updated and uniform stat blocks.
  New predators, exotic riding animals, beasts of burden, alien horrors, giant insects and more.
  A map for every creature showing where it is found.
  Easily adapted to any Palladium setting; basic S.D.C. stats included for each creature description.
  Fully illustrated, with art by Charles Walton II, Ramon Perez, Siembieda and many others. Written by Kevin Siembieda.
  224-256 pages each volume – No. 896 (Volume One) – in final production. April release.

ORDERING Megaverse Insider

You order Insider items and bundles exactly the same way you would place an online order for a game or sourcebook from our store. Each item has its own catalog number, price and page in the Palladium Books store. Note: Some higher tier items are limited in number, we hope you understand. For telephone orders, call 734-721-2903 (order line only).

You can order as many different items as you’d like, and you can place multiple orders for the same item. Only a few of the high-end bundles that offer one-of-a-kind art or limited items or opportunities are limited to one or a dozen.

PLEASE NOTE these Important Ordering Details:

1. The regular softcover edition of Rifts® Bestiary™ Vol. One is NOT one of the items available in the Rifts® Bestiary™ Vol. One Megaverse Insider Offer, because it has been and will continue to be offered all the time at cover price. Only Megaverse® Insider items are available through this limited time offer. If you want the softcover, please place your order as usual.

2. Rifts® Bestiary™ Vol. One “Softcover” Pre-Orders: Many of you have already pre-ordered a copy of the mass market, softcover edition of Rifts® Bestiary™ Vol. One. That is awesome and we are counting on those sales. If your purchase of an Insider Item means you intend to CANCEL your pre-order (and we hope you don’t), PLEASE contact us by email or telephone to let us know before April 21, 2019. Otherwise, ALL pre-orders will be processed and charged as usual when the book is ready to ship in a few weeks. Thank you.

3. Credit Card Processing. All Insider purchases will be charged to your card as soon as the order is placed. HOWEVER, it may be several weeks before your entire purchase arrives.

4. Product Shipping. Many items, such as the limited edition hardcover editions, may not ship until a few weeks (2-4) after the regular, mass market, softcover edition ships, because it takes longer to print and bind hardcover books.

Insider items purchased as a “bundle” – which means they include several items for the price – will not ship until ALL items are available. We will ship everything as quickly as possible. Note: The regular softcover edition is not part of the Megaverse Insider offer, and it will ship as soon as it arrives in the Palladium warehouse.

5. Shipping Costs: As usual, the purchaser pays shipping. Cost varies by the weight of the items purchased and the shipping method you choose. We suggest UPS Ground, especially if you are getting hardcovers and artwork.

6. Items Lost in the Mail is YOUR risk. Since many of the items are being “made to order,” there are few additional copies to replace any that might be lost in the mail or damaged. Use a reliable shipping method. Likewise, original art and other one-of-a-kind items, or few-of-a-kind-items, may be impossible to replace. Note: Palladium Books will NOT refund any order, nor replace any product lost or damaged, when shipped via “Media Mail” – the purchaser assumes ALL risk. Media Mail is the least expensive method of shipping, but is also the least reliable, and it takes the longest time to arrive (3-12 days in the USA).

Palladium has found UPS Ground to be the most reliable method of shipping. It is automatically insured for $100, takes 2-5 days to arrive (does not include weekends), and can be traced every step of the way. For customers in the United States, it is worth the extra few dollars, especially for hardcovers and concept art. First Class Mail and Priority Mail are also very reliable.

7. We will post in Weekly Updates, on the Palladium website and email updates on the availability of items in this Megaverse® Insider Offer.

Available Megaverse® Insider Products and Bundles for Rifts® Bestiary Volume One – Offer ends April 8, 2019

Insider Opportunities for Rifts® Bestiary™ Vol. One

Inside Help: $5 – Cat. No. 12031

Inside Help gets your name listed under “Inside Help” in the Insider Acknowledgment section of the book. The Purchaser can list his or her own name or submit the name of a fellow player, Game Master, friend, child, sibling, spouse, parent, or loved one he or she would like to acknowledge. EACH name is a separate purchase and costs $5. Real names only, and it must be the first and last name, e.g. John Smith. Note: You do not get a copy of the book with this purchase. The book is a separate purchase. All listings of Insider names shall remain in print for the life of the book, including reprints, for at least as long as Kevin Siembieda is the owner and publisher of Palladium Books. (Which we anticipate to be decades.) There is no shipping cost for this item.

In Memoriam: $5 – Cat. No. 12032

You can list the name of a loved one who has passed away recently or long ago, but whom you’d like to acknowledge. This can be a fallen friend, Game Master, player, parent, sibling or other loved one. Their name gets listed under “In Memoriam” in the Insider Acknowledgment section of the book.

As an Insider, we trust that you will respect the sanctity of this category and not list the living nor submit the name of fictitious characters as a practical joke. It is impossible for Palladium to verify the truth of this submission, so we are trusting the sincerity and truthfulness of the purchaser. Do not list the name of characters you wish were dead. Offenders will be banned from future purchases of ANY Insider Offers. Note: You do not get a copy of the book with this purchase. The book is a separate purchase. There is no shipping cost for this item.

A “Real” Character Tribute: $10 – Cat. No. 12033

The name says it all. You can list the name of one of YOUR favorite fictional RPG characters (not a literary character from a book, comic or film – but a fictional game character) you have played or one of your fellow gamers has played that you’d like acknowledged. Your character’s name will get listed under “A Real Character Tribute” in the Insider Acknowledgment section of the book. Note: You do not get a copy of the book with this purchase. The book is a separate purchase. There is no shipping cost for this item.

Cyber-Insider (PDF of book only): $16 – Cat. No. 12034

You get your name listed under “Cyber-Insider” in the Insider Acknowledgment section of the printed book, and a PDF copy (not the print copy) around the time that the physical book will ship from the Palladium warehouse. There is no shipping cost for this item.

ONLY INSIDERS have the opportunity to get this bookmarked PDF of this book around the same time the printed book ships! This is the only way to get a PDF of this new release from Palladium for six months or longer, and the offer is only available for a limited period of time as part of the Megaverse Insider offer. It will NOT be made available as a PDF by any other means, nor elsewhere, for at least six months and probably longer. And it will cost a few bucks more when it does become available. Note: This is one of the things that makes you an “Insider” – you have the opportunity to get stuff not available to the average gamer, during a limited window of time while we are raising funds.

Please, we ask that you do NOT share, distribute or post the Insider PDF anywhere, as it defeats the whole purpose of being a Megaverse® Insider and it can hurt, rather than help, Palladium. Thank you so much for your support!

Palladium Insider: $50 (Limited Hardcover Edition – Color Cover) – Cat. No. 12035

1. You get your name listed under “Palladium Insider” in the Insider Acknowledgment section of the published book.
2. The $50 Collector’s, Super-Limited, Hardcover (color cover): This handsome hardcover edition has the same interior pages and same color cover art as the softcover, but a red color logo to set it apart. It is likely to ship 2-4 weeks after the softcover as it takes longer to get hardcover editions printed and bound.

What makes this hardcover edition truly special is that we print only what you order (plus a few dozen extra for staff and promotion). That means if we get 218 orders, we only print 218 copies of this book (plus 48 additional for Palladium staff, friends and special promotions). If the number is 135, we print 135 (plus 48 additional). It is hard to get much more LIMITED and special than this. And you own one of the very few in existence, because you’re a Megaverse® Insider. This book is only available via this Megaverse Insider offer. When the offer ends after April 8, 2019, no new ones will be printed. Note: This book is not numbered or signed.

Crimson Beast Insider: $75 (Signed and numbered – Crimson Collector’s Hardcover Edition) – Cat. No. 12036

You get the following:

1. Your name listed under “Crimson Beast Insider” in the Insider Acknowledgment section of the published book.
2. The Crimson Beast Super-Limited Collector’s Hardcover: A black leatherette with “red” foil printing on the front cover and spine (think gold edition printed in red foil instead of gold), and it is signed and numbered by the available Palladium staff. Otherwise, the book has the exact same interior as the softcover. It is likely to ship 2-4 weeks AFTER the softcover as it takes longer to get hardcover editions printed and bound.

Only Insiders who pay $75 or more get this book, which should keep the number printed low (in the past, under 400 copies). Also, we print only what you order (plus a few dozen additional for staff, friends and special promotions). That means if we get 270 orders, we only print 270 copies of this book (+48 for Palladium staff, friends and special promotions). If the number is 65, we print 65 (+48 extra). It doesn’t get more LIMITED than this. And you own one of the very, very few signed and numbered Crimson Beast Editions in existence because you are a Megaverse Insider. This book is available only via this Megaverse® Insider offer. The Crimson Edition will NEVER be reprinted. This is it. Note: This book is numbered and signed by available Palladium staff.

Enhanced Crimson Beast Insider: $90 (Crimson Beast Edition + PDF) – Cat. No. 12037

You get the following:

1. Your name listed under “Enhanced Crimson Beast Insider” in the Insider Acknowledgment section of the book.
2. The PDF of Rifts® Bestiary Vol. One.
3. The Rare and Super-Limited “Crimson” Hardcover, SAME AS ABOVE. A black leatherette with “red” foil printing on the front cover and spine (think gold edition printed in red foil instead of gold), and it is numbered and signed by available Palladium staff. Otherwise, the book has the exact same interior as the softcover and hardcover with the color cover. It is likely to ship 2-4 weeks AFTER the softcover as it takes longer to get hardcover editions printed and bound. This book is available only via this Megaverse® Insider offer. The Crimson Edition will NEVER be reprinted. This is it. Note: This book is numbered and signed by available Palladium staff.

Top Insider: $145 (Both hardcover books, signed, PDF, dragon head sketch, print) – Cat. No. 12038

You get the following:

1. Your name listed under “Top Insider” in the Insider Acknowledgment section of the book.
2. The PDF of Rifts® Bestiary Vol. One.
3. The $50 Super-Limited hardcover edition with the color cover, as described under Palladium Insider, above, except it will be signed by available Palladium staff.
4. The $75 Signed and Numbered Super-Limited Edition “Crimson Beast” Collector’s Hardcover, as described under Crimson Beast Insider, above.
5. BOTH hardcover books are autographed by Kevin Siembieda and available Palladium staff (and possibly a few freelancers).
6. Kevin Siembieda will draw a small, dragon head sketch on the credits page of your Crimson Beast Edition.
7. A signed, limited edition print of the cover by artist Chuck Walton, signed by Chuck Walton and Kevin Siembieda; 8½ x 11 inch size.

Ultimate Insider: $200 – Cat. No. 12039 – (Both hardcover books signed, PDF, Siembieda dragon head sketch, Walton monster sketch in book, 5 prints, 2 Raw Editions)

You get the following:

1. Your name listed under “Ultimate Insider” in the Insider Acknowledgment section of the book.
2. The PDF of Rifts® Bestiary™ Vol. One.
3. The Super-Limited Edition Hardcover with the color cover. Signed.
4. The Super-Limited Edition “Crimson Beast” Collector’s Hardcover. Numbered and signed.
5. Both hardcover books are signed by Kevin Siembieda and available Palladium staff (and possibly a few freelancers).
6. Kevin Siembieda will draw a large dragon head sketch (black and white) inside your Crimson Edition Hardcover.
7. Chuck Walton will draw a small creature sketch on the credits page of your Crimson Edition.
8. A signed, limited edition print of the cover by artist Chuck Walton, signed by Chuck Walton and Kevin Siembieda; 8½ x 11 inch size.
9. Four prints of as yet “unseen” artwork from one or more upcoming Palladium releases signed by Publisher Kevin Siembieda. May be reproductions of finished illustrations or concept art.
10. Signed Raw Preview of Titan Robotics AND Garden of the Gods. Both signed by Kevin and available staff.

Benefactor: $500 (Limited to a total of 12 Benefactors) – Cat. No. 12040 – (Both hardcover books signed, PDF, Siembieda dragon head sketch, Walton monster sketch in book, something Top Secret, 10 prints, your name as an unstatted character in the book, AND an original concept art sketch)

You get the following:

1. Your name listed under “Benefactor” in the Insider Acknowledgment section of the book.
2. The PDF of Rifts® Bestiary™ Volume One.
3. The Super-limited edition hardcover with the color cover, signed.
4. The Super-Limited Edition “Crimson Beast” Hardcover of the book, signed.
5. BOTH hardcover books are signed by Kevin Siembieda and available Palladium staff (and possibly a few freelancers).
6. Kevin Siembieda will draw a large dragon head sketch in both hardcover editions.
7. Chuck Walton will draw a creature sketch on the credits page of your Crimson Beast Hardcover.
8. Two signed, limited edition prints of the cover, one color and one black and white of the pencil drawing, both by artist Charles “Chuck” Walton, both signed by Chuck Walton and Kevin Siembieda; 8½ x 11 inch size. Two signed and numbered, limited edition prints by artist Chuck Walton, signed by Chuck Walton and Kevin Siembieda; 8½ x 11 inch size.
9. Eight prints of as yet “unseen” artwork from one or more upcoming Palladium releases, each signed by Publisher Kevin Siembieda (may be reproductions of concept art or actual art slated for publication).
10. Top Secret – For Your Eyes Only: An unfinished, unedited, advance excerpt from an upcoming release – may be some of Carmen Bellaire’s additions to Rifts® Antarctica.
11. YOUR NAME as an unstatted character in the book. This would be something like “Coalition Scientist Kerry Wilkinson theorizes that monster X is …” or “First reported by Wilderness Scout Eric Smith …”
12. Benefactor Bonus: One original, preliminary sketch or concept drawing (original art) of a creature that appears in Rifts® Bestiary™ Volume One or Volume Two. The original art is by Charles “Chuck” Walton. The “sketch” is a cool, one-of-a-kind piece of original art, but is NOT the finished drawing as it appears in the book. Signed by Chuck Walton and Kevin Siembieda.

Ultimate Benefactor: $1,400 (Limited to ONE!) – Cat. No. RB-UB1 – (Both hardcover books signed, PDF, Siembieda dragon head sketch, Walton monster sketch in book, something Top Secret, 10 prints, your name as an unstatted character in the book, 2 original concept art sketches – the original pencil art of the cover – AND you get to create a creature to appear in Rifts® Bestiary Two!)

There can be only one! Which means you get all of the items in the Benefactor’s package, PLUS one piece of original concept art AND the finished original pencil artwork for the cover to Rifts® Bestiary Volume One. AND MORE! Read Number 8, 11, 12, 13 and 14 for the details.

1. Your name listed under “Ultimate Benefactor” in the Insider Acknowledgment section of the book.
2. The PDF of Rifts® Bestiary™ Volume One.
3. The Super-Limited edition hardcover with the color cover, signed.
4. The Super- Limited Edition “Crimson Beast” Hardcover of the book, signed.
5. BOTH hardcover books are signed by Kevin Siembieda and available Palladium staff (and possibly a few freelancers).
6. Kevin Siembieda will draw a large dragon head sketch in both hardcover editions.
7. Chuck Walton will draw a creature sketch on the credits page of your Crimson Beast Hardcover.
8. Two signed, limited edition prints of the cover, one color and one black and white of the pencil drawing, both by artist Charles “Chuck” Walton, both signed by Chuck Walton and Kevin Siembieda; 8½ x 11 inch size. Two signed and numbered, limited edition prints by artist Chuck Walton, signed by Chuck Walton and Kevin Siembieda; 8½ x 11 inch size.
9. Eight prints of as yet “unseen” artwork from one or more upcoming Palladium releases, each signed by Publisher Kevin Siembieda (may be reproductions of concept art or actual art slated for publication).
10. Top Secret – For Your Eyes Only: An unfinished, unedited, advance excerpt from an upcoming release – may be some of Carmen Bellaire’s additions to Rifts® Antarctica.
11. YOUR NAME as an unstatted character in the book. This would be something like “Coalition Scientist Kerry Wilkinson theorizes that monster X is …” or “First reported by Wilderness Scout Eric Smith …”
12. One original, preliminary sketch or concept drawing (original art) of a creature that appears in Rifts® Bestiary™ Volume One or Volume Two. The original art is by Charles “Chuck” Walton. The “sketch” is a cool, one-of-a-kind piece of original art, but is NOT the finished drawing as it appears in the book. Signed by Chuck Walton and Kevin Siembieda.
13. Ultimate Benefactor Bestiary Cover Art: You get the fabulous, finished, pencil drawing of the Rifts® Bestiary™ Volume One cover. Original 14 x 17 inch art, on bristol board, signed by Charles “Chuck” Walton and Kevin Siembieda. WOW!
14. ULTIMATE BONUS! Name and create a BEAST for Rifts® Bestiary™ Volume Two! You – yes, you – get to name and create one of the monsters to appear in Rifts Bestiary™ Volume Two! Requirements and Conditions:
a) The name must be original and cannot infringe on existing copyrights and trademarks. A name that is similar to someone else’s I.P. may be altered by Palladium Books, or we may require you to come up with a new name.
b) You present to Palladium Books by May 10, 2019, either a fully written and statted out creature – OR – a general description/creature concept/outline to be statted, fleshed out and written by Kevin Siembieda and illustrated by Charles Walton or other Palladium artist. Note: UNDER ALL CIRCUMSTANCES, Palladium Books, in its sole discretion, has the right to change and rewrite your “beast” as it deems necessary or desirable, possibly changing stats, details and writing from small portions or all of it. AND the name must fit within the alphabetical order of creatures in Bestiary Two.
c) Your real name will be credited as the co-creator of this creature on the page the monster’s description appears, and on the Credits page under Additional Writing and Ideas.
d) Yes, you and your creature concept will become an “official” part of the Rifts® legacy.
e) LEGAL TERMS AND CONDITIONS: You willingly agree to relinquish and assign ALL rights to said creature, its name, description and concepts, to Palladium Books, in perpetuity, and agree to sign any document we may require. Thank you.

Copyright 2019 Palladium Books Inc. All rights reserved.
Rifts®, The Rifter®, RECON®, Splicers®, Powers Unlimited®, Palladium Books®, The Palladium Fantasy Role-Playing Game®, Phase World®, Nightbane®, Megaverse®, The Mechanoids®, The Mechanoid Invasion®, Coalition Wars®, Chaos Earth®, Dead Reign®, and After the Bomb® are Registered Trademarks of Palladium Books Inc.; Rifts® Bestiary, Beyond the Supernatural, Coalition States, Heroes Unlimited, Ninjas & Superspies, Minion War, Mysteries of Magic, SAMAS, Thundercloud Galaxy, Three Galaxies, Vampire Kingdoms, and other published book titles, names, slogans and likenesses are trademarks of Palladium Books Inc., and Kevin Siembieda.

This press release may be reprinted, reposted, linked and shared for the sole purpose of advertising, promotion and sales solicitation.

Categories: Tabletop Gaming Blogs

Families Who Knit Together – Teaching Children To Knit: Guest Post by Grace Carter

Moogly - Fri, 03/29/2019 - 15:00

Today I have a guest post from Grace Carter – all about teaching kids to knit! Passing on our skills and love of yarn is such a wonderful thing! Families Who Knit Together – Teaching Children To Knit Finding a hobby that you can enjoy with your children is a beautiful thing. Not only are [...]

The post Families Who Knit Together – Teaching Children To Knit: Guest Post by Grace Carter appeared first on moogly. Please visit www.mooglyblog.com for this post. If you are viewing this on another site they have scraped the content from my website without permission. Thank you for your support.

2
Categories: Crochet Life

Awakening the beast: BatMobi adware

Malwarebytes - Fri, 03/29/2019 - 15:00

On February 12, a patron of the Malwarebytes Forum alerted us of an issue with ad redirects that seemed to come out of nowhere. An outcry from other commenters filled the forum thread, all experiencing the same redirects to the same exact websites. Our web protection team traced the offending websites back to the culprit—the adware known as BatMobi.

What is BatMobi?

BatMobi is an Advertisement Software Development Kit (Ad SDK), which is essentially a software library that connects applications to ad networks. Developers insert Ad SDKs into their apps’ code to gain revenue through ads. Thus, they can offer their apps for free and still make money. Most variants of BatMobi were clean and safe to use—until recently.

Based on a Reddit post about the sudden web redirects on January 21, it appears these “clean” versions of BatMobi turned into mobile adware around mid January. Adware is a subcategory of Potentially Unwanted Programs (PUPs), which means it hangs around the fringes of bad behavior and often results in poor user experiences. Furthermore, BatMobi has always had a slightly more aggressive version we consider low-level adware. We detect this as Android/Adware.BatMobi.

Triggered by Google Play

An interesting component of this newly seen BatMobi variant is the location in which it was popping up ads—Google Play. Forum patrons verified the ads were popping up whenever an app was updating or installing in Google Play. BatMobi is using Chrome Custom Tabs within its code to open websites in Google Play whenever it was triggered by these events. Although the websites being redirected to are relatively safe sites, they are an unwanted nuisance for the user—exactly what we consider adware.

Tracking down the beast

Usually, pinpointing the source of an adware app on a customer’s device is simple, especially when knowing the adware variant, as in this case. Thanks to all the great Malwarebytes forum participants, I had a large set of data to work with in the form of what we call Apps Reports.

This is a list of apps along with data about their MD5, package name, and other components to assist tracking down infections. Even with all the data, finding BatMobi was a nightmare: It hides deep within an app’s code, in different apps on each user’s device, and no other mobile anti-malware vendors detect it. Nevertheless, I was able to make some headway and find a couple of patterns of infection. Here were my findings.

Uptodown

The search started with the third-party app store Uptodown. More specifically, apps that download videos from YouTube, such as Videoder, Video Downloader, Snaptube, and TubeMate were delivering ads to users the most. These apps all come with hidden versions of BatMobi.  Removing these apps solved the issue for many, but still it persisted for others.

Click to view slideshow. Mi Mobile

Another component that further complicates detecting and removing BatMobi is that we found it on apps pre-installed on Mi Mobile devices—specifically, the Xiaomi Redmi Note 5. The infected apps are as listed:

Package name: com.mi.android.globalpersonalassistant
App name: App vault 

Package name: com.android.providers.downloads.ui       
App name: Downloads

Please note that not all versions of these apps have BatMobi nor do all Xiaomi Redmi Note 5 devices—only a select few.  Detections are in place in Malwarebytes for Android to alert users of its presence.

If you are having issues with adware on pre-installed apps, you can follow our removal instructions for disabling or uninstalling.

Warning: Make sure to read Restoring apps onto the device (without factory reset) in the rare case you need to revert/restore apps.

Use this/these command(s) during step 7 under Uninstalling Adups via ADB command line to remove:

adb shell pm uninstall -k –user 0 com.mi.android.globalpersonalassistant
adb shell pm uninstall -k –user 0 com.android.providers.downloads.ui

Still unknowns

Even after finding two dominant sources of the Batmobi infection, there are still cases left unsolved. You see, as suddenly as the ads appeared, they abruptly stopped in early March.  Without active cases to see if removing apps will remediate or not, finding these deeply hidden BatMobi variants has become nearly impossible. I’m confident that there are versions still on Google Play, but finding them now is searching for a needle in millions of haystacks.

The scary reality of Ad SDKs

Technically, since these hidden BatMobi variants no longer trigger ads inappropriately, they are no longer considered adware. I suppose that’s the good news. My assumption is that BatMobi made a change on their servers without warning, thus triggering the ads in January. But we don’t know why there was an abrupt stop in March. What happened? Maybe an overwhelming amount of complaints to BatMobi caused a change of heart?

This all leaves us with an uneasy feeling about Ad SDKs. It highlights their power to switch from clean and safe to adware overnight. It’s a scary reality to have code lay dormant in legitimate apps that can turn malicious so quickly. I reiterate that yes, these website redirects were to relatively safe sites, but the potential for worse is present.

Developers beware

The last thing a developer wants is for their app to be on an anti-malware scanner’s adware list without warning. In the past, we have seen ad companies clearly move from legitimate to serving adware, becoming overly aggressive with data collection and/or aggressively pushing ad content, as in the case above. However, in those cases it was easy to make a clear cut distinction of the cause of infection. This time, its much more unclear which components were causing the issue, and so much is still left unknown.

Unfortunately, finding an Ad SDK that developers can trust is an ongoing challenge. All we can say is do your research and choose wisely. If an Ad SDK has any variants that are considered adware, as with BatMobi, it’s a wise decision to stay clear.

Stay safe out there!

The post Awakening the beast: BatMobi adware appeared first on Malwarebytes Labs.

Categories: Techie Feeds

On Henchman 1 & 2

Hack & Slash - Fri, 03/29/2019 - 12:00
These are 4x6 cards that contain possible henchmen for player characters.


Hack & Slash FollowGoogle +NewsletterSupportDonate to end Cancer (5 Star Rating)

Categories: Tabletop Gaming Blogs

Link Love: My Favourite Things This Week

Knitted Bliss - Fri, 03/29/2019 - 11:00

www.knittedbliss.com

My Favourite Articles and Links This Week I adore this – a typewriter is set up at the Grand Canyon. What we did before the internet. Instead of March Madness (a US college basketball thing), the internet presents…. March Sadness. Totally made me laugh. The long, strange history of novelists who become spies. This actually makes

The post Link Love: My Favourite Things This Week appeared first on %%www.knittedbliss.com%%.

1
Categories: Knitting Feeds

Dungeons of High Camp Revisited

Sorcerer's Skull - Fri, 03/29/2019 - 11:00
Art by Jim Holloway
This is an update to a post from 2017, originally conceived as I was reading Hero A Go-Go by Michael Eury. That book chronicles superhero comics' response (and influence on) 1960s camp pop culture. It's a combination that didn't always work well; many of the works now seem more goofy kitsch perhaps, and some are really just unfunny parody of superheroes. Still, when it works there is a certain charm to a lot of folks, as the revival comics Batman '66 and Wonder Woman '77 indicate.

I wonder why there hasn't been as much of a concerted attempt at published camp works for Dungeons & Dragons? Certainly, farcical humor abounds at the gaming table, and a number of comedic adventures have been written (a lot illustrated by Jim Holloway), in fact a couple of my Hydra colleagues have been taken to task for humorous elements in their work. There are, of course, humorous illustrations in the older AD&D books. But as far as I know, there has never been a camp setting or camp-informed setting--unless maybe HackMaster counts? Maybe it's just too difficult an approach to sustain well throughout a written project?

I should back up a bit here and define what I mean by "camp," since it's not a term with a universal, clear definition. What I mean in this case, is not the farce or cheese, but a sort of knowing amusement. An "engaged irony." As Isherwood would have it: "you’re not making fun of it; you’re making fun out of it." The "it" in our case being elfgames.

The settings of some OSR-related folks seem to me to have elements of camp without going all-in: Jason Sholtis' Operation Unfathomable, Chris Kutalik's Hill Cantons, some of Jeff Reints stuff, and my own Mortzengersturm. Dungeon Crawl Classics with its "airbrushed wizard van" elements could be taken as camp, but I'm unsure whether that is the intention.

Art by Jim Holloway

A Guide to the Ultimate Grim Dawn Expansion

Hack & Slash - Fri, 03/29/2019 - 04:29
We live in a golden age of games.

There's so many and so much, that it's overwhelming. There's more content than there are hours in a human lifetime to consume it. It is a massive ecosystem dominated by toxic and exploitive baron-companies.

A lot of very smart people I know decided that playing video games takes too much. Games can unbalance a life pretty quickly. World of Warcraft is related to the concept of a poop sock.

Maybe twice a year I mess around with a new game for a few dozen hours? That type of entertainment is like a movie. I talk about it with my friends, it's an interesting and fun diversion.

But I use video games for other things. I'm very productive. I'm appropriately medicated. Puzzles and mindless tasks help me both think and cope.

Let me repeat that. A portion of my ability to cope with life is in doing tasks that are focused around self care. Given free reign to do whatever I want, I spend between 30-90 minutes daily engaged in activities to help myself stay centered.

Sometimes this is meditation, sometimes it's a walk. It's always grinding the coffee beans by hand. But frequently it's software that has the same effect. So even though I only 'play' a couple of games a year, I have others as activities I've integrated into my life. Some people have some aspect of their social lives tied up in video games, not just over the Internet. I know a group of employees in town that plays Clash of Clans as a group on their phones.

The current name for that phenomenon is "live services" or "lifestyle games". It's a terrible name, and coming to terms with that in gaming was one of the things that helped me find balance. Games and what they do to the mind are powerful mojo, and like all things that put us in touch with the source, have to be treated with respect.

Grim Dawn Ultimate Mode
Grim Dawn is one of my current games.That playtime you are looking at is from when they first released the first act, till now, the release of their final expansion. It's relaxing.

Grim Dawn is a game I know well. Believe me, I know what to do, I know all the numbers straight thru, and how to make myself more survivable too. I'm not the best player, that has nothing to do with luck, and mindlessly slaying mobs for 20 minutes cycles up my mind, enough end the game and solve whatever problem I might have.

Crate added a feature to start the game from Ultimate mode, not requiring you to play through the first two cycles. This feature is astoundingly misunderstood.

See, it's not uncommon for action role playing looting video games to require you to play through multiple times, increasing the difficulty each time. Normally, you just play the game. You start on normal or veteran, then after you complete the game, you replay the whole game on elite. If you can beat elite, you can play the game one more time on ultimate difficulty, with the best drops and the most danger! But after hour 400+, the way I played the game changed.

I've seen so many people who ask, How do I start the game on Ultimate?

You just don't. It's not a balanced play experience. It's not designed to take a first level character though the game. If you want to play the game, start on normal. This new feature was designed specifically with players like me in mind.
GUIDE TO PLAYING GRIM DAWN ON ULTIMATE MODEDon't.

Before the expansion released, here was my procedure: I'd start the game, and run to the early loot corpses. There's several corpses in the first area that grant you a green weapon of exceptional utility. You can grab an axe, a gun, or a two handed blade. I grab which-ever-one goes with the build I'm going to try out.

Then I enter the Crucible. The Crucible is an paid expansion that allows you to fight hordes of monsters in waves in exchange for treasure given equal to a high score. It also gives tributes when you can use to toggle bonus zones for advantages in Crucible or turn in tributes to get devotion points. I'm running the Crucible specifically to gather tributes to exchange for devotion points.

I run one set of ten waves. This gets me to level 7-9. I then grab the treasure, and take my mostly green equipment back for another 30 waves of the crucible. I do this three times to accumulate the 15 tributes to Unlock the first 5 devotion points in the crucible.

Why? Devotion points (normally gathered by activating shrines in play) allow you to modify your build using both unique abilities and to shore up weaknesses and focus strengths. Look at this star chart! The cost of these increases in the crucible the more you have.

This entire process takes around 10 minutes, tops. Once that happens, I then load up the main game, and speed-run the game to ultimate. I have to complete the hidden path witch quest (for the extra skill point) and the two quests that give bonus attribute points. I also grab all the shines that are directly in the way, brining my devotion point total up to around 35-40.

Running through veteran and elite takes between five and six hours. I use a movement ability and movement speed gear to make a beeline through the game. You can even skip the whole first act by repairing the bridge (although I usually kill the warden and complete act I in the base difficulty to pick up all the devotion points from shines).

In order for this to work, I usually have complete gear sets for level 20 (Explorer's, providing a nice boost to movement speed), level 40 (the Perdition set, bloodcallers set, or other early-mid game sets) ready for them to go. I use experience potions, from maximum reputation vendors. That allows me to kill the boss on elite in about 5 hours, puts me somewhere between level 45-55, and ready for ultimate.

Then I can finally play the game. Ultimate has the best drop rates, and more content than I need to hit level 100 before I can even finish all the content. It is where the actual game begins.

The whole point of the expansion allowing players to enter Ultimate was to eliminate the time spent needing to speed-run the first two difficulties. 

If you try to start Ultimate as a straight level 1 character, you will be using a butter knife against enemies that will cause you to explode like a microwave shoved into a grape. Preparing a character for ultimate requires the following:

  • You have to access the Forgotten Gods content on the difficulty level you want to skip. This can be done by speaking to the new character that appears in Devil's Crossing at the end of act I. My death knight was at the end of Ultimate, deep into the Ashes of Malmouth content, and I found him inside Malmouth, so it's likely you'll be able to access Forgotten Gods from any of the major towns.
  • When you access the content, there's a guy with a bag that looks like a normal vendor. On his consumables page, he sells the tokens. They run in the range of 200k.
  • On a new character, use the token. The elite token unlocks elite and gives a skill point. The ultimate token unlocks elite and ultimate and gives two skill points. You also gain the appropriate amount of attribute points.
If you do that, and then follow the procedure above to boost a character to where they need to survive ultimate, it'll be fine. 
It was a change that helps me with the way I play the game. It's why I still play this, and quit Hearthstone. It's because they play it too. They aren't looking to maximize profits. They are just looking to flourish while providing something worthwhile. 

Have a good weekend. Take time for yourself.

I don't have anything to do with Crate, the company that makes Grim Dawn, other than I think they made a very fun game. Ymmv. Support me on Patreon.

Hack & Slash FollowGoogle +NewsletterSupportDonate to end Cancer (5 Star Rating)
Categories: Tabletop Gaming Blogs

HackMoor 2019/03/22 The Gathering

Furiously Eclectic People - Thu, 03/28/2019 - 23:47

THERE WILL BE NO GAME TOMORROW DUE TO FISCAL MONTH END WHERE I WORK

Games are normally on Friday nights sometime after 5:30PM at World's Best Comics, 9714 Warwick Blvd Newport News, Virginia 23601.

We had a meat lovers pizza with the pepperoni out and philly cheese steak substituted. (Although one feeder found a pepperoni slice on his portion.)

Again some liberties have been taken with the story line, mostly to shorten it. But it also caused me to avoid third person plural pronouns (them, their, they) to ensure the object or subject of certain sentences by using a fully qualified form, (the Party, Brotherhood of Joseph, Magi of Jesus, or Maidens of Mary.)

++++ START OF SESSION ++++

After fitting Thune with a peg-leg the party left the room through the opposite exit and entered a short hall with a "T" intersection. There was a door to the right and a statue of Jesus to the left, fully mounted crucifix style against the wall.

The party decided to pack away the Brother's of Joseph gear they had been given and continue on without a disguise.

Namo, our Thief, having learned his job dutifully checked for traps on Jesus and found none. (That isn't to say there weren't any, he just didn't find any.) Either way he determined that the statue's arms where hinged and decided to pull the right arm. The wall on which the statue was mounted swerved away revealing a 60 foot hallway with two doors.

Eschewing the hallway, the party checked out the other door, opposite the statue. Finding a panel with eight runes next to the door, they pushed one of the runes and after a lengthy grinding and some rumbling, the door opened up to encounter a group of Cynics coming towards them. Feigning friendship (and playing an undetectable lie for 24 hours card), the party convinced they new group they were returning spies sent from outliers. They even used the opened secret door behind the Jesus statue as proof they knew their way about.

It turned out this new group of Cynics were the "Magi of Jesus" faction, at odds with the Brothers of Joseph and the (warrior) Maidens of Mary (who were all against the Ba'al faction.) There was an element of doubt as to their story, but they claimed such "deep cover"as only the faction's Headquarters (further down) could vouch for them. They declared their purpose to unify the three factions against Ba'al because their spy mission found new powers they could bring.

Thus Party used Cadfael as proof of their good intent. (The Party had determined these three factions against the Ba'al faction had no true Clerics as the three factions had only Magic Users and Fighters, only the Ba'al worshippers had Clerics.) In effect, they had Cadfael cast the Clerical spell, "Create Water".

"Wow," the Cynics said, "we haven't had a Cleric in hundreds of years!" "We gotta show this to the Maidens and the Bros."

They all forthwith went down the another hall and to a similar doorway, and punching new runes into a pad by the door. A few more grinding sounds later the door opened and party went down the same hall.

(This is apparently a hallway on a rotating turnstile with 8 positions making 4 connections to opposite ends of the level.)

At the end of the rotating hall the met the guards of the Maidens of Mary section. And no, these are not the nuns of Castle Anthrax from Monty Python, since they wear armor all the time. Although they did have a captured Joe-Bro in the next room to which they were about to commit Death by Snu-snu.

Performing another miracle, Cadfael cast a Purify Water on which the party had corrupted, (don't ask how). Suitably impressed, the Maidens decided to join forces with the Magi and the Party.

It only remains to go back upstairs and convince the Joe-Bros.

++++ OUT OF CHEESE ERROR ++++

BT

BBBB

PART 2.

++++ CHARACTER ROSTER ++++

CHARACTERS

Paveltepec, first level Painted Mage
Sham, first level Samurai
Cadfael, first level Cleric
Glaxx, first level Druid
Namo, first level Thief
Thune, first level Berserker
10 Sprites, in a musical band called the Pharies

BT

BBBB

++++ RECORD KEEPING ++++

PART 3.

This is also posted on two forums, and a blog.



--

Tracy Johnson
Old fashioned text games hosted below:

BT

NNNN

tweetbutton: 
Categories: Miscellaneous Blogs

More Mapping... This Time With GOBLINS

The Splintered Realm - Thu, 03/28/2019 - 20:26
I wanted to make an introductory adventure with goblins that was fun and kind of offbeat. I think I have succeeded. Here's the elevator pitch: when a goblin chief goes bat poop crazy - from consuming too much bat poop - he makes a plan to protect the bat poop he loves, and his own immortality.

I plan to release this in the next week or two, but for now here's the map:






And then she said

Yarn Harlot - Thu, 03/28/2019 - 19:54

I don’t know if all of you know this, but the comments on blog posts (at least here) are, generally speaking- better than the post itself.  I don’t know how it happened, but there’s a lot of cleverness and entertainment going on in there. Over the years, I’ve come to believe that if one person types it, at least 20 people were thinking it, so let’s see what’s happening down there, shall we?

Elizabeth wrote: I confess that even though I teach stranded knitting, I’ve never knitted a pair of stranded socks. I guess I’m concerned that they won’t have the necessary elasticity.

I think lots of sock knitters (me included sometimes) more than occasionally rely on stretch in a knit to achieve fit, and get used to that. For example, short row heeled socks are often a poor fit for people with a high instep, simply because there’s less fabric present than with a flap heel. That’s just a fact. When I say that though, a whole bunch of knitters line up and say “nuh-uh. I have a high instep and I ONLY knit short row heels and they fit bloody great actually.” Then I look at those (very nice) socks, and low and behold, they’re knit at a looseish gauge that allows for heaps of stretch and that’s how they’re getting fit in the instep – the fabric is often quite stretched through that section. Nothing wrong with this as a strategy, except it stops working when you’re knitting stranded socks. Elizabeth is right – there is less stretch in a pair of colourwork socks like these, so you have to make sure that they actually fit – and it helps to consider a flap heel. (Insert lecture here about gauge. I won’t type it, you already know.)

Jeremy writes: I am going to get that pattern. I always sweat out the amount of yarn I have when I knit socks because I have US size 12 feet. (11.5 inches). 

Smart -I’ve got loads left, so this is totally a good big foot strategy. Ken’s feet aren’t quite as bit as yours, but I have 68/100g left of the grey, 60/100g of the white and 25/50g of the red.  I could make a whole other pair out of my leftovers.

Tracy B (and Charissa echoed her) said ” I’m just wondering though – would the decreases on the bottom of the heel bother a person? It’s almost like a seam right there.”

I don’t think so.  It’s not big at all, and after a wear or two will fade into the work – plus it falls right into the little arch of your foot, so it’s not like you’re really standing on it.  I freakin’ love it.  Plus, we’re all not as princess-and-the-pea as we think we are.  All commercial socks/hose/tights have a seam or two, and most of us wear them every day. (Well, not me.) Ken’s as fussy as they come that way, he’s the type of guy who’s had to excuse himself from a meeting to cut the tag off a shirt because he simply can’t go on, and I’m not worried this will bother him in the slightest.  I’ll let you know though.

Victoria (and Bridget) and probably a bunch of you because knitters are obsessed with this say: ” I just wish you had posted a picture of the inside of the socks so we could see how you stranded them.”

What, I ask you, is with knitters wanting to see the inside of stuff. I mean – I always want to see the inside too, but why do you think we are so weird about it? I’m not convinced it’s about construction – how we stranded them, or whatever, because I’ve heard knitters judge their work by the inside as well as the outside – like whatever amazing thing they’ve wrought on the public side doesn’t count unless it’s just as nice in secret.  We are an odd bunch, I tell you that, but I am with you – so here:

This should answer the question from Jan who said “I’m wondering about what you did about the floats? Did you catch every single stitch? I could see catching every 3 or so stitches on a hat, but in a sock , especially at the foot, it seems even short floats would catch toes and add to the general discomfort–”

As you can see, I certainly didn’t catch every one – that’s a recipe for a lack of stretch,  and a dimpled, inflexible fabric.  I only caught the floats once in the repeat – there’s a spot where the float goes seven stitches, and I caught it in the centre of that – and at the time I knew I didn’t have to do that either, but felt compelled.  You’d need freakishly tiny toes to worry about catching them.  The floats lie flat, and aren’t loops at all.

Pamela says “Do you block your socks in sock blockers or just smooth them out?”

I just smooth them out. They get a nice bath in the sink with slightly warm water and the wool wash currently in rotation. (Usually Soak or Eucalan.) When it’s been in there about 20 minutes, I give them a gentle tug in all directions to encourage things to even out, and then I gently squeeze them, roll them up in a towel and step on it a few times, then lay them flat to dry, pushing them into shape. Usually I come back once or twice while they’re drying to move them around a bit and rearrange things so that I don’t get fold lines. (This is almost always a failure, and doesn’t matter.)

Everyone in the whole world “Warm water holy crap Steph what the hell is wrong with you and I would be totally worried those socks would turn pink when you soak them in water especially warm, what the ^%&^%$# is wrong with you risking socks that way?”

Here’s the thing – before I do any colourwork of any kind, even if I have absolutely no concerns about gauge – I always, every time, I swear…. knit a swatch. At the very least I do a little stripey one, with all the colours in it, and then (always, every time, without fail) I wash that swatch.  I treat it exactly like it’s going to be treated in the warm, damp environment of shoes or boots.  The thing is this:  Before I give it this much of my one wild and precious life to a project, I want to know ahead of time if that dye bleeds. If the swatch can’t handle life, then the socks won’t – and they won’t get knit, at least, not out of that yarn.  I can treat the socks the way I do, because I treated the swatch the way I did. I’ve got confidence, or at least what passes for the knitters version of it.

So there you have it, a little Q&A – now if you’ll excuse me, it’s Taco Thursday (I know, wrong day of the week, we do things our own way here) and I’ve got an almost two year old grandson waiting for me. (And the tacos.)

Categories: Knitting Feeds

Review & Commentary On Secrets of the Immortals By Steve Miller From NUELOW Games

Swords & Stitchery - Thu, 03/28/2019 - 17:46
"There are those among us who are virtual Immortals. They age slowly, and when they die–no matter what the circumstances–they are nearly instantly recreated in a new body.   Some of them choose to watch the world go by from the sidelines, recording events and sometimes offering guidance to mere mortals through wisdom that is born from the perspective of someone who has been part of history Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

Back in the Day

3d6 Traps & Thieves - Thu, 03/28/2019 - 15:08
I've been D&Ding since around 1980.

I started with the Moldvay Basic Set. It was all new to me. The entire thing was a big invitation to create a world of my own and find others to explore it. Ditto, the Expert Set.

I've never run anything but my own setting.


Through the intervening years, there have been a great many settings, editions, supplements, and support material for the game. For the most part, I've kept pace - if not in actual gameplay. And, while I don't deride others for their preferences in D&Ding, I find that some are perfectly willing to belittle mine.

Since when is B/X D&D "a kid's game?" Or, "an introductory set of rules to learn the real game?" If I were going to get nasty about it, I would point out how much the current editions of the game (including Pathfinder) hold the player's hand and ease you out of the gate as a full-fledged hero ready to take on carefully balanced encounters set neatly in your path in proper order and time.

Sorry for the pause, I had a great big yawn sneak up on me.

I've played 3E. And 3.5. I've read 4E. I've played 5E. I've played Pathfinder - hell, I've written Pathfinder material for publication. I simply prefer AD&D, and those which came before. I'll play just about anything. I don't force my preferences on anyone - even though I am now considered an OSR publisher. Outdated Simplified Rules - amirite?! Yep. So Outdated. So Simplified. Not nearly enough Rules.

Yeah, I happen to enjoy the process of forging a hero through fire and unknown dangers. Not everyone does. Not everyone can handle being a Feat-less nobody with a hand-me-down sword and boundless curiosity. Not everyone can face challenges without having the solutions written on a character sheet in front of them. Not everyone wants to. Not everyone needs to.

With each edition came new approaches to gaming. Innovations. Shifts in "power" or "control." Keeping PCs alive. Allowing players to craft their PC the way they want. Never saying no. Never slowing or stopping the action. Not wasting time with "background stuff." Never failing.

During the rare instances where I game as a player, I tend to be tactical AF. I prefer to run what I call "problem-solvers" or "troubleshooters." This usually entails a thief-type or arcane spellcaster - preferably a mix of the two. That's just how I think. And I will scrape every bit of potential from those characters. Feats might not exist in "old-school" D&D, but they really do. If I want to take a point-blank shot in combat, I'll get into position and take the shot. The DM decides what happens.

And that's really the thing. Trust in the DM. With trust in the DM, you don't NEED all those pages of character sheet, cluttered with modifiers, feats, and special superpowers. As a DM, I am willing to do just about all of the work. As a player, you just need to be able to run your character. In an ideal world, the player should barely need to look at their character sheet. There should be few moments where the players need to pull themselves out of the game to look up a rule or modifier. At least, in MY ideal world.

My ideal world turned out to be Avremier - my lifelong campaign setting. At its heart, Avremier is an exercise in making the rules and structure of the game work in such a way that I can be happy. Why are humans the only ones allowed to advance in certain classes - or to such high levels? Why can't demihumans do the same? Why can't magic-users use swords? Gandalf did! What's the point of gnomes? They're just halfling-dwarves! And so on. Yes - those questions are addressed in Avremier. And, many of the rest.



Lots of people love D20 and Pathfinder and 5E. I get it. I did too. Today, I prefer the older stuff. I don't have to spend money and shelf-space to maintain the game. I can convert "new stuff" to "old stuff" in minutes. There's less math - I don't like math. I can focus more on the adventure. On the game. No, the later editions are not WRONG. They're just not right for me.
Categories: Tabletop Gaming Blogs

US Congress proposes comprehensive federal data privacy legislation—finally

Malwarebytes - Thu, 03/28/2019 - 15:00

The United States might be the only country of its size—both in economy and population—to lack a comprehensive data privacy law protecting its citizens’ online lives.

That could change this year.

Never-ending cybersecurity breaches, recently-enacted international privacy laws, public outrage, and crisis after crisis from the world’s largest social media company have pushed US Senators and Representatives into rarely-charted territory: regulation.

Before Congressmembers’ desks are at least four federal bills that would change how companies handle and protect Americans’ private data. The bills seek better user privacy through increased transparency, oversight, fines, and liability, and, in the case of one bill, the possibility of jail time for dishonest tech executives.

Several US states are also considering comprehensive data privacy bills, taking inspiration from California, which passed its own law last year. If those state laws pass, a new wrinkle will be added to the broader country-wide debate: Should state privacy protections be respected or should one federal law supersede those rules?

This month, Malwarebytes Labs launched its limited blog series about data privacy and cybersecurity laws. In this second blog in the series, we explore five federal data privacy bills.

How we got here

For decades, Congress regulated data privacy based on single, sector-specific issues. Rather than writing laws to protect all types of data, they instead wrote laws to combat individual crises.

In the late 80s, that crisis was a Supreme Court nominee’s video rental history being leaked to the press, resulting in the Video Privacy Protection Act. In the late 90s, that crisis was the potential targeting of children online, resulting in the Children’s Online Privacy Protection Act. In the mid-2000s, the kidnapping and murder of a Kansas teenager prompted lawmakers to discuss lowering protections on GPS data held by cell phone providers. (The proposed bill failed passage multiple times.)

This reactive approach is just how Congress works, said Michelle Richardson, director of the data and privacy project at Center for Democracy and Technology (CDT).

“This country has generally allowed companies to do their thing until something goes quite wrong,” Richardson said. “It has to get worse before the US and its decision-makers and its cowboy personality feel ready to intervene.”

Today, Congress is again ready to intervene. The crisis at hand is two-fold.

First, data breaches of Yahoo, Uber, Equifax, Marriot, Target, the Sony PlayStation Network, Facebook, Anthem, JPMorgan Chase, and many more have resulted in Americans’ personally identifiable information being stolen or accessed by cybercriminals. This PII includes names, Social Security numbers, credit card numbers, passport numbers, dates of birth, account passwords, physical and email addresses, and even employment histories.

Second, even when a company hasn’t suffered a breach, Americans’ personal data has been misused or left astray. The FBI searched private company DNA databases. A period-tracking app shared its users’ pregnancy decisions and menstrual tracking information with Facebook. And political beliefs were reaped in an effort to sway a US presidential election.

Congress has concluded that user privacy can no longer be solely entrusted to America’s technology companies.

“The digital space can’t keep operating like the Wild West at the expense of our privacy,” said Amy Klobuchar, Democratic Senator of Minnesota and presidential candidate.

Data privacy legislation has huge support outside of Capitol Hill, too—from the public. Richardson said that, thanks to the work of researchers, journalists, and civil liberties advocates, the public better understands how their data moves from company to company.

“We don’t give nearly enough credit to civil media [outlets] and civil society [groups] for the research they’ve done into data practices and for giving people cold, hard facts about how their data is collected,” Richardson said.

That research has exposed not just personal data misuse, but also corporate irresponsibility.

Last year, Reuters showed that Facebook failed to fulfill its promise to control the wildfire-like spread of hate speech on its platform in Myanmar. The Intercept exposed Google’s plans to build a censored version of its online search tool in China, resulting in several employee departures and renewed questions about Google’s removal of its “Don’t Be Evil” tagline. ACLU showcased the failures in Amazon’s facial recognition software, revealing that the technology falsely matched 28 members of Congress with mugshots of arrestees.

Some US states have already responded.

Last year, Vermont passed a law regulating data brokers, and California passed its California Consumer Privacy Act. The law gives Californians the right to know which data is collected on them, whether that data is sold, the option to opt out of those sales, and the right to access that data. The law will take effect at the start of 2020.

In the meantime, other states are aiming to follow suit. Washington, Utah, and New York legislatures are all considering new laws that could give their residents better access and control to the information that companies collect on them.

International data privacy law is even further ahead.

Last year, the European Union successfully completed its effort to pull together the data privacy laws of its 28 member-states into one cohesive package. The General Data Protection Regulation came into effect on May 25, 2018, and since then, it has produced lawsuits against Facebook and a record fine out of France against Google.

At home and abroad, regulation is in the air.

The proposals

Since last April, multiple US Senators have tried to take on the mantle of the public’s chief data privacy protector. Some tried to show their commitment to data privacy by asking Facebook CEO Mark Zuckerberg pointed questions during his Congressional testimony regarding the Cambridge Analytica scandal. One Senator—and presidential candidate—made a direct public appeal to break up Amazon, Google, and Facebook.

But in putting actual ideas onto paper, four Senators have emerged as frontrunners in America’s data privacy debate. Senators Klobuchar, Ron Wyden of Oregon, Marco Rubio of Florida, and Brian Schatz of Hawaii have directly sponsored individual, separate bills to protect Americans from opaque and unfair data collection.

Google, Facebook, Amazon, Apple, Microsoft, Yahoo, Uber, Netflix, and countless others could be affected by these proposals.

The bills ask for essentially the same thing: tighter controls on user data. Consequences often include higher fines from the Federal Trade Commission (FTC), which currently serves as the country’s primary data misuse regulator.

Sen. Klobuchar’s bill—the first of the four to be formally introduced in April 2018—would require certain companies to write their terms of service agreements in “language that is clear, concise, and well-organized.” It would also require companies to give users the right to access data collected on them (similar to California’s state bill and to GDPR), along with notifying users about a data breach within 72 hours.

Sen. Rubio’s bill—the American Data Dissemination Act (ADD)—would require the FTC to write its own privacy recommendations for Congress to later approve. The ADD asks that the FTC’s  rules closely align with the Privacy Act of 1974, which restricts how federal agencies collect, store, and share Americans’ personal information. If passed, the FTC would have up to 27 months to get its own recommendations approved.

The ADD would also “preempt”—meaning, it would nullify—current and upcoming state data privacy laws. If passed, companies would only need to comply with the FTC’s federal rules that Congress would later approve. California and Vermont would wave goodbye to their newly-passed laws, and Utah, Washington, and New York would likely shut down their own efforts.

But preemption could be a deal-breaker for free speech advocates, digital rights groups, and government representatives.

“Under the Rubio bill, Americans would not have their privacy protected,” said Center for Digital Democracy Executive Director Jeff Chester, in speaking to Bloomberg. “State preemption is a non-starter as far as the consumer and privacy groups community and their allies in Congress are concerned.”

In California, the state’s attorney general also pushed back.

“For those of you following debate over data #privacy, note: We oppose any attempt to pre-empt #California’s privacy laws…” wrote Sarah Lovenheim, communications advisor to California Attorney General Xavier Becerra.

The opposition to Sen. Rubio’s bill is compounded by its slow timeline, making it impossible for lawmakers to know what specific rules they could be asked to approve in two years’ time.

The ADD demands Congress make an unknown, gameshow-style choice: Keep the data privacy protections you have, or choose what’s behind Door Number Two?

Sen. Wyden’s bill—the Consumer Data Protection Act—sets itself apart as the only bill that includes jail time consequences.

Sen. Wyden’s bill would require data-collecting companies to deliver annual reports that detail their internal privacy-protecting efforts. Those reports would need to be signed and confirmed by a high-level company executive, like a CEO or CTO. But if those executives confirm a false report, they could face jail time, the bill proposes.

The Consumer Data Protection Act would also require the FTC to set up a “Do Not Track” website where Americans could register to opt out of online tracking and third-party data sharing. Companies that fail to comply with consumers’ wishes would face fines.

This “Do Not Track” proposal is far from perfect. If a company’s requirement to get user consent clashes with that user’s Do Not Track preferences, the bill proposes a harmful compromise: Put the services behind a price tag. Paying for privacy is wrong, and, even if the bill passes, companies should refuse to engage in such a dangerous practice.

Finally, there is Sen. Schatz’s Data Care Act, which relies on a novel interpretation of corporate responsibility. The bill equates the responsibility that doctors have to their patients’ information as the same responsibility that technology companies should have to user data.

“Just as doctors and lawyers are expected to protect and responsibly use the personal data they hold, online companies should be required to do the same,” Sen. Schatz said in a press release.

The bill creates rules under five broad umbrellas—the “duty to care,” the “duty of loyalty,” the “duty of confidentiality,” federal and state enforcement, and rulemaking authority by the FTC to enforce the bill.

Fifteen Senators from both parties have signed on as co-sponsors, including Sen. Klobuchar. (Sens. Rubio and Wyden have not.) Several civil rights organizations, including Free Press, EFF, and CDT, have voiced support.

“We commend Senator Schatz for tackling the difficult task of drafting privacy legislation that focuses on routine data processing practices instead of consumer data self-management,” said CDT’s Richardson in a press release.

Here, Richardson is talking about something that she and the policy team at CDT find particularly important: consent. Many of today’s data privacy bills lean heavily on the idea that clearer terms of service and more notifications and more annual reports will somehow empower consumers to make the right choices for themselves when consenting to use online platforms.

But that’s unfair, Richardson said.

“[CDT’s] biggest concern is that a lot of these proposals are a notice-and-consent model. They look at these agreements we sign and say, ‘Maybe make them clearer,’ for example,” Richardson said. “That’s doubling down on our existing system, where it’s up to individuals to micromanage their relationships with hundreds, if not thousands of companies that touch their data every day.”

So, CDT—which routinely discusses already-authored legislation with Congressmembers—took a different approach. The organization wrote its own bill.

The bill’s rules are not built on consent. Instead, CDT’s bill focuses, Richardson said, on “what are the things you can’t sign away? What are your digital civil rights?”

CDT’s bill would give US persons—including residents—the rights to access, correct, and delete data that is collected on them, along with the right to take their personal data and move it somewhere else (which is similar to a right granted in the European Union’s GDPR). The bill would also require the FTC to investigate and write rules barring discriminatory practices in online advertising.

Companies affected by CDT’s bill would be given 30 days to put into place mechanisms for users to exercise their above rights. Also, if those companies license or sell personal information to third parties, they would need to assure that their third-party partners are practicing the same privacy commitments as the companies themselves.

Similar to Sen. Rubio’s bill, CDT’s bill would pre-empt state laws, but only those that focus on data privacy. Laws that deal with, say, consumer protection or data breaches, would remain intact.

As to which federal bill will prevail—it’s a bit of a tossup. Passing a bill into law is never as easy as getting the best idea forward. Big Tech is sure to lobby against any bill that would cut into its business model, and civil liberties groups could, depending on the legislation, disagree with one another about the best path forward.

Until then, CDT thinks it is taking the right approach, removing the burden from users and instead protecting what their rights should look like in the future.

Richardson put it plainly: “This is a moment about having corporations treat us better.”

In our next blog in the series, we will look at data privacy compliance for businesses seeking to expand outside the US market.

The post US Congress proposes comprehensive federal data privacy legislation—finally appeared first on Malwarebytes Labs.

Categories: Techie Feeds

Cozy Couch & Bedside Organizer Caddy Tutorial

Moogly - Thu, 03/28/2019 - 14:59

The Cozy Couch & Bedside Organizer Caddy Tutorial will demonstrate how to create your own handy bed pocket – in right and left-handed video tutorials! Disclaimer: This post includes affiliate links; materials provided by Red Heart and Brittany. Bedside Organizer Caddy Tutorial: How to Crochet the Bedside Organizer Caddy – Right Handed How to Crochet [...]

The post Cozy Couch & Bedside Organizer Caddy Tutorial appeared first on moogly. Please visit www.mooglyblog.com for this post. If you are viewing this on another site they have scraped the content from my website without permission. Thank you for your support.

2
Categories: Crochet Life

Armchair Planet Who's Who

Sorcerer's Skull - Thu, 03/28/2019 - 11:00

I haven't posted an update on this in a while. The project is still on-going, it's just been moving slower of late due to real life stuff for both myself and my collaborator. Here's another piece of art for it, though: another look at Futura by Julian Shaw.

1282

Looking For Group - Thu, 03/28/2019 - 04:00

The post 1282 appeared first on Looking For Group.

Categories: Web Comics

Using The The Castle Keepers Guide & The Siege Engine For Clark Ashton Smith's 'Old Solar System' Campaign Setting

Swords & Stitchery - Thu, 03/28/2019 - 01:35
I've written extensively about my obsession with the  Castles & Crusades rpg over the years. I've been quietly on the side been using both the Victorious Rpg & Amazing Adventures ! rpg product lines over the last couple of days. I'm thinking of doing a joint game set in an alternative Earth prime material time line.But if only there was a supplement book that had guidelines for combining & Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

Location data leaks from family tracking app database

Malwarebytes - Wed, 03/27/2019 - 16:00

An app called Family Locator, which allows family members to keep track of one another recently experienced an exposed database issue of the worst kind. Specifically: the MongoDB database was left exposed with no password, like so many other recent infosec tales of woe. The end result is the location of about 280,000 users leaking in real time.

For a location tracking app that also includes information about children, this is quite the error. Map views, family maps, and push notifications to let you know where everybody is all sound great—until random people also potentially have access to it. This is the fate handed to Family Locator these past few days, although nobody knows how long the sensitive data has been exposed.

What was leaked?

The Family Locator database records held names, email, plain text passwords, and photographs, along with coordinates tied to user-allocated names, such as office, home, and condo. As per the TechCrunch report, none of it was encrypted, a misstep repeated by Facebook last week.

On a related note, the app’s privacy policy is rather short and to the point:

What information do we collect and how we use it

Contact information:

When you create an account, we may collect your personal information such as your username, first and last name and email address.

We may send important or promotional information about our products.

Geolocation data:

We collect your location through GPS, WiFi, or phone network in order to provide our Service.

Do we disclose any information to outside parties?

No. We do not sell, trade, or otherwise transfer to outside parties any of your personally identifiable information.

 Changes to our privacy policy

We may update this policy at any time by posting changes on this page.

It seems the most-urgently required change to the page is the addition of the word “whoops.”

Was there a real-world impact to this?

There absolutely was. After setting up a dummy account and verifying the accuracy of their coordinates against what was listed in the database, TechCrunch contacted one user randomly, who validated that their location exposed in the database was also correct, and that one of their family members using the app was their child.

This is, frankly, terrible, especially as TechCrunch found numerous other parent/child combinations in the database.

Did it all go wrong at this point?

You bet it did. I’ve reported hundreds of security fails down the years. I’ve had data exposure issues fixed on image hosting websites, exploits on social networking portals patched up, data hauls taken offline, outbreaks on instant messaging platforms shut down, and much more besides.

Many people working in infosec do the same thing, all the time. Security awareness, even for other developers, used to be pretty bad a decade or more ago—it was pretty much throw a paper plane and hope something lands.

Things are supposed to be much better now, right?

In the case of Family Locator, they aren’t.

What happened next sounds like one of my wild goose chases from yesteryear. No useful information could be found on the site’s WHOIS record or privacy policy page (as you can see above), and zero contact information was listed on the website. TechCrunch bought business records to finally obtain a name tied to the business, but that still didn’t get them any further.

Microsoft, who host the MongoDB database in question, were contacted, and eventually it was taken offline. Presumably they contacted the app developer, but it seems they’ve still not acknowledged their leaky database, either way.

Are MongoDB breaches a thing?

Sadly, yes. MongoDB is wonderful to deploy, but people seem to lose interest at the “locking it down” stage [1], [2], [3]. Sometimes, it’s deviations from default configurations causing the problem. Other times, nobody set a password. This is disappointing, given the security documentation available to ensure everything on the server stays secure.

What now?

If you’re one of the app users caught up in these events, try not to panic. While the data was exposed, it’s most likely to be abused by marketers and scrapers, and not so much hardened criminals. While this isn’t exactly great, it’s still better (and more probable) than “dubious stalker character uses this data to lurk near my home.” The chances of someone like that not only being able to find the data, but be close enough to your location to do something with it are remote.

It’s also a good reminder that we can’t possibly predict how secure a service is when signing up to it.  The more access you give to your personal life, the more damage can be done should something go wrong afterwards. This may not be massively reassuring, but it’s sadly where we’re at. It’s up to app developers to step up and do a better job of it.

The post Location data leaks from family tracking app database appeared first on Malwarebytes Labs.

Categories: Techie Feeds

Pages

Subscribe to Furiously Eclectic People aggregator