Archives for The Runes of Binaria

Stop Your Search Engine from Spying on You

DuckDuckGo: Better Instant Answers, Less Spam & Clutter, Real Privacy

I’ve started using DuckDuckGo instead of Google, because DuckDuckGo doesn’t track users or tamper with their search results.

I quit using Google for Internet searches a couple of months ago.

I did that because of yet another story in the tech press about Google customizing search results to each user. In a nutshell, what Google does — and has been doing for years — is build a detailed profile of each user’s search history, and try very hard to prioritize search results based on what it thinks that user likes. Why Google thinks this is a good idea is deeply unclear to me — the whole point of searching for information is to find things I didn’t know and haven’t seen before.

In fact, I would go so far as to say that tampering with search results to show different things to different people is manipulative. It offends me and makes me suspicious of Google’s motives.

Futhermore, Google (and the other tech giants, Apple, Yahoo, Microsoft, and most especially Facebook) make a great deal of their money by tracking and profiling their users. As my favorite security expert, Bruce Schneier, put it, “[t]he primary business model of the Internet is built on mass surveillance…” A lot of people seem concerned about the NSA spying on innocent citizens, yet many fewer people seem concerned when Google and Facebook do the same thing. I am puzzled by that reaction, because in my experience corporations are generally not more trustworthy than the government. And, the same Bruce Schneier article I quoted previously points out that a lot of the government spying is done by obtaining users’ profile data from tech companies. Google, Facebook, and Yahoo are handing over those detailed profiles they’ve built to the government on demand, even though it would be illegal for the government to collect that data itself.

In the Internet age, I firmly believe that we users should defend our privacy as much as possible. Anything we read can be used against us — to charge us higher prices and harass us with annoying advertisements, certainly. But think about the power that Google has. Tampering with search results is like changing the books on the library shelves before a patron walks in. It reminds me of the novel Fahrenheit 451, but much more subtle and insidious. Remember the power newspaper moguls of the early twentieth century wielded, and ask yourself: are Google and the other tech giants better citizens than that?

To replace the empty space where Google used to be, I’ve found DuckDuckGo. It’s a search engine whose business model is not based on mass surveillance, and who doesn’t tamper with your search results — it shows the same results to everyone. DuckDuckGo’s Web site does a much better job of explaining this than I have time to do. It explains why it’s against our interests to be tracked and why customized search results are a detriment, not a benefit. It also explains how they can possibly make money while bucking the surveillance trend. You can add it to your browser as a search plugin: here’s the one for Firefox.

Another alternative is to just use Wikipedia as your search engine of first recourse, and use the external sites linked on the Wikipedia page to get to authoritative sources. This works pretty well for finding hard, factual information. Back in the 1990s, this was called “surfing the web,” and it’s what everybody did to find everything before Google came along. There were search engines then, but they were terrible: they gave different results every time you searched, and always left out a lot of relevant pages. The more things change, the more they stay the same.

I’m on a Podcast!

Actually, I’m on two. CJ Romer graciously invited me to appear on his Ars Magica fan podcast, Arcane Connection. I’m on Episode 9, which is about a type of Ars Magica character called grogs, and on Episode 10, which is about House Flambeau.

Both of these podcasts are aimed at Ars Magica fans so they’re a little, well, arcane for a general audience. If you’re new to Ars Magica, you’ll find Episode 1 a better starting point.

D&D Platest Update

A few months ago, I wrote about my experience with the D&D public playtest. There have been two updates to the rules since then, and they look to be heading in approximately the right direction again. The designers have dropped the concept of skill dice and they’ve straightened out the design of the rogue that gave us so much trouble back in January.

At the same time, I am not getting a sense that the design team has a clear agenda. They seem to be muddling along from survey to survey. Two weeks ago, Mike Mearls (lead designer) wrote a column pondering what the concept of hit points should mean. Mr. Mearls did take a reasonable stance on the question, but the fact that he’s still devoting his column to such a basic design question makes me wonder when and whether we are going to see the design team really commit to anything.

That is why I’m dropping out of the playtest process. When I’ve playtested in the past, it was for the Ars Magica system. Their playtest process is conceptually very different from the way the D&D playtest process is unfolding. An Ars Magica playtest is like an editorial review process: the author commits to a design and the playtesters try it out and report back with how they liked it, what worked, and what didn’t. The author then revises based on the diverse feedback from the different playtesters. The D&D playtest appears to work differently: it seems to be more of a focus group (my cynical side would call it a “popularity contest”) where the designers throw out a different, competing idea each iteration and run a survey to see which one caught on.

That leaves me cold for a couple of reasons. Most importantly, I think designers should have their own vision and try to adapt it to the market based on feedback, rather than expecting the market to make all the major decisions for them. Imagine if George R.R. Martin tried to write the next Game of Thrones novel by sending around a couple of different versions of each chapter and running a survey to see which one was most popular. That would be ridiculous — the reason people read Mr. Martin’s books is that he has his own style and his own master plan for the plot. People value that (even if, like me, they don’t like every creative decision the author makes). So, I think the design-by-committee approach lacks integrity and will ultimately be a disservice to the customer by producing a mediocre product. It’s an understandable over-reaction the the “edition wars.” The designers seem to be bending over backward to please everyone, without realizing that in so doing, they’ve lost track of the designer’s role.

On a more practical level, it also means that each iteration of the playtest is going to be different from the last, and will not necessarily bear much resemblance to the final product. To stay in the playtest, my group would have to re-learn the rules every time we sit down to play. Now that I know that’s the expectation, I’m not interested in paying that cost. I can’t get a group together as often as I’d like to. To spend a lot of time learning each version of the playtest rules, only to have them change in extensive and arbitrary ways next time around, does not appeal to me.

So, now that I’ve figured out what Wizards of the Coast actually wants from the playtesters, they can count me out. I no longer believe the game is necessarily going to be bad. I have no idea what the final game is going to be like. The playtest drafts don’t really tell me: anything could change at any time. Maybe the next edition of D&D will be as great as my first playtest experience, or maybe it will be as lousy as my second. I’ll take a look at it when the design team have finally made up their minds.

Security Myths and Realities: Easy-to-Remember Passwords

The worst passwords of 2012

The worst passwords are the ones everybody else is using.


I’ve been meaning to write more about computer security, but all the topics are complicated. That makes it time-consuming to write about, and potentially dry and confusing to a reader. So I’ve decided to try something new: to write short, narrow posts that address a smaller subset of the topic. In doing this, I realize I am becoming the thing I hate: most blogs annoy me because bloggers write short articles of 500 words or less not because that’s an appropriate length for the topic, but because that’s what’s easy to write in an hour or two.

Part of this short series will be titled “Security Myths and Realities.” My idea is to break through all the outdated and plain false information about computer security and help the regular user get up to date on how experts think.

Myth: Choose a Password That is Easy to Remember

Reality: Totally FALSE! If you are trying to remember all your passwords, you are doing it wrong.

2012 was a watershed year for the venerable password. Last year was the year when the mainstream technology press — periodicals like Wired and Ars Technica — began to publish opinion pieces suggesting that the whole concept of passwords is obsolete, ineffective, and wrong. I happen to agree, but in the near term, it’s irrelevant: passwords are not going away any time soon. To fully explore what’s wrong with passwords as a concept, and why the very idea of passwords is coming under fire, would be another entire article. I can point out the most obvious problem with passwords, though: everyone has too many of them.

For something as complicated to remember as a reasonably-strong password, “too many” is about four. The last I counted, I had 103 different passwords. Since I work as a programmer and I maintain a blog and a couple of other Web sites as a hobby, I admit I am kind of special. I have more passwords than the average user. If you take into account all the unique accounts a modern person has for online shopping, communities like forums and blogs, gaming accounts, banking accounts, and so on, I would not be surprised if the mythical “average user” had need for 20 different passwords. I wouldn’t even be surprised to hear a number like 50.

Don’t even bother to try remembering all your passwords. It’s infeasible, any anyone who tells you otherwise seriously misunderstands the security risks of today’s Internet.
Security Myths and Realities: Easy-to-Remember Passwords continued »

Crusader Kings 2: Lawyers, Swords, and Money

Cover illustration of Crusader Kings II

The cover of Crusader Kings II makes it look like just another war game, but there is a lot more to it than that.

Lately I’ve been playing a lot of the PC game, Crusader Kings II. Besides being a whole lot of fun, this game is a breath of fresh air in the strategy genre. It’s a game not just about war and conquest, but about alliances, betrayal, marriages, assassination plots, corruption, and medieval law. It’s the most original gameplay experience since … well, probably since Crusader Kings I.

In Crusader Kings II (hereafter, CK2), you play the leader of a medieval dynasty. When that leader dies, his heir becomes your character. The game covers a time span from 1066 to 1453 (corresponding to the historical period bracketed by the Norman Conquest of England and the Ottoman conquest of Constantinople), so you’ll pass through many generations of rulers as you play. The fortunes of your dynasty may rise and fall: it’s not uncommon to start as a lowly count, to climb to a duchy and then a throne through might and guile, and then see the kingdom crumble in a succession war or rebellion until you’re back down to one county again. Along the way, marriages and succession law are every bit as important as castles and armies.

I’ve read a number of great articles about this game that made me want to try it, and I’m very happy that I did. I’d recommend Why Crusader Kings II Should Be Game of the Year and How to Lose at Crusader Kings II. I would love to explain why this game is so great, but it’s better to show you than to tell you. Here’s what’s going on in my latest game.

Crusader Kings 2: Lawyers, Swords, and Money continued »

International Day Against DRM

It’s late in the day as I post this, but today is the International Day Against DRM!Authors Against DRM

So what’s DRM? It stands for “digital rights management,” and refers to technology that forces users to have a license in order to play a movie, read an e-book, or run a computer program. Big companies claim that DRM prevents “piracy.”

The truth is that DRM is not only about piracy. It’s about control. DRM is used to:

  • prevent you lending e-books, computer games, and digital movies to your friends (which is perfectly legal to do for a paper book or DRM-free game)
  • prevent you from selling your used e-book, movie, or game when you’re done with it
  • ensure that media you buy for one device, such as a Kindle, won’t be usable on a competitor’s device, like a Nook
  • track your reading and viewing habits for sale to marketers
  • in some cases, stop you from using content you’ve paid for
  • in some cases, erase books you’ve bought and paid for from your device

As Cory Doctorow put it,

No one woke up this morning and thought, “gee, I wish there was a way I could do less with my music, maybe someone’s offering that product today.”

He explains DRM better than I can.

So if DRM sounds like something you’d be better off without, please join me in supporting the International Day Against DRM. You can learn more about anti-DRM campaigns from Defective By Design and the Electronic Frontier Foundation.

Impromptu Cat Photo

My cat Merlin does this when he wants attention ... or when his back itches.

My cat Merlin does this when he wants attention … or when his back itches.

My Second Playtest of “D&D Next”

Happy Bunny: "You suck and that's sad."

Happy Bunny shares my opinion of D&D Next.

Over the Martin Luther King holiday weekend, I got together with a bunch of college friends to run another playtest of the next edition of D&D, which the publishers insist on calling “D&D Next.” My conclusion: their design skills are no better than their grammar. I wish I could have that weekend back. Although I didn’t think it possible, the next edition of D&D is going to be worse than the last one.

Read on for my rant about why “D&D Next” has jumped the shark. This is a big disappointment to me because the earlier versions of these rules, and the hype coming out of Wizards of the Coast, seemed so promising.

My Second Playtest of “D&D Next” continued »

Printing Battle Maps in Campaign Cartographer

When I have the ambition, I use Campaign Cartographer 3 to make maps for my tabletop roleplaying games. The README for the current version makes mention of printing maps to miniature scale, so you can use them as battle maps. The README is accurate as far as it goes, but a little sparse on the details. This post goes into a little more depth.

Printing Battle Maps in Campaign Cartographer continued »

Christmas Trees are for Cats

This year, my lovely wife and I moved to a beautiful new house. In contrast with our “city-sized” (read, small) condo, we have a lot more space: enough space to set up a full-sized Christmas tree. We had some reservations about this. We’ve had the cats for five years now but we’ve never had cats and a Christmas tree at the same time.

Real Christmas trees are not good for pets. The needles are mildly toxic and the water is a potential biohazard due to bacteria. They’re also a pain to dispose of: the town or city wants to collect them on a specific weekend and I may not want to take it down quite yet. Last year, in Cambridge, tree collection happened before the twelve days of Christmas were even over! Don’t they remember that song? So for reasons of pet safety and convenience, primarily the former, we bought a new artificial tree.

Now, Merlin and Morgana are indoor cats. That’s another safety choice: indoor cats live a lot longer in my experience. But indoor cats are deranged — even more deranged than regular domestic indoor/outdoor cats. Our cats have a bit of an obsession with green things. Specifically, eating them. I buy them pet grass but their herbivorous impulses are not constrained by human taxonomy. If it’s green, they want to eat it. It’s that simple. Five years ago, at Merlin and Morgana’s first Christmas, we had another artificial tree and before we even had it out of the box, they were climbing all over the box of branches and nibbling at the plastic needles. At that time, we decided to skip the Christmas tree that year till our kittens had grown up a bit more, but then we moved to a smaller place where the tree didn’t fit anyway (we sold it in a moving sale). We never did buy an apartment-sized tree, so this year, in the new house, this was the cats’ next Christmas tree.

We decided to set up the tree without ornaments for starters, to give them a couple of days to get used to having it in the house before we covered with with dangly, shiny, irresistible cat toys. We were expecting trouble. Merlin and Morgana didn’t disappoint.

Cats investigating the Christmas tree box

Merlin and Morgana check out the exciting new box.


Christmas Trees are for Cats continued »