Re: [Rails-devel] Play by email

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

On Mon, Nov 24, 2008 at 6:05 PM, Dave Mitton <da...@mi...> wrote:
> Oh... I don't know about that.
>
> It's not jumping ahead a turn, it would be the ability to retroactively change
> a turn or an asset that would bother me.  "I should have bought that
> last turn..."

Until we implement an actual PBEM facility, the undo feature allows
you to do this.

> I would feel more comfortable in this kind of dynamic if the game generated a
> crypto hash of the game state and made it visible to all players in the report.
> And then it should be checked on subsequent turns so that everything
> was consistent with what was before.
>

What stops someone from generating that hash after they've saved a
bogus game state?

Being an open-source project, there's nothing that prevents someone
from compiling and using their own modified version of the game that
generates correct checksums for invalid data. Being a small project,
we simply don't have anyone volunteering to implement and maintain
additional security mechanisms.

Further, we let the user manually input the value of their train runs.
Not only is this error prone, but it is an easy way for someone to
accidentally give themselves an invalid amount of money. In my
opinion, having someone getting patches in to implement automated
route calculation will reduce a major potential source of error and/or
cheating (depending on your perspective).

I really don't think this should be a big concern. The nice thing
about implementing a board game is that everything the app does can be
done by hand. If you want to validate that the calculations are
correct, the math is fairly basic and well-known. It should be trivial
to find out if something isn't right.

> I don't know if your code has this feature, but I put it in my 1830
> program when I was debugging.
> An auditor pass would run between every turn:
>         It would count up all the certificates, tokens, anything I
> could think of
>         (and that should include cash) to make sure everything was
> accounted for
>         and that the program didn't "leak" or "duplicate" any game materials.
>
>
> Dave.

We currently do not audit the game to that extent. Patches are
welcome, if you'd like to add it.

---Brett.

>
> On 11/23/2008 09:28 AM, Chris Shaffer wrote:
>>I think I trust everyone - particularly since there are no random
>>elements. It's not like we wouldn't notice if the game jumped forward
>>an OR!
>>
>>When do you anticipate the next (relatively) stable release?
>>
>>--
>>Chris
>>
>>Please consider the environment before printing this e-mail.
>>
>>
>>
>>
>>On Sun, Nov 23, 2008 at 6:17 AM, Erik Vos <eri...@hc...> wrote:
>> > Yes, you could do it this way (provided that the players trust
>> each other to
>> > behave by only playing their own turns).
>> > For the future we foresee a central server picking up and validating moves,
>> > and sending around the results, but that may still be a while away.
>> >
>> > Be warned, though, that the latest version (1.0.5) is somewhat
>> buggy, so you
>> > may want to wait for a next release. The latest available source
>> code may be
>> > better, if you can work from that. The trouble is, that adding new features
>> > occasionally breaks some old code, and so far we have not been very good in
>> > regression testing.
>> >
>> > Perhaps we should better organise releases, for instance by bringing out
>> > betas and giving people some time to file bug reports (and we must learn to
>> > remember to actually look at these bug reports!)
>> >
>> > Erik.
>> >
>> >
> ...
>
>