[Raewyn]

Dear Everyone,

It is daunting and unfortunate to see the fall of beautifully authored worlds caused by theft, exploits, or other vulnerabilities. Whether or not "our code was taken" will forever be a cliche within the community is uncertain, but regardless of how much intellectual property, source code, or binaries are protected, it still begs the question, "Why do bugs still make their way into our realms?"

I pose this question. In your experience, if you were to choose 5-10 different types of exploits / vulnerabilities, such as shell access, in-game inconsistencies, buffer overflows, players themselves, staff members, bribes in administration, politics, or others, how would you rank them both in terms of their danger to your world and in terms of their frequency? How often do they occur? How dangerous are they when they occur?

Finally, in your opinion and if you would not mind sharing, what was the cause of the exploit and how did you prevent it from happening again (or were you proactive in preventing it?)?

Perhaps one day the dissonance in the harmony will end. We're just trying to create a fun world, right?

Sincerely,

Raewyn

[Robbert]

1. Owner ignorance. This involves the owner asking someone to code for them and the programmer 'steals' the code after getting access (Frequent) (Very damaging)

2. Immortal disillusionment. Immortal with access becomes disillusioned with the progress of the game, and acquires a copy of the source. (Common) (Most Damaging, because Immortal can lure players away)

3. Owner ignorance, v2. This involves the owner having s incorrect permissions set on their shell account, giving access to unscrupulous users within the shell. (Occasionally) (Limited Damage, those who do this usually are too ignorant to run the game)

4. In-game advantages. This is where there is a flaw in the design of the game, allowing the violator to advance significantly over their peers in a short period of time. Usually the result of improper programming or design. (Frequent) (Damaging until resolved)

[fjin]

I guess you really meant Crackers - instead of Hackers.

[Molly]

1. I guess the main thing to think about is to be very careful about WHO you let into your shell.
Never hire coders 'from the street'.
Never give anyone shell access at all, unless you know them well in RL, or have worked with them for a long time on line, and know that they are trustworthy, that you get along personally, and have basically the same goals for the Mud.
And make sure that your shell security is high.

2. Apart from shell security i'd say that the biggest danger of a Mud going bad is cheating and/or corrupt imms. Again it boils down to who you trust with an imm char. And if, despite your precautions, you end up with a bad egg in the imm basket, slam down on it hard. Throw untrustworthy imms out immediately. No second chances, they'll most likely abuse those as well.

3. As for the players, I think rumour mongers are the worst. Rumours spread incredibly fast in a mud, and if they are malicious ones, they can be really detrimental to the society, because they affect player relations and break down trust. A certain type of players seem to like to spread malicious rumours or blatant lies just out of spite, best keep an eye on those.

4. ddos is hard to protect against, even big companies have had their websites brought down by this. We had a couple of rogue players ddos the mud some years ago after getting into a brawl with some other players, and in the worst case, (which happened on a friday night when the coder was away for the weekend), the mud was down three days.  After that extensive measures were taken to make the server more safe against attacks, and they in turn have lead to some secondary technical problems that are a pain in the ass.

5. Bad scripting or  badly balanced features can lead to a lot of grief, if a few unscrupulous players find out about them before they can be fixed, and take advantage of them on a massive scale. (This is reasonably easy to remedy once you get aware of the problem, but you must know that it exists, before you can do anything). Try to get your players to report all bugs, it helps a lot.

[Enigma]

There is one thing we have found very effective as a deterent against in game cheaters (the other problems were all solved long ago but despite stringent quality control new areas/items/spells/classes occasionally provide players some new bug to abuse).

That is that rather than fixing a bug immediately sometimes we just log everyone using it and leave it for a week or a month before fixing it.

At that point all people abusing it can expect to see characters deleted and/or suspended. Naturally people who reported the bug to us instead of exploiting it don't get in trouble :-)

It's amazing how many people start reporting bugs instead of exploiting them for a few years after we do that :-)

[the_logos]

One potentially valuable tool that nobody's mentioned is statistical work. For instance, to take a simple example, if your in-game currency is gold, you can easily track how much gold is in the game, how much is produced daily and how much is consumed daily. A significant jump over your average daily production would tell you that you need to look for duping exploits or quest exploits or exploits in however players produce gold.

Can do the same thing with any resource in-game. For instance, we've found a few quest exploits by just ensuring we record all xp and gold gotten from doing quests and then looking for quests which are suddenly producing more xp and gold than they historically have.

Stats are your friend. You can't keep enough of them.

--matt

Quote:

Originally Posted by (Raewyn @ Feb. 03 2005,17:59) "Why do bugs still make their way into our realms?"

Short answer. You suck or whoever coded your game sucks. ;-)

Quote:

Originally Posted by (Raewyn @ Feb. 03 2005,17:59) Finally, in your opinion and if you would not mind sharing, what was the cause of the exploit and how did you prevent it from happening again (or were you proactive in preventing it?)?

All the advice on securing your server, your shell and your source is sound. Those attacking your mud from outside the mud are the problem children.

I personally don't consider anyone who exploit bugs or takes advantage of any flaw (or perceived flaw) in the game to be a cheater at all. Even repeatedly crashing the game is fair play as far as I'm concerned. IMO, the only people who can cheat in a mud are immortals (By can I mean have the capability).

[the_logos]

Quote:

Originally Posted by (Tyche @ Feb. 16 2005,02:13) I personally don't  consider anyone who exploit bugs or takes advantage of any flaw (or perceived flaw) in the game to be a cheater at all.   Even repeatedly crashing the game is fair play as far as I'm concerned.   IMO, the only people who can cheat in a mud are immortals (By can I mean have the capability).

"Cheater" is just a name, imbued with whatever value you choose to place on it.

Regardless, the reality is that the game operator has absolute discretion in terms of defining cheating in any meaningful way. You may not feel you're cheating if you're crashing the game repeatedly, but you' d be banned and, if you somehow found a way to do it such that you couldn't be quickly stopped, you'd also quickly be sued in the case of a commercial MUD, and you'd lose. I'm guessing criminal penalties would also be applicable but I'm not a lawyer.

So I mean, whether it's "cheating" or not doesn't really matter. It's semantics. If the developer feels certain players or actions are harming the developers interests (which are generally oriented around ensuring its players are generally enjoying themselves), the developer is going to take action (and reasonably so).

--matt

[KaVir]

Quote:

Originally Posted by (Tyche @ Feb. 16 2005,08:13) Quote: Originally Posted by (Raewyn @ Feb. 03 2005,17:59) "Why do bugs still make their way into our realms?" Short answer.  You suck or whoever coded your game sucks. ;-)

Don't joke - I've heard people who really thought that, and some readers might take your comment seriously.

“There is a myth that if we were really good at programming, there would be no bugs to catch. If only we could really concentrate, if only everyone used structured programming, top-down design, decision tables, if programs were written in SQUISH, if we had the right silver bullets, then there would be no bugs. So goes the myth. There are bugs, the myth says, because we are bad at what we do; and if we are bad at it, we should feel guilty about it. Therefore, testing and test case design is an admission of failure, which instills a goodly dose of guilt. And the tedium of testing is just punishment for our errors. Punishment for what? For being Human? Guilt for what? For failing to achieve inhuman perfection? For not distinguishing between what another programmer thinks and what he says? For failing to be telepathic? For not solving human communication problems that have been kicked around... for forty centuries?” -- Beizer, 1990, quoted in [Pressman-01].

A study by DeMarco and Lister (the authors of peopleware) concluded that professional programmers average 1.2 bugs for every 200 lines of code they write. Now remember that most muds are very large, and that most mud coders are not professionals.

Quote:

Originally Posted by I personally don't consider anyone who exploit bugs or takes advantage of any flaw (or perceived flaw) in the game to be a cheater at all. Even repeatedly crashing the game is fair play as far as I'm concerned.

Having your users test your software is a great way to track down problems, but they need to have the incentive to want the problems fixed. Take an example like Microsoft - almost all of their customers want to have a secure and stable system, therefore they're personally going to benefit from reporting bugs. On the other hand, imagine if it was a piece of banking software and you said to your customers "You can exploit bugs or take advantage of any flaw without repercussions". Do you really think anyone would report how they could make the machine give them free bank notes? On the other hand, if you said that such exploitation was theft, you'd find more people willing to inform you - and if you offered a large financial reward for such information, you'd find people deliberately trying to find and report the bugs purely to claim the reward.

In a mud, the usual approach is to punish those who exploit bugs, and/or reward those who report them. If the reward is greater than the benefit gained from the bug, and/or the punishment severe enough to not make the risk of being caught worthwhile, then the number of people exploiting bugs will decrease.

On the other hand, if you offer no punishment or reward, the player will be encouraged to keep using the bug and not reveal it. This can often be detremental to the enjoyment of the rest of the players, and also forces the developers to waste a lot of their time tracking down bugs instead of improving the game.

Quote:

Originally Posted by (the_logos @ Feb. 16 2005,04:10) "Cheater" is just a name, imbued with whatever value you choose to place on it.

That's right. It's also a very localized perception of how a particular game ought to work by a subset of a game's players, and/or more importantly the admins running them. What constitutes cheating on your game, ain't cheating on my game, and may or may not be cheating on Buffy's game. Furthermore we ought to acknowledge that it is largely bereft on any real world moral value. The players shouting "Hey batter batter! Swing!" to rattle the batter in a baseball game go out on the links and shout "Hey duffer duffer! Swing" and suddenly find themselves to be dirty rotten cheatin' scoundrels at golf. Not so copyright infringement or unauthorized shell access. Those are quite different in my mind than what occurs within our games.

Of course it's only fair to acknowledge those things which we must assert which are beyond our control as well. Regardless of whether we agree, the laws of our country/state on the operation of an internet service, the terms of one's ISP, upstream provider or mud service provider give cause that we must assign and enforce a morality in our games.

And yet people who admin certain muds thoughts on what cheating is or is not, are remarkably similar and can often be shown to be a direct result of being imprisoned in procedures and practices associated with a particularly poorly designed or implemented game. Dare I mention that multi-playing and user scripting are great and wonderful features of muds in a crowded room of Diku admins? I recall reading a post sometime back where a mud admin was lamenting the scoundrels who designed foul clients like Zmud and MushClient that have *gasp* triggers, *gasp* scripting, and *gasp* multi-session capability. What sort of unscrupulous people would give players those powers?! Tut tut.

Quote:

Originally Posted by (the_logos @ Feb. 16 2005,04:10) Regardless, the reality is that the game operator has absolute discretion in terms of defining cheating in any meaningful way.

I'm less interested in admin's rights, but rather the effects. I and every other admin know that we can do pretty much anything we want to players, including breaking our own rules. We can torture, maim, mock, harass, delete, exile, imprison, jail, silence, and ban the buggers for any reason. We can make up the reasons. They don't have to be consistent, they don't have to make sense, they can be ex post facto, and they don't have to be, and rarely if ever are, objective. No it's not our rights, but invoking them every time something goes wrong in our narrow little worlds I find to be sad. I think it's more of a social design principle I'm trying to express:
Big brother really really sucks. The less you have to invoke your rights, the much better off your game and players will be. The more you extend powers to players or enable them to enforce their own rights, the happier both you and they'll be.

I would add that there are plenty of people playing muds who don't want freedom. Not to worry as there is little danger of games and mud admins who view themselves as big brother or sister that treat players like subjects will disappear. :-)

[the_logos]

Quote:

Originally Posted by Furthermore we ought to acknowledge that it is largely bereft on any real world  moral value.  The players shouting "Hey batter batter! Swing!" to rattle the batter in a baseball game go out on the links and shout "Hey duffer duffer! Swing" and suddenly find themselves to be dirty rotten cheatin' scoundrels at golf.  Not so copyright infringement or unauthorized shell access.  Those are quite different in my mind than what occurs within our games.

Well, morality is of course a personal thing. Quite a lot of people on these forums, for instance, seem to think there's nothing wrong with copyright infringement. I disagree, but will recognize it's a personal matter when it comes to morality. Happily, in the end, it's not the morality of it that matters, but the reality of it, which, as you recognize, is that the power is with the game operators and those whose side the law is on.

Quote:

Originally Posted by Big brother really really sucks.  The less you have to invoke your rights, the much better off your game and players will be.  The more you extend powers to players or enable them to enforce their own rights, the happier both you and they'll be.

Better is as subjective as morality. What's better to one person isn't better to another. Remember LambdaMoo, after all. Their players were so unhappy governing themselves they turned power back over to the admins.

What is nice about having admins in charge is that the rights that need enforcing can be laid out from above. When put in the hands of players, there will be no consensus about what rights one has against other people that need enforcing. I may feel that it is my right to a free education on your dime, for instance. You may disagree. I may feel it's my right to be free of all OOCness around me. You may disagree. Admins are able to simply lay out what rights you have and don't have as respects other players, leaving everyone playing on the same field.

--matt

[KaVir]

Quote:

Originally Posted by (the_logos @ Feb. 17 2005,00:49) Quite a lot of people on these forums, for instance, seem to think there's nothing wrong with copyright infringement. I disagree, but will recognize it's a personal matter when it comes to morality.

If you disagree, then why did you all but encourage people to violate the Diku licence?

I think it's fairly obvious to most of us that your definition of "morality" means anything that helps promote your games, and to be honest I'm getting thoroughly sick of your constant stream of veiled insults towards other forum members. Take your flamebait somewhere else.

[the_logos]

Quote:

Originally Posted by Quote: Originally Posted by the_logos,Feb. 17 2005,00:49 Quite a lot of people on these forums, for instance, seem to think there's nothing wrong with copyright infringement. I disagree, but will recognize it's a personal matter when it comes to morality. If you disagree, then why did you all but encourage people to violate the Diku licence?

What I wrote is completely ethically neutral. There ARE people on this forum who see nothing wrong with copyright infringement. There are multiple members of the forum that openly violate the Lucas license, for instance. I think it's wrong, but if Lucas doesn't care enough to do anything about it, I don't either.

I have never encouraged anyone to violate the Diku license. I've stated, multiple times, that your interpretation of the DIKU license is naive and fatally flawed. You've taken offence at that. Understandable. Your entire MUD identity is built on your little crusade and nothing can be allowed to threaten that belief system. The DIKU license prohibits revenue, not profit in your mind. The DIKU license prohibits making money from it at all, not just making money from distribution. American law exists in statute, not in case law. These are your beliefs, and though they're not grounded in reality, you're welcome to take refuge in them.

Quote:

Originally Posted by I think it's fairly obvious to most of us that your definition of "morality" means anything that helps promote your games, and to be honest I'm getting thoroughly sick of your constant stream of veiled insults towards other forum members.  Take your flamebait somewhere else.

So young, so bitter.

--matt

[KaVir]

Quote:

Originally Posted by (the_logos @ Feb. 17 2005,11<!--emo&:0) I have never encouraged anyone to violate the Diku license.

You listed a number of opinions which went against the stated wishes of the Diku team and claimed that they were "easy, essentially rock-solid ways to avoid violating the license" (while profiting from the code), and then went on to say that you'd "be happy to help any mud that wants it do this" and that "it's never going to get to court as the license holders suffer no damage from third parties generating revenue from DIKU".  That sure sounds like encouragement to me, and not at all "ethically neutral".

Quote:

Originally Posted by Your entire MUD identity is built on your little crusade

No, my mud identity is built on having created the most popular PK codebase on the net, and was well established long before you started creating your first mud.  My interest in defending the rights of mud developers is just a sideline interest.

[the_logos]

Quote:

Originally Posted by (KaVir @ Feb. 17 2005,05:46) No, my mud identity is built on having created the most popular PK codebase on the net, and was well established long before you started creating your first mud.  My interest in defending the rights of mud developers is just a sideline interest.

Quote:

Originally Posted by You listed a number of opinions which went against the stated wishes of the Diku team and claimed that they were "easy, essentially rock-solid ways to avoid violating the license"

So, what you're saying is that I offered to help show people how to not violate the license? Is that what you're accusing me of? My god, that's quite a strong accusation to make.

I realize you have historically had a difficult time understanding this, but what the DIKU team says is not really relevant to the license itself. (and it's not certain, by any means, that the DIKU team owns the license. It's reasonably likely that if it went to court it'd turn out to be owned by the university, whom Hans & company are not representatives of.) Licenses stand on their own, and in American IP law at least, the onus is on the contract drafter to spell out what the terms of the contract are before the contract is executed. What the contract drafter says afterwards is no more relevant than what the contract accepter says afterwards. It's not as if Raymond Feist could speak up now and change the terms of the license he granted us now just because he felt he left something out of the license.

What you constantly insist on is that people follow provisions of the license that don't exist. You're welcome to do that, but there's no reason for people to care about your version of the license.

Quote:

Originally Posted by My interest in defending the rights of mud developers is just a sideline interest.

You're not interested in defending the rights of mud developers. You're interested in restricting their rights by trying to impose non-existent license terms on them.

--matt

[Valg]

the_logos: I realize you have historically had a difficult time understanding this, but what the DIKU team says is not really relevant to the license itself.

There's always the issue of respecting the stated wishes of the people who provided the codebase to the greater community (*), rather than trying to invent ways to weasel around their words and intent.  However, I realize you have historically had a difficult time understanding ethics.

(*): Insert your tired "rising tide raises all ships" cliche here.  Not that you ever pass up chances to deride the rest of the community.  But we like to play along when you ooze up to the podium and smarm it out.  You're cute when you 'umbly get all Uriah Heep.

[KaVir]

Quote:

Originally Posted by (the_logos @ Feb. 17 2005,21:27) Quote: Originally Posted by You listed a number of opinions which went against the stated wishes of the Diku team and claimed that they were "easy, essentially rock-solid ways to avoid violating the license" So, what you're saying is that I offered to help show people how to not violate the license?

No, you posted your own personal intepretation of the licence as if it were fact - an interpretation which explicitly contradicts the wishes of the copyright holders - and then encouraged people to follow your interpretation.

And the saddest part of all is that you somehow believe you were being "completely ethically neutral".  I guess that says alot about your ethics.

Quote:

Originally Posted by I realize you have historically had a difficult time understanding this, but what the DIKU team says is not really relevant to the license itself.

Of course it is - if you disagree with their interpretation then you can contest it in court, and let the court decide the intent of the licence.  The same is true of any licence.

Quote:

Originally Posted by (and it's not certain, by any means, that the DIKU team owns the license.

Ownership of the licence is irrelevent - the important question is whether they own the copyright.  And the answer is "yes" - their US Copyright No is TX 4-424-366, look it up.

Quote:

Originally Posted by It's not as if Raymond Feist could speak up now and change the terms of the license he granted us now just because he felt he left something out of the license.

If he reserved that right, of course he could.

But we're not talking about changing the terms of the licence - we're talking about applying different interpretations to those terms.  Are you really as ignorant as to believe you're free to interpret the terms of his licence however you wish?

Quote:

Originally Posted by What you constantly insist on is that people follow provisions of the license that don't exist.

No, I insist that people follow the Diku team's interpretation of the Diku team's licence, at least until such point as that intepretation is deemed legally invalid by a court of law.

Quote:

Originally Posted by You're not interested in defending the rights of mud developers. You're interested in restricting their rights by trying to impose non-existent license terms on them.

Utter rubbish.  You're the one encouraging people to violate the intent of the Diku licence, not me.

Quote:

Originally Posted by (KaVir @ Feb. 16 2005,04:28) Don't joke - I've heard people who really thought that, and some readers might take your comment seriously.

Maybe I ought to quantify it with a specific type of bug.
Mud crashes daily: you really really suck, -20 to your saving throw
Mud crashes weekly: you really suck, -10 to your saving throw
Mud crashes monthly: you suck, -5 to your saving throw
Mud crashes a few times a year: you might not suck, no modifier

This handy formula can be extended to all bugs depending on their severity. The highest progression you can attain in is you might not suck. It's an unforgiving system designed to keep the coder's ego in check whether it be oneself or another. . ;-)

There's is something interesting in the Beizer quote. Maybe...

“Punishment for what? For being Human? Guilt for what? For failing to achieve inhuman perfection? For not distinguishing between what another programmer thinks and what he says? For failing to be telepathic? For not solving human communication problems that have been kicked around... for forty centuries?”

...that instead of taking the blame and punishing ourselves for our crappy code and misbegotten designs, let us instead take it out on our users and punish them! That's what I think the cop out is. "We're only human, therefore people who take advantage of our failings are bad."

Programmers should aspire to code stuff free from bugs, and fix them when they find them (unless of course the bug is one of those rare happy side effects we actually like).

Quote:

Originally Posted by (KaVir @ Feb. 16 2005,04:28) A study by DeMarco and Lister (the authors of peopleware) concluded that professional programmers average 1.2 bugs for every 200 lines of code they write. Now remember that most muds are very large, and that most mud coders are not professionals.

I doubted that at one time but if you look at it closely, they are counting bugs revealed in all life-cycles of the product. The life-cycle thing was big in the early 90's, well still is. Does it mean that there are 15K+ bugs in Linux? No. Are there 127 bugs in Diku-Alpha? Yes and probably a lot more. Of course it might not be you that sucks just your codebase. How come a stock dikurivative out of the box can't make it past the "you really suck" level? I mean before the newbie coder gets their hands on it. How is that younger servers with far smaller user base, like Genesis ColdC and some others, easily surpass the "you might not suck" level? Bear in mind that some have moved that bug bar quite a bit by using higher level languages and unit testing.

Quote:

Originally Posted by (KaVir @ Feb. 16 2005,04:28) On the other hand, imagine if it was a piece of banking software and you said to your customers "You can exploit bugs or take advantage of any flaw without repercussions".

I don't have to imagine that. Banking software is what I do. It's the source of my nightmares (except for one where I'm being hunted down and eaten by tigers). You ought to treat exploiters of bank software bugs differently than those who exploit your games. Games are liesure activities, with little to no consequences. Banking is highly regulated activity with substantial real life consequences.

Quote:

Originally Posted by (KaVir @ Feb. 16 2005,04:28) In a mud, the usual approach is to punish those who exploit bugs, and/or reward those who report them. If the reward is greater than the benefit gained from the bug, and/or the punishment severe enough to not make the risk of being caught worthwhile, then the number of people exploiting bugs will decrease.

I'm suggesting one throw punishment model out the window. I've nothing against the reward model. Punishment never fixed bugs. It ain't socially productive neither. Instead of just a bug now you've got a bunch of angry players because you made some moral calculation based on the bug. Now you got bugs, social bugs.

[the_logos]

Quote:

Originally Posted by No, you posted your own personal intepretation of the licence as if it were fact

I posted our IP expert's opinion. You know, someone who is a lawyer and who understands the law. And more than that, someone who actually specializes in IP law. Perhaps I should pay for an opinion that I can publish here verbatim. No doubt you'd not accept that though, as you're interested only in defending your position regardless of evidence.

Quote:

Originally Posted by an interpretation which explicitly contradicts the wishes of the copyright holders - and then encouraged people to follow your interpretation.

Are we talking about the license or their current wishes? Two separate things. I'm talking about the license.

Quote:

Originally Posted by Of course it is - if you disagree with their interpretation then you can contest it in court, and let the court decide the intent of the licence.  The same is true of any licence.

Again, I think you misunderstand how the law works here. You don't sue someone to find out if you're infringing or not. It's incumbent upon the owner of the IP to protect his or her IP. Aside from anything else, the DIKU guys have shown a lot less interest in defending their license than you have, it must be said. They don't care enough to take action, or don't view DIKU as worth enough to bother taking action to find out whether their interpretation has any legal validity.

Quote:

Originally Posted by If he reserved that right, of course he could.

That's right, but he didn't. Neither did the DIKU guys.

Quote:

Originally Posted by No, I insist that people follow the Diku team's interpretation of the Diku team's licence, at least until such point as that intepretation is deemed legally invalid by a court of law.

Hey, that's pretty convenient for you alright. Your position then is that until DIKU sues, the DIKU team can say the license means whatever they want. Funny, but that's ridiculous, of course.  

Quote:

Originally Posted by Utter rubbish.  You're the one encouraging people to violate the intent of the Diku licence, not me.

I'm interested in the license, not what the DIKU guys now say the license means or what they say their intent was upon writing it.

A license is a contract, and there are two parties to a contract. Someone using the DIKU code under the DIKU license has just as much right to their interpretation as the other party in the contract (the DIKU guys) does. When they disagree, the courts are there. The fact that the DIKU guys have chosen not to actually find out if their interpretation is correct says a heck of a lot to me, given that they're the ones who you allege feel injured.

Hey, I have an idea. Why don't we split the cost of hiring a recognized American IP lawyer and pay for a written opinion on the license. Wouldn't it be nice to have an expert opinion to rely on? Surely you'd like that, rather than having to rely on your layman's understanding of the law. We could ask him or her a couple things:

1. Is the DIKU license still enforceable given
   a. The inability of licensees to fulfill the provisions of the contract, through fault of the DIKU team (ie their email addys are no longer valid and the license requires people to notify the DIKU team when they start a new DIKU)
    b. The utter lack of effort the DIKU team has exerted in protecting their intellectual property.

2. Does the DIKU license prohibit profit (which is what it says) or does it prohibit whatever you think it says (revenue? I have no idea.)

So how about it? I'm serious, incidentally. I'm not scared of what an expert's opinion is going to be. Are you? I know I'm open to having my mind changed. Are you? Or is it easier to just hold fast to your opinion, intentionally not seeking the opinion of experts because they might kill your sacred cow?

--matt

Quote:

Originally Posted by (the_logos @ Feb. 16 2005,18:49) Well, morality is of course a personal thing.

No morality is an absolute thing. On this very basic principle of morality there can only be one correct position. :-)

Quote:

Originally Posted by (the_logos @ Feb. 16 2005,18:49) Better is as subjective as morality. What's better to one person isn't better to another. Remember LambdaMoo, after all. Their players were so unhappy governing themselves they turned power back over to the admins.

IRT LambdMOO..as Pavel Curtis tells it the wizards got fed up and siezed power in a coup d'etat. But I'm not talking about player-governance at all; democracy just replaces one tyrant with a hundred tyrants. I'm talking about self-governance. What is self-governance in virtual world terms? Well it's simply giving the the means to enforce a simple right to the owner of that right. You cannot do this succesfully in the real world, I contend you can however do it in the virtual world because of it's very limited nature.

Just a for example... in the virtual world you can silence me with a press of a button. In the real world you have to use a gun. You can do it just for yourself in the virtual world, in the real world you make that decision for everyone. In the first case you are able to execute self-governence, in the latter it's what...anarchy...vigilanteism.

Quote:

Originally Posted by (the_logos @ Feb. 16 2005,18:49) What is nice about having admins in charge is that the rights that need enforcing can be laid out from above. When put in the hands of players, there will be no consensus about what rights one has against other people that need enforcing.

By "enable them [players] to enforce their own rights", I mean giving them the power to control their level of interaction or non-interaction with other players. The player who insists they have rights beyond their own virtual space will soon find themselves by intention or exclusion playing a single-user game. And that is where consensus lives. People left to their own devices will naturally come to consensus with a wide range of other people. Not on all issues, but on those they consider important when playing the game or their version of the game.

There are several rights you might extend to a player, the most basic right you could grant them is control over their communications. It's trivial to do, yet most muds suck at it. There are many other rights you might grant players, but if they don't have the means to enforce it, then it's a poor design decision, socially IMO.

[the_logos]

Quote:

Originally Posted by (Tyche @ Feb. 17 2005,19:08) Quote: Originally Posted by (the_logos @ Feb. 16 2005,18:49) What is nice about having admins in charge is that the rights that need enforcing can be laid out from above. When put in the hands of players, there will be no consensus about what rights one has against other people that need enforcing. By "enable them [players] to enforce their own rights", I mean giving them the power to control their level of interaction or non-interaction with other players.  The player who insists they have rights beyond their own virtual space will soon find themselves by intention or exclusion playing a single-user game.  And that is where consensus lives.   People left to their own devices will naturally come to consensus with a wide range of other people.  Not on all issues, but on those they consider important when playing the game or their version of the game.

Ok, fair enough. I thought you meant to say that the players should be allowed to choose what rights they have and don't have individually, which is a recipe for total disaster, of course, though would make for an interesting, if short-lived, experiment.

Quote:

Originally Posted by There are several rights you might extend to a player, the most basic right you could grant them is control over their communications. It's trivial to do, yet most muds suck at it. There are many other rights you might grant players, but if they don't have the means to enforce it, then it's a poor design decision, socially IMO.

I'm guessing that by control over their communications you mean the ability to ignore communications coming from other players, rather than the ability to force communication on someone else, no matter what? I'd agree that should be done, though surely most MUDs give players some control over that already?

For the most part I'd tend to agree with the idea that once an admin has determined what rights a player is to have, it's up to the admins to give players methods of exercising those rights. However, I have no problem with human intervention either. For instance, one of the methods we've given our players is filing an issue (CS ticket basically). Code is terrible at recognizing the context in which something is taking place, and I think that human intervention is also appropriate just based on the fact that MUDs are services as well as products. Good service means being able to talk to a human about your problem if need be.

--matt

[the_logos]

Quote:

Originally Posted by (the_logos @ Feb. 17 2005,18:56) Hey, I have an idea, Kavir. Why don't we split the cost of hiring a recognized American IP lawyer and pay for a written opinion on the license. Wouldn't it be nice to have an expert opinion to rely on? Surely you'd like that, rather than having to rely on your layman's understanding of the law. We could ask him or her a couple things: 1. Is the DIKU license still enforceable given    a. The inability of licensees to fulfill the provisions of the contract, through fault of the DIKU team (ie their email addys are no longer valid and the license requires people to notify the DIKU team when they start a new DIKU)     b. The utter lack of effort the DIKU team has exerted in protecting their intellectual property. 2. Does the DIKU license prohibit profit (which is what it says) or does it prohibit whatever you think it says (revenue? I have no idea.) So how about it? I'm serious, incidentally. I'm not scared of what an expert's opinion is going to be. Are you? I know I'm open to having my mind changed. Are you? Or is it easier to just hold fast to your opinion, intentionally not seeking the opinion of experts because they might kill your sacred cow? --matt

So how about it?

--matt

[Angie]

I think you are missing the point, Matt. Completely.

[the_logos]

Quote:

Originally Posted by (Angie @ Feb. 23 2005,15:32) I think you are missing the point, Matt. Completely.

Well, no, I'm not. Kavir is always going on and on about "the license." I'm just suggesting we actually get an expert opinion, though I realize that may threaten his dogma.

What Kavir wants is for people to do things that are not, I believe, covered by the license. That's fine, and it's certainly his perogative to request whatever he wants. He could request everyone mails him a ham sandwich because he believes that should be covered by the DIKU license, but I'm interested in the actual license, not what Kavir wants the license to say, or even what the DIKU guys now say they want the license to say.

As has been pointed out many times, a license is a contract, and unless that contract has a provision in it for retroactive, unilateral changes by one or the other party, those changes cannot be made.

Again, I understand that some people want things enforced that may or may not be in the license, but what's the harm in getting an expert opinion on the license? Neither Kavir nor I nor anyone else I've heard weigh in on the matter are experts in IP law. Wouldn't it be nice to actually have that information and THEN decide rather than sticking our proverbial heads in the ground and ignoring the opinions of people who are actually qualified to comment on how a court would likely (can't be sure without actually going to court, of course) interpret it? I mean, if you wanted to know if a certain kind of building could be built without it tipping over, you wouldn't ask a bunch of random forum members. You'd ask an architect who specializes in that kind of building.

Kavir and whoever else would still be free to complain that people aren't following what they think the DIKU team wanted when the license was written, or what they think the DIKU team wants now.

I just fail to see why there's any hesitation over consulting an expert on any issue, unless it's the cost, and Kavir claims to be quite interested in protecting the rights of mud creators. So, let's find out what those rights actually are vis a vis DIKU. That's all I'm saying.
--matt

[Valg]

Quote:

Originally Posted by (Angie @ Feb. 23 2005,12:32) I think you are missing the point, Matt. Completely.

Quote:

Originally Posted by I think you are missing the point, Matt. Completely.

That's largely because this thread touches on "What is proper?", as opposed to "What can I get away with?"  Once that comes into play, the whole thread might as well be written in Swahili as far as the_logos is concerned.  He's basically Unfrozen Caveman Ethical Expert.  The ways of your people confuse and frighten him.

So yes, the_logos, one could probably pay a lawyer or three, create enough paperwork to overwhelm the desire of the original DIKU team to defend their creation from it all (in a foreign country, even), and browbeat one's way into getting what one wants.  Some lawyers base their careers on this sort of thing.  It's legal to do so.

Nonetheless, I'll stick with Plan B: The people who created the codebase requested that it be handled a certain way, and since I benefit from it (admittedly in a very tortuous and distant way), I'm willing to respect those wishes.

If I thought of MUDing as my job and not as my hobby, I'd take the time to write my own codebase and profit from it, rather than weasel someone else's away from them.  I'm also pleased that the TMS staff and the other members of the MUD community act responsibly and actively discourage people from that sort of weaseling.  The MUD community as a whole benefits when independent coders feel comfortable releasing their creations, and that benefit disappears when you encourage people to violate their intent.

[KaVir]

Quote:

Originally Posted by (the_logos @ Feb. 23 2005,21:51) I just fail to see why there's any hesitation over consulting an expert on any issue, unless it's the cost, and Kavir claims to be quite interested in protecting the rights of mud creators.

Then I'll spell it out for you:

1) I've already heard from several people over the years who claim to have consulted lawyers, and no two answers seem to be the same - I don't believe you would receive a clear-cut answer, and any answer you did receive would vary based on the phrasing of your question.

2) Not something I would have mentioned, but as you insist of repeating yourself until I answer... I have very serious doubts about both your honesty and integrity, and certainly wouldn't trust you with my money.

3) My interests lie in defending the interests of mud developers, and in that respect my overall views would change very little regardless of the outcome.

[the_logos]

Quote:

Originally Posted by That's largely because this thread touches on "What is proper?", as opposed to "What can I get away with?" Once that comes into play, the whole thread might as well be written in Swahili as far as the_logos is concerned. He's basically Unfrozen Caveman Ethical Expert. The ways of your people confuse and frighten him. So yes, the_logos, one could probably pay a lawyer or three, create enough paperwork to overwhelm the desire of the original DIKU team to defend their creation from it all (in a foreign country, even), and browbeat one's way into getting what one wants. Some lawyers base their careers on this sort of thing. It's legal to do so.

Ahh, lovely ad hominem attacks. Nicely done! You're such a little cutie.

I don't care what people can get away with. It's already the case that people who wish to gain revenue from DIKU codebases can do so. I mean, they are and have been for years. Your mud, for instance, gains revenue from running a DIKU, but presumably doesn't generate any profit. So that question is already settled. I'm certainly not interested in what I can "get away with" since I don't use DIKU and have no reason to use it. I'm just interested in a legitimate expert's opinion on what the license says.

Quote:

Originally Posted by Nonetheless, I'll stick with Plan B: The people who created the codebase requested that it be handled a certain way, and since I benefit from it (admittedly in a very tortuous and distant way), I'm willing to respect those wishes.

Well, the thing is, the license is a contract, with two parties. One side of the contract doesn't get any more rights to dictate the content of the contract than the other does. It makes just as much sense to say that the person on the other side of the contract (the mud admin) can do whatever he/she wants from it because he or she had a different intent when agreeing to the contract.

Quote:

Originally Posted by If I thought of MUDing as my job and not as my hobby, I'd take the time to write my own codebase and profit from it, rather than weasel someone else's away from them. I'm also pleased that the TMS staff and the other members of the MUD community act responsibly and actively discourage people from that sort of weaseling.

But we're not talking about profit here. We're talking about revenue. We all agree that the DIKU license prohibits profit, assuming the license even continues to have any legal weight at all. Without seeing financial statements there's no way to know if a MUD like Medievia or even Carrion Fields is making a profit from the revenue they generate. Kavir's assertion is that just gaining revenue is against the license, despite the fact that all the license talks about is profit.

So I mean, if just gaining revenue is morally wrong, why does Carrion Fields have a paypal account set up to get revenue from its players? That's not an attack. I mean, I know you guys aren't making a profit, but you can't have it both ways. Either it's ok to generate revenue or not. If it's ok to generate revenue but not a profit (which is what a rational interpretation of the license gives you), then why all the attacks on Medievia without any proof they're generating a profit?

Anyway, all I'm suggesting is that we get an actual, legitimate expert opinion. I can't believe anyone here would argue against the benefits of obtaining greater knowledge about the subject matter. That kind of argument is usually reserved for religious fundamentalists for whom greater knowledge is a threat, as it may cast doubt upon their dogmatic assertions.

--matt

[the_logos]

Quote:

Originally Posted by 1) I've already heard from several people over the years who claim to have consulted lawyers, and no two answers seem to be the same - I don't believe you would receive a clear-cut answer, and any answer you did receive would vary based on the phrasing of your question.

So why hear it second-hand? I'm also not talking about just "consulting a lawyer." There are probably people on these forums more in touch with intellectual property law than many lawyers who don't do IP work. I'm talking about consulting a true intellectual property expert.

Quote:

Originally Posted by 2) Not something I would have mentioned, but as you insist of repeating yourself until I answer... I have very serious doubts about both your honesty and integrity, and certainly wouldn't trust you with my money.

That's pretty funny coming from a guy who constantly spews nonsense about the DIKU license, going so far as to set up a web page devoted to flaming another MUD. Besides, we'd be paying the lawyer, not each other.

Quote:

Originally Posted by 3) My interests lie in defending the interests of mud developers, and in that respect my overall views would change very little regardless of the outcome.

Really? So you speak for all mud developers? How amusingly arrogant. Cause I gotta tell you, there are a LOT more people using DIKU than developing DIKU, and the course of action you insist on gives them less options than actually just following the license does. You wish to reduce their sphere of action by convincing them that they don't have rights they quite likely do. In fact, I'm a mud developer, with 4 successful MUDs, and you certainly don't speak for me. Sounds to me like you're interested only in the interests of a very narrowly defined segment of mud developers.

In any case, this is what I expected. You're not interested in what the license says. You're interested in shoving your point of view down everyone else's throat and by god, your opinion isn't changing regardless of the facts.

--matt

[KaVir]

Quote:

Originally Posted by (the_logos @ Feb. 23 2005,23:36) Quote: Originally Posted by 2) Not something I would have mentioned, but as you insist of repeating yourself until I answer... I have very serious doubts about both your honesty and integrity, and certainly wouldn't trust you with my money. That's pretty funny coming from a guy who constantly spews nonsense about the DIKU license, going so far as to set up a web page devoted to flaming another MUD. Besides, we'd be paying the lawyer, not each other.

I've never "spewed any nonsense" - I've posted the interpretation of the Diku team, backed up by legal references. As opposed to you, who have posted your own views of how you'd like to see the Diku licence exploited^H^H^H^H^H^H^H^H^Hinterpretted, backed up by your ignorant rantings of how ignoring the Diku licence would make the world a better place.

And the webpage I set up was actually put there to stop the regular six-monthly flame wars regarding the mud in question - and it worked.

Quote:

Originally Posted by Quote: 3) My interests lie in defending the interests of mud developers, and in that respect my overall views would change very little regardless of the outcome. Really? So you speak for all mud developers?

No, but I speak in defence of their work. As opposed to people like you, who would rather see such mud developers screwed. Why, one asks? Presumably because with less people contributing to the community, you'd have less competition to worry about. You're painfully transparent.

Quote:

Originally Posted by In any case, this is what I expected.

You expected me not to trust the mud community's equivilent of the slimey second-hand car salesman? Hardly a compliment, but better than nothing!

[Valg]

So I mean, if just gaining revenue is morally wrong

Never did I say that.  There's plenty of for-profit games which I have zero problem with, like Threshold, Everquest, etc.

why does Carrion Fields have a paypal account set up to get revenue from its players?

We accept donations via our webpage to pay the costs of operating the game.  We also sell merchandise (T-shirts, whatnot) to do the same.  The game itself is absolutely free- RL money has no impact on the "inside".  This is all consistent with the intent of the people who provided the database, as confirmed by their own words (in documentation, as well as conversations).  We're 100% in compliance with their intent.