* * * * *

 “That's the fifth dragon I killed in one shot! What are the chances of that
                                 happening?”

For several months now, Bob has been attempting to run his weekly D&D
(Dungeons and Dragons) game partially online—that is, former members who now
live in other states are now “attending” the weekly gaming session online. To
help facility this, Bob bought enough licences so we all can use kLoOge.Werks
[1], a program that allows a DM (Dungeon Master) to run his campaing online.
And being written in Java [2], it does indeed run on multiple platforms
(which is why I can run the thing under Linux; everybody else in the game
uses Windows).

It's not perfect, but since the introduction of kLoOge.Werks (for several
months we were trying other technologies) the gaming sessions have gotten a
bit smoother and aren't quite as annoying as when Bob first started this
little experiment. But the one thing I really dislike about this online
gaming thang is the dice rolling.

You see, you use the kLoOge.Werks program to do your dice rolling.

As a programmer, I know that computerized dice rolling is anything but
random. Pseudorandom, yes. But as random as real dice? Not by a long shot.
It's actually difficult to get decent random numbers out of a computer; Knuth
[3] spent about 300 pages of rigorous material covering the generation of
random numbers in his Art of Computer Programming [4]. And I've told Bob as
much.

But he is insistent on using kLoOge.Werks.

Durring a protracted combat session where the fighters are slugging it out,
“rolling” the dice, I decided to poke around the kLoOge.Werks program. The
Knoppix [5] live-CD (Compact Disc) I'm using on my laptop not only has Java,
but quite a few Java development tools, including a Java disassembler. So I
start poking around the .class files that comprise kLoOge.Werks, telling Bob
that it wouldn't be that much effort to replace a few of the classes dealing
with dice rolling with a special version where I can “roll” what I want,
including the DM-eyes-only rolls.

Muhahahahahahahaha.

Which brings up another point about running a game online—trust. Forget the
random number generators for a second, how can the master program (which the
DM runs) trust that the “dice rolls” of the players are legit? Now you are
getting into cryptography, digital signatures and verification, which aren't
easy to do right and all too easy to get wrong. Bruce Schneier [6] took over
700 pages to cover computerized cryptographic systems (Applied Cryptography)
[7] and even then, it's just an overview.

In the end though, I think this actually comes down to trust—that Bob will
hae to trust his players not to muck around with kLoOge.Werks, and be
suspicious if we all start rolling critical hits each time we attack.

[1] http://www.kloogeinc.com/werks/
[2] http://www.java.com/
[3] http://www-cs-faculty.stanford.edu/~knuth/
[4] http://www-cs-faculty.stanford.edu/~knuth/taocp.html
[5] http://www.knoppix.org/
[6] http://www.counterpane.com/schneier.html
[7] http://www.schneier.com/book-applied.html

Email author at [email protected]

You are viewing proxied material from gopher.conman.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.