tag:blogger.com,1999:blog-43554488802582052132024-02-08T05:42:19.500+01:00in der blogboxoliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.comBlogger50125tag:blogger.com,1999:blog-4355448880258205213.post-83698699991993199652020-05-01T08:59:00.000+02:002020-05-01T09:01:31.395+02:00Total Perspective VortexDouglas Adams: "The Total Perspective Vortex derives its picture of the whole Universe on the principle of extrapolated matter analyses.To explain — since every piece of matter in the Universe is in some way affected by every other piece of matter in the Universe, it is in theory possible to extrapolate the whole of creation — every sun, every planet, their orbits, their composition and their economic and social history from, say, one small piece of fairy cake."<br />
<br />
Today:<a href="https://mkorostoff.github.io/1-pixel-wealth/"> https://mkorostoff.github.io/1-pixel-wealth/</a><br />
<br />
h/t <a href="https://janw.xyz/">https://janw.xyz/</a>oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com1tag:blogger.com,1999:blog-4355448880258205213.post-85196257914844323632020-01-01T15:07:00.002+01:002020-01-01T15:08:40.793+01:00Letters to the Lombards<h1 dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 10pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "droid sans" , sans-serif; font-size: 16pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Letters to the Lombards</span></h1>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 10pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: #666666; font-family: "architects daughter" , cursive; font-size: 13pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">What Wizards Do When They're in Deep Debt</span></div>
<b id="docs-internal-guid-a8ec0887-7fff-8e34-c050-09be21a52813" style="-webkit-text-stroke-width: 0px; color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; orphans: 2; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;"><br></b>
<br>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "droid serif" , serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Often enough, people like to ask loaded questions, such as: </span><span style="background-color: transparent; color: black; font-family: "droid serif" , serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Why would Wizards go on Adventure?</span><span style="background-color: transparent; color: black; font-family: "droid serif" , serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> or </span><span style="background-color: transparent; color: black; font-family: "droid serif" , serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Why does Adventuring not break the financial system of the faux medieval milieu most games are set in?</span></div>
<b style="-webkit-text-stroke-width: 0px; color: black; font-size: medium; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: normal; letter-spacing: normal; orphans: 2; text-align: start; text-decoration-color: initial; text-decoration-style: initial; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;"><br></b>
<br>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "droid serif" , serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">I admit, reading treatises about this can be entertaining</span><span style="background-color: transparent; color: black; font-family: "droid serif" , serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">, but it doesn't help me have a better game. I find the question of </span><span style="background-color: transparent; color: black; font-family: "droid serif" , serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">How is it that Wizards behave that money is never enough and Adventurers do not change too much of the overall status quo?</span><span style="background-color: transparent; color: black; font-family: "droid serif" , serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> slightly more interesting.</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "droid serif" , serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"></span></div>
<a href="https://oliof.blogspot.com/2020/01/letters-to-lombards.html#more">Weiterlesen »</a>oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0tag:blogger.com,1999:blog-4355448880258205213.post-77257853062250651152019-02-16T12:23:00.000+01:002019-02-16T12:23:41.504+01:00Ultraviolet Grasslands, five sessions in<br />
Ultraviolet Grasslands was Luka Rejec's first larger product on his <a href="https://www.patreon.com/wizardthieffighter">Patreon</a> and has recently launched on <a href="https://www.kickstarter.com/projects/exaltedfuneral/the-ultraviolet-grasslands?lang=de">kickstarter</a>. The genre is metal-hurlant-slow-crawl-trading-and-exploring and everything that fits in there. From psionic cats to spectrum satraps to null objects of desire, there is a lot of ... stuff in there without suffocating a referee with too much detail, leaving lots of room for your own stuff. For example, the Ultraviolet Grasslands are the far end of the Rainbowlands, and while there are some tidbits about the various Rainbowlands, it's mostly half sentences or seemingly throw-away remarks that to me feel like an invitation to fill up the gaps and make your own Rainbowlands. Or not, if you're not into that. It's just enough to provide a kaleidoscope of backdrop figments as it stands.<br />
<br />
I've been refereeing with the Patreon version for five sessions now and it already is serviceable as is. Most locations fit on a double spread. The setting specific rules are easy and light enough to be bolted on to any game system you want to use (I would recommend using something light and OD&D inspired like <a href="https://www.drivethrurpg.com/product/203614/Macchiato-Monsters-ZERO">Macchiato Monsters</a> or <a href="https://www.drivethrurpg.com/product/211910/Mageblade-Zero">MageBlade!</a> which is what I am using).<br />
<br />
What I already built in terms of supporting material<br />
<br />
<br />
<ul>
<li>Started a <a href="https://campaignwiki.org/wiki/UltravioletMageblade/">wiki for the campaign</a>.</li>
<li>Created a <a href="https://docs.google.com/document/d/1juipgbEmiY2QrlG_vl-QY6RGMUAEIs3L-IzwWqq46QY/edit?usp=sharing">Referee Reference</a> and a <a href="https://docs.google.com/document/d/1trXCJpN-EaYKPdW9HHae1Hn5vJvTd9IFEXMHKfohl0I/edit">Character Sheet</a>.</li>
</ul>
<br />
Things I need or want to improve<br />
<br />
<ul>
<li>Offer the players more ways to interact with the world. Highlight the exploration angle?</li>
<li>Show off more of Luka's awesome artwork</li>
<li>Accessing information at the table. I am considering building an index card system. This is obviously not a new idea, I found a blog post <a href="http://www.rpgready.com/the-efficient-gm-index-card-game-prep/">covering one way to organize referee information on index cards</a></li>
<li>Make the trading / caravan aspect a more organic part of the game without ripping a traveller-trading-simulations sized hole into it.</li>
</ul>
oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0tag:blogger.com,1999:blog-4355448880258205213.post-63814769025343543652019-02-11T19:26:00.000+01:002019-02-11T19:26:10.145+01:00On ZakI've been complicit with some of Zaks actions in the RPG community, by defending/rationalizing him in public and private in the past.<br />
<br />
I stopped that, unrelatedly, roughly about the time that Mandy Morbid left him, but it was for unrelated reasons, mainly to extricate myself from his system of community manipulation.<br />
<br />
I can only ask forgiveness of those that I left standing by their own, failing to be an ally, while I knew about these things.<br />
<br />
Context:<br />
<br />
<br />
<ul>
<li> <a href="https://www.facebook.com/amandapatricianagy/posts/10215845527064252">https://www.facebook.com/amandapatricianagy/posts/10215845527064252</a> </li>
<li><a href="http://falsemachine.blogspot.com/2019/02/you-should-read-this.html">http://falsemachine.blogspot.com/2019/02/you-should-read-this.html</a></li>
<li><a href="http://monstermanualsewnfrompants.blogspot.com/2019/02/obituary-for-zak-sabbath.html">http://monstermanualsewnfrompants.blogspot.com/2019/02/obituary-for-zak-sabbath.html</a></li>
</ul>
oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.comtag:blogger.com,1999:blog-4355448880258205213.post-77413864824048808862018-10-01T20:23:00.000+02:002018-10-01T20:23:05.974+02:00Two takes on overcastingOne of the common complaints about magic in a Vancian or spellpoint/mana driven system is that casters are awesome while their magic lasts, but useless when it's gone. This led to the idea of the 15-minute-work-day or adventurers (because then everyone rests until the next day) and a general attempt to give casters more caster-like stuff they can do more often (cantrips or whatnot).<br>
<a href="https://oliof.blogspot.com/2018/10/two-takes-on-overcasting.html#more">Weiterlesen »</a>oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0tag:blogger.com,1999:blog-4355448880258205213.post-14064498966398825682018-09-23T21:46:00.000+02:002018-09-23T21:46:12.394+02:00How to run a continuous game without continuous players (a follow-up)In https://oliof.blogspot.com/2018/07/how-to-grow-audience-as-referee-ineptly.html I described a bit how I am organizing my current campaign, and a recent discussion on <a href="https://tabletop.social/@ossifog/100603364978415999">tabletop.social</a> led to some discussions about coherency, emergence of story and other aspects that people assume happens when you do not have the tightly knit group of regular players you "need" to build a "coherent story". That I am putting these into quote marks should give a hint of what I think about this today -- for me it's not necessary at all. What follows are some thoughts on why a game without a stable set of players still can be satisfying in terms of "creating a compelling a narrative" ...<br>
<a href="https://oliof.blogspot.com/2018/09/how-to-run-continuous-game-without.html#more">Weiterlesen »</a>oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0tag:blogger.com,1999:blog-4355448880258205213.post-81722826622771428912018-07-23T19:04:00.001+02:002018-08-12T21:05:11.462+02:00How to grow an audience as referee (ineptly)In a recent <a href="https://plus.google.com/+HaraldWagener/posts/6sSzEeHzrKe" target="_blank">G+ Post</a> I wrote about the good problem to have as referee: More players interested in joining your game than you can host in a single session.<br>
<br>
Markus Wagner asked me how I did manage to grow the player base, and I answered with<br>
<blockquote class="tr_bq">
<i>... an open table policy, rewarding attendance nonetheless, player recruiting via special interest Facebook group (English speaking RPGs in Berlin), and word-to-mouth by players.</i></blockquote>
Sounds simple if written down like that, but I need to unpack a bit because I think each point warrants it's own consideration<br>
<br>
<br>
<a href="https://oliof.blogspot.com/2018/07/how-to-grow-audience-as-referee-ineptly.html#more">Weiterlesen »</a>oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0tag:blogger.com,1999:blog-4355448880258205213.post-42349947914620011362017-12-05T02:00:00.000+01:002018-08-12T21:10:28.569+02:00Mysteriously Missing Monstrosities Pt V: Using the Re-worked Hypogean Travel Shenanigans TablesBack in May 2017 I wrote about how <a href="https://oliof.blogspot.de/2017/05/mysteriously-missing-monstrosities-pt.html#more" target="_blank">I re-worked the encounter tables to make them easier to deal with at the table</a> and I ended that post with a promise telling you how this worked out. Using these tables changed a couple things, and some more changes followed a bit later on ...<br>
<br>
<a href="https://oliof.blogspot.com/2017/12/mysteriously-missing-monstrosities-pt-v.html#more">Weiterlesen »</a>oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0tag:blogger.com,1999:blog-4355448880258205213.post-41580356587844592662017-06-10T23:17:00.001+02:002017-06-10T23:18:25.893+02:00Quick Review: Macchiato Monsters ZERO (and Extra Shots)<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhU1AykfjWDp3kk_qcm3ClmoCZbRuvCcj_tDt3xh62CUCjsDW6qZvXXAPWBFNaiZM10nsdf09OAuagkUlQeMSmBNdJraF03jFqw59082IgsjR5-ikjR2BHjaXBA5MirL0D7xssHTPeJg9bm/s1600/mmz.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" data-original-height="1158" data-original-width="800" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhU1AykfjWDp3kk_qcm3ClmoCZbRuvCcj_tDt3xh62CUCjsDW6qZvXXAPWBFNaiZM10nsdf09OAuagkUlQeMSmBNdJraF03jFqw59082IgsjR5-ikjR2BHjaXBA5MirL0D7xssHTPeJg9bm/s320/mmz.png" width="221" /></a><br />
<span style="color: #666666; font-family: "arial" , "verdana" , sans-serif;"><span style="background-color: white;">Macchiato Monsters ZERO is a hack of hacks (Black Hack and White Hack, neither of which I know myself). It has some nice mechanics that a both tight and loose, comfortable in a word. The game is complete, has some nice mechanics (I like the death-spirally/doom-clocky risk dice, and the roll all the dice fast equipment generation method). I guess some people will take umbrage with the single-die-roll-combat resolution (players roll and do damage on success/take damage on failure), but I guess that is more about how that feels ... Dungeon World players might feel right at home.</span></span><br />
<span style="color: #666666; font-family: "arial" , "verdana" , sans-serif;"><span style="background-color: white;"><br /></span></span>
<br />
<span style="color: #666666; font-family: "arial" , "verdana" , sans-serif;"><span style="background-color: white;">The recently added Extra Shots has a number of referee facing tools that uses the resource die mechanic to have semi-dynamic encounter / event tables: The worse the circumstances, the lower the die size, the worse the result. It's nice that in the current work-in-progress the extra shots each fit one page.</span></span><br />
<span style="color: #666666; font-family: arial, verdana, sans-serif;"><br /></span><span style="color: #666666; font-family: "arial" , "verdana" , sans-serif;"><span style="background-color: white;">There are also some in-progress die drop tables which are another bunch of tools for quick off-the-cuff prep in the macchiato-fantasy, which is described as "borderlands style" (i.e. exploration of dangerous mostly unknown area, plus safe havens/points of light to return back to).</span></span><br />
<span style="color: #666666; font-family: arial, verdana, sans-serif;"><br /></span><span style="color: #666666; font-family: "arial" , "verdana" , sans-serif;"><span style="background-color: white;">The map generator deserves extra mention because it is not purely random but somewhat procedural. This promises somewhat more natural looking maps.</span></span><br />
<span style="color: #666666; font-family: arial, verdana, sans-serif;"><br /></span><span style="color: #666666; font-family: "arial" , "verdana" , sans-serif;"><span style="background-color: white;">Macchiato Monsters is probably the system I will use for short-notice games (at conventions or similar). I am also seriously considering mashing it up with Wonder&Wickedness for a <i>Principalities of Glantri vs. The Grand Schools of the Hypogea</i> spinoff of my current campaign; i.e. Make Total Destroy with Nuclear Powered Lich Mages discovering Hypogean Mana Tar ...</span></span><br /><span style="color: #666666; font-family: "arial" , "verdana" , sans-serif;"><span style="background-color: white;"><a href="http://lostpages.storenvy.com/products/18488116-macchiato-monster-zero-print-pdf" target="_blank">Macchiato Monsters ZERO is available in print from Lost Pages</a>, and <a href="https://www.rpgnow.com/product/203614/Macchiato-Monsters-ZERO" target="_blank">in PDF form from OBS</a>. </span></span><br />
<br />
<span style="color: #666666; font-family: "arial" , "verdana" , sans-serif;"><span style="background-color: white;"><br /></span></span>
<span style="color: #666666; font-family: "arial" , "verdana" , sans-serif;"><span style="background-color: white;"><br /></span></span>
<span style="color: #666666; font-family: "arial" , "verdana" , sans-serif;"><span style="background-color: white;"><br /></span></span>
<span style="color: #666666; font-family: "arial" , "verdana" , sans-serif;"><span style="background-color: white;"><br /></span></span>oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0tag:blogger.com,1999:blog-4355448880258205213.post-60674383832733637892017-06-06T20:25:00.001+02:002017-06-06T20:25:32.857+02:00OSR, Remix Culture, Boxed SetsIn a <a href="https://plus.google.com/+AlexSchroeder/posts/WRnTa9LAmz1" target="_blank">G+ Post</a>, <a class="g-profile" href="https://plus.google.com/112496081196492342580" target="_blank">+Alex Schroeder</a> writes about the <a href="http://tenfootpolemic.blogspot.ch/2017/06/unified-house-rule-document-update-and.html?m=1" target="_blank">Unified House Rule Document Update</a> by <a class="g-profile" href="https://plus.google.com/116156520511467455207" target="_blank">+James Young</a>:<br />
<blockquote class="tr_bq">
<span style="background-color: #fefefe; color: rgba(0, 0, 0, 0.87); font-family: Roboto, RobotoDraft, Helvetica, Arial, sans-serif; font-size: 14px; white-space: pre-wrap;">[T]his is the best part of the OSR, as far as I am concerned. People start with some sort of D&D and then they add stuff and remove stuff, tinkering and transmogrifying shit until it's uniquely theirs, and then they </span><i style="-webkit-tap-highlight-color: transparent; background-color: #fefefe; color: rgba(0, 0, 0, 0.87); font-family: Roboto, RobotoDraft, Helvetica, Arial, sans-serif; font-size: 14px; white-space: pre-wrap;">share</i><span style="background-color: #fefefe; color: rgba(0, 0, 0, 0.87); font-family: Roboto, RobotoDraft, Helvetica, Arial, sans-serif; font-size: 14px; white-space: pre-wrap;"> it in order to help others. Download, browse, experiment, delete, adapt, lift some stuff, it's all good.</span></blockquote>
And I have to agree: The biggest advantage of the OSR is the use of <i>lingua franca</i> like the old D&D rules or their successors, re-implementations, clones, etc. ... Even if you left these rules behind in your games a long time ago, most parts are easily recognizable. Some games like <a href="http://www.lotfp.com/RPG/" target="_blank">Lamentations of the Flame Princess</a> create a distinct profile by adding, removing or changing particular details (like the peculiarities of LotFP classes), sometimes deviating quite wildly (like the class-less <a href="http://quenouille.com/macchiato-monsters-dungeonverse-build-together/" target="_blank">Macchiato Monsters</a> which is still pretty much D&D-ish, but with a lot of "modern" rules ideas). And despite all the differences and deviations, you can use LotFP adventures with Macchiato Monsters, one page dungeons in most/any game, exchange/add/remove spell-casting rules, replace character classes (like I did for the original BX based <a href="https://campaignwiki.org/wiki/TheSylvanRealm/Character_Options" target="_blank">Sylvan Realm</a>) or even switch out complete sub systems like combat rules (I used the <a href="http://www.oldschoolhack.net/" target="_blank">Old School Hack</a> combat tracker with Labyrinth Lord for a while, and switching to and back from it was very simple). So, a manifold of options, remixable and changeable as you want or need for your campaign (or campaign leg).<br />
<br />
So, the part of the OSR where we never stop tinkering is the most interesting one in my <strike>book</strike> box, as well. Which brings me to Boxed Sets (like LotFPs Grindhouse Edition box, the Tunnels&Trolls box, or the Chthonic Codex boxed set): It makes it very easy to tinker and add by just printing out a couple pages and adding them to the box. For example, while I do not need most of the house rule document linked above, the <a href="https://tenfootpolemic.blogspot.de/2017/05/flee-snakes-ladders-chase-mechanics.html" target="_blank">chase rules</a> seem like a nice addition to my (tool) box, and if they're not too gimmicky I will keep them.<br />
<br />
So, yeah: Have a box, keep all your stuff in it. If you publish a box, make sure there's some space left for people to add what makes <i>their game</i> complete. If you don't publish a box ... reconsider? Or at least make sure your book would fit a box. Oversized full-color hard covers are not the end-all be-all (-:oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0tag:blogger.com,1999:blog-4355448880258205213.post-26423791550546209152017-06-05T18:42:00.003+02:002017-06-05T18:42:32.652+02:00Better campaigns through Character sheetsRunning an open table game means that I have new players at the table every now and then, and most of them have no idea what they are up to before the first session. That's alright -- my games are prep and homework free for the players (not that I would stop them, but it's certainly not required, even if the <a href="https://campaignwiki.org/wiki/TheSylvanRealm/" target="_blank">campaign wiki</a> has many entries describing parts of the world, previous sessions, as well as PCs and NPCs.<br>
<br>
My game is also a bit <i>West Marches</i> inspired; i.e. the players are open to go where they want. But most often, the players just pick the most straightforward next thing, even if I have some other options at the ready. My biggest shortcoming here is that I usually fail to give the players proper choice (although in the next-to-last session, they simply decided <i>not to explore the ruined underground city</i>, which was a bit sad considering all the fun they could have had there, but player choice is player choice ...). So, to make sure that players are aware that each character can have their own goals and can try convincing the others to help them pursue those, I'll leverage AFGs concept of <i>Accomplishments</i> and a <i>Character sheet re-design</i> that puts these Accomplishments right on the table every time we play.<br>
<br>
<a href="https://oliof.blogspot.com/2017/06/better-campaigns-through-character.html#more">Weiterlesen »</a>oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0tag:blogger.com,1999:blog-4355448880258205213.post-77417595655687316072017-05-25T22:01:00.000+02:002017-06-01T18:24:10.236+02:00Mysteriously Missing Monstrosities Pt IV: Re-working the Hypogean Travel Shenanigans TablesSo, a while back I posted to a social network about <a href="https://plus.google.com/+HaraldWagener/posts/KtTeroa1eGw">when I have my players roll for encounters</a>, and one of my players remarked:<br>
<span style="background-color: white; color: rgba(0 , 0 , 0 , 0.87); font-family: "roboto" , "robotodraft" , "helvetica" , "arial" , sans-serif; font-size: 14px; white-space: pre-wrap;"><br></span>
<span style="font-family: inherit;"><i><span style="background-color: white; white-space: pre-wrap;">"At times, the roll </span><span style="font-weight: 700; white-space: pre-wrap;">→</span><span style="background-color: white; white-space: pre-wrap;"> roll more </span><span id="docs-internal-guid-33945d3c-412b-a253-a453-08e2304ec98a"><span style="font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">→</span></span><span style="background-color: white; white-space: pre-wrap;"> lookup </span><span id="docs-internal-guid-33945d3c-412b-a253-a453-08e2304ec98a"><span style="font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">→</span></span><span style="background-color: white; white-space: pre-wrap;"> lookup on other table </span><span id="docs-internal-guid-33945d3c-412b-a253-a453-08e2304ec98a"><span style="font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">→</span></span><span style="background-color: white; white-space: pre-wrap;"> think </span><span id="docs-internal-guid-33945d3c-412b-a253-a453-08e2304ec98a"><span style="font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">→</span></span><span style="background-color: white; white-space: pre-wrap;"> narrate results part takes slightly too long for my tastes. (I'm a sucker for flow, and as a GM rather make up something slightly boring on the spot than spending time on looking up the cool thing in the reference manual if it speeds up gameplay.)"</span></i></span><br>
<br>
So, sure, I could just make stuff up, but then I like the Hypogean Karst so much that I want to show it to the players, also in the travel encounters, without diverging too much through improvisation.<br>
<br>
What's a GM/referee to do then? Of course, build better tools to support me at the table!<br>
<br>
<a href="https://oliof.blogspot.com/2017/05/mysteriously-missing-monstrosities-pt.html#more">Weiterlesen »</a>oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0tag:blogger.com,1999:blog-4355448880258205213.post-45325336399976069002015-11-10T00:03:00.001+01:002015-11-10T00:57:25.840+01:00The Chthonic God That CrawlsAs I wrote recently, I think that the modules written for <a href="http://lotfp.com/">Lamentations of the Flame Princess</a> and the world outlined in <a href="https://tsojcanth.wordpress.com/category/chthonic-codex/">Chthonic Codex</a> are a surprisingly good fit. One of the ways to further that discussion is to take one of the modules, namely <a href="http://www.lotfp.com/store/?route=product/product&product_id=159">The God That Crawls</a>, and try to make it work in the underworld cavities called the Hypogea.<br>
<strong><em>Spoilers below:</em></strong> If you haven’t read <strong>The God That Crawls</strong> and plan to play it, you should find another blog post to read. Also, spoilers about the Hypogea.<br>
<a href="https://oliof.blogspot.com/2015/11/the-chthonic-god-that-crawls.html#more">Weiterlesen »</a>oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0tag:blogger.com,1999:blog-4355448880258205213.post-65505238920348125052015-10-18T19:38:00.000+02:002015-10-18T19:38:25.421+02:00Mysteriously Missing Monstrosities Pt III: Minotaurs<i>If there is one thing stressing Chthonic Codex is not meant to be a stand-alone product, it is the encounter tables in the back. Almost every section (common, uncommon, rare) for all kinds of terrain (surface, chthonic, ...) seems to have an entry that is not one of the Chthonic Creatures covered in the book/boxed set, so you will need to fall back on other write-ups ... or come up with your own.</i><br>
<i><br></i>
<i>So far, my missing monster write-ups were more or less off the cuff. This time around I peruse the MOSTROTON, which is part of Adventure Fantasy Game, the set of rules I am currently using to run the game. While the MOSTROTON is written for random monsters, the abilities and types help framing the Minotaur in AFG terms (not that it is very hard to begin with). Still it helps with the special abilities and ways to combine them. Without further ado:</i><br>
<h4>
Minotaur a la MOSTROTON</h4>
<br>
<a href="https://oliof.blogspot.com/2015/10/mysteriously-missing-monstrosities-pt_18.html#more">Weiterlesen »</a>oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0tag:blogger.com,1999:blog-4355448880258205213.post-22225562216446583752015-10-02T15:19:00.001+02:002015-10-02T15:19:57.752+02:00Mysteriously Missing Monstrosities pt II: Oozes of the Hypogean Great Karst<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: 'Droid Serif'; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">For some, the existence of oozes is perplexing, others find they are the </span><span style="background-color: transparent; color: black; font-family: 'Droid Serif'; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">alpha</span><span style="background-color: transparent; color: black; font-family: 'Droid Serif'; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> and </span><span style="background-color: transparent; color: black; font-family: 'Droid Serif'; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">omega</span><span style="background-color: transparent; color: black; font-family: 'Droid Serif'; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> of Chimerist design. Most oozes in the close vicinity of schools are thought to be failed experiments ('any experiment that begets life is a success though!' the Chimerists insist) or Chimerist Protoplasm that was assumed spoiled and thrown out with the trash. The by now almost forgotten phrase </span><span style="background-color: transparent; color: black; font-family: 'Droid Serif'; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">old as an ooze</span><span style="background-color: transparent; color: black; font-family: 'Droid Serif'; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> indicates they may just have gotten out of style since it's easier to create and control Asphaltmorphlings. </span></div>
<b id="docs-internal-guid-73c35fca-28b4-edea-d52e-55b5bc8c6c60" style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: 'Droid Serif'; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">"Chimerists couldn't possibly have developed mysteries advanced enough to allow them the pinpoint changes to cause Oozes to speciate. It is much more likely that escaped oozlings, as is more often the case than any Chimerist would dare admit, adopt to outside stimuli, proving their instability and inherent danger." -- Savant Emeritus Klaxon, in 'Observations on the relative advances of the Five Great Schools'</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: 'Droid Serif'; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Baby Oozes</span><span style="background-color: transparent; color: black; font-family: 'Droid Serif'; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> can easily curl up into a ball form and follow around a designated handler if controlled properly, but they always convey a sense of hunger and loneliness. Humans don't want to cuddle with Baby Oozes due to their caustic nature. Baby Oozes easily feel rejected if not constantly fed, and the only disciplinary measures that put fear rather than moping into them is fire.</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: 'Droid Serif'; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">AFG: Level 1 Ooze, 2 hits, DEF light, Special: caustic on touch (one hitpoint to organic matter touching it), engulfing attack (on a hit with a six and another six, ooze engulfs some vital orifice and starts eating you up from the inside), mobility (can easily move up surfaces), vulnerable to fire.</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: 'Droid Serif'; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Small Oozes</span><span style="background-color: transparent; color: black; font-family: 'Droid Serif'; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> have too much mass to easily get into ball shaped forms. They can still keep up with humans at a brisk walking pace and at this stage they start speciating into different versions, sometimes calles slimes or puddings. This hasn't been observed, but only baby oozes (and some forms of giant oozes) are completely clear.</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: 'Droid Serif'; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">AFG: Level 4 Ooze, DEF medium, Special: caustic on touch, engulfing attack, mobility, speciation specific abilities depending on earlier stimuli.</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: 'Droid Serif'; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Medium Oozes</span><span style="background-color: transparent; color: black; font-family: 'Droid Serif'; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> might have been fed to size on purpose. They can easily keep stretches of a cave complex devoid of organic matter up to their maximum stretching height. They cannot easily crawl up sheer cliffs like Baby or Small Oozes, so a sudden start of organic matter between waist and breast height is a good indicator of a Medium Ooze or two being around. </span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: 'Droid Serif'; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">AFG: Level 6 Ooze, DEF medium, Special: engulfing attack, mobility, further speciation specifics. Medium Oozes are not generally caustic on touch.</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: 'Droid Serif'; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Giant Oozes </span><span style="background-color: transparent; color: black; font-family: 'Droid Serif'; font-size: 14.666666666666666px; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">are only limited by the expanse of their surrounding and the availability of feed. They are known to adopt the shape of wherever they live: Tubular Oozes in round tunnels, and in man-made structures this is where you may encounter the Cubic Oozes, either which often return to a Baby-Ooze like mostly clear, mostly caustic state.</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: 'Droid Serif'; font-size: 14.666666666666666px; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">AFG: Level 10 Ooze, DEF medium, Special: Sneaky, Engulfing Attack, Highly Caustic (1d6 acid damage), no special vulnerability to fire due to higher internal cohesion and water content).</span></div>
<br />oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0tag:blogger.com,1999:blog-4355448880258205213.post-11565184992308065732015-07-03T13:58:00.000+02:002015-07-03T13:58:43.946+02:00Adventures in PKI<h1 id="disclaimer" style="-webkit-font-feature-settings: 'dlig' 1, 'liga' 1, 'lnum' 1, 'kern' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: 'Source Sans Pro', 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 2.05714rem; line-height: 3rem; margin: 0px 0px 0.21999rem; padding-top: 0.78001rem;">
Disclaimer</h1>
<div style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: Georgia, Cambria, serif; font-size: 14px; line-height: 28px; margin-bottom: 1.33999rem; padding-top: 0.66001rem;">
Disclaimer: This text is a collection of observations and complaints about the state of PKI in general, PKCS#11 in particular, and about some software products. Let me preface that the provider of the cryptotoken (and software) that this text is based on has three things in their favor: 1. Their products work, 2. Their support is good, 3. Their products work.</div>
<div style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: Georgia, Cambria, serif; font-size: 14px; line-height: 28px; margin-bottom: 1.33999rem; padding-top: 0.66001rem;">
It cannot be stressed enough that spending lots of money on crypto hardware is no guarantee whatsoever that what you get works, or works better, or is better supported.</div>
<h1 id="the-goal" style="-webkit-font-feature-settings: 'dlig' 1, 'liga' 1, 'lnum' 1, 'kern' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: 'Source Sans Pro', 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 2.05714rem; line-height: 3rem; margin: 0px 0px 0.21999rem; padding-top: 0.78001rem;">
The goal</h1>
<div style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: Georgia, Cambria, serif; font-size: 14px; line-height: 28px; margin-bottom: 1.33999rem; padding-top: 0.66001rem;">
Save important secrets in a cryptotoken to be safe from theft of file based secrets.</div>
<h1 id="ideal-turn-of-events" style="-webkit-font-feature-settings: 'dlig' 1, 'liga' 1, 'lnum' 1, 'kern' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: 'Source Sans Pro', 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 2.05714rem; line-height: 3rem; margin: 0px 0px 0.21999rem; padding-top: 0.78001rem;">
Ideal turn of events</h1>
<ol style="background-color: white; box-sizing: border-box; color: #373d49; font-family: Georgia, Cambria, serif; font-size: 14px; line-height: 28px; margin-bottom: 0.83999rem; padding-top: 0.16001rem;">
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;">Acquire cryptotoken at an affordable price (under 20$)</li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;">Generate Keypair(s) on cryptotoken</li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;">Simply point SSH and GPG at cryptotoken instead of file based secrets</li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;">Profit! I will now know that I have lost my secrets when I lose the physical token. But then I know I have to take action and can safely revoke trust in any of the data that was on the token.</li>
</ol>
<div style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: Georgia, Cambria, serif; font-size: 14px; line-height: 28px; margin-bottom: 1.33999rem; padding-top: 0.66001rem;">
Sounds great, right?</div>
<h1 id="actual-turn-of-events" style="-webkit-font-feature-settings: 'dlig' 1, 'liga' 1, 'lnum' 1, 'kern' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: 'Source Sans Pro', 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 2.05714rem; line-height: 3rem; margin: 0px 0px 0.21999rem; padding-top: 0.78001rem;">
Actual turn of events</h1>
<ol style="background-color: white; box-sizing: border-box; color: #373d49; font-family: Georgia, Cambria, serif; font-size: 14px; line-height: 28px; margin-bottom: 0.83999rem; padding-top: 0.16001rem;">
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;">Cheap cryptotokens are available, but you might not want to buy the cheapest ones as they're built by people with a reputation of coordinating with Nation State Attackers. Also, they don't work. If you need a working Cryoptotoken, the price is at 25$ plus shipping for a slow one where some features are disabled.</li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;">Generating the keys on the cryptotoken is pretty easy. But only if you forgo the vendor software and dive right back into the world of dynamically loading c libraries into command line tools you might need to build from scratch because the ones that come with your computer are broken or outdated or both. And if your command line tool's test run crashes and burns with a segfault, it's probably not a big deal; you won't know whether it's your command line tool, your token, or the library module interfacing between the two that's messing things up. You probably don't want to use that specific operation anyway.</li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;">HAHAHAHAHAHAHA!</li>
</ol>
<div style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: Georgia, Cambria, serif; font-size: 14px; line-height: 28px; margin-bottom: 1.33999rem; padding-top: 0.66001rem;">
With SSH, this should be relatively straightforward:</div>
<pre style="background: linear-gradient(rgb(255, 255, 255) 0px, rgb(255, 255, 255) 0.75rem, rgb(245, 247, 250) 0.75rem, rgb(245, 247, 250) 2.75rem, rgb(255, 255, 255) 2.75rem, rgb(255, 255, 255) 4rem) rgb(255, 255, 255); border-radius: 4px; border: 1px solid rgb(211, 218, 234); box-sizing: border-box; color: #333333; font-family: monospace, monospace; font-size: 14px; line-height: 28px; margin-bottom: 1.33999rem; overflow: auto; padding: 0.66001rem 9.5px 9.5px; word-break: break-all; word-wrap: break-word;"><code style="background-color: transparent; border-radius: 0px; box-sizing: border-box; color: inherit; font-family: monospace, monospace; font-size: inherit; padding: 0px; white-space: pre-wrap;"> eval $(ssh-agent -s)
ssh-<span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">add</span> -s /path/<span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">to</span>/cryptotoken_pkcs.dylib
ssh-<span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">copy</span>-id user@target # <span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">to</span> <span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">copy</span> over the token backed <span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">public</span> key
ssh user@target # <span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">to</span> <span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">try</span> the <span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">new</span> hotness
</code></pre>
<div style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: Georgia, Cambria, serif; font-size: 14px; line-height: 28px; margin-bottom: 1.33999rem; padding-top: 0.66001rem;">
In reality, if you're on a Mac, trying the <code style="background-color: #f9f2f4; border-radius: 4px; box-sizing: border-box; color: #c7254e; font-family: monospace, monospace; font-size: 1em; padding: 2px 4px;">ssh-add</code> line above triggers a bug ssh-agent will forkbomb you with ssh-pkcs11-helper processes. So if you were a purist before, this is where you go and turn to homebrew for help. Even Yubico mentions this in their official documentation!</div>
<div style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: Georgia, Cambria, serif; font-size: 14px; line-height: 28px; margin-bottom: 1.33999rem; padding-top: 0.66001rem;">
OK, you rebuilt all of ssh, modified your environment so that your bespoke ssh client and associated programs run instead of the system provided one. That was almost straightforward.</div>
<div style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: Georgia, Cambria, serif; font-size: 14px; line-height: 28px; margin-bottom: 1.33999rem; padding-top: 0.66001rem;">
Do you like to poke your eye out with a rusty nail? Then you will also like the hoops you have to jump through to get GPG to talk to your cryptotoken.</div>
<div style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: Georgia, Cambria, serif; font-size: 14px; line-height: 28px; margin-bottom: 1.33999rem; padding-top: 0.66001rem;">
Don't worry that the <code style="background-color: #f9f2f4; border-radius: 4px; box-sizing: border-box; color: #c7254e; font-family: monospace, monospace; font-size: 1em; padding: 2px 4px;">gnupg-pkcs11-scd software</code> is hosted on a site that's <a href="https://ma.ttias.be/ublock-origin-now-blocking-access-to-sourceforge/" style="background: 0px 0px; box-sizing: border-box; color: #a0aabf; cursor: pointer;">turned so toxic in the four years since the last update to the software that any decent ad blocker will warn you not to go there.</a> Don't worry that you have to run openssl with a dynamically loaded pkcs11 engine which you need to <a href="https://github.com/OpenSC/OpenSC/wiki/Engine-pkcs11-quickstart" style="background: 0px 0px; box-sizing: border-box; color: #a0aabf; cursor: pointer;">configure in arcane ways <em style="box-sizing: border-box;">even</em> for UNIX standards</a>. Don't worry at all that you may need to manually kill the already running gpg-agent so a new one that knows it needs to talk to the smart card daemon which talkes PGPCard in the direction of gnupg and PKCS11 in the direction of your cryptotoken. Don't worry that the <a href="http://manpages.ubuntu.com/manpages/utopic/man1/gnupg-pkcs11-scd.1.html" style="background: 0px 0px; box-sizing: border-box; color: #a0aabf; cursor: pointer;">man page for said daemon mentions that the protocol the different components use is unprotected plaintext</a>. Just don't worry, and be enlightened why even smart people stick with file based secrets.</div>
<h1 id="in-the-future" style="-webkit-font-feature-settings: 'dlig' 1, 'liga' 1, 'lnum' 1, 'kern' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: 'Source Sans Pro', 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 2.05714rem; line-height: 3rem; margin: 0px 0px 0.21999rem; padding-top: 0.78001rem;">
In the future</h1>
<div style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: Georgia, Cambria, serif; font-size: 14px; line-height: 28px; margin-bottom: 1.33999rem; padding-top: 0.66001rem;">
Just hope that you have the instructions how to renew the certificate you need to emulate the PGP card when your key eventually expires. Just hope that you will never need to import another pre-existing keypair to save it from prying eyes. Just hope that apparently everyone who decided to give up was right to do so.</div>
<h1 id="instructions" style="-webkit-font-feature-settings: 'dlig' 1, 'liga' 1, 'lnum' 1, 'kern' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: 'Source Sans Pro', 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 2.05714rem; line-height: 3rem; margin: 0px 0px 0.21999rem; padding-top: 0.78001rem;">
Instructions</h1>
<ol style="background-color: white; box-sizing: border-box; color: #373d49; font-family: Georgia, Cambria, serif; font-size: 14px; line-height: 28px; margin-bottom: 0.83999rem; padding-top: 0.16001rem;">
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;">Buy cryptotoken at <a href="https://www.cryptas.com/cryptoshop.html" style="background: 0px 0px; box-sizing: border-box; color: #a0aabf; cursor: pointer;">https://www.cryptas.com/cryptoshop.html</a> they're affordable and deliver quickly.</li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;">Download and install their software (but see the Apocrypha below) and reboot.</li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;">I hid step 3 at the end of the previous step.</li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;">Using homebrew, install (at the bare minimum)<ul style="box-sizing: border-box; margin-bottom: 0px; padding-top: 0.16001rem;">
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;"><code style="background-color: #f9f2f4; border-radius: 4px; box-sizing: border-box; color: #c7254e; font-family: monospace, monospace; font-size: 1em; padding: 2px 4px;">homebrew/dupes/openssh</code> (for non-broken PKCS#11 support)</li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;"><code style="background-color: #f9f2f4; border-radius: 4px; box-sizing: border-box; color: #c7254e; font-family: monospace, monospace; font-size: 1em; padding: 2px 4px;">opensc</code> (for pkcs11-tool)</li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;"><code style="background-color: #f9f2f4; border-radius: 4px; box-sizing: border-box; color: #c7254e; font-family: monospace, monospace; font-size: 1em; padding: 2px 4px;">openssl</code> (because Apple provides a randomly patched OpenSSL 0.9.8 ...)</li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;"><code style="background-color: #f9f2f4; border-radius: 4px; box-sizing: border-box; color: #c7254e; font-family: monospace, monospace; font-size: 1em; padding: 2px 4px;">engine_pkcs11</code>(to sign your cert with the key in the token for PGP)</li>
</ul>
</li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;">Initialize your token and set your PINs. Don't forget that PINs do not <em style="box-sizing: border-box;">need</em> to be numbers, you can actually use proper password like strings. Depending on your token, you may run into strange limitations like maximum length.</li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;">On the token, generate a keypair. Don't forget to set a key label and id. Do not despair if your token has limits on RSA bit size</li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;">With <code style="background-color: #f9f2f4; border-radius: 4px; box-sizing: border-box; color: #c7254e; font-family: monospace, monospace; font-size: 1em; padding: 2px 4px;">engine_pkcs11</code>, coax <code style="background-color: #f9f2f4; border-radius: 4px; box-sizing: border-box; color: #c7254e; font-family: monospace, monospace; font-size: 1em; padding: 2px 4px;">openssl</code> into signing a Certificate Signing Request with the key material on the token. I followed <a href="http://www.gooze.eu/de/howto/smartcard-quickstarter-guide/scenario-3-creating-a-self-signed-certificate-using-embedded" style="background: 0px 0px; box-sizing: border-box; color: #a0aabf; cursor: pointer;">random, ancient instructions</a> and things worked, but it's quite a brittle procedure.</li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;">As it doesn't seem to be possible to save the signed cert into the token directly, import the cert into your token. Don't forget to set a label and id <em style="box-sizing: border-box;">identical</em> to the keys above, or <code style="background-color: #f9f2f4; border-radius: 4px; box-sizing: border-box; color: #c7254e; font-family: monospace, monospace; font-size: 1em; padding: 2px 4px;">gnupg_pkcs11_scd</code> will not work.</li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;">Go through the five step procedure to get the hash that <code style="background-color: #f9f2f4; border-radius: 4px; box-sizing: border-box; color: #c7254e; font-family: monospace, monospace; font-size: 1em; padding: 2px 4px;">gnupg_pkcs11_scd</code> needs to fake the PGPCard side of the deal. I followed some other <a href="http://www.rainerkeller.de/etoken.htm" style="background: 0px 0px; box-sizing: border-box; color: #a0aabf; cursor: pointer;">random, ancient instructions</a>, ignoring everything before "Use eToken with GnuPG", since the instructions begin creating the secrets in files and then importing them, kind of defeating the purpose of having keys in a secure token. I still don't fully understand why <code style="background-color: #f9f2f4; border-radius: 4px; box-sizing: border-box; color: #c7254e; font-family: monospace, monospace; font-size: 1em; padding: 2px 4px;">gpg --card-status</code> says I can only use my key for auth, but then the website states <em style="box-sizing: border-box;">Don’t worry about the missing encryption key, actually it is same as the auth key.</em></li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;">Create a revocation cert for your on-token GPG key in case you lose the token. You want to be able to tell the world when you stop being identified by it. Or don't, because why should they trust anyone claiming that a key isn't in use anymore if that information is signed by another key with no history.</li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;">Make sure that all the necessary agents and stuff are automatically loaded and correctly configured. This is where I seriously consider self-managing stuff with puppet, and/or storing pertinent information <em style="box-sizing: border-box;">on the crypto token</em> so I am less likely to lose it. I should have backups somewhere anyway ...</li>
</ol>
<h1 id="apocrypha" style="-webkit-font-feature-settings: 'dlig' 1, 'liga' 1, 'lnum' 1, 'kern' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: 'Source Sans Pro', 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 2.05714rem; line-height: 3rem; margin: 0px 0px 0.21999rem; padding-top: 0.78001rem;">
Apocrypha</h1>
<div style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: Georgia, Cambria, serif; font-size: 14px; line-height: 28px; margin-bottom: 1.33999rem; padding-top: 0.66001rem;">
So, step two in the instructions looks quite innocuous, but I am used from previous and current engagements to check out what Mac installers, especially by companies that are <em style="box-sizing: border-box;">not</em> Mac shops, do. Luckily, most of the installer stuff is preserved in /etc/Athena. Let's take a look:</div>
<pre style="background: linear-gradient(rgb(255, 255, 255) 0px, rgb(255, 255, 255) 0.75rem, rgb(245, 247, 250) 0.75rem, rgb(245, 247, 250) 2.75rem, rgb(255, 255, 255) 2.75rem, rgb(255, 255, 255) 4rem) rgb(255, 255, 255); border-radius: 4px; border: 1px solid rgb(211, 218, 234); box-sizing: border-box; color: #333333; font-family: monospace, monospace; font-size: 14px; line-height: 28px; margin-bottom: 1.33999rem; overflow: auto; padding: 0.66001rem 9.5px 9.5px; word-break: break-all; word-wrap: break-word;"><code style="background-color: transparent; border-radius: 0px; box-sizing: border-box; color: inherit; font-family: monospace, monospace; font-size: inherit; padding: 0px; white-space: pre-wrap;">hwagener:~ hwagener$ cd /etc/Athena/
hwagener:Athena hwagener$ ls -la
total 232
drwxr-xr-x 13 root wheel 442 2 Jul 23:38 .
drwxr-xr-x 90 root wheel 3060 3 Jul 00:31 ..
-<span class="ruby" style="box-sizing: border-box;">rwxrwxrwx <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">1</span> root wheel <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">85852</span> <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">1</span> <span class="hljs-constant" style="box-sizing: border-box; color: #b58900;">Mai</span> <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">2014</span> <span class="hljs-constant" style="box-sizing: border-box; color: #b58900;">EditPInfoList</span>
</span>-<span class="ruby" style="box-sizing: border-box;">rwxrwxrwx <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">1</span> root wheel <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">2087</span> <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">14</span> <span class="hljs-constant" style="box-sizing: border-box; color: #b58900;">Mai</span> <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">2013</span> <span class="hljs-constant" style="box-sizing: border-box; color: #b58900;">IDPClientDB</span>.xml
</span>-<span class="ruby" style="box-sizing: border-box;">rwxrwxrwx <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">1</span> root wheel <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">2411</span> <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">7</span> <span class="hljs-constant" style="box-sizing: border-box; color: #b58900;">Apr</span> <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">2013</span> <span class="hljs-constant" style="box-sizing: border-box; color: #b58900;">IDProtectManager</span>.png
</span>-<span class="ruby" style="box-sizing: border-box;">rwxrwxrwx <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">1</span> root wheel <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">1029</span> <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">14</span> <span class="hljs-constant" style="box-sizing: border-box; color: #b58900;">Feb</span> <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">2013</span> <span class="hljs-constant" style="box-sizing: border-box; color: #b58900;">IDProtectPINTool</span>.png
</span>-<span class="ruby" style="box-sizing: border-box;">rwxrwxrwx <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">1</span> root wheel <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">160</span> <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">20</span> <span class="hljs-constant" style="box-sizing: border-box; color: #b58900;">Jun</span> <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">2013</span> <span class="hljs-constant" style="box-sizing: border-box; color: #b58900;">Manager</span>
</span>-<span class="ruby" style="box-sizing: border-box;">rwxrwxrwx <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">1</span> root wheel <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">2606</span> <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">19</span> <span class="hljs-constant" style="box-sizing: border-box; color: #b58900;">Jun</span> <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">2013</span> <span class="hljs-constant" style="box-sizing: border-box; color: #b58900;">Mozilla</span>
</span>-<span class="ruby" style="box-sizing: border-box;">rwxrwxrwx <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">1</span> root wheel <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">159</span> <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">20</span> <span class="hljs-constant" style="box-sizing: border-box; color: #b58900;">Jun</span> <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">2013</span> <span class="hljs-constant" style="box-sizing: border-box; color: #b58900;">PinTool</span>
</span>-<span class="ruby" style="box-sizing: border-box;">rwxrwxrwx <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">1</span> root wheel <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">1823</span> <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">5</span> <span class="hljs-constant" style="box-sizing: border-box; color: #b58900;">Mai</span> <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">15</span><span class="hljs-symbol" style="box-sizing: border-box; color: #cb4b16;">:</span><span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">01</span> postflight
</span>drwxrwxrwx 3 root wheel 102 2 Jul 14:36 ppc
-<span class="ruby" style="box-sizing: border-box;">rwxrwxrwx <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">1</span> root wheel <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">3104</span> <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">20</span> <span class="hljs-constant" style="box-sizing: border-box; color: #b58900;">Jun</span> <span class="hljs-number" style="box-sizing: border-box; color: #2aa198;">2013</span> uninstall
</span>drwxrwxrwx 3 root wheel 102 2 Jul 14:36 x86
hwagener:Athena hwagener$
</code></pre>
<div style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: Georgia, Cambria, serif; font-size: 14px; line-height: 28px; margin-bottom: 1.33999rem; padding-top: 0.66001rem;">
Don't worry for now that we have root-owned world writable binaries and other files here. Don't worry that the installer packs it's own <code style="background-color: #f9f2f4; border-radius: 4px; box-sizing: border-box; color: #c7254e; font-family: monospace, monospace; font-size: 1em; padding: 2px 4px;">EditPInfoList</code> even though <code style="background-color: #f9f2f4; border-radius: 4px; box-sizing: border-box; color: #c7254e; font-family: monospace, monospace; font-size: 1em; padding: 2px 4px;">/usr/libexec/PlistBuddy</code> and <code style="background-color: #f9f2f4; border-radius: 4px; box-sizing: border-box; color: #c7254e; font-family: monospace, monospace; font-size: 1em; padding: 2px 4px;">plutil</code> exist. I'll get back to that in a bit, let's first bask in a little taste of what all this does:</div>
<pre style="background: linear-gradient(rgb(255, 255, 255) 0px, rgb(255, 255, 255) 0.75rem, rgb(245, 247, 250) 0.75rem, rgb(245, 247, 250) 2.75rem, rgb(255, 255, 255) 2.75rem, rgb(255, 255, 255) 4rem) rgb(255, 255, 255); border-radius: 4px; border: 1px solid rgb(211, 218, 234); box-sizing: border-box; color: #333333; font-family: monospace, monospace; font-size: 14px; line-height: 28px; margin-bottom: 1.33999rem; overflow: auto; padding: 0.66001rem 9.5px 9.5px; word-break: break-all; word-wrap: break-word;"><code style="background-color: transparent; border-radius: 0px; box-sizing: border-box; color: inherit; font-family: monospace, monospace; font-size: inherit; padding: 0px; white-space: pre-wrap;">hwagener:Athena hwagener$ cat P<span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">in</span>Tool
<span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">for</span> i <span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">in</span> $(dscl . list /Users UniqueID | grep -v Old | awk <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">'$2 >= 500'</span>) ; <span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">do</span> ln <span class="hljs-operator" style="box-sizing: border-box;">-s</span> /Applications/IDProtect_PINTool.app/ /Users/<span class="hljs-variable" style="box-sizing: border-box; color: #b58900;">$i</span>/Desktop/PINTool ; <span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">done</span>
</code></pre>
<div style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: Georgia, Cambria, serif; font-size: 14px; line-height: 28px; margin-bottom: 1.33999rem; padding-top: 0.66001rem;">
Yes, that one-liner creates a symlink on the Desktop of all users pointing to the PinTool. +1 Point for using <code style="background-color: #f9f2f4; border-radius: 4px; box-sizing: border-box; color: #c7254e; font-family: monospace, monospace; font-size: 1em; padding: 2px 4px;">dscl . list /Users</code>, -5 points for lamely assuming that all UIDs > 500 are game for this. 'Manager' does the same, only for the card manager. The <code style="background-color: #f9f2f4; border-radius: 4px; box-sizing: border-box; color: #c7254e; font-family: monospace, monospace; font-size: 1em; padding: 2px 4px;">Mozilla</code> script does abominable things and still references PPC architecture. What year is it?! Oh, and -100,000,000 points for not allowing you to disable this in the installer in the first place!</div>
<div style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: Georgia, Cambria, serif; font-size: 14px; line-height: 28px; margin-bottom: 1.33999rem; padding-top: 0.66001rem;">
OK, these are small little scripts that try to be nice and set up things for users so it works easily when you use Firefox. But the real nuggets are in the postflight script.</div>
<ul style="background-color: white; box-sizing: border-box; color: #373d49; font-family: Georgia, Cambria, serif; font-size: 14px; line-height: 28px; margin-bottom: 0.83999rem; padding-top: 0.16001rem;">
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;"><div style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-bottom: 1.33999rem; padding-top: 0.66001rem;">
Patching system files that may be clobbered by any upcoming OS updates. Will this even continue working in OS X 10.11?</div>
<pre style="background: linear-gradient(rgb(255, 255, 255) 0px, rgb(255, 255, 255) 0.75rem, rgb(245, 247, 250) 0.75rem, rgb(245, 247, 250) 2.75rem, rgb(255, 255, 255) 2.75rem, rgb(255, 255, 255) 4rem); border-radius: 4px; border: 1px solid rgb(211, 218, 234); box-sizing: border-box; color: #333333; font-family: monospace, monospace; font-size: 1rem; line-height: 2rem; margin-bottom: 1.33999rem; overflow: auto; padding: 0.66001rem 9.5px 9.5px; word-break: break-all; word-wrap: break-word;"><code style="background-color: transparent; border-radius: 0px; box-sizing: border-box; color: inherit; font-family: monospace, monospace; font-size: inherit; padding: 0px; white-space: pre-wrap;"><span class="hljs-built_in" style="box-sizing: border-box; color: #268bd2;">sudo</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"/etc/Athena/EditPInfoList"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"0x0DC3"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"0x1004"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"Athena ASEDrive CCID"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"/usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/Info.plist"</span>
<span class="hljs-built_in" style="box-sizing: border-box; color: #268bd2;">sudo</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"/etc/Athena/EditPInfoList"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"0x0DC3"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"0x1007"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"Athena ASEDrive IIIe KB BIO-PIV"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"/usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/Info.plist"</span>
<span class="hljs-built_in" style="box-sizing: border-box; color: #268bd2;">sudo</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"/etc/Athena/EditPInfoList"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"0x0DC3"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"0x0900"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"Athena IDProtect Key"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"/usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/Info.plist"</span>
<span class="hljs-built_in" style="box-sizing: border-box; color: #268bd2;">sudo</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"/etc/Athena/EditPInfoList"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"0x0DC3"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"0x1102"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"Athena ASEDrive IIIe KB"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"/usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/Info.plist"</span>
<span class="hljs-built_in" style="box-sizing: border-box; color: #268bd2;">sudo</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"/etc/Athena/EditPInfoList"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"0x0DC3"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"0x100F"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"Athena ASEKey CCID"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"/usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/Info.plist"</span>
<span class="hljs-built_in" style="box-sizing: border-box; color: #268bd2;">sudo</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"/etc/Athena/EditPInfoList"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"0x24DC"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"0x0101"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"Aladdin RD JaCarta PKI"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"/usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/Info.plist"</span>
<span class="hljs-built_in" style="box-sizing: border-box; color: #268bd2;">sudo</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"/etc/Athena/EditPInfoList"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"0x24DC"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"0x100F"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"Aladdin RD JaCarta PKI Flash"</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"/usr/libexec/SmartCardServices/drivers/ifd-ccid.bundle/Contents/Info.plist"</span>
</code></pre>
</li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;"><div style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-bottom: 1.33999rem; padding-top: 0.66001rem;">
Creating random directories in the home directory of the user that originally started the installer. And then copies random XML files in there:</div>
<pre style="background: linear-gradient(rgb(255, 255, 255) 0px, rgb(255, 255, 255) 0.75rem, rgb(245, 247, 250) 0.75rem, rgb(245, 247, 250) 2.75rem, rgb(255, 255, 255) 2.75rem, rgb(255, 255, 255) 4rem); border-radius: 4px; border: 1px solid rgb(211, 218, 234); box-sizing: border-box; color: #333333; font-family: monospace, monospace; font-size: 1rem; line-height: 2rem; margin-bottom: 1.33999rem; overflow: auto; padding: 0.66001rem 9.5px 9.5px; word-break: break-all; word-wrap: break-word;"><code style="background-color: transparent; border-radius: 0px; box-sizing: border-box; color: inherit; font-family: monospace, monospace; font-size: inherit; padding: 0px; white-space: pre-wrap;"><span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">if</span> [ ! -d <span class="hljs-variable" style="box-sizing: border-box; color: #b58900;">$HOME</span>/<span class="hljs-class" style="box-sizing: border-box;">.ase</span> ]
then
mkdir -<span class="hljs-tag" style="box-sizing: border-box;">p</span> <span class="hljs-variable" style="box-sizing: border-box; color: #b58900;">$HOME</span>/<span class="hljs-class" style="box-sizing: border-box;">.ase</span>
fi
ls -l *<span class="hljs-class" style="box-sizing: border-box;">.xml</span>
mv -f /private/tmp<span class="hljs-comment" style="box-sizing: border-box; color: #586e75;">/*.xml "$HOME/.ase"</span>
</code></pre>
<div style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-bottom: 1.33999rem; padding-top: 0.66001rem;">
The one file that will end up in $HOME/.ase on a non-hostile system is <code style="background-color: #f9f2f4; border-radius: 4px; box-sizing: border-box; color: #c7254e; font-family: monospace, monospace; font-size: 1em; padding: 2px 4px;">IDPClientDB.xml</code>, but it looks eminently different than <code style="background-color: #f9f2f4; border-radius: 4px; box-sizing: border-box; color: #c7254e; font-family: monospace, monospace; font-size: 1em; padding: 2px 4px;">/etc/Athena/IDPClientDB.xml</code></div>
</li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;"><div style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-bottom: 1.33999rem; padding-top: 0.66001rem;">
Deleting random directories in the home directory of the user that originally started the installer</div>
<pre style="background: linear-gradient(rgb(255, 255, 255) 0px, rgb(255, 255, 255) 0.75rem, rgb(245, 247, 250) 0.75rem, rgb(245, 247, 250) 2.75rem, rgb(255, 255, 255) 2.75rem, rgb(255, 255, 255) 4rem); border-radius: 4px; border: 1px solid rgb(211, 218, 234); box-sizing: border-box; color: #333333; font-family: monospace, monospace; font-size: 1rem; line-height: 2rem; margin-bottom: 1.33999rem; overflow: auto; padding: 0.66001rem 9.5px 9.5px; word-break: break-all; word-wrap: break-word;"><code style="background-color: transparent; border-radius: 0px; box-sizing: border-box; color: inherit; font-family: monospace, monospace; font-size: inherit; padding: 0px; white-space: pre-wrap;"><span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">if</span> [ <span class="hljs-operator" style="box-sizing: border-box;">-f</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"<span class="hljs-variable" style="box-sizing: border-box; color: #b58900;">$HOME</span>/real_fox"</span> ]
<span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">then</span>
<span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">export</span> DB_PATH=`cat <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"<span class="hljs-variable" style="box-sizing: border-box; color: #b58900;">$HOME</span>/temp_path"</span>`
<span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">if</span> [ <span class="hljs-operator" style="box-sizing: border-box;">-f</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"<span class="hljs-variable" style="box-sizing: border-box; color: #b58900;">$HOME</span>/real_fox"</span> ]
<span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">then</span>
rm <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"<span class="hljs-variable" style="box-sizing: border-box; color: #b58900;">$HOME</span>/real_fox"</span>
<span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">fi</span>
<span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">if</span> [ <span class="hljs-operator" style="box-sizing: border-box;">-f</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"<span class="hljs-variable" style="box-sizing: border-box; color: #b58900;">$HOME</span>/temp_path"</span> ]
<span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">then</span>
rm <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"<span class="hljs-variable" style="box-sizing: border-box; color: #b58900;">$HOME</span>/temp_path"</span>
<span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">fi</span>
<span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">fi</span>
</code></pre>
</li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;"><div style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-bottom: 1.33999rem; padding-top: 0.66001rem;">
Hiding cleanup jobs to remove another application's configuration. This is great for people that need backwards compatibility, I guess?</div>
<pre style="background: linear-gradient(rgb(255, 255, 255) 0px, rgb(255, 255, 255) 0.75rem, rgb(245, 247, 250) 0.75rem, rgb(245, 247, 250) 2.75rem, rgb(255, 255, 255) 2.75rem, rgb(255, 255, 255) 4rem); border-radius: 4px; border: 1px solid rgb(211, 218, 234); box-sizing: border-box; color: #333333; font-family: monospace, monospace; font-size: 1rem; line-height: 2rem; margin-bottom: 1.33999rem; overflow: auto; padding: 0.66001rem 9.5px 9.5px; word-break: break-all; word-wrap: break-word;"><code style="background-color: transparent; border-radius: 0px; box-sizing: border-box; color: inherit; font-family: monospace, monospace; font-size: inherit; padding: 0px; white-space: pre-wrap;"><span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">if</span> [ <span class="hljs-operator" style="box-sizing: border-box;">-f</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"/Library/Application Support/Athena/SCLauncher"</span> ]
<span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">then</span>
rm <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"/Library/Application Support/Athena/SCLauncher"</span>
<span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">fi</span>
<span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">if</span> [ <span class="hljs-operator" style="box-sizing: border-box;">-f</span> <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"/Library/LaunchAgents/SCLauncher.plist"</span> ]
<span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">then</span>
rm <span class="hljs-string" style="box-sizing: border-box; color: #2aa198;">"/Library/LaunchAgents/SCLauncher.plist"</span>
<span class="hljs-keyword" style="box-sizing: border-box; color: #859900;">fi</span>
</code></pre>
</li>
</ul>
<div style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: Georgia, Cambria, serif; font-size: 14px; line-height: 28px; margin-bottom: 1.33999rem; padding-top: 0.66001rem;">
In a nutshell, if you need to deploy this in a managed environment, you want to try to isolate the necessary steps and re-roll the install package so that:</div>
<ul style="background-color: white; box-sizing: border-box; color: #373d49; font-family: Georgia, Cambria, serif; font-size: 14px; line-height: 28px; margin-bottom: 0.83999rem; padding-top: 0.16001rem;">
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;">Only the necessary files are installed (I omitted that the pin tool and manager bring their own QT and plunk that somewhere in <code style="background-color: #f9f2f4; border-radius: 4px; box-sizing: border-box; color: #c7254e; font-family: monospace, monospace; font-size: 1em; padding: 2px 4px;">/usr/local</code>; the only reason to keep them around is that you cannot reset the SO-PIN with <code style="background-color: #f9f2f4; border-radius: 4px; box-sizing: border-box; color: #c7254e; font-family: monospace, monospace; font-size: 1em; padding: 2px 4px;">pkcs11-tool</code> — you need the proprietary PinTool for that.).</li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;">Changes to system files are self-contained and can be re-done after OS updates without having to effectively re-run a bunch of hostile shell scripts.</li>
<li style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; box-sizing: border-box; margin-left: 1rem;">The package can be managed with the likes of <a href="https://github.com/munki/munki">munki</a> and that uninstalls are possible.</li>
</ul>
<div style="-webkit-font-feature-settings: 'kern' 1, 'onum' 1, 'liga' 1; background-color: white; box-sizing: border-box; color: #373d49; font-family: Georgia, Cambria, serif; font-size: 14px; line-height: 28px; margin-bottom: 1.33999rem; padding-top: 0.66001rem;">
By the way, the <em style="box-sizing: border-box;">real bad news</em> is that all this is <em style="box-sizing: border-box;">not as bad as I've seen before</em> from other security companies that realized their business model should embrace Apple products.</div>
oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0tag:blogger.com,1999:blog-4355448880258205213.post-39210306901849969502015-06-14T21:40:00.002+02:002015-06-14T21:40:28.630+02:00Retrofit: Durch das Tor der Welten in der Praxis<a href="http://www.nordcon.de/images/stories/programmhefte/programmheft_titel_2015.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="http://www.nordcon.de/images/stories/programmhefte/programmheft_titel_2015.jpg" height="320" style="cursor: move;" width="228"></a>Dieses Wochenende war <a href="http://www.nordcon.de/">Nordcon</a>, und durch Bestechungsversuche seitens C. sah ich mich gezwungen, heute dort aufzuschlagen und eine Runde DAS anzubieten, mit dem gerade eben rezensierten <a href="http://oliof.blogspot.ch/2015/06/retrofitrezension-durch-das-tor-der.html">Durch das Tor der Welten</a> natürlich.<br>
<br>
Wie zu erwarten, war die Besetzung der Runde mit 2 bis 3 Spielern die schon ein Wochenende Con-Beschäftigung mit dem einhergehenden Schlafmangel unter dem Gürtel hatten, nicht vollständig ideal; ein wenig zur Verwirrung beigetragen hat in einer Art karmischer Verschränkung, dass die Runde auf dem offiziellen Zettel als DSA und nicht DAS angekündigt wurde.<br>
<br>
Das hat wahrscheinlich zu einer etwas unüblichen Auswahl geführt (einer der Spieler fragte mich, ob sein DSA 4/5 Charakter "kompatibel" sei; ich hatte schon mit <i>nein </i>geantwortet als mir einfiel, dass ich <i>ja </i>sagen hätte können, und dann mal schauen was so passiert).<br>
<br>
<br>
<a href="https://oliof.blogspot.com/2015/06/retrofit-durch-das-tor-der-welten-in.html#more">Weiterlesen »</a>oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0tag:blogger.com,1999:blog-4355448880258205213.post-86194723171205889872015-06-11T10:36:00.000+02:002015-06-11T15:39:49.340+02:00Retrofit: Kampfsystem-Erweiterung für DAS<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; margin-left: 1em; text-align: right;"><tbody>
<tr><td style="text-align: center;"><a href="http://upload.wikimedia.org/wikipedia/commons/2/28/Jacques_Callot_(1592-1635)%2C_Graveur.-_Le_duel_%C3%A0_l'%C3%A9p%C3%A9e.png" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" src="http://upload.wikimedia.org/wikipedia/commons/2/28/Jacques_Callot_(1592-1635)%2C_Graveur.-_Le_duel_%C3%A0_l'%C3%A9p%C3%A9e.png" height="224" width="320"></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"> Le duel à l'épée.<br>
By Jacques Callot (Bnf Gallica) [Public domain], <br>
via Wikimedia Commons</td></tr>
</tbody></table>
Im DAS-Testspiel hatte sich herausgestellt, dass die normalen DAS-Kämpfe mit Attacke, Parade, Rüstungsschutz dann doch schnell zäh werden (das war auch keine Überraschung). Selbst als Spielleiter geriet ich in den Sog der Wiederholung und versäumte es, die Umgebung mit in den <br>
Endkampf einzubinden. Und da DAS ja kein freies Erzählspiel ist, mußten ein paar Regeln her.<br>
<h4>
</h4><a href="https://oliof.blogspot.com/2015/06/retrofit-kampfsystem-erweiterung-fur-das.html#more">Weiterlesen »</a>oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0tag:blogger.com,1999:blog-4355448880258205213.post-36968395338855316462015-06-10T08:54:00.002+02:002015-06-10T20:21:46.430+02:00DAS Praxis: Zauberbüchlein<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgp1-Oki10H1EpMuneNiSC3tOiuMSEgMDNhgSlzZEwnwUJRIx-NLkth0NE9DQUJVCHA_1uPF8gI9jmKc9cs9s6OLh4CdK42_ZQ9C86-jZn_byRIu0NxviIAJcx6Ty3mZvl8BG0WOVtfbYY-/s1600/IMG_20150610_083654.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgp1-Oki10H1EpMuneNiSC3tOiuMSEgMDNhgSlzZEwnwUJRIx-NLkth0NE9DQUJVCHA_1uPF8gI9jmKc9cs9s6OLh4CdK42_ZQ9C86-jZn_byRIu0NxviIAJcx6Ty3mZvl8BG0WOVtfbYY-/s200/IMG_20150610_083654.jpg" width="150" /></a>Bei der letzthin stattfindenden Testrunde DAS bekam ich von einem Spieler das Feedback, daß die Zauber im derzeitigen Regelwerk schlecht organisiert sind und man am Spieltisch keinen guten Überblick bekommt. Da es sich um eine reine digitale Bleiwüste handelt, stimmt das.<br />
<br />
Also habe ich einen Hype des letzten Jahres aufgegriffen und kleine Pocketmods gebastelt. Jetzt brauche ich noch Einlege-Lupen und etwas Lektorat, aber ansonsten sieht das ganz gut aus (-:<br />
<br />
<a href="https://drive.google.com/folderview?id=0B2g5SEG-0qDTfmZGNTEwWEZRcGVoQUNxa3Y0Z283Q1huUS1oRC1iVE9YSnJjX1V3N1IzVnM&usp=sharing">In diesem Ordner findet man die Pocketmods</a> (und die LaTeX-Dateien).<br />
<br />
Die PDF-Dateien habe ich mit LaTeX erstellt, weil ich <a href="http://uweziegenhagen.de/?p=1294" target="_blank">diese Vorlage</a> am schnellsten gefunden habe.<br />
<br />
Vielleicht nützt es ja jemandem (-:oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0tag:blogger.com,1999:blog-4355448880258205213.post-80651105214424493692015-06-08T20:31:00.000+02:002015-06-08T20:31:26.547+02:00Retrofit/Rezension: Durch Das Tor Der Welten<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: left; text-align: right;"><tbody>
<tr><td style="text-align: center;"><a href="http://www.ulisses-ebooks.de/images/3444/126762.jpg" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img alt="" border="0" src="http://www.ulisses-ebooks.de/images/3444/126762.jpg" height="320" title="Durch das Tor der Welten, Cover von Klaus Holitzka" width="240"></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="http://www.ulisses-ebooks.de/product/126762/Durch-das-Tor-der-Welten-PDF-als-Download-kaufen" target="_blank">Der Klassiker ist als PDF erhältlich</a></td></tr>
</tbody></table>
Am Wochenende ist <a href="http://www.nordcon.de/" target="_blank">NordCon</a> und neben <a href="http://lotfp.blogspot.de/" target="_blank">James Raggi von Lamentations of the Flame Princess</a> ist auch Werner Fuchs zugegen, einer der DSA-Macher der ersten Stunde. Das habe ich mal als Anlaß genommen, einen echten Klassiker von DSA 1984 auszubuddeln: <i>Durch das Tor der Welten oder die Gestrandeten des Sternenmeers.</i><br>
<i></i><br><i></i>
Welten? Sternenmeer? In und um Aventurien? Ja, nicht nur Claus Lenthe's oft geschmähtes <a href="http://www.wiki-aventurica.de/wiki/Borbarads_Fluch" target="_blank">Borbarads Fluch</a> hatte Sword&Planet-Anwandlungen, sondern eben auch dieses frühe Fuchs'sche Werk. Wieso diese Facette des frühen DSA dann wegfiel weiß ich leider nicht, vielleicht habe ich ja auf der NordCon die Gelegenheit, Werner Fuchs direkt zu fragen.<br>
<br>
Für alle Leute die nicht spoilerfest sind, ist diese Lese-Rezension nichts. Sie sollten die Langfassung dieses Beitrages nicht lesen ... Wer Sonntag auf die NordCon kommt, wird dieses Abenteuer bei mir spielen können ... natürlich mit den Regeln von <a href="https://docs.google.com/document/d/1FJ3mn5u1EfHu7UvXYIwjzG7eQz9RPxDFxG3h58uXZQ4/edit" target="_blank">DAS: Das Abenteurer Spiel</a>!<br>
<br>
<br>
<a href="https://oliof.blogspot.com/2015/06/retrofitrezension-durch-das-tor-der.html#more">Weiterlesen »</a>oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0tag:blogger.com,1999:blog-4355448880258205213.post-2474088760021108652015-06-06T12:57:00.001+02:002015-06-06T12:57:13.977+02:00Warum eigentlich DAS?In grauer Vorzeit, bald 30 Jahre ist es her, habe ich tatsächlich mal mein erstes Rollenspiel gespielt. Und es war überraschender Weise nicht DSA sondern die alte rote D&D Box. Ein damaliger Schulfreund hatte diese Box und dieses seltsame Spiel, aber nach ein paar Wochen waren andere Dinge wieder wichtiger. Ein paar Klassenstufen später lernte ich nach dem Schulwechsel Leute kennen, die Rollenspiel spielten, und ich kannte das und wollte gerne mitmachen. Da spielten wir dann DSA. Im örtlichen Rollenspielladen gab es aber auch andere Rollenspiele und wir probierten auch <i>Traveller</i> und<i> GURPS Supers</i> aus; <i>MERS, Call of Cthulhu, Paranoia</i> und ein zwei andere an die ich mich nicht mehr erinnere waren sicherlich auch dabei. Ich hatte also schon recht früh mehr als nur DSA gesehen.<br>
<br>
<a href="https://oliof.blogspot.com/2015/06/warum-eigentlich-das.html#more">Weiterlesen »</a>oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0tag:blogger.com,1999:blog-4355448880258205213.post-62950383974536419392015-05-26T21:27:00.002+02:002015-05-26T21:36:14.499+02:00DSA-Archäologie in der Praxis<br>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkZcOp9Zbpub2ILS_B6kvZT_WvD4qXbFfpRTbhDmXEnn1WFDumUj5XULU0pGy6PxARuxn6fJSscfnewFLkyzOfPLumAGpjddYHPcIFlq4ZDGhVOhIHdwlDifrm2k7tdXN7_G0BYYmlWIju/s1600/DASSchicksalsdokument.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkZcOp9Zbpub2ILS_B6kvZT_WvD4qXbFfpRTbhDmXEnn1WFDumUj5XULU0pGy6PxARuxn6fJSscfnewFLkyzOfPLumAGpjddYHPcIFlq4ZDGhVOhIHdwlDifrm2k7tdXN7_G0BYYmlWIju/s320/DASSchicksalsdokument.png" width="226"></a>Nach einer längeren Pause habe ich vor etwa einer Woche <a href="https://docs.google.com/document/d/1FJ3mn5u1EfHu7UvXYIwjzG7eQz9RPxDFxG3h58uXZQ4/edit" target="_blank">DAS: Das Abenteurer Spiel</a> auf einer kleinen Privat-Convention in Bielefeld leiten können. Ich hatte 4 Spieler, als Abenteuer verwendete ich den <a href="http://onepagedungeon.info/" target="_blank">One Page Dungeon</a><a href="http://www.onepagedungeon.info/2015/image-gallery/image/orig/charles-and-myriam---hold-the-mushrooms-please.png" target="_blank"> Hold the Mushroom, Please</a>.<br>
<br>
In Vorbereitung habe ich dann auch endlich mal <strike>einen</strike> <strike>Heldenbogen</strike> <a href="https://docs.google.com/document/d/154zl9eEs1eIKfWm3mulrAeomjkeHtAvapP7W3W2U7as/edit" target="_blank">das offizielle Schicksalsdokument</a> gebaut, damit auch die Spieler gleich durch die grafische Aufbereitung das richtige Feeling entwickeln können. Daß der komische Laserdrucker im Tagungshaus eine Rasterung gewählt hat, die die Nadeldrucker-Ästhetik noch unterstützte, schien mir prophetisch.<br>
<br>
Aber: Was hielten die Spieler von der Charaktererschaffung? Wie verlief das Abenteuer? wie fühlten sich die Regeln an? Und gibt es Dinge, die ich jetzt an DAS ändern werde?<br>
<br>
<a href="https://oliof.blogspot.com/2015/05/dsa-archaologie-in-der-praxis.html#more">Weiterlesen »</a>oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0tag:blogger.com,1999:blog-4355448880258205213.post-60361858851487884052015-05-25T22:40:00.002+02:002015-05-25T23:05:09.787+02:00Lese-Rezension: Peril on the Purple Planet<a href="http://www.goodman-games.com/5085preview.html" target="_blank">Peril on the Purple Planet</a> ist ein Abenteuer aus der Dungeon Crawl Classics Serie von Goodman Games, die damit werben, Abenteuer "so wie früher" anzubieten. Peril on the Purple Planet war ein Kickstarter-Projekt, und ich habe nicht nur das 32-seitige Heft, sondern eine Box mit dem Abenteuer, einem Spielleiterschirm, einem Spieler-Booklet, einem Handout-Booklet, noch mehr Abenteuern und einem 64-seitigen Setting-Booklet bekommen.<br>
<br>
<i>Peril on the Purple Planet</i> ist ein Abenteuer, das auf einer sterbenden Welt spielt. Der Einstieg ist nicht streng vorgegeben; eigentlich bietet sich hier aber alles an, wo die Spielgruppe aus irgendeinem Grund in eine andere Dimension oder so gestürzt wird; seien es nun Steampunk-Maschinen, fehlerhafte Rituale, Flüche, Sternentore deren Bedienung man nicht beherrscht – letztendlich ist es Frage an die jeweilige Gruppe, was richtig ist.<br>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://goodman-games.com/images/PurpleScreenExterior.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="http://goodman-games.com/images/PurpleScreenExterior.jpg" height="173" width="400"></a></div>
<br>
<br>
<br>
<a href="https://oliof.blogspot.com/2015/05/lese-rezension-peril-on-purple-planet.html#more">Weiterlesen »</a>oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0tag:blogger.com,1999:blog-4355448880258205213.post-49294749024289298702015-05-19T08:12:00.001+02:002015-05-19T09:10:00.923+02:00Lese-Rezension: LiteJCGames ist ein kleiner Einmann-Rollenspiel-Verlag, der in der Vergangenheit <a href="https://jcgames.de/weltenbuch/" target="_blank">Das Weltenbuch</a> und <a href="https://jcgames.de/spacepirates/" target="_blank">SpacePirates</a> herausgebracht hat. Diese Spiele hatten jeweils ihre eigenen Regeln, und die Spielwelten waren in beiden Fällen eine ganz eigene Mischung aus Klischees und witzigen Eigenheiten. Das Weltenbuch zum Beispiel hat als Spielwelt tatsächlich eine aufgeschlagene Doppelseite eines Buchs, und bei SpacePirates gibt es unter anderem das System der Träume, ein Hollywood galaktischer Größe, wo sogar die Sonne in Form eines Scheinwerfers einherkommt.<br>
<a href="https://jcgames.de/www/lite/logo.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="https://jcgames.de/www/lite/logo.png"></a><br>
Seit einiger Zeit hat JC an <a href="https://jcgames.de/lite/" target="_blank">Lite</a> gearbeitet, und vor kurzem eine Crowdfunding-Kampagne für die Produktion einer Hardcover-Kleinserie angestoßen. Das habe ich als Anlaß genommen, mir Lite neben der frei verfügbaren Regeln, die auch auf der Website erhältlich sind, auch ins Regal zu stellen.<br>
<br>
<a href="https://oliof.blogspot.com/2015/05/lese-rezension-lite.html#more">Weiterlesen »</a>oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0tag:blogger.com,1999:blog-4355448880258205213.post-86527183308865759332015-03-23T21:41:00.001+01:002015-03-23T21:49:33.249+01:00Chthonotron part 3: Catacombs of the Hypogea<br>
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; margin-left: 1em; text-align: right;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNPenAOHa7pFlYfZxNwrKtHiVYOs_kb4_eUH2ssMeHztqQstbiWxmexX93P2zmP6X5FaZp6zBNNpv2HSE4h6lk0YR_NNBPHry1U6tnjb5cZduljArDR0FXqSpmKzFYwgEW-SGILHTNNBnr/s1600/IMG_20150322_184904.jpg" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNPenAOHa7pFlYfZxNwrKtHiVYOs_kb4_eUH2ssMeHztqQstbiWxmexX93P2zmP6X5FaZp6zBNNpv2HSE4h6lk0YR_NNBPHry1U6tnjb5cZduljArDR0FXqSpmKzFYwgEW-SGILHTNNBnr/s1600/IMG_20150322_184904.jpg" height="150" width="200"></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Starting with a blank slate</td></tr>
</tbody></table>
With the ongoing build-out of the Hypogean Map, I touch more and more subsystem and go into more detail. As these random generators are light on game world details, this blog post is also an attempt to make sense of the results I rolled and my hastily scribbled maps ...<br>
<br>
In the first part of this series, I did build the overall map of the Hypogea. In the second part, I touched on building a map key; but some of the maps results need even more detail; i.e. for <i>shrines</i> you need to determine the subtype (chthonic or deific), and for <i>catacombs, </i>you can roll multiple levels with many rooms. This post is about that:<br>
<a href="https://oliof.blogspot.com/2015/03/chthonotron-part-3-catacombs-of-hypogea.html#more">Weiterlesen »</a>oliofhttp://www.blogger.com/profile/11283548524872576839noreply@blogger.com0