kmg90's forum posts

#1 Edited by kmg90 (461 posts) -

I had similar thoughts too while getting into the first few hours of the game, the games have very similar structures and interfaces (Right down to how the online co-op stuff works)

Until I decided to pop in my PS3 version of dead island

I can say without a doubt Dying Light is different enough but can definitely be considered Dead Island 2 (which is still yet to be released by Deep Silver and the Crackdown Spec Ops developer later this year)

They both have

  • same "stamina bar" that appears in the middle of the screen when fighting/meleeing
  • the kick functionality is essentially the same as the initial version of Dead Island (kicking doesn't drain stamina nor does using a kick abilities, this was changed post release on Dead Island)
  • the targeting specific body parts with cross hairs is pretty much identical

The things that are different/added/improved

  • Movement has been overhauled significantly (just overall on foot movement)
  • Parkour is well done and adds layers to what would otherwise be pretty lame "playground"
  • Day and Night cycle with special zombies appearing in more logical context rather (at night) than just at static locations, any time, all the time in Dead Island
  • Repairing/crafting/upgrading weapons "in the field", weapons can be repaired with "metal" which the weapon literally gets metal added as a "repair" (a almost broken baseball bat will have metal bands added as a repair)
  • Random events reoccur and are mostly of the time not tied to quest (like in Dead Island)
  • Sprinting does not drain "stamina for combat"

Things that have been removed and arguably should have been kept

  • Analog Combat is not available
  • The ability to be different characters (when in co-op everyone is playing the same Chris Redfield-looking dude that can change into 4-5 outfits unlocked throughout the game)
#2 Posted by kmg90 (461 posts) -

I don't see a problem with weapon decay, especially when you get later in the game with the combo of skills that mitigate the complete loss of a weapon and "higher tier" weapons that are more durable (including the mods that further increase the durability) with more "repairs" I've had 2-3 weapon particaluar weapons that have lasted me hours.

They should patch in the ability to "revive" a weapon for a substantial fee at the Tower.

No weapon durability breaks the game, if you don't believe it does, hope on Co-Op session of Dead island with others users using hacked items that don't break the game becomes trivially easy.

Bottom line: If you are going to cheat, consider not going into co-op with those who don't mind the games design as is.

#3 Edited by kmg90 (461 posts) -

I love my Sony Pulse Elites, I never use the pulse feature since it doesn't really add to my gaming experience and the audio quality on both ends (mic and speakers) are really good.

@sammo21 said:

On PS4 I have been using their Gold branded headset and I really like it. On PC I was using a nice pair of wireless Logitech's, but those broke :( Might get a new pair with my tax return.

You can use the headset on your computer (and any other device that supports 3.5mm or USB audio)

#4 Edited by kmg90 (461 posts) -

@niamahai said:

@captain_felafel said:

@corevi said:

@captain_felafel: Jesus christ that framerate, I got slightly nauseous just from watching that. It doesn't even look the good either. It's muddy, low poly and other than Arno's outfit all the textures are shit

And that's the PS4 version too. When I saw the Xbox One version, it looked even muddier somehow. Like, legitimately blurry.

dat parity in terribleness

They achieved their goal, there is no debate all platforms are terribly optimized.

#5 Posted by kmg90 (461 posts) -

The thread title should be changed to all platforms have terrible performance.... for avoidance debates and stuff.

Unless the reports from users that claim the Xbox One version and PC (with high end gpu's) runs below 30 FPS constantly.

Can't wait for Digital Foundry write up

#6 Edited by kmg90 (461 posts) -

Nice coat of paint but having the following lead to upgrade page.... it's sleazy and confusing.

Either add something that clarifies that "Hang out, chat and watch PAX!" is for premium members only or update it display something like "Upgrade to Premium"

#7 Edited by kmg90 (461 posts) -

Read the fine print people, this is Trojan horse to get people to pay for access to game early (you could easily call it a demo or trial as you have LIMITED TIME OF ACTUALLY PLAYING THE GAMES, ie 2 HOURS) and to get people to buy digital to make look like it's cheap to go digital when they are just getting you to pay money so you can pay somewhat less money for a games that are cheaper elsewhere.

#8 Posted by kmg90 (461 posts) -

Is now using the CBSi servers? Roundtrip times are definitely a bit faster. Does this impact video serving, or are you still using Akamai?

#9 Edited by kmg90 (461 posts) -
@mrpibb said:

Just to provide more insight into the matter, we use the Amazon Elastic Load Balancer for a SSL passthrough so the nginx component is not affected.

1) Amazon fixed the exploit pretty early during the Heartbleed chaos so we were safe there.

2) Additionally, we updated our SSL certs in March which also kept us safe as well.

On Thursday, we'll be moving to a new datacenter and netscalers which will provide an additional level of protection.

As a very security conscious user (I listen to the Security Now podcast and do follow various 'net-sec' experts)

Amazon has recommend users of SSL termination via Amazon Elastic Load Balancer reissue the certificates for their sites.

Pretty much any SSL certificate that was generated before April 7-8th is potentially compromised due to this bug this INCLUDES if the same certificate is used AFTER PATCHING AFFECTED SYSTEMS.

I understand that revoking and renewing SSL keys is a pain in the ass (especially combined with the rush of a lot of other users/services/companies doing the same) but this is as security expert Brian Schneier described it "(In terms of describing the scale of damage possible with this exploit) On the scale of 1 to 10, this is an 11".

But consider the following if you have not researched the overall impact and scope of this bug:

From Netcraft:

If you don't revoke your certificate, you may still be vulnerable to impersonation

If a remote attacker successfully retrieved private keys from a server while it was still vulnerable to the Heartbleed bug, then he would be able to impersonate the server by creating his own valid SSL certificate. The crucial issue is that an attacker can still do this after the affected website has upgraded to the latest version of OpenSSL, and it does not matter whether the real website has since deployed a new SSL certificate with different keys: Unless the previous certificate is revoked, the site will still be vulnerable to man-in-the-middle attacks.

This answer on securityexchange.com also points out the implication of having vulnerable servers:

There is more to consider than just new certificates (or rather, new key pairs) for every affected server. It also means:

  • Patching affected systems to OpenSSL 1.0.1g
  • Revocation of the old keypairs that were just supersceded
  • Changing all passwords
  • Invalidating all session keys and cookies
  • Evaluating the actual content handled by the vulnerable servers that could have been leaked, and reacting accordingly.
  • Evaluating any other information that could have been revealed, like memory addresses and security measures

Also from the same answer:

I summarized the bullet points above from heartbleed.com (emphasis mine):

What is leaked primary key material and how to recover?

These are the crown jewels, the encryption keys themselves. Leaked secret keys allows the attacker to decrypt any past and future traffic to the protected services and to impersonate the service at will. Any protection given by the encryption and the signatures in the X.509 certificates can be bypassed. Recovery from this leak requires patching the vulnerability, revocation of the compromised keys and reissuing and redistributing new keys. Even doing all this will still leave any traffic intercepted by the attacker in the past still vulnerable to decryption. All this has to be done by the owners of the services.

What is leaked secondary key material and how to recover?

These are for example the user credentials (user names and passwords) used in the vulnerable services. Recovery from this leaks requires owners of the service first to restore trust to the service according to steps described above. After this users can start changing their passwords and possible encryption keys according to the instructions from the owners of the services that have been compromised. All session keys and session cookies should be invalided and considered compromised.

What is leaked protected content and how to recover?

This is the actual content handled by the vulnerable services. It may be personal or financial details, private communication such as emails or instant messages, documents or anything seen worth protecting by encryption. Only owners of the services will be able to estimate the likelihood what has been leaked and they should notify their users accordingly. Most important thing is to restore trust to the primary and secondary key material as described above. Only this enables safe use of the compromised services in the future.

What is leaked collateral and how to recover?

Leaked collateral are other details that have been exposed to the attacker in the leaked memory content. These may contain technical details such as memory addresses and security measures such as canaries used to protect against overflow attacks. These have only contemporary value and will lose their value to the attacker when OpenSSL has been upgraded to a fixed version.

#10 Edited by kmg90 (461 posts) -

With the recent public disclosure of Heartbleed bug in the widely used OpenSSL library, I ask is the Giant Bomb secure site (used for logging in and managing billing/premium membership) effected and if so have you patched the vulnerable systems?

Server response headers indicate that Giant Bomb uses nginx for their server and usually when using SSL with nginx requires using the OpenSSL Library.

I would appreciate it if someone could make a statement to community and if any action is needed on their part as this is a very serious bug.

Thanks