technology

Dungeons, Dragons, The Internet, Simplicity

by

(This column is posted at www.StevenSavage.com, Steve’s Tumblr, and Pillowfort.  Find out more at my newsletter, and all my social media at my linktr.ee)

I’d like to discuss Dungeons and Dragons and the internet, and not just in the many incredibly nerdy ways I could. Dungeons and Dragons gives us an idea of the mechanics that could help make the internet useful again, as opposed to a bastion of advertising and bad comments.

Trust me on this.

So let’s talk Dungeons and Dragons, that game that pretty much launched Role-Playing Games as A Big Thing. It’s popular,and let us be honest, it’s terribly overcomplicated as befits something that originated in war games. I was there playing it in the 80s, and the critique has always been accurate.

Also I remember when a Paladin could roll a horse that was smarter than them.

A funny thing is Dungeons and Dragons and what it inspired also inspired wonderfully streamlined game systems. My favorite are the open-sourced Forged In The Dark system. The foundation Blades In the Dark showcases a streamlined system for a dark steampunk fantasy. The space adventure game Scum and Villainy combined various tropes, and made the inevitable starship a character. The game Wicked Ones inverted generic fantasy so people play monsters, and did everything from making a simple magic system to envisioning the messy idea of “followers” as “secondary characters.”

Forged In The Dark and it’s children got to the basics of what an RPG was, what people wanted, and made straightforward, playable games. If you haven’t checked out the system, do!

The thing is these streamlined, effective, precise games probably wouldn’t have existed without Dungeons and Dragons and its spinoffs. You needed complicated spell systems to realize “maybe this could be easier.” Complicated piles of various dice seem fun, but also lead one to wondering “could it just be six-sided dice?” Maybe you need levels, skills, saving throws, and so on to get the Forged In The Dark concept where characters are defined by “Actions” – general abilities like “Finesse” or “Science.”

Now the internet itself is terribly over complicated – and deliberately so to extract more income for various companies. It’s a simple thing that evolved to have layer and layer and layer on it, leaving us now in a world that’s called “Web 3.0.” But out of this overdone world maybe there’s a clue to what we actually want – we can learn from the pile of what we don’t want.

Mastodon is nice, and I am all for federation, but maybe Twitter was needed to give us ideas of what to do – and not do.. There’s a lovely Fediverse book review sharing program and video sharing, and so on. People are rediscovering RSS and even think of new ways to use it as the web drowns in crap. The excess gives us ideas, sometimes the idea is “maybe we shouldn’t have done that” – I mean there’s a reason I still send out a cut-and-paste-addresses email newsletter.

So for all the horrible stuff we’re dealing with, we can also ask what worked and what we wanted – and what we didn’t. We probably needed to ask that about ten years ago as a society, but at least we can do what we can now. We ask what we want, how to get it simply, and how to make it work for everyone.

It’s a bigger game to play, but we can find the best rules – and we can drop what we don’t need.

Steven Savage

The Un-Measurable Cost of Bullshit

by

(This column is posted at www.StevenSavage.com, Steve’s Tumblr, and Pillowfort.  Find out more at my newsletter, and all my social media at my linktr.ee)

As my regular readers are painfully aware, I feel a lot of the world is awash in bullshit, and the technology world triply so. We’re sold products we don’t need, that don’t do what we want, from companies who will then collapse and be sold off for parts. Meanwhile too much of the media celebrates innovations that basically burn money and forests while delivering nothing but stock prices. And if you think you know what I’m talking about, once again don’t be so sure, I have a long list of grievances.

And I wonder how much does this stuff cost us? I’m not just talking money, but time, social damage, environmental damage, and having to clean up after it all falls apart.

I think it’s hard to measure because a lot of the economic bullshit is now a loop.

Investors invest in each other and the people they know to get a return, even if a service won’t provide anything. Media breathlessly starts a hype cycle about nothing, and will do it again weeks or months later having learned little. Bookkeeping flummery keeps the real costs off of the books and out of view. Environmental impact is exported. There’s a giant cycle that occupies a lot of time and resources to keep people from asking what time and resources are being consumed.

And we do it all over again repeatedly and more rapidly.

We can’t measure costs of all this meaninglessness as it moves too fast, doesn’t have enough data, because of made-up data, and because we’ll do it all again anyway. We know there’s bullshit in the economy, but we can’t penetrate the veil of it to figure what it costs us until the bill becomes due the hard way.

It’s enough to make you wish you could yell “stop” and we’d all just stop inventing stuff for ten years so we could pick up the pieces and see how much people were lying. And yes, I thought about how long that freeze should be.

I have the unsettling feeling that an enormous amount of our economy is waste that yields little more than line go up for a tiny amount of people. But I’d like if we could pause and find out.

Pause voluntarily, that is. Judging by the way our climate is changing, we’re gonna get a pretty hard pause involuntarily.

Steven Savage

It’s Not The Next Outage

by

(This column is posted at www.StevenSavage.com, Steve’s Tumblr, and Pillowfort.  Find out more at my newsletter, and all my social media at my linktr.ee)

So the CrowdStrike Outage of 2024 happened. Actually, let me clarify, the CloudStrike Outage of July 2024. I might as well be clear because that was a doozy and it showed some wide-raging system instabilities. Also considering it was such a disaster maybe there’s another.

If you don’t know what I’m talking about, an update to some security software bricked a lot of windows machines in a disaster that shouldn’t have happened. If “scrutiny software shut down systems” sound bad, yes it was!

If “security disaster happened” AND you work in IT, AND your friends are nerds and/or work in IT, you know MY experience. I spent most of that Friday quietly losing my mind.

Of course there’s questions of “how do we avoid the next outage” which is sort of sad, because you’d kind of like there not to be one, or one as widespread. But I don’t think that’s quite the issue, preparing for the next Giant Ooposie misses two things.

First, this exposed just how vulnerable systems are, and I’m worried about intentional attacks. We saw in real time how a software update could destroy systems. We saw how people did – or didn’t recover. We saw where vulnerabilities might be. We wondered what would have happened had this been during another crises – hurricane, terrorist attack, etc.

CrowdStrike was a mix of blueprint, roadmap, and test run for how to screw up IT systems worldwide. This is what you get by accident, meaning intentional attacks are now much easier to pull off effectively. We need to worry about intention.

Imagine a CrowdStrike-like outage but with more destructive not just an issue that an in theory be fixed by booting 15 times. Something designed to not be recoverable, an IT WMD.


Secondly, we’ve just seen that many major systems are just plain vulnerable period. Everyone is on Windows, a lot of people use CrowdStrike, and recovery plans were individual. Though I was impressed with the global recovery, if you’re an IT pro or hang out with them (I do both) you know this was not easy.

Recovering from a one-shot, caught, error is one thing. But it’s a reminder that we are very vulnerable and might want to be questioning about how a lot of infrastructure is set up. How many smaller-scale disasters do we not see because it wasn’t big news? My general take is systems need to be easier to recover, more diverse, and honestly more walled off.

Also we need to stop depending on heroism in IT security. It should be incredibly boring.

The next CrowdStrike type error should not happen. But right now my concern is what happens intentionally, what may happen on a smaller scale at first, and that we’re probably not ready for either.

CrowdStrike was a wake-up call to so many things wrong in modern infrastructure, so many things that could go wrong. As much as the company screwed up massively there’s far more to worry about.

Steven Savage