What's left for Myth?

[Horus]

I don't have any reason to believe Myth II plugins are more prone to be exploited than any other type of file but all it would really take would be a 'plugin' that would would download a file that didn't look like a plugin so that the next time you browse your plugins folder you see for example a file that looks like a word document and it's called something like "myth4_readme.doc" so you are curious "what ever could that be? What is Myth 4?" so you double click it to read it and it's really a malicious virus exe file.

Lol

[PrplPplEater]

In theory I agree, but word documents and excel files and webpages and emails aren't exe files either but enterprising virus writers have figured out ways to make all those non .exe files successful delivery mechanisms for viruses.

The point is made, but those applications are exploitable because while their files are not directly executable, you can embed stuff like VBScript in them -by design- that CAN be executed. Granted, I'm no uber-hacker, but I cannot think of a way to do that with a myth plugin because there is nothing that opens them in that fashion and it dies as invalid if it can't see/open the collections it is expecting. The closest thing I could think of would be to embed an executable in a collection, but given that the engine simply loads those as Strings or Images I don't even see that as feasible... and I don't see any way that you could add scripting that would shell out or anything like that.

This sort of thing though is why it should be a client side thing anyway, so that the game client can validate that the file is a plugin as it would be trivial to make it not available if it can't be loaded as a plugin. If it can be loaded as a plugin, the liklihood that you could also craft it to behave as malicious within MS Word or something like that DRASTICALLY reduces simply becasue of how picky Myth is.

As for bandwidth and not everyone having fast connections.... it beats the hell out of expecting someone else to always foot the bill, and more importantly having to rely on that one thing for a centralized download area (see life without The Mill). Besides, if you follow the Torrent/P2P model anyway, you have the ability to limit or turn off upload speeds.... it's not rocket surgery.

[Doobie]

there is one way, you embed the executable code in the plugin such that when myth tries to load say a string or something, it overruns a buffer and overwrites the return pointer on the stack to then go ahead and execute the embedded instructions and perform your malicious payload. It's actually an extremely precise and difficult thing to do.

all that assumes there are buffers which can be overrun in myth... I know we've made some preliminary effort to find and correct those though.

[Bladetooth]

I was just thinking that Myth on OLPC would be nice. They’ll probably flood us like the Koreans flooded Starcraft though.

[Archer]

Negative unit selection. Either a global "select all units not currently selected and deselect previously selected units" key/key combination or a key combination to select all units not in a given hotkey group.

~J

[Renwood]

I like the select units not currently selected thing...but they would hav eto be on the screen for this to work i would think.

I would LOVE to see a CTRL click MOVEMENT for units, so if you have your unit slected and you ctrl click with another key your unit would move to that spot just like the ctrl click to attack ground, even if you had the pointer over another unit of yours or the enemys.

How many of you have tried to move one of your units only to missclick on another one of your own units, teamates or the enemy's and then have to go reselect your unit again.

-Renwood

[Archer]

A headless server. Right now, I can't administrate a server located somewhere else without VNC or another remote-control program, which is painfully slow over the internet at large. Being able to just ssh in and interact with a daemon or something would be much less painful. Autohosting only goes so far—among other things, it only works for as long as the server remains up. A powercycle means I need to get someone on-site to manually set it back up.

Yeah, I know, but we can wish, can't we?

~J

[Document]

Apologies for not reading thread, but is there currently a way for players to change the "default" state of a unit, i.e. what it does when it runs out of orders? (It's been a while since I've played Myth.)

This sort of thing though is why it should be a client side thing anyway, so that the game client can validate that the file is a plugin as it would be trivial to make it not available if it can't be loaded as a plugin. If it can be loaded as a plugin, the liklihood that you could also craft it to behave as malicious within MS Word or something like that DRASTICALLY reduces simply becasue of how picky Myth is.

I'd rather have impossible than unlikely. Blocking download of any file whose name contains a period might be a good idea, since then it would be impossible to open the files by double-clicking.

I would LOVE to see a CTRL click MOVEMENT for units, so if you have your unit slected and you ctrl click with another key your unit would move to that spot just like the ctrl click to attack ground, even if you had the pointer over another unit of yours or the enemys.

Isn't that option+click on MacOS and Windows key+click on Windows?

[spongefile]

I've come back to the game after eight years because the core gameplay is so fantastic. I wouldn't touch that. The only thing I miss in Myth II compared to more modern games is a bit more polish to the graphics, like in Myth III. (Hate Myth III otherwise, though.)

Also I'm using a foreign keyboard and the game seems to assume it's a US keyboard, which sometimes leads to minor problems, though I'm getting used to it.

Overall I'm totally floored by the development work that has gone into keeping this game alive and kicking. You've made me so happy. Thanks.