July 2000
- Scalable Network I/O in Linux J C Lawrence
- curses and grief players Greg Miller
- curses and grief players adam@treyarch.com
- curses and grief players Greg Miller
- curses and grief players Patrick Dughi
- curses and grief players Greg Miller
- curses and grief players Scatter
- curses and grief players Marc Bowden
- curses and grief players David Bennett
- curses and grief players Greg Miller
- curses and grief players Patrick Dughi
- curses and grief players Marc Bowden
- curses and grief players Greg Miller
- curses and grief players Patrick Dughi
- curses and grief players J C Lawrence
- curses and grief players Greg Miller
- curses and grief players stoddart@slip.net
- curses and grief players Greg Miller
- curses and grief players Patrick Dughi
- curses and grief players Greg Miller
- curses and grief players Matthew Mihaly
- curses and grief players Greg Miller
- curses and grief players jolson@micron.net
- curses and grief players Greg Miller
- curses and grief players Josh Olson
- curses and grief players Greg Miller
- curses and grief players Jon A. Lambert
- curses and grief players John Buehler
- curses and grief players Patrick Dughi
- curses and grief players Zak Jarvis
- curses and grief players John Buehler
- curses and grief players Jon A. Lambert
- curses and grief players John Buehler
- curses and grief players Malcolm Valentine
- curses and grief players John Buehler
- curses and grief players Patrick Dughi
- curses and grief players John Buehler
- curses and grief players J C Lawrence
- curses and grief players John Buehler
- curses and grief players J C Lawrence
- curses and grief players Brian 'Psychochild' Green
- curses and grief players Travis Nixon
- curses and grief players J C Lawrence
- curses and grief players John Buehler
- curses and grief players Brian 'Psychochild' Green
- curses and grief players Geoffrey A. MacDougall
- curses and grief players Marc Bowden
- curses and grief players Matthew Mihaly
- curses and grief players J C Lawrence
- curses and grief players John Buehler
- curses and grief players Dave Rickey
- curses and grief players Jon A. Lambert
- curses and grief players John Buehler
- curses and grief players Nicholas Daley
- curses and grief players J C Lawrence
- curses and grief players Val Trullinger
- curses and grief players David Bennett
- curses and grief players Timothy Dang
- curses and grief players KevinL
- curses and grief players Raph Koster
- curses and grief players Greg Miller
- curses and grief players KevinL
- curses and grief players Greg Miller
- curses and grief players Nicholas Daley
- curses and grief players Greg Miller
- curses and grief players Brian 'Psychochild' Green
- curses and grief players KevinL
- curses and grief players Greg Miller
- curses and grief players Greg Miller
- curses and grief players J C Lawrence
- curses and grief players Jon A. Lambert
- curses and grief players Marian Griffith
- curses and grief players J C Lawrence
- curses and grief players Greg Miller
- curses and grief players Jon A. Lambert
- curses and grief players Greg Miller
- curses and grief players Andy
- curses and grief players Timothy Dang
- Fantasy clichés (was: Acting casual about casual gamers) Brian Green
- Fantasy clichés (was: Acting casual about casualgamers) Raph Koster
- Fantasy cliché s (was: Acting casual about casualgamers) Travis Nixon
- Fantasy cliché s (was: Acting casual about casualgamers) Dave Rickey
- Fantasy clichés (was: Acting cas ual aboutcasualgamers) S. Patrick Gallaty
- Combat systems, the good the bad and the ugly Malcolm Valentine
- Combat systems, the good the bad and the ugly Travis Casey
- "Mud-school", character-gen and role-playing Tim Vernum
- "Mud-school", character-gen and role-playing Raph Koster
- "Mud-school", character-gen and role-playing Travis Casey
- "Mud-school", character-gen and role-playing adam@treyarch.com
- "Mud-school", character-gen and role-playing Greg Miller
- "Mud-school", character-gen and role-playing Travis Casey
- "Mud-school", character-gen and role-playing Nameless Solforge
- "Mud-school", character-gen and role-playing Chris Turner
- "Mud-school", character-gen and role-playing Christopher Allen
- Fantasy clichés Michael Tresca
- Fantasy clichés Brian 'Psychochild' Green
- Fantasy clichés Zak Jarvis
- Online gaming conference Matthew Mihaly
- Online gaming conference J C Lawrence
- Online gaming conference Milne, Alistair
- A new combat system Dragat123@aol.com
- A new combat system Thinus Barnard
- A new combat system Ryan P.
- A new combat system Hess, Ian W {Ian}
- A new combat system Ryan P.
- A new combat system Russo, Joe
- A new combat system Ryan P.
- A new combat system Travis Casey
- A new combat system adam@treyarch.com
- A new combat system Travis Casey
- A new combat system J C Lawrence
- A new combat system Travis Casey
- A new combat system J C Lawrence
- A new combat system John Bertoglio
- A new combat system Brian 'Psychochild' Green
- A new combat system J C Lawrence
- A new combat system adam@treyarch.com
- A new combat system Ben
- Fantasy clich=?ISO-8859-1?B?6Q==?=s Ryan Schotte
- Fantasy clich s J C Lawrence
- Fantasy clich s Raph Koster
- Number Economy Michael Tresca
- Number Economy Philip Loguinov, Draymoor
- Number Economy Matthew Mihaly
- Fantasy clich=?ISO-8859-1?B?6Q==?=s Ryan Schotte
- Corruption of the game, profit and ethics S. Patrick Gallaty
- Corruption of the game, profit and ethics John Bertoglio
- Corruption of the game, profit and ethics Chris Jacobson
- Corruption of the game, profit and ethics S. Patrick Gallaty
- Corruption of the game, profit and ethics Matthew Mihaly
- Corruption of the game, profit and ethics Raph Koster
- Corruption of the game, profit and ethics Matthew Mihaly
- Corruption of the game, profit and ethics Greg Miller
- Why Socializers are our Comrades (long) Brian 'Psychochild' Green
- Why Socializers are our Comrades (long) Sam Axon
- Why Socializers are our Comrades (long) Raph Koster
- Harry Potter J C Lawrence
- Harry Potter John Bertoglio
- Harry Potter Todd McKimmey
- Harry Potter Todd McKimmey
- Harry Potter Raph Koster
- Harry Potter J C Lawrence
- Harry Potter Michael Tresca
- [Meta] Harry Potter David Bennett
- Fantasy clich=?ISO-8859-1?B?6Q==?=s (was: Acting casual about casualgamers) Ananda Dawnsinger
- MUDs, eBay Farmers in The Economist Daniel James
- Introduction System Nathan Clemons
- Introduction System Nathan Clemons
- Introduction System J C Lawrence
- Introduction System S. Patrick Gallaty
- Introduction System seanl@literati.org
- Introduction System J C Lawrence
- Introduction System adam@treyarch.com
- Introduction System Bruce
- Introduction System J C Lawrence
- Introduction System Eli Stevens
- Introduction System J C Lawrence
- Introduction System Bruce
- Introduction System J C Lawrence
- Introduction System Tim Vernum
- Introduction System Dan Merillat
- Introduction System J C Lawrence
On Thu, 20 Jul 2000 16:51:35 -0400
Dan Merillat <harik@chaos.ao.net> wrote:
> J C Lawrence writes:
>> Or are there any *really* cheap salted one-way functions out
>> there?
> triple-DES with the players OID as a key. The server only has to
> keep one OID, and mangle it as it sends to the player.
While slightly off-target for this thread, Dan Kaminsky just posted
the following to BugTraq:
--<cut>--
Date: Tue, 18 Jul 2000 21:22:09 -0700
From: Dan Kaminsky <dankamin@CISCO.COM>
Subject: Re: @stake Security Advisory: NetZero Password Algorithm
To: BUGTRAQ@SECURITYFOCUS.COM
> Forward:
> It is unfortunately common practice that applications which allow
> users to remember their passwords as a convenience rarely encrypt them
> but instead opt to simply obfuscate them.
Actually, it's an unfortunately (verging on ridiculously) common practice to
think that there's any difference between encoding a password using a fixed
algorithm and "encrypting" a password using a fixed key.
There isn't one.
This is easily provable in terms of mere simplicity. How hard is it to
reverse engineer the instructions a binary executes to implement some
homebrew obfuscation? Reasonably doable, but it's definitely at least a bit
of work--much more work than just tracing the application opening up some
file "c:\sekret.key" that happens to be the 168 bit Triple-DES key that'll
decrypt its password database.
So does that mean that 3DES is less secure than some homebrew? No. It
means 3DES is being misused. Badly.
Any system that attempts to verify a password by comparing the password
plaintext supplied against the correct password plaintext has already lost.
No matter how many obfuscations and contortions it goes through, it can
never escape the fact that the system itself must have permanently available
access to the password plaintext. Encrypting the password with 3DES means
nothing; the decryption key for the password is as functionally open as code
for the executable running the home brew system. (Indeed, as we saw above,
since the secrecy is distilled rather than hidden in binary code, it's
actually *easier* to rip off passwords when they're 3DES encrypted!)
Of course, the obvious question is how a system verify the correctness of a
password without actually posessing that password. It's a question that's
rather repeatedly answered. Password handling is simultaneously one of the
few Solved Problems of Cryptography *and* one of the most misunderstood.
Simply store a MD5 or SHA-1 one-way hash of the password. One way hashes
lead to a fixed size, deterministic, and computationally unfeasable to
invert value from some amount of input data. Passwords make great input
data. When a plaintext password comes in, compare the MD5/SHA-1 hash of the
submitted password with the stored hash. If it matches, the password was
correct. If it doesn't match, the password wasn't correct.
There are (much) more advanced password exchange systems for network
password exchange, SRP for example, but if your system needs to locally
verify a password from the user, *please*, before cryptographers around the
world walk out in disgust, at least just store a hash instead of the actual
plaintext. Hashes prevent plaintext-equivalent information from being
stored at all. That means there's nothing for an attacker to decrypt en
masse--he or she can only try password after password to see if it hashes
correctly.
The core theoretical problem with encrypting *or* encoding passwords
actually derives from the fact that different users--indeed, all users--are
all dependant on one nonsecret: Either a fixed algorithm or a fixed key is
shared throughout the vendor's clientele. There's no secrecy in my password
database if you've got the same password or algorithm protecting yours.
Sooner or later, one of us is going to post to Bugtraq the simple method to
decrypt the other's database. With hashes, there exists no key that *can*
decrypt the database.
One reasonably simple solution(translation: somebody contact me if this is
in error) for those who have implemented a respected encryption system(RC4,
Blowfish, even *DES* qualifies) to obfuscate access to their password
database is to encrypt passwords with themselves--i.e. encrypt "fg&^2jfa"
with the key "fg&^@jfa". Using one way hashes essentially challenges a user
to provide the only value that will invert the hash equation, i.e. the
original data. Encrypting content with itself similarly challenges a user
to prove they have the only value that will invert the encryption equation,
again, the original data. While plaintext is indeed stored on a host, only
somebody who already *has* the plaintext can access it. That happens to
overlap exactly with the intent of a password system.
The most common reason why hash systems aren't used, of course, is that
often the plaintext is needed by the system for purposes outside of
verification. Sometimes the system needs to automatically represent itself
as a user--with the user's passwords--in order to fulfill the demands of a
protocol. This is primarily a problem with network authentication when no
plaintext has been exchanged, only hashes. But local authenticators will
*always* have access to the plaintext password, because they control the
user interface that the user uses to actually enter it in the first place!
If the password is representing the user, then storing the plaintext in RAM
while the user can be presumed to still be controlling the machine(two
minutes since last keypress?) means the required password would be made
available. The only reason a local authenticator would need to store an
easily decryptable password is if, at arbitrary times when the user wasn't
around to supply the password, the system needed to prove to itself or
someone else that it indeed had the plaintext password.
Indeed, it'd need to be able to access a password before a user ever entered
it in the first place. At that point, who exactly is the system
representing, anyway? It's actually not an empty question. Automated mail
checkers and instant messengers are often are expected to have access to a
plaintext password without having to retrieve it from the user on each
reboot. At that point, the physical security of the system and the hard
drive is turned into the authentication token for the user controlling that
system. Given the mass of IM services I've known some people to run and the
number of reboots this mass entails, forcing users to repetitively log in
becomes a difference between life and death. Ideally, passwords of this
type would be locally managed by a single "identity password" that the user
typed in once on login and that never needed to be transmitted or recorded
anywhere. Security may begin with the physical, but it sure better not end
there.
Most systems, however, simply don't have those kinds of requirements, and
that leads to the bottom line: Use hashes. It's a solved problem. Stop
helping people hack your code, stop helping people hack our servers, stop
helping me quote Susan Powter. Please. Thank you.
Yours Truly,
Dan Kaminsky
Cisco Systems, Advanced Network Services
http://www.doxpara.com
--<cut>--
--
J C Lawrence Home: claw@kanga.nu
---------(*) Other: coder@kanga.nu
http://www.kanga.nu/~claw/ Keys etc: finger claw@kanga.nu
--=| A man is as sane as he is dangerous to his environment |=--
- Introduction System J C Lawrence
- Introduction System razor
- Introduction System Travis Nixon
- Introduction System Travis Nixon
- Introduction System J C Lawrence
- Introduction System Dan Shiovitz
- Introduction System Ryan P.
- Introduction System J C Lawrence
- Introduction System adam@treyarch.com
- Introduction System Colin Coghill
- Introduction System birgit.schulte@philips.com
- Introduction System J C Lawrence
- Introduction System birgit.schulte@philips.com
- Introduction System Michael Hohensee
- Introduction System Chris Turner
- Introduction System Eli Stevens
- Introduction System Mordengaard
- Introduction System Jon A. Lambert
- Introduction System Jon Callas
- curses and grief players - dark ages game solutions S. Patrick Gallaty
- Fantasy clichés (was: Acting casual aboutcasualgamers) adam@treyarch.com
- Getting stuck (was Fantasy clichés) Greg Miller
- Getting stuck (was Fantasy clichés) Travis Casey
- Getting stuck (was Fantasy clichés) Greg Miller
- Getting stuck (was Fantasy clichés) Travis Casey
- ADMIN: SQL troubles appear to be over. J C Lawrence
- MUD-Dev request rejected Patrick Dughi
- Spherical World Design Philip Loguinov, Draymoor
- Spherical World Design Michelle Thompson
- Spherical World Design Jon A. Lambert
- Spherical World Design J C Lawrence
- Spherical World Design Jon A. Lambert
- Spherical World Design Christopher Allen
- Spherical World Design Patrick Dughi
- Modelling combat Vladimir Prelovac
- Modelling combat Travis Casey
- Modelling combat adam@treyarch.com
- Modelling combat Paul Schwanz - Enterprise Services
- Modelling combat J C Lawrence
- Modelling combat Travis Casey
- Modelling combat adam@treyarch.com
- Modelling combat adam@treyarch.com
- Modelling combat John Bertoglio
- Modelling combat Vladimir Prelovac
- Modelling combat Travis Casey
- Modelling combat Greg Miller
- Modelling combat Travis Casey
- Modelling combat Greg Miller
- Modelling combat Chris Gray
- Modelling combat Jon A. Lambert
- Modelling combat Travis Casey
- Modelling combat jolson@micron.net
- ScryMUD 2.1.1 released. Ben Greear
- Identity and Ethics briefly touched on in Washington Post Raph Koster
- Interesting expansion on Bartle's Four Raph Koster
- MUD-Dev digest, Vol 1 #163 - 25 msgs Dr. Cat
- MUD-Dev digest, Vol 1 #163 - 25 msgs Mud Imp
- MUD-Dev digest, Vol 1 #163 - 25 msgs J C Lawrence
- MUD-Dev digest, Vol 1 #163 - 25 msgs Tamzen Cannoy
- MUD-Dev digest, Vol 1 #163 - 25 msgs Raph Koster
- MUD-Dev digest, Vol 1 #163 - 25 msgs Tamzen Cannoy
- MUD-Dev digest, Vol 1 #163 - 25 msgs Raph Koster
- MUD-Dev digest, Vol 1 #163 - 25 msgs Raph Koster
- MUD-Dev digest, Vol 1 #163 - 25 msgs Brian 'Psychochild' Green
- MUD-Dev digest, Vol 1 #163 - 25 msgs Dave Rickey
- MUD-Dev digest, Vol 1 #163 - 25 msgs Greg Miller
- MUD-Dev digest, Vol 1 #163 - 25 msgs John Buehler
- MUD-Dev digest, Vol 1 #163 - 25 msgs Greg Miller
- MUD-Dev digest, Vol 1 #163 - 25 msgs Matthew Mihaly
- MUD-Dev digest, Vol 1 #163 - 25 msgs John Buehler
- MUD-Dev digest, Vol 1 #163 - 25 msgs Dave Rickey
- MUD-Dev digest, Vol 1 #163 - 25 msgs Greg Miller
- MUD-Dev digest, Vol 1 #163 - 25 msgs Dave Rickey
- MUD-Dev digest, Vol 1 #163 - 25 msgs Hess, Ian W {Ian}
- MUD-Dev digest, Vol 1 #163 - 25 msgs jolson@micron.net
- MUD-Dev digest, Vol 1 #163 - 25 msgs Marc Bowden
- MUD-Dev digest, Vol 1 #163 - 25 msgs Patrick Dughi
- MUD-Dev digest, Vol 1 #163 - 25 msgs Dave Rickey
- MUD-Dev digest, Vol 1 #163 - 25 msgs Greg Miller
- MUD-Dev digest, Vol 1 #163 - 25 msgs Raph Koster
- MUD-Dev digest, Vol 1 #163 - 25 msgs Jon A. Lambert
- MUD-Dev digest, Vol 1 #163 - 25 msgs Marian Griffith
- MUD-Dev digest, Vol 1 #163 - 25 msgs Marian Griffith
- MUD-Dev digest, Vol 1 #163 - 25 msgs Raph Koster
- MUD-Dev digest, Vol 1 #163 - 25 msgs Tamzen Cannoy
- MUD-Dev digest, Vol 1 #163 - 25 msgs Jeff Freeman
- MUD-Dev digest, Vol 1 #163 - 25 msgs Travis Casey
- MUD-Dev digest, Vol 1 #163 - 25 msgs Travis Casey
- MUD-Dev digest, Vol 1 #163 - 25 msgs Colin Coghill
- MUD-Dev digest, Vol 1 #163 - 25 msgs Matthew Mihaly
- MUD-Dev digest, Vol 1 #163 - 25 msgs KevinL
- MUD-Dev digest, Vol 1 #163 - 25 msgs Travis Nixon
- MUD-Dev digest, Vol 1 #163 - 25 msgs Dave Rickey
- MUD-Dev digest, Vol 1 #163 - 25 msgs Travis Casey
- MUD-Dev digest, Vol 1 #163 - 25 msgs Travis Casey
- MUD-Dev digest, Vol 1 #163 - 25 msgs KevinL
- MUD-Dev digest, Vol 1 #163 - 25 msgs Greg Miller
- MUD-Dev digest, Vol 1 #163 - 25 msgs Raph Koster
- MUD-Dev digest, Vol 1 #163 - 25 msgs Dave Rickey
- MUD-Dev digest, Vol 1 #163 - 25 msgs Chris Turner
- MUD-Dev digest, Vol 1 #163 - 25 msgs Raph Koster
- Code Repository Kyndig
- MUD-Dev digest, Vol 1 #164 - 12 msgs Dr. Cat
- MUD-Dev digest, Vol 1 #164 - 12 msgs Greg Miller
- MUD-Dev digest, Vol 1 #164 - 12 msgs Dr. Cat
- MUD-Dev digest, Vol 1 #164 - 12 msgs Raph Koster
- Mud-Dev FAQ 1 Marian Griffith
- Mud-dev FAQ 1 Marian Griffith
- Mud-Dev FAQ 2 Marian Griffith
- MUD-Dev digest, Vol 1 #165 - 14 msgs Dr. Cat
- MUD-Dev digest, Vol 1 #165 - 14 msgs Greg Miller
- MUD-Dev digest, Vol 1 #165 - 14 msgs John Buehler
- MUD-Dev digest, Vol 1 #165 - 14 msgs Matthew Mihaly
- MUD-Dev digest, Vol 1 #165 - 14 msgs John Buehler
- MUD-Dev digest, Vol 1 #165 - 14 msgs Dave Rickey
- MUD-Dev digest, Vol 1 #165 - 14 msgs Tamzen Cannoy
- MUD-Dev digest, Vol 1 #165 - 14 msgs Greg Miller
- [Meta] MUD-Dev digest, Vol 1 #163 - 25 msgs J C Lawrence
- [Meta] MUD-Dev digest, Vol 1 #163 - 25 msgs Raph Koster
- [Meta] MUD-Dev digest, Vol 1 #163 - 25 msgs Matthew Mihaly
- [Meta] MUD-Dev digest, Vol 1 #163 - 25 msgs Raph Koster
- fantasy cliches Travis Casey
- fantasy cliches J C Lawrence
- grief players S. Patrick Gallaty
- Combat Systems Ben
- Combat Systems Patrick Dughi
- Combat Systems J C Lawrence
- Combat Systems Ben
- Combat Systems adam@treyarch.com
- Combat Systems Ben
- Combat Systems adam@treyarch.com
- Combat Systems Phillip Lenhardt
- Combat Systems adam@treyarch.com
- Combat Systems KevinL
- Combat Systems Hans-Henrik Staerfeldt
- Combat Systems Hans-Henrik Staerfeldt
- threading server models (was: Combat Systems) Bruce
- eXistenZ WAS -- MUD-Dev digest, Vol 1 #163 - 25 msgs Zak Jarvis
- eXistenZ WAS -- MUD-Dev digest, Vol 1 #163 - 25 msgs Hans-Henrik Staerfeldt
- eXistenZ WAS -- MUD-Dev digest, Vol 1 #163 - 25 msgs Raph Koster
- Battlenet Hack Geoffrey A. MacDougall
- eXistenZ Zak Jarvis
- eXistenZ Dave Rickey
- Sustainable Ecosystem Geoffrey A. MacDougall
- Sustainable Ecosystem J C Lawrence
- Sustainable Ecosystem S. Patrick Gallaty
- Sustainable Ecosystem Timothy Dang
- Sustainable Ecosystem Greg Miller
- Sustainable Ecosystem Michael Tresca
- Sustainable Ecosystem Mordengaard
- Sustainable Ecosystem jolson@micron.net
- Sustainable Ecosystem adam@treyarch.com
- Sustainable Ecosystem Raph Koster
- Sustainable Ecosystem Dave Rickey
- Sustainable Ecosystem Raph Koster
- Sustainable Ecosystem Mordengaard
- Sustainable Ecosystem Matthew D. Fuller
- Sustainable Ecosystem quzah@kanga.nu
- Sustainable Ecosystem Josh Olson
- Sustainable Ecosystem Timothy Dang
- Sustainable Ecosystem Andy
- Sustainable Ecosystem Patrick Dughi
- Sustainable Ecosystem Timothy Dang
- Sustainable Ecosystem ERI
- Sustainable Ecosystem Jon A. Lambert
- Sustainable Ecosystem Patrick Dughi
- Sustainable Ecosystem jolson@micron.net
- Sustainable Ecosystem Nathan Clemons
- Sustainable Ecosystem holding99@mindspring.com
- Sustainable Ecosystem Raph Koster
- My favorite game systems, what are yours? S. Patrick Gallaty
- My favorite game systems, what are yours? Marc Bowden
- Thread models and Linux J C Lawrence
- eXistenZ Zak Jarvis
- Player skill Tess Lowe
- Player vs. Character Skills Ananda Dawnsinger
- Command Qeues - Was "Combat Systems" Ben
- Command Qeues - Was "Combat Systems" Eli Stevens
- Roleplaying in Muds Ben
- Roleplaying in Muds Colin Coghill
- Roleplaying in Muds Travis Casey
- Roleplaying in Muds Malcolm Valentine
- Roleplaying in Muds Caliban Tiresias Darklock
- Roleplaying in Muds Matthew Mihaly
- Roleplaying in Muds Ben
- Roleplaying in Muds Solmyr of the Azure Star
- Roleplaying in Muds J C Lawrence
- Roleplaying in Muds Travis Casey
- Roleplaying in Muds J C Lawrence
- Roleplaying in Muds Travis Casey
- Roleplaying in Muds Dave Rickey
- Roleplaying in Muds Raph Koster
- Roleplaying in Muds Peter
- Roleplaying in Muds Phillip Lenhardt
- Roleplaying in Muds Travis Casey
- Roleplaying in Muds J C Lawrence
- Roleplaying in Muds Travis Casey
- Roleplaying in Muds Solmyr of the Azure Star
- Roleplaying in Muds Patrick Dughi
- Roleplaying in Muds Travis Casey
- Roleplaying in Muds J C Lawrence
- Roleplaying in Muds Ben
- Roleplaying in Muds Solmyr of the Azure Star
- Roleplaying in Muds Erik Jarvi
- Roleplaying in Muds Josh Anderson
- Roleplaying in Muds rayzam
- Roleplaying in Muds Solmyr of the Azure Star
- Roleplaying in Muds Erik Jarvi
- Roleplaying in Muds Josh Anderson
- Roleplaying in Muds Malcolm Valentine
- Roleplaying in Muds Miroslav Silovic
- Roleplaying in Muds Josh Anderson
- Roleplaying in Muds Patrick Dughi
- Roleplaying in Muds Miroslav Silovic
- Roleplaying in Muds Solmyr of the Azure Star
- Roleplaying in Muds Travis Casey
- Roleplaying in Muds Jeremy Noetzelman
- Classless systems Ryan P.
- Classless systems J C Lawrence
- Classless systems Ben
- Classless systems Ben
- Classless systems Christopher Allen
- Classless systems J C Lawrence
- Classless systems David Bennett
- Classless systems J C Lawrence
- Classless systems adam@treyarch.com
- Classless systems Val Trullinger
- Classless systems Ling Lo
- Classless systems David Bennett
- Classless systems Steve Houchard
- Classless systems David Bennett
- Classless systems Steve Houchard
- Classless systems Mordengaard
- Classless systems Gabriel
- Classless systems Travis Casey
- Classless systems Brian 'Psychochild' Green
- Classless systems Val Trullinger
- eXistenZ Richard Tew
- Scaling a world. Saereth2000@aol.com
- Scaling a world. Bruce
- Scaling a world. Patrick Dughi
- Scaling a world. Nat Blundell
- Scaling a world. Patrick Dughi
- Scaling a world. David Bennett
- AutoClass Ling Lo
- AutoClass Hans-Henrik Staerfeldt
- Required EXP algorithms Ben
- Required EXP algorithms Travis Casey
- Questing Systems Ben
- Questing Systems Chris Gray
- Questing Systems Nathan Clemons
- Questing Systems Mordengaard
- Questing Systems Travis Casey
- Questing Systems John Hopson
- Questing Systems Raph Koster
- Questing Systems Kristen L. Koster
- Questing Systems Todd McKimmey
- Questing Systems Malcolm Valentine
- Questing Systems Malcolm Tester
- Thoughts on Classless systems Travis Casey
- Thoughts on Classless systems Greg Miller
- Thoughts on Classless systems Josh Anderson
- Thoughts on Classless systems Ben
- Thoughts on Classless systems Ryan P.
- Thoughts on Classless systems Raph Koster
- Thoughts on Classless systems David Bennett
- Thoughts on Classless systems Koster, Raph
- Thoughts on Classless systems Malcolm Valentine
- Basic principles of reinforcement for muds John Hopson
- Basic principles of reinforcement for muds Matthew Mihaly
- Basic principles of reinforcement for muds Tess Lowe
- Basic principles of reinforcement for muds Dave Rickey
- Realism and NPCs Ben
- Realism and NPCs Travis Casey
- Realism and NPCs Christopher Allen
- Balance... RPG or Role-Playing Game? Ben
- Balance... RPG or Role-Playing Game? Travis Casey
- Balance... RPG or Role-Playing Game? Raph Koster
- Balance... RPG or Role-Playing Game? Patrick Dughi
- Balance... RPG or Role-Playing Game? Raph Koster
- Balance... RPG or Role-Playing Game? Paul Schwanz - Enterprise Services
- Balance... RPG or Role-Playing Game? Patrick Dughi
- Balance... RPG or Role-Playing Game? Gabriel
- Balance... RPG or Role-Playing Game? Koster, Raph
- Balance... RPG or Role-Playing Game? Malcolm Valentine
- Balance... RPG or Role-Playing Game? Mordengaard
- Balance... RPG or Role-Playing Game? Malcolm Valentine
- [rpg-create] Martial arts rules (fwd) J C Lawrence
- SQL and Muds Jeremy Noetzelman
- SQL and Muds J C Lawrence
- SQL and Muds Nathan Clemons
- [rpg-create] Maneuvers (fwd) J C Lawrence
- Memory, the Brain, and Dogma rayzam
- emlenmud Josh Rollyson
- emlenmud Greg Miller
- How to Hurt the Hackers: The Scoop on Internet Cheating and How You Can Combat It by Matt Pritchard J C Lawrence
- How to Hurt the Hackers: The Scoop on Internet Cheating and How You Can Combat It by Matt Pritchard Caliban Tiresias Darklock
- How to Hurt the Hackers: The Scoop on Internet Cheating and How You Can Combat It by Matt Pritchard Greg Underwood
- How to Hurt the Hackers: The Scoop on Internet Cheating and How You Can Combat It by Matt Pritchard Hans-Henrik Staerfeldt
- Getting info from NPCs Dmitri Zagidulin
- Getting info from NPCs Josh Anderson
- Getting info from NPCs Patrick Dughi
- Getting info from NPCs Warren Powell
- Getting info from NPCs Paul Schwanz - Enterprise Services
- Getting info from NPCs Travis Casey
- Getting info from NPCs Lazarus
- Skill defaulting Ryan "BC|Uller" Myers
- Skill defaulting rayzam
- Skill defaulting Mordengaard
- Skill defaulting Ryan "BC|Uller" Myers
- Skill defaulting Marian Griffith
- Skill defaulting rayzam
- Roleplaying vs Immersion Miroslav Silovic
- Roleplaying vs Immersion Erik Jarvi
- Roleplaying vs Immersion Miroslav Silovic
- Roleplaying vs Immersion Matthew Mihaly
- Roleplaying vs Immersion Miroslav Silovic
- On Lockless Threading and X/Open XA Bruce
- On Lockless Threading and X/Open XA Greg Underwood
- On Lockless Threading and X/Open XA Bruce
- On Lockless Threading and X/Open XA J C Lawrence
- On Lockless Threading and X/Open XA KevinL
- On Lockless Threading and X/Open XA Patrick Dughi
- On Lockless Threading and X/Open XA KevinL
- On Lockless Threading and X/Open XA Bruce
- On Lockless Threading and X/Open XA Greg Underwood
- On Lockless Threading and X/Open XA J C Lawrence
- WorldForge Acorn demo 0.1 alpha released Alistair Riddoch
- Threading Models and Command Queues Ben
- Medievia advertises in Dragon magazine Charles Hughes
- MUD Wimping Michael Tresca
- MUD Wimping Dan Shiovitz
- MUD Wimping Matthew Mihaly
- MUD Wimping Michael Tresca
- MUD Wimping adam@treyarch.com
- MUD Wimping Matthew Mihaly
- MUD Wimping Raph Koster
- MUD Wimping adam@treyarch.com
- MUD Wimping Patrick Dughi
- MUD Wimping Matthew Mihaly
- MUD Wimping J C Lawrence
- MUD Wimping Lazarus
- MUD Wimping adam@treyarch.com
- MUD Wimping KevinL
- MUD Wimping Chris Turner
- MUD Wimping Koster, Raph
- MUD Wimping J C Lawrence
- MUD Wimping Matthew Mihaly
- MUD Wimping Matt Chatterley
- MUD Wimping Raph Koster
- MUD Wimping stoddart@slip.net
- Article: Constructive Politics in a MMORPGs (fwd) Matthew Mihaly
- Permadeath (was: Balance... RPG or Role-Playing Game?) Eli Stevens
- The Player Wimping Guidebook J C Lawrence
- The Player Wimping Guidebook Matthew Mihaly
- The Player Wimping Guidebook Nathan Clemons
- The Player Wimping Guidebook Matthew Mihaly
- The Player Wimping Guidebook ROBERT MCCAULEY
- The Player Wimping Guidebook Val Trullinger
- The Player Wimping Guidebook Jeremy Noetzelman
- The Player Wimping Guidebook Matthew Mihaly
- The Player Wimping Guidebook adam@treyarch.com
- The Player Wimping Guidebook Malcolm Tester
- The Player Wimping Guidebook J C Lawrence
- The Player Wimping Guidebook Matthew Mihaly
- The Player Wimping Guidebook rayzam
- The Player Wimping Guidebook Raph Koster
- The Player Wimping Guidebook Matthew Mihaly
- The Player Wimping Guidebook J C Lawrence
- The Player Wimping Guidebook Matt Chatterley
- The Player Wimping Guidebook Matthew Mihaly
- The Player Wimping Guidebook Patrick Dughi
- The Player Wimping Guidebook Brian Vrolyk
- The Player Wimping Guidebook Warren Powell
- The Player Wimping Guidebook Marc Bowden
- The Player Wimping Guidebook rayzam
- The Player Wimping Guidebook Greg Underwood
- The Player Wimping Guidebook Matthew Mihaly
- The Player Wimping Guidebook Greg Underwood
- The Player Wimping Guidebook Koster, Raph
- The Player Wimping Guidebook Jerry Hill
- The Player Wimping Guidebook Matthew Mihaly
- The Player Wimping Guidebook Matthew Mihaly
- The Player Wimping Guidebook Matt Chatterley
- The Player Wimping Guidebook rayzam
- The Player Wimping Guidebook Raph Koster
- The Player Wimping Guidebook Matthew Mihaly
- The Player Wimping Guidebook Michael Tresca
- The Player Wimping Guidebook Nathan Clemons
- The Player Wimping Guidebook Matt Chatterley
- The Player Wimping Guidebook Raph Koster
- The Player Wimping Guidebook Zak Jarvis
- The Player Wimping Guidebook J C Lawrence
- The Player Wimping Guidebook Matthew Mihaly
- The Player Wimping Guidebook Steven Wallace
- The Player Wimping Guidebook Koster, Raph
- The Player Wimping Guidebook Matthew Mihaly
- The Player Wimping Guidebook Koster, Raph
- The Player Wimping Guidebook adam@treyarch.com
- The Player Wimping Guidebook Koster, Raph
- The Player Wimping Guidebook adam@treyarch.com
- The Player Wimping Guidebook Raph Koster
- The Player Wimping Guidebook Matthew Mihaly
- The Player Wimping Guidebook Koster, Raph
- The Player Wimping Guidebook adam@treyarch.com
- The Player Wimping Guidebook Raph Koster
- The Player Wimping Guidebook Matt Chatterley
- The Player Wimping Guidebook Koster, Raph