New LARP Weapons

Spent some hours making these. I hope they’re actually legal. :/ The halberd (looks far more like a german poleax, oops) is constructed with 1″ diameter rattan, a styrofoam kickboard, the usual tan pipe insulation, some thinner dark tan (not black) pipe insulation I found, and strapping tape.

The halberd’s head is a bit bigger than I intended. I cut the styrofoam without taking into consideration the width of the padding (I used the light tan stuff for the blade’s edge, and the head spike and butt spike), so the blade came out a bit more gargantuan than I wanted it.

The dark tan padding used on the haft kinda has me worried - it’s not the rubbery black stuff that breaks down uber quick - it’s the exact same material as the light tan padding - but it’s only about 5/8ths as thick. I actually like that fact, but it may not be up to the standards of the game I’m heading to this weekend. Guess I’ll have to find out. It seems to hold up all right and is just about as cushy as the thicker stuff, but I imagine I’ll have to repad it sooner. Granted, the light tan stuff can last well over a year if you aren’t hitting like a retard and store your weapons somewhere acceptable.

The sword is a little atypical in construction too. The hilt is attached a little differently than most, as it’s a single length of padding with a hole cut through the middle edge-wise, and the PVC slide through that. It’s then secured with a healthy amount of strapping tape, similar to how all the bits are attached on the halberd. The blade was then covered completely in the dark tan padding, and then another strip of the dark tan was cut in half and doubled up on the blade edges. This gives the sword a slightly nice shape, although it’s giant and bloated compared to a real sword. The thrusting tip then has some extra light tan padding to give it a slight taper and extra cushion. The pommel is the regular light tan padding construction, albeit attached with strapping tape instead of just duct tape.

I have complete confidence that the sword is safe. The blade edges are actually even cushier than normal boffer swords since the dark tan stuff doubled up is a bit thicker than the light tan padding.

Syndicated 2008-04-11 18:12:42 from Sean Middleditch

OpenJDK / IcedTea Web Plugin

I’ve been completely unable to get most of the Java plugins I need for work to operate using the OpenJDK / IcedTea plugin that both Ubuntu and Fedora shipped. Looking into things, it appears that they’re using a modified version of the GCJ plugin which has always been pretty behind the curve when it comes to actually working.

Anyone know why the official Java plugin isn’t released with OpenJDK, or if it is, why IcedTea is sticking with the incomplete GCJ plugin?

On a side note, why does OpenOffice.org on Fedora 9 require java-1.5.0-gcj instead of using java-1.6.0-openjdk? It seems a bit goofy to have two JRE’s installed.

Syndicated 2008-04-03 16:08:42 from Sean Middleditch

OpenID Not The Best Bet

So, I’ve tried toying around with OpenID a bit, and I’ve come back feeling a little unimpressed.

There are two problems. First, it is still a super pain in the ass to setup an OpenID server. None of the servers I could find were installable with a simple tarball unpack and config script - they all required source modifications and even then didn’t really work. There are toolkits for building OpenID servers, but no ready-to-run servers.

The biggest problem though is just the user-experience as a whole. Having to type in anything at all is still kind of clunky. I want single sign-on - if I am online, any site I go to should be able to verify I am the entity I was last time (with the ability to easily allow/deny sites from doing so). I shouldn’t need to type anything in. The amount of information available to the system should be more than enough for any site, be it a simple blog comment form, a forum, or an online store.

I’m all for having a server to centralize this, but I don’t think the technology should be built around users interacting with this server. The server should be a storage medium at most, not the actual UI. Instead, I am imagining a browser extension (which should be possible for Gecko, IE, WebKit, and Opera) that exposes a new JavaScript object, something like window.AuthService. This object allows the site to query information about the current user, including name, email, contact information, etc. It will also be able to retrieve a user ID (which would probably be an email address, or something else guaranteed to be unique per-user) as well as a site token. This token would be a completely unique and cryptographically strong random identifier that is associated with the user ID and the site domain. In particular, each user/site combo gets a different token.

So, I connect to google.com, and it wants to know who I am. It queries window.AuthService.userId and window.AuthService.siteToken and gets ’sean@mojodo’ and ‘F583AC9…4AC’ back. It then uses these to log the user in, or create a new account (which in many cases could be completely silent).

The first time a site attempts to access the AuthService object, the browser can display a popup (or one of those notice bars that are becoming popular) informing the user that the site wishes to identify him, and allow him to accept the authorization (possibly selecting between multiple profiles), permanently accept it, deny it, or select the access level (id and token only, id token and contact info, etc.).

The central server comes into play by allowing the browser to configure such a server (which could easily just be an LDAP server) to grab identifies from. Browsers set up in public terminals could be configured to ask for the server login information when the user first accepts an AuthService request (and not store this information past the end of the browser session). This allows users to keep their authentication information somewhere central, but keeps the UI solely in the browser allowing for a far better user experience.

Obviously a lot of details need to be worked out, including the exact interface (would it be better to use HTTP headers rather than or in addition to JavaScript?), the UI needs to be nailed down, etc.

I’ve considered writing a Mozilla extension for this (as well as extensions for WHAT-WG Connection class and Server-Sent DOM Events), but writing extensions for Mozilla is such a byzantine process and the documentation on how one might register new objects in windows (and do so securely - the docs just say it’s insecure if not done right, warning you not to do it, which is fucking useless compared to just explaining how to do it correctly and securely) that I haven’t been able to get anywhere on any of those ideas.

In the end though, I think OpenID is pretty much dead technology. At most it might become very slightly popular with blogs for posting comments, but it’s usefulness pretty much ends there. The UI sucks and the ease of user control and information handling is too lacking.

Syndicated 2008-02-14 19:11:50 from Sean Middleditch

Mojodo Inc.

I finally got my hands on the domain I’ve been drooling over for over a year now, and am currently in the process of converting AwesomePlay Productions, Inc. into Mojodo Inc.

I’ve kind of hated the name awesomeplay for a long time. I came up with it back when I was, oh, 11. I think it was a direct rip of Interplay Productions, my favorite computer game company at the time (they published Dungeon Master II and Stonekeep). The name is pretty lame, dated, and unprofessional. Mojodo on the other hand is totally Web 2.0, which is also kind of lame in its own way, but what else is expected when every other reasonably intelligent domain name is taken. :)

The actual company site, once I get it developed, will be hosted at mojodoinc.com, and a new Service (oh crap) will be hosted at mojodo.com once I have the time to invest in that.

In slightly unrelated news, it’s kind of surreal that I’ve found articles written about PHP-Sugar already. Hopefully soon the new domain will be the top hit for Google searches, and the online reference manual should be ready in a week or so. 1.0 isn’t far away.

Syndicated 2008-02-14 07:29:03 from Sean Middleditch

PHP-Sugar 0.73 Bugfix Release

Several bugs were found in the 0.72 release of PHP-Sugar, so I’ve released 0.73 with fixes.

The two main fixes are a correction to the Sugar::isCached() method to always return false in debug mode and fixes to avoid warnings and errors in E_STRICT mode.

I also fixed up some of the tests to work properly again, and added a new test for comments.

Syndicated 2008-02-12 06:00:19 from Sean Middleditch