Life is Strange review 
by Viktor Hansson on 26 October 2015, 07:41
Life is strange is the first episodic game I've played. At first I was annoyed by the format, having to wait 2 months after each episode seemed difficult. But unlike TV-series, where each episode is no more than an hour and for the most part quite uneventful, each episode of Life is Strange takes about 2-4 hours to finish, depending on how much you explore. And as most TV-series have 10-20 episodes per season, there's quite a lot of time to fill out. Life is strange has only five episodes, and therefore each one has to contain quite a lot of story, enough to keep you satisfied during the wait for the next one.
Let me start by saying the first episode is quite slow, since it's an introduction to both the characters and the universe in which they live. You are also introduced to the core gameplay mechanic: Max's ability to manipulate time. As its been a while since I played this episode I can't remember the exact details, but I remember thinking that the episode was not really ...enticing enough to convince you to continue with episode 2. But if you do, you're rewarded with four great episodes.
The game's protagonist is a teenager named Max Caulfield. She attends Blackwell Academy, where some strange things are happening. Throughout the game we're introduced to her friends Chloe and Warren, both of whom play a big role in the story.
It's hard to go deeper into the actual story without spoiling at least some things, therefore I won't do that. Though I will say that while the first episode makes the game seem like a typical high-school teen drama, the four other episodes will certainly make you see that few stories deliver as well as Life is Strange.
Technically this game is somewhat underwhelming. It looks like most of the graphics has a distinct "cartoony" look which works great for the environment, but not so great for the characters.
However the worst part is undoubtedly the facial animations. The game is inherently very emotional, which is reflected well in the voice acting, but since the characters faces fails to display the emotion it often falls flat, and sometimes even look silly. Paired with non-existent lip-syncing made me often look away and just listen to the dialog. It appears Dontnod improved the lip-syncing in episode 4 and 5, to being only stiff monotonous mouth movement. In the first three episodes it often looked like the characters said something entirely different than the voice actors.
While the graphics department had some troubles, the audio department has done outstanding work in Life is Strange. The voice-acting is mostly very well executed, but what really stands out is the soundtrack, which is so perfectly matched with the environment and situations. The song below is the main theme, and it's just outstanding.
All in all this is a truly great game, which I strongly recommend. While it is a shame about the character graphics, the story, gameplay and soundtrack make up for it big time.
Its available on most platforms, but I do recommend using a controller if you're on PC
Rant of the day: Chrome and HTTP Authentication
by Viktor Hansson on 17 August 2015, 19:25
I'm developing a REST API right now and am at the stage where I need to implement user authentication to restrict endpoints that mutate data. Anyway this is the exact same thing one of my main tasks at work are, however in that product we have OAuth and some fancy other stuff which I don't plan on implementing.
Anyways, for the api I though at first I would use Digest auth, but never having used it I had no idea of how it worked. A few minutes later I had a hello world api using Digest auth using the library flask-httpauth. What was extremely weird however was that sometimes it worked, but most of the time it just returned 401 regardless of how correct the login data was. I tried it first using postman. No luck. Then using curl. No luck. Then using chrome. Some luck. It worked one time. Then I opened the api in an incognito tab and it completely stopped working.
So I thought, hey fuck that shit, just use basic auth over HTTPS, almost or completely as secure. And then I ran into the same problem I've had at work. Despite HTTP auth being completely stateless, i.e the Authorization header must be provided for every request, Chrome thinks its a good idea to store this information and send it automatically. Which I can surely see the merit in, since you don't have to provide it for every page load. The problem however is that its impossible to clear this information. Clear the cookis. No luck. Clear the history. No luck. The only way (unreliable) is to exit chrome, and to even suggest this as a solution is definitive proof that you're a complete idiot. There is one other way which is somewhat more convenient, to use an incognito window. The problem however is that this is information that should be erasable upon demand, without jumping through hoops. And as usual the devs just flip everyone the finger and says "low priority". Since 2011 to present day.
Using a VPN for my home network
by Viktor Hansson on 06 August 2015, 07:24
I recently switched my home router from an Airport extreme to an Asus RT66U. The first thing I did was to replace the stock firmware with the Merlin firmware, which is very similar to the stock one, except that it has much more features. One of these features is an integrated OpenVPN server and client. I've wanted to have my home network through a VPN for a long time so I though that I should take advantage of this.
I did some research into which VPN provider I should use and landed on AirVPN. They have a 3-day trial for 1€ which I'm currently on. What I escpecially like about this provider is that they seem to have a good enough privacy policy, as well as having many servers in different countries. Its also really simple to switch between different servers. I'm currently using one in Sweden, since this means the traffic isn't leaving the country and is not in the hands of FRA.
Now if I just had a normal home network and wanted all my traffic tunneled that would be it. But of course that is not good enough for me. The problems that arise are that:
- I have multiple services within my network that needs to be exposed.
- I have a pretty fast connection (250/100) which I want to use for torrent downloads and gaming, so I only want web traffic to go through the tunnel.
This posed a problem with routing, since the only option in the vpn client on the router was to redirect all internet traffic or none (however this option didn't seem to change anything). What happended when the VPN was connected was that the tunnel was added as the default gateway
admin@RT-AC66U-AE28:/tmp/home/root# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 52.102.145.143 81.170.225.1 255.255.255.255 UGH 0 0 0 eth0 81.170.225.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 10.0.1.0 0.0.0.0 255.255.255.0 U 0 0 0 br0 81.170.225.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 10.4.0.0 0.0.0.0 255.255.0.0 U 0 0 0 tun11 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 10.4.0.1 128.0.0.0 UG 0 0 0 tun11 128.0.0.0 10.4.0.1 128.0.0.0 UG 0 0 0 tun11 0.0.0.0 81.170.225.1 0.0.0.0 UG 0 0 0 eth0
This is the routing table with the vpn connected (IPs changed). To explain breifly the default gateway is used to determine where a packet should go if there are no other routes it matches. For example if someone sends me a packet with source x.x.x.x. When I respond the destination on that packet is x.x.x.x. The packet goes to my router, and it knows that the packet can not be directly sent to that computer since its not in the same network. It then sends it to the default gateway and hopes that that router/computer knows where to send it.
This also means that when gaming the packets will be sent through the VPN, and since the response time and bandwidth of the VPN is much lower than what I have directly, there could/would be lag. So I followed this guide and added the following rules on the router.
ip route add default table 100 via 81.170.225.1 ip rule add fwmark 1 table 100 ip route flush cache iptables -t mangle -I PREROUTING -i eth1 -p tcp -m multiport ! --dport 80,443 -j MARK --set-mark 1
This creates a new routing table named 100 with 1 rule: use the ISP gateway for everything.
The second command adds a rule to use the 100 table to route all packets that are marked with 0x1.
Next command flushes the routing cache.
admin@RT-AC66U-AE28:/jffs/scripts# ip rule 0: from all lookup local 32765: from all fwmark 0x1 lookup 100 32766: from all lookup main 32767: from all lookup default admin@RT-AC66U-AE28:/jffs/scripts# ip route show table 100 default via 81.170.225.1 dev eth0
Finally add a rule to the PREROUTING chain (packets pass this before going through the routing tables) which marks all tcp packets on the interface eth1 that has a destination port other than 80 or 443. This will mean that http(s) request will not be marked and be routed the main routing table (which uses the VPN). All other packets will be using the ISP gateway to get to the destination. I then had to add this rule for all interfaces except eth0 which is the wan interface
This works well, it does exactely what its supposed to do. However there is a problem. When someone does a http request against my ip the packets goes in to my load balancer and are processed. When time comes for the LB to return them, it sends the packet back through the VPN which of course has no knowledge of this connection and drops it. Therefore the following rule is required:
iptables -t mangle -I PREROUTING -p tcp -s ${LB_IP} ! -d ${LAN_NET} -m multiport --sport 80,443 -j MARK --set-mark 1 This makes sure that packets that originates from the LB and has the source port 80 or 443 are also marked with 1, therefore using the 100 table to route through the ISP.
Although as I'm typing this I realize that since the destination port on those packets is not 80 nor 443 it should be marked by the first rule... There was some problem though that since table 100 routes everything on dev eth0 I could not access my servers from within my own network, since that should be routed on the routers lo interface...
In any case this setup works, so I will not fiddle with it anymore. I finally added a similar rule as the one above with smtp and imap ports for the mail server to work, and rules to mark all udp and icmp traffic (since most games use udp, and I want to have reliable pings).
iptables -t mangle -I PREROUTING -p tcp -s ${MAIL_HOST} ! -d ${LAN_NET} -m multiport --sport 25,465,587,993,143 -j MARK --set-mark 1
iptables -t mangle -I PREROUTING -i eth1 -p udp -j MARK --set-mark 1For my particular router the interfaces I added these rules for where vlan1, vlan2, eth1, eth2. And to make it permanent I enabled user scripts and placed this script in /jffs/scripts/openvpn-event. Make sure its executable:
chmod +x /jffs/scripts/openvpn-eventThats all, I now have my webtraffic through a VPN. There is one more problem that I have yet to resolve. DNS. Currently I have manually set the routers dns servers to OpenDNS servers, however I have selected the option to use dns servers pushed by the VPN, but I'm not really sure if this is successful. I will have to continue investigation.
Rant of the day:Microsoft
by Viktor Hansson on 01 June 2015, 20:01
Time for a new rotd.This one is directed to the company that makes me want to go live in the woods without electricity. M$. How I dispise every single thing this evil company stands for (with one exception).
It feels like everything they ever do is just to ruin everything and make it as bad as it could possible be. A few examples I though of while waiting for VS 2013 to uninstall:
- Windows can't display PDFs
- Windows image viewer disregards any rotation flags in images
- Windows can't mount ISOs
- Windows can't have multiple taskbars
- Windows can't select audio sink per application
- Windows *very* often crashes/locks up when cancelling any action.
- VS 2013 took over 30 minutes to uninstall.
Now I know that some of these problems can be fixed with third party, virus ridden applications, but the point is that for a modern operating system, this should not be neccessary.
And don't get me started on Skype... Skype... If I tried my hardest, I am not positive that I could have ruined a once great application such as skype more than what m$ has done to it.
I litteraly can't even.
Nordsken
by Viktor Hansson on 20 May 2015, 09:21
This is a somewhat unusual topic for this blog, which is usually about tech/programming tips and stuff. This time I have decided to try to write a short summary of my recent trip back "home" to Skellefteå.
See, here in Sweden we like to celebrate everything we can, and somehow we have days off from work quite often. Just this past weekend was something called "kristi himmelfärdsdag", which I assume is when Mr. Jesus supposedly flew up to the heavens. So we are free on thursday and many of us are free on Friday as well, because whats the point of working one day and then have weekend again?
And since most people are free during this nice long weekend some people in Skellefteå arrange a rather large LAN this time of year. Which I attended last year. And which I intended to attend this year as well. However living 150 mil (~1000 miles) away this posed some troubles. But after clearing the living arrangement with blankycan I stuffed my 15 kg (~30 pounds) desktop into a suitcase I yet again traveled to the place I cannot escape.
What followed was a great long weekend spent at the LAN as well as some splendid days spent with the Frostingers.