Has anyone seen any previous articles or threads on the forum from Cryptic or Atari about what hardware and software STO is running on? Being a single instance MMO and with references to "the server", with the amount of resource running the game must take, I'd imagine it's running on a cluster of some sort (For both performance and availability) with a multi-tiered architecture. I'd also be curious to hear how much resource (Processor, RAM, disk) each player uses while in game.
I'm a little surprised at the lack of response, as I'd have thought more people would have been curious about the hardware/software that STO runs on.
Alright, well I'm wanting to cover my TRIBBLE and make sure I don't get banned if I do any packet captures and port scans. Can anyone point me towards a copy of the EULA? I've failed to find a copy with search or the Google.
I work in IT security. Security through obscurity is no security at all. The code for STO will be a trade secret. The hardware and software the servers run, how their disks are configured, etc wouldn't be. I suspect Cryptic would be happy to answer questions like this IF they have time to do so.
So no one responding to this thread has answered any of my questions at all. :rolleyes:
I work in IT security. Security through obscurity is no security at all. The code for STO will be a trade secret. The hardware and software the servers run, how their disks are configured, etc wouldn't be. I suspect Cryptic would be happy to answer questions like this IF they have time to do so.
So no one responding to this thread has answered any of my questions at all. :rolleyes:
You work in IT security - but not for Cryptic, as if you were, you wouldn't have asked said question. I operated IT equipment for one of the largest theater chains in the world. I was one of only three people in the entire corporation allowed to enter the room where the machines I was responsible were held.
I can tell you right now that if I told anyone what was in there who wasn't one of those other two people, I'd have been fired and then sued for breach of contract.
The security policies for your company may not be the same as the ones Cryptic goes by, and most MMO's aren't in the business of saying what equipment they use, as competition is already pretty bad in the MMO market.
You work in IT security - but not for Cryptic, as if you were, you wouldn't have asked said question. I operated IT equipment for one of the largest theater chains in the world. I was one of only three people in the entire corporation allowed to enter the room where the machines I was responsible were held.
I can tell you right now that if I told anyone what was in there who wasn't one of those other two people, I'd have been fired and then sued for breach of contract.
The security policies for your company may not be the same as the ones Cryptic goes by, and most MMO's aren't in the business of saying what equipment they use, as competition is already pretty bad in the MMO market.
I concur - I do work in IT and security is one of my main concerns. I regularly get requests for details of my server infrastructure (from well meaning clients, who want to satisfy themselves of my BCM planning / capabilities). We rarely give them more than vague info due to the risks involved in doing so.
As for STO, one of the devs a while back said it was running on well over 100 clustered serves - of course, that could mean anything in a modern IT environment.
EG I have a single virtual host running over 50 servers.... Does that mean I have 1 server or 50+? It could mean either.
Search for Peter Hamilton. You'll see "Security Manager" under "Information Technology Services". And you now look like a complete tool, and anything you post on the forums doesn't mean TRIBBLE. Sorry. To everyone else, I apologise, but when someone say "I don't think you work IT", and I do, they just look like a tool.
Now, lets put your comment to the test (Not that how you might respond had any value based on your comments above). IBM runs IBM hardware. How does this help you "break in"?
I can tell you right now that if I told anyone what was in there who wasn't one of those other two people, I'd have been fired and then sued for breach of contract.
As you allude to in your next comment, IF you're in breach of contract, then yes, I suspect you could get fired. Probably depends on who you **** off in doing so. However, if you read your contract, I doubt you'd find a clause stating "Don't tell anyone what hardware/software our infrastructure runs on". IF you ****ed someone off, they might get you on the great catch-all of 'breach of code of conduct'. If so, just get a good lawyer and an out of court settlement. Mind you, your employer probably has more money to burn than you...Pro-tip. I spend a lot of time talking to HR about breach of contract and code of conduct. Less there. Don't surf TRIBBLE at work.
...and most MMO's aren't in the business of saying what equipment they use...
And you would know this by having firsthand knowledge of working in the MMO industry yourself?:
A) Its 2010. Customer focus via the social web is the new in thing.
Were talking Star Trek. A target market for much of which is rather geeky and will be interested by this. Someone at Cryptics ability to answer this will firstly be dictated by the side of the bed that the person who gets asked woke up on, and then IF it is deemed sufficiently important, someone might look up some policy, maybe bounce it off Legal (Since they need something more to do than drink coffee all day), and MAYBE theyd go Sure. Just some basic answers. Nothing detailed..
...as competition is already pretty bad in the MMO market.
Puhleez. There are several layers of disclosure possible here. Examples:
1) We run clustered virtual machines in a multi-tiered, high availability architecture based on open source software.
(Now use any of that to break in. FFS)
2) We're running Dell hardware with an EMC SAN, using Windows servers.
(Now use any of that to break in. FFS)
3) We're running XYZ hardware, with XYZ firmware, with XYZ OS last patched on blah-blah-blah and an old version of VMWare. Our front end servers are on A.B.C.blah, back end on X.Y.Z.blah behind a YXZ firewall, etc, etc, etc.
THIS would be irresponsible. THIS is not the level of detail being requested nor would THIS level of information be disclosed by any responsible individual. That being said, having attended more security/hacker conferences than I care to recall, people who are going to hack your system DO get this stuff without asking. It's not hard at all.
... We rarely give them more than vague info due to the risks involved in doing so...
Interesting. I spend about 50% of my job quantifying IT risk for non-IT people, generally translating risk and probability in to dollar figures. So please...Give me your interpretation of the risk involved.
... As for STO, one of the devs a while back said it was running on well over 100 clustered serves - of course, that could mean anything in a modern IT environment...
See. Simple answer. Sufficiently vague. Somehow I suspect this person still works for Cryptic and hasnt been fired for breach of contract, RIP-jedidethfreak...
Hey, if you don't want people making backhanded comments about your job, maybe you should try and keep your nose out of my employment contract, which explicitly stated that I was to discuss nothing more on the equipment than the vagaries of "we have digital projection equipment, and a server to control them." The only reason I was able to say THIS is because the theater chain I worked for advertised full digital projection.
And yes, there was a de-facto clause stating that, due to the nature of the agreement between the company and the equipment manufacturer/distributor, I could not discuss the technology any more than that, otherwise I would be fired for breach of contract - I did, in fact, sign a contract - and would then be liable to a lawsuit.
Hey, if you don't want people making backhanded comments about your job
I don't care about people making comments about my job. I'm just pointing out what a fool they look like when they make assumptions based on incomplete information (Or no information at all other than their opinion).
...maybe you should try and keep your nose out of my employment contract, which explicitly stated that I was to discuss nothing more on the equipment than the vagaries of "we have digital projection equipment, and a server to control them." The only reason I was able to say THIS is because the theater chain I worked for advertised full digital projection.
K. Doubt it though. I provided some proof. I'm not interested in the details of your employment contract, so don't feel any need to specifically go overboard with any proof. I suspect you're mish-mashing things a little to suit your argument, but again, I don't really care. The point of the thread is 'I wonder what STO runs on', not the employment contracts of people who work for movie theatres.
And yes, there was a de-facto clause stating that, due to the nature of the agreement between the company and the equipment manufacturer/distributor, I could not discuss the technology any more than that, otherwise I would be fired for breach of contract - I did, in fact, sign a contract - and would then be liable to a lawsuit.
The points made in your quoted text are entirely related to your situation. Nothing to do with Cryptic or STO. So sure, feedback about "[You might not hear back because it may breach someone's employment contract]" noted.. And then again...Maybe its not, so the value of your comment is what?
And then again...Maybe its not, so the value of your comment is what?
It's no less valid than any of your arguments on why they SHOULD come out and tell you what they use, which has been "I work in IT, and we give that info out like candy."
It's no less valid than any of your arguments on why they SHOULD come out and tell you what they use, which has been "I work in IT, and we give that info out like candy."
The point I'm making is not based soley on my own opinion:
That doesn't argue anything, as that's not what we're talking about. Your argument wasn't that "it's not really a security issue." It was, quite literally, "I work in IT, and my company does it this way, so Cryptic should give this info." Posting links that have nothing to do with said argument aren't helpful to you.
So while having daily "maintenance", patches, crashes etc. ... i guess the servers are in north korea!
Thats right, not giving the employees enough food and spanking them all the time and celebrating their leader every day would surly explain lot of it.
Are you joking? The infrastructure that STO runs on couple probably run most Enterprise class businesses. With the size, complexity and interconnectedness of the whole system, plus the newness of the game, no surprises at the maintenance being done at all.
Owesome. Thanks for the link. And exactly what I would have recommended based on the mission critical nature of the service Cryptic provide, i.e. umptee-thousands of STO geeks complaining when your MMO goes down because of hardware problems isn't worth thinking about). As for IBM Global Services, that might be a different matter...:)
The answer is simple. If you open up the server rooms at cryptic you will see a army of hamsters. Cryptic just infected them with the T virus to increase their output (server upgrade). The bad thing about the upgrade is that every now and then a cryptic employee wanders into the server room unprotected and is never heard from again. Thats how stormshade and his obnoxiously cute puppy met their end...
Comments
Alright, well I'm wanting to cover my TRIBBLE and make sure I don't get banned if I do any packet captures and port scans. Can anyone point me towards a copy of the EULA? I've failed to find a copy with search or the Google.
You don't go around telling everyone whats inside your house, lest someone gets the idea to break in and destroy it's sanctity.
So no one responding to this thread has answered any of my questions at all. :rolleyes:
You work in IT security - but not for Cryptic, as if you were, you wouldn't have asked said question. I operated IT equipment for one of the largest theater chains in the world. I was one of only three people in the entire corporation allowed to enter the room where the machines I was responsible were held.
I can tell you right now that if I told anyone what was in there who wasn't one of those other two people, I'd have been fired and then sued for breach of contract.
The security policies for your company may not be the same as the ones Cryptic goes by, and most MMO's aren't in the business of saying what equipment they use, as competition is already pretty bad in the MMO market.
I don't think you work IT.
I concur - I do work in IT and security is one of my main concerns. I regularly get requests for details of my server infrastructure (from well meaning clients, who want to satisfy themselves of my BCM planning / capabilities). We rarely give them more than vague info due to the risks involved in doing so.
As for STO, one of the devs a while back said it was running on well over 100 clustered serves - of course, that could mean anything in a modern IT environment.
EG I have a single virtual host running over 50 servers.... Does that mean I have 1 server or 50+? It could mean either.
Not that I give two ****s what you think, BUT:
http://www.massey.ac.nz/massey/about-massey/calendar/officers-and-staff-of-the-university/administrative-and-support-services.cfm
Search for Peter Hamilton. You'll see "Security Manager" under "Information Technology Services". And you now look like a complete tool, and anything you post on the forums doesn't mean TRIBBLE. Sorry. To everyone else, I apologise, but when someone say "I don't think you work IT", and I do, they just look like a tool.
Now, lets put your comment to the test (Not that how you might respond had any value based on your comments above). IBM runs IBM hardware. How does this help you "break in"?
As you allude to in your next comment, IF you're in breach of contract, then yes, I suspect you could get fired. Probably depends on who you **** off in doing so. However, if you read your contract, I doubt you'd find a clause stating "Don't tell anyone what hardware/software our infrastructure runs on". IF you ****ed someone off, they might get you on the great catch-all of 'breach of code of conduct'. If so, just get a good lawyer and an out of court settlement. Mind you, your employer probably has more money to burn than you...Pro-tip. I spend a lot of time talking to HR about breach of contract and code of conduct. Less there. Don't surf TRIBBLE at work.
Very true
And you would know this by having firsthand knowledge of working in the MMO industry yourself?:
A) Its 2010. Customer focus via the social web is the new in thing.
Puhleez. There are several layers of disclosure possible here. Examples:
1) We run clustered virtual machines in a multi-tiered, high availability architecture based on open source software.
(Now use any of that to break in. FFS)
2) We're running Dell hardware with an EMC SAN, using Windows servers.
(Now use any of that to break in. FFS)
3) We're running XYZ hardware, with XYZ firmware, with XYZ OS last patched on blah-blah-blah and an old version of VMWare. Our front end servers are on A.B.C.blah, back end on X.Y.Z.blah behind a YXZ firewall, etc, etc, etc.
THIS would be irresponsible. THIS is not the level of detail being requested nor would THIS level of information be disclosed by any responsible individual. That being said, having attended more security/hacker conferences than I care to recall, people who are going to hack your system DO get this stuff without asking. It's not hard at all.
Interesting. I spend about 50% of my job quantifying IT risk for non-IT people, generally translating risk and probability in to dollar figures. So please...Give me your interpretation of the risk involved.
See. Simple answer. Sufficiently vague. Somehow I suspect this person still works for Cryptic and hasnt been fired for breach of contract, RIP-jedidethfreak...
And the architect who put all their virtual servers on a single piece of tin has since been fired...;)
Hey RIP-Gallows. Youre a tool.
Hey, if you don't want people making backhanded comments about your job, maybe you should try and keep your nose out of my employment contract, which explicitly stated that I was to discuss nothing more on the equipment than the vagaries of "we have digital projection equipment, and a server to control them." The only reason I was able to say THIS is because the theater chain I worked for advertised full digital projection.
And yes, there was a de-facto clause stating that, due to the nature of the agreement between the company and the equipment manufacturer/distributor, I could not discuss the technology any more than that, otherwise I would be fired for breach of contract - I did, in fact, sign a contract - and would then be liable to a lawsuit.
I don't care about people making comments about my job. I'm just pointing out what a fool they look like when they make assumptions based on incomplete information (Or no information at all other than their opinion).
K. Doubt it though. I provided some proof. I'm not interested in the details of your employment contract, so don't feel any need to specifically go overboard with any proof. I suspect you're mish-mashing things a little to suit your argument, but again, I don't really care. The point of the thread is 'I wonder what STO runs on', not the employment contracts of people who work for movie theatres.
The points made in your quoted text are entirely related to your situation. Nothing to do with Cryptic or STO. So sure, feedback about "[You might not hear back because it may breach someone's employment contract]" noted.. And then again...Maybe its not, so the value of your comment is what?
It's no less valid than any of your arguments on why they SHOULD come out and tell you what they use, which has been "I work in IT, and we give that info out like candy."
I'm affraid to say but you have been totally mis-informed. While granted most MMO servers are either hamster or gerbil powered STO runs on neither.
For some time now due to the advancement in technology cryptic have been running their servers with a new experimental easy to breed life from.
TRIBBLE POWER!!!
Thats right, not giving the employees enough food and spanking them all the time and celebrating their leader every day would surly explain lot of it.
http://crypticstudios.com/index.php?option=com_content&task=view&id=224&Itemid=32
So yes the hamsters are the key to keeping the servers up.
The point I'm making is not based soley on my own opinion:
http://en.wikipedia.org/wiki/Security_through_obscurity#Arguments_against
http://www.google.com/search?hl=en&rls=com.microsoft%3Aen-nz%3AIE-SearchBox&q=%22security+through+obscurity%22+site%3Agartner.com&aq=f&aqi=&oq=
...Next.
Damn you. I just LOL'd and woke up my wife, and now I have to sleep on the couch...:P
That doesn't argue anything, as that's not what we're talking about. Your argument wasn't that "it's not really a security issue." It was, quite literally, "I work in IT, and my company does it this way, so Cryptic should give this info." Posting links that have nothing to do with said argument aren't helpful to you.
Are you joking? The infrastructure that STO runs on couple probably run most Enterprise class businesses. With the size, complexity and interconnectedness of the whole system, plus the newness of the game, no surprises at the maintenance being done at all.
Owesome. Thanks for the link. And exactly what I would have recommended based on the mission critical nature of the service Cryptic provide, i.e. umptee-thousands of STO geeks complaining when your MMO goes down because of hardware problems isn't worth thinking about). As for IBM Global Services, that might be a different matter...:)