Random Thoughts – Randocity!

Stung by the Target data breach? Here are some tips.

Posted in botch, business by commorancy on December 22, 2013

Target LogoUnless you’ve been living in a cave, Target stores recently disclosed that it had potentially lost up to 40 million credit and debit card numbers when their point of sale systems became infected with malicious software. Let’s explore how to protect yourself from these situations.

Knee-jerk Reactions

A lot of people who are not very tech savvy immediately jump the gun and presume all credit card systems are vulnerable and that carrying and using cash is safer. Unfortunately, this is an incorrect assumption to make. Cash, while useful, is not always safer to carry around. If you are carrying, for example, thousands of dollars on your person, when you get robbed or mugged, your money is gone and is not replaceable on top of whatever injuries you may have sustained when they robbed you.

You’re probably thinking, “How is anyone going to know I’m carrying it?” You have to open your wallet to buy things. People can easily peer in and see how many bills you have tucked in there. It’s very simple. They’re not going to mug you immediately following seeing the money. No, they’ll wait and do it a much more opportune time for them, but when you are most vulnerable (alone in a garage or someplace else similarly alone and dark). So, carrying loads of cash is not the answer. Money is also not replaceable when it’s stolen.

When and what happened in the breach?

Target confirmed that cards swiped through its terminals between November 27th and December 15th were likely exposed in the breach. However, Target hasn’t been forthcoming describing exactly how the breach was accomplished. But, what has been said is that the point of sale terminals appear to have become infected with malicious software. This would likely include both the customer card terminal reader and the register itself since both are connected together. It has also been stated that the hackers only received data contained on magnetic card stripe, which indicates that the malicious software only infected the actual card swiping hardware device.

However, if the entire register and card-reader terminal was infected with malicious code, it’s possible they also captured all input from these terminals which would include PIN codes and signature digital data. So, I’d suggest proceeding on the assumption that they did potentially obtain keyed-in data including PIN codes.

To be the absolute safest in your response to any breach announcement, always assume the worst to take the most appropriate action in anything dealing with credit or debit cards.

Who is Most Vulnerable?

Mastercard, Visa and Amex card holders or debit card holders which contain Visa or Mastercard logos are the most vulnerable card holder types in this breach. These cards can be used anywhere, especially at online sellers without signatures. So, it’s easiest to use these cards all over the Internet.

The least vulnerable cards are Target RED cards without Visa logos. These cards would actually protect you against use. Since these cards are only usable at Target and must be presented at the register to be swiped, they cannot be used at Target without creating a physical card. Because these cards do not look or feel like regular credit cards, they would be a bit harder to duplicate. Though, it’s not impossible. Because the non-Visa RED cards only work at Target, this means that the perpetrators would likely use the ‘low hanging fruit’ first. That is, the perpetrators would opt to use card numbers that can be used anywhere and can be used online without needing to print a card. Or, more specifically, Visa, Mastercard or Amex branded cards. Cards without logos, like Target’s RED cards can only be used at Target which limits where the card can be used.

The RED card can be used, however, at Target.com. This means they could use your RED card on a Target.com account.

What should I do?

If you have a credit or debit card bearing the Mastercard, Visa or Amex logos, you should flip the card over, call the number on the back and ask to have the card replaced. Don’t try to contact Target, don’t ask questions at Target, just have the card replaced immediately. Yes, I know this is the height of the holiday shopping season and may make it inconvenient for you, but just consider how much more inconvenient if the perpetrators max out your card and you have to clean up that mess in addition to not being able to shop? It’s always better to err on the side of caution and replace your card.

If you have a RED debit card, log into Target’s RED card management site and change your PIN. You can get to it from the main Target.com web site. Go ahead right now and do it. I’ll wait. You can finish reading the article when you get back.

So, now that you’re all done changing your PIN to your RED card, that’s really all you need to do. If the perpetrators obtained your RED debit card number, it cannot be used without the PIN code. By changing your PIN, you have now just protected your RED debit account from unauthorized use.

If you have a RED credit card without a Visa logo, assuming this card only requires a signature to purchase, then you are also vulnerable to easy purchases online at Target.com. Even with a non-logo Target credit card, there’s much less that can be done with it as it only works at Target. Still, I suggest you also visit the RED card management portal and choose to replace your RED credit card. There’s a link in the management site to do this. I suggest doing this online rather than trying to call the number on the back and waiting on hold. Due to the extremely high volume of calls that Target is experiencing at the moment, it’s really a whole lot faster to use their web management site. However, before you run off and request a replacement card, I suggest reading the rest of this article first.

If you own a Target Visa card, you should replace it immediately just as you would any Visa branded card.

Should I cancel my RED card?

The answer to this question is not as simple. If you use no other card than the RED debit card to make purchases at Target, you are actually more protected than any other card you can use. So, I wouldn’t recommending closing out your RED debit card if you want to continue shopping at Target. However, if you no longer wish to shop at Target after this breach, then I would suggest you close out all of your RED cards as you don’t want these cards hanging around unused.

If you own a Target Credit card and especially a Target Visa card, you might want to consider closing these cards and replacing them with a RED debit card instead. Debit cards are protected by PIN codes. Without the PIN, the card is useless. With a credit card, only a signature is required in-store. For web purchases, no verification is really required other than the security code on the back (and not always even at that). With debit cards, your PIN code protects you. With a credit card, very little protects you other than fraud liability coverage and even then you can still be held liable.

The Best Card To Use

The RED debit card is the safest card to carry into Target to shop. It’s safer than a Visa, Mastercard or Amex branded card because it can only be used at Target. It’s safer than carrying loads of cash. It also gives you a 5% discount off of purchases. You won’t even get that discount with cash. It requires a PIN code to use the card and PIN codes are relatively easy to change on the Target management site by the authorized user. It’s not so easy to change by a hacker. The one downside to using the Target RED debit card is that it requires giving Target ACH access to your bank account. But, if you set up a separate account strictly for shopping purposes as suggested in Randosity’s Don’t Trust Paypal article, you can even protect your bank account from unauthorized ACH access by Target.

How do I protect myself?

There are limits to what you can do to protect yourself against technology. We are all vulnerable to attacks every day when using our phones, our computers, at work, in our cars. Technology is everywhere and malicious code is being developed as you read this article. There is no protection against malicious code technologies. Most technologies are written for the greater good, such as checking you out at the store, helping run your phone, helping run bank ATMs, etc. These are all good uses of technologies. However, there are people who’s goal it is to disrupt these technologies for their own pleasure, for political reasons, for terror reasons or simply to disrupt the flow of society.

Basically, sh*t happens. You can’t predict it, you can’t manage it, you can’t really do much about it. This is why your bank cards have limited liabilities and why they allow you to change PIN codes and ask for replacement cards. The banks are well aware problems happen and they have safeguards in place to help prevent these problems.

However, only you can protect you. If you want to be the safest you can be, then monitor your transactions in your accounts closely. Also, choose technologies and technology strategies that help you safeguard your accounts. Don’t expect the banks to do this for you. However, some banks do offer limited monitoring services and will contact you when suspicious activities appear. But, it is up to you to make sure your account information is safe. Basically, if you don’t trust in the current payment technologies, you’ll be left behind. If you do trust the technologies, you have to take the good with the bad. Cash paper money won’t last forever. Eventually, it will be replaced with something else. But, these new payment technologies will continue onward.

For now, cash is one way to handle the technology issue, but it is not the best way. Of course, you could go back to using paper checks, but even checks are vulnerable to electronic attacks. While the paper check is an older concept, it still suffers from technology attacks because checks are scanned by computers and from there they become digitally vulnerable. It can also be difficult to buy things with cash or checks at online retailers unless they accept Paypal. The bottom line, if you choose not to participate in the new payment technologies, you will find it difficult and inconvenient to buy things, especially online. If you choose to embrace the newest payment technologies, you will need to also embrace the new security paradigm that goes along with these new technologies. Target has just unwittingly become a poster-child for these new paradigms.

Tagged with: ,

The State of Gaming

Posted in botch, business, video game design, video gaming by commorancy on December 11, 2013

I’ve been an ardent gamer since the Atari 2600 broke onto the scene. Before that, I was an avid pinball and arcade attendee. Suffice it to say, I’m a gamer. So, let’s explore what’s changed about gaming.

Early Days

In the earliest stages of gaming, experimentation was commonplace. This is not as much true in early pinball games as the physics were pretty much set, but in video games the bounds are endless. Though, the pinball technologists would definitely surprise me over what they could do with a table and with digital displays. I digress. In the beginning, games like Pong (1972) set the stage as to what could be done. A simple table tennis game seemed a good first step. It was a game everyone already recognized, but now it’s on a screen with no need to carry around real rackets. Now you just moved your finger and the paddle moved. No more physical exertion. What was born was couch entertainment.

However, you couldn’t take the arcade home with you. At least, not for a while yet. We wouldn’t see video games become true couch entertainment until after the Atari 2600 is born in 1977, five years after Pong’s release into the arcades .

Arcades

I loved visiting the arcades during the early 70s. The ambience, the music and the machines (oh so many to choose) all beckoned for that quarter. One quarter, the fuel that drove your gaming satisfaction. Of course, at the time, I was too young to have a job, so I was at the mercy of my parents to give me some money. When we visited the mall, my mother would always give us (my brother and I) a couple of bucks and off to the arcade we’d run. For her the cost was a shopping experience without a couple annoying kids constantly making trouble. For us, we got to explore the latest video games in the arcade like Atari’s Pong or US Billiard’s Shark (where you play as the shark eating the swimmer) or some of those old-style pinball games with the wheels for numbers. No digital numbers on these pinball games. Digital displays would come later.

This particular arcade (my first) was always fun and had unique games. It sat right across from a five and dime store. Some of the games even had some quirky behaviors born from carpet static. One of the pinball games would add a free game just by rubbing your feet on the carpet and zapping the coin slot. Unfortunately, living in humid Texas meant you could only do this at certain times of the year. The way-too-humid rest of the time you had to pay. That is, until the arcade owners figured out the trick.

Throughout the 70s and early 80s, I’ve visited many different arcades in malls, strip malls, at bowling alleys, at batting cages, amusement parks, convenience marts, standalone arcades, at mini-golf and at Malibu racing tracks. They all had their own ambiance and games that made each experience unique and left a lasting impression on each visit. I never tire of visiting a new arcade.

One of the arcades I would occasionally visit had a mammoth pinball machine that used what looked like a white cue ball as the pinball. This pinball game was ginormous. Though it was big, it really wasn’t one of the most exciting pinball games. Its uniqueness was in its size, not in its game board mechanics. I always thought that it played like everything was in slow motion. I always preferred the smaller pinball games. This particular arcade had a cave-like quality that made it seem like you were the only one in there.

Video Game Experimentation

During the early years of video games, many different companies experimented with video game ideas. There were even hybrid pinball and video games combined, though none of these really successfully married the two technologies.

The earliest games were flat single color games. The earliest video games also used black and white CRT screens. When color was needed, flat gel color panels were applied to top of the black and white screen. It wouldn’t been until later that color CRTs would be added to video games.

This was a great time to watch as video games progressed from being simple flat shapes on black and white screens to more complex pixel drawn characters in later games like Mortal Kombat and Gauntlet.

Arcade Video Games

As we moved into the era of video gaming, games became increasingly more complex graphically and sonically, but the games themselves remained relatively simple. Games like Pong, Space Invaders, Asteroids and Shark moved into games like Donkey Kong, Centipede, Venture, Burgertime, Dig-Dug, Mr. Do and Galaxian. All of these games had a simple level based premise. Do something to ‘win’ the level and move onto the next level. The win-the-level premise really had its roots back to pinball and simply carried over into video games. However with pinball, it was less about winning the level and more about keeping the ball in play as long as possible. With pinball, you were typically given 5 turns or balls to play. Once you used up all 5 turns, the game was over.

With video games, the premise changed from ‘playing as long as possible’ to ‘playing as short as possible’ so that arcades could maximize their profits. You really didn’t want the same kid playing the game on the same quarter for hours on end. This could easily happen with certain pinball games, but with video games that was not a goal. As we moved into video gaming, it became less about skill and more about defeating the ‘enemies’ (whatever they happened to be). Video game creators quickly learned that ‘enemies’ were the motivator for play. At the same time, the enemies got more and more complex, ingenious and harder to beat. In centipede, it happened to be a big segmented centipede squirming its way down the screen towards your ‘gun’. If you managed to destroy all of its parts of the centipede, the level was over.

Many games adopted the ‘Centipede’ approach to levels and began building more and more complex ‘waves’ of enemies, such as Galaga. So, from where did Galaga descend? From Galaxian, of course. And, Galaxian descended from Space Invaders. Space Invaders was an early somewhat higher res game depicting ‘ufo invaders’ at the top of the screen that you had to shoot until you destroyed them all. From this game alone descended a bunch of other games, some direct clones like Galaxian, Galaga and Gorf, some indirect clones like Defender (a side scroller). From Defender came some sonically similar games like Joust. Note, there are plenty of games I could reminisce over games from this time period, but I’ll move on to get to my point.

Game Innovation

As we progressed, game designers continued to push the boundaries with newer and more interesting ideas with higher res and more compelling gameplay like Paperboy, Marble Madness and Pole Position. There were also a number of vector based games like Battlezone, Tempest and Star Wars which also pushed the boundaries using vector graphics which would ultimately die as a technology. At the time, though, vector games were some of the first games to depict objects in 3D space (even though they were just wireframe drawings). The vector technology did offer, at least for me, more compelling gameplay due to the pseudo-3D experience. Unfortunately, the vector drawing method would only become a stop-gap technology to getting us to the 3D shooters of today. Though, the games that utilized vector technology were definitely one-of-a-kind and would also see produced a home arcade cartridge driven version named Vectrex in 1982. I always wanted one of these.

In among all of the flat 2D sprite based games, I applaud Atari for pushing the vector boundaries at that time. Without these innovative arcade games to keep us interested in plopping more quarters into the machines, we wouldn’t have kept playing.

Moving on, innovation continued with games like Gauntlet which took the arcades by storm. The Tron games didn’t do so bad either. Even Journey (the rock band) got in on the gaming action with the mostly horrible Journey arcade game set to Journey music from the Frontiers album. An earlier Atari 2600 console game was also released based on the Escape album. We would even see video game innovation in the form of laserdisc based games such as Don Bluth’s animated Dragon’s Lair and Space Ace titles. I have no idea how many quarters I plopped into these machines. There were even controversial video games based on movies, like Exidy’s Deathrace 2000 (1976) where you ran people over which turned into a grave.

All during this period, game designers were pushing the envelope on game ideas without much thought to the idea of game genres. That would come later. So while there were fighting games like Mortal Kombat and Street fighter and racing games like Manaco GP and Pole Position, these games would become a staple at most arcades. There would also be a few sports titles like Punch-Out! and these would introduce the idea of sports games, but the Maddens and FIFAs of the world would have to wait until consoles improved. Specifically, the later linked racing games where 4-8 players were linked and could race in unison in sit-down driving arcade cabinets. Other than racing, no other arcade games braved linking their cabinets for multiuser play. That wouldn’t happen until the dawn of home networking and later Xbox Live.

Arcade Gaming End

So, while arcade gaming has never really ended specifically, it is greatly diminished as a result of the introduction of the Atari 2600 and later the Nintendo NES and the Sega Genesis. It’s funny, Atari, Nintendo and Sega were all huge builders of arcade games. Yet they all introduced home gaming consoles that would ultimately more-or-less kill the arcade as the place to game. I guess you might say that it was inevitable looking back now, but it is interesting to consider this fact.

Keep in mind that all during the later home console period (mid 90s), home gaming on the PC would become stronger and stronger with games like Doom, Quake and Wolfenstein. Thanks to iD software, Doom would actually usher in the era of first and third person shooters and, thus, bring this genre front and center. It would be a bit later that consoles would steal the PC thunder and introduce games like Halo.

Anyway, as home gaming consoles improved from the Atari 2600 through the to Atari 5200 and then later from the Sega Genesis to the Sega Dreamcast, from the Nintendo NES to the Nintendo Gamecube and to Sony Playstation 1, this ensured that home gaming would continue to prosper and that arcades would lose ground. However, even up until the Sega Dreamcast, we continued to see innovative titles arriving at home from games like Blue Stinger to Yu Suzuki’s Shenmue series. With Shenmue being one of the first open-world free roaming games that allowed you to interact with much of the world including real-time season changes.

The Era of Home Gaming

With the introduction of the Xbox and PS2, the whole course of gaming changed. Once these consoles were introduced, the gaming landscape began to be shaped primarily by Microsoft and Sony. At this point, we began losing a lot of innovative titles. Sure, we might see one every now and then like Rez, but these were an anomaly and not the norm. Still, with the Xbox and PS2, the genres were solidified into basically a handful of names like ‘shooter’ or ‘racing’ or ‘fighting’ or ‘multiplayer’ or you get the picture. With these new branded titles, it was easy for developers to create and drop games into the slots and people would understand exactly what they meant.

Still, while the genres were pretty much set by the Xbox and PS2, there were still a few developers willing to go outside of these and produce something new and different, but rarely.

As we move forward to the introduction of the Xbox 360 and the PS3, we see undefinable genre titles diminish further and the standard genre become defined. Basically, if your game didn’t fall inside a genre, it likely wouldn’t be released. Or, it would be released as a low priced digital download game. The only real exception to this was Valve who seemed to be able to get a games like Portal released onto consoles. Still, Portal could be considered a first person shooter even though that wasn’t the primary objective of the game.

With games like Halo 3 and Gears of War on the Xbox 360 and God of War on the PS3, this era saw primarily genre based titles released. Few developers ventured outside of these tried-and-true genres, but the rule was that they could if the developer chose to and these still might happen occasionally. In fact, by the Xbox 360 and PS3, there were effectively no titles that fell outside of the genre labels.

Era of the Home Console

With the 2013 introduction of the PS4 and the Xbox One, the era of home gaming is likely coming to an end. With what I consider to be an incremental update to these consoles (Moore’s law no longer applies), these hardware updates are only minimal updates to their predecessors. There was a much bigger leap in quality from the Xbox to the Xbox 360 (moving from 480p 4:3 aspect and component video to 16:9 1080p HDMI output). Changing the video standard between the Xbox and Xbox 360 and between the PS2 ad PS3 was a huge leap. Not to mention, the cell multiprocessor system that Sony put into the PS3. At this point, the 2013 consoles are at the point of diminishing returns.

Both the PS4 and the Xbox One are simply mid-priced PCs with standard Intel processors and standard ATI graphics cards. They’re effectively mid-grade PCs running proprietary operating systems. In fact, I’d actually say the Xbox One is likely running a modified form of Windows 8 with greatly reduced features from the Xbox 360. The PS4, however, is running Sony’s own proprietary operating system similar in looks to was on the PS3, but also with greatly reduced features. Though, the Ustream/Twitch live streaming features of the PS4 are a much welcomed improvement.

Yet for the cost factor of the units, the games haven’t dramatically improved. Let’s observe the problems. With the new consoles, the genres are pretty well set in stone. At this point, no developer would be willing to stray outside of the standard defined genres: shooter, fighting, sports, real-time RPG (which is slowly being combined with shooter), turn-based RPG, puzzle, simulation, strategy, party (encapsulates dance and other party games) and creative. While there may be some sub-genres such as ‘horror’ or ‘mystery’ or ‘period’ which can apply to each of the genres, these are the top genres that are used. Sports encapsulates all forms of sports including baseball, football, racing, skiing, skateboarding, etc.

In fact, most games fall into one of the following: shooter, fighting, sports or RPG. The rest of the genres are lesser used.

The End of the Console?

As the PS4 and the Xbox One are now available, it’s becoming more and more clear. It’s expensive to create a game title on these consoles. To create a game that looks like Ryse, you need to outlay a hefty sum of cash to license the Crytek game engine. And that’s just to get the engine you need to drive the hardware. Still, once you’ve spent your wad obtaining a CryEngine license, you still need to hire a slew of programmers, artists and writers to develop a compelling story and then work to make that into some kind of a compelling play.

From concept to completion, you’re likely talking at least 3-5 years depending on the size of your staff. Of course, the more people you throw at the problem, the faster you can get it done. But, speed isn’t your only enemy here. For the example I mentioned earlier, Ryse, this game is absolutely gorgeous. The environments are amazing, the characters and armor are outstanding. So then what’s the problem?

The gameplay in Ryse is absolute trash. They could have taken the game mechanics straight from a 1990s Mortal Kombat game and plopped into to Ryse for all I know. The characters move in unrealistic ways, the game forces pauses at the most inopportune times and the gameplay is just overall bad. So, this issue is firmly the enemy of the PS4 and the Xbox One. A developer spends years and loads of cash creating a title only to produce something that plays like Ryse. In fact, Ryse is a firm example of what NOT to do on a next generation console. It is the low bar by which to make sure your game is above. Sure, it’s pretty, but that’s where Ryse all ends.

Limited Games, Longer Create Cycle

This will be the continual battle of the PS4 and the Xbox One throughout their console lifespan. Consider that the Xbox 360 and the PS3 have both been on the market for at least 8 years now. That’s 8 years of back catalog of games. Now, go look at these titles. Many of these games took less than 2 years to produce. And, of course, some of them show it (i.e., Two Worlds).

With these new console generations, the bar has now been raised again. Specifically for the graphics. To produce the graphics needed to look great at 1080p, this is not just a small amount of work. Not only does it require high res textures, it requires high res models. Producing such models and textures is not a quick process. Where the textures may have been half the size on the Xbox 360, they are now twice the size on the Xbox One. That simply takes longer time to produce.

This means that instead of the 2 year time it took for the Xbox 360, it might take 3-4 years to produce a title on the PS4 and the Xbox One. So, that means in 8 years, we’re likely to have half the number of big name titles we have on the Xbox 360. That also means it will take perhaps twice as long to produce titles for the Xbox One and the PS4. Further, this means there will also be a lot of engine reuse with new graphics dropped under the hood. In fact, I expect a lot of texture reuse across many games.

For the game studios that can afford the time it takes, these will continue. For those that can’t afford the time it takes to produce that level of a title, they will likely fold, stop producing or move to a different market.

The State of Games

Unfortunately, today we are seeing a convergence of genres. No longer do we see the new innovative titles, other than in digital downloads as small diversions. Occasionally a Japanese developer will produce a title geared toward the Asian market that will cross-over to the US market. But, that’s rare. Most titles produced today fall into one of the predetermined genres. It’s just too risky for game studios to gamble on an experiment. Game studios want to know their title is a guaranteed success. The only way that can happen is by making sure they stay within the trappings of the genres.

When games were like Pong or Shark might take a few people a several months up to a year to produce the game, it now takes many years to produce something like Halo 4. It’s too risky and expensive to gamble on experimentation. Game studios, therefore, won’t risk this. This is why we are firmly seeing more and more repetitive, trite and cliche games. Basically, we are effectively seeing games that you’ve already played at least twice already. Game studios believes having that level of familiarity with the subject matter will make it more likely to succeed. If it’s similar to a game you’ve already played, they assume, that familiarity will keep the gamers happy.

Unfortunately, the only thing this does is make the game crappy and annoying. Game studios don’t want to see or know this, but it is most definitely true. If you make your game feel like some other game or a game that you’ve played before, then it is that other game. It’s then not new or innovative and becomes an exercise in futility.

Predictions and Mobile Devices

I expect we will continue to see the smaller game studios close or be bought out. The larger game studios may continue to weather the longer cycle, but not forever. They have to see a return on their investment or they will also stop producing.

Overall, I expect that we will see less and less studios producing games for consoles. I also see this as the likely end of the ‘epic’ game. Game developers will begin go move back into smaller more easily built titles like ‘Farmville’ and move away from the epic titles like ‘Call of Duty’ and ‘Halo’. The only game studios producing such titles will be those that are subsidized by Sony, Microsoft and Nintendo.

Those game studios not being subsidized to produce such ambitious titles will move away from the consoles and begin developing titles for mobile devices. Since mobile computing is pretty much taking over, there’s really no need to own a living room console. It’s easier to play games on devices you are already carrying. Eventually, game studios will realize that it’s far more lucrative to produce games to play on what’s in your pocket than what’s in your living room. Especially considering how many devices are sitting in people’s pockets untapped.

Just a few compelling titles on iOS or Android, like Angry Birds, and you’re pretty well set. Angry Birds has already paved the way, it’s just a matter of time before studios wake up and realize what they are missing.

%d bloggers like this: