Primary

I expect stuff more like this:

I expect stuff more like this:

Get the game

Willing to pay? I’m sure there are good enough folks to do it without pay. Hope you find your man though. 

@Astrophil I can get these to run every few hours on the radio station if you'd like me to. Let me know if you want me to put them up there (or which episodes or whatever)

I doubt that NQ doesn't change the system as we've seen from the dev diaries (remember it's pre alpha and they only store huge amounts there to test things). 
Lore wise it doesn't make sense that the calabi yau manifold can store thousands of cubic meters, and it wouldn't make much sense gameplay wise either.
So yeah I think they change that to hopefully an interesting system that involves
Cargo containers
Lifters
Tradeships
Freighters
Companies which specialize in hauling
Convoys
Spaceports which have a suitable docking space
 
...

Bumper-ships!

All I can and will say is have patience, if and when they decide to lift the NDA they will notify us. 
 
- Until then I am the only one who can enjoy my screenshots. 

Hello explorers,
 
I see more and more communities and organizations setting up authentication based on Dual Universe account in order to identify players on Discords, websites or other places outside the game.
However, it's not a simple process and there are lots of potential security breaches (I've seen and reported a few).
 
Thus, I decided to write this post where I describe good security practices and point some common attack scenarios.
While this post is mostly directed towards developers and webmasters, I think it's also a good and interested read for all players.
 
How authentication works
 
Currently, Novaquark doesn't provide any way for third party applications to identify a player (they have other priorities like creating the game for now).
So, how to do it then ?
Usually, we rely on authenticating a player on the third party application via standard login/password authentication and then give to the player a random token he must show on his/her profile.
 
In other words, the authentication process works using the following steps:
The player create an account on the third party application. The third party application generates and gives a token to the player (ex: "my-app-auth:396943934983749839"). The player logs into his Dual Universe account and updates his profile, appending the token. The player tells the application that token is uploaded on his profile (specifying his/her profile name or URL). The application browses the profile, read the player name and public information (organizations, titles, etc.). It also double-check that the token is present and correct. The application then "links" the local account to the player profile and may autorise access to restricted content.
 
When security fails
 
This list is not exhaustive, but contains most problems I've seen or can think about.
For easier reading, I put in red the attack scenario and in green the good practices you should use/see.
 
1) Token randomness
A secret must be random! Else, someone could just predict or guess the token and use it on his/her own profile.
Standard random() functions provided by languages are actually not random and may present collisions: you can predict their output (see https://medium.com/@betable/tifu-by-using-math-random-f1c308c4fd9d if you don't trust me).
Thus, it is important to use strong random generators like:
java.security.secureRandom() for Java random_bytes() or openssl_random_pseudo_bytes() in PHP crypto.randomBytes() for NodeJS secrets.token_bytes() (or secrets.token_hex()) in Python Etc.  
2) Your token is actually public!
Yes, the token is public: you put it on your public profile as the application needs to read it.
A hacker could read it when you update your profile and authenticates at your place before you get the time to do it yourself. If you think that it is too hard to watch all forums accounts for a new posted secret and authenticate before the player, note that there is a RSS feed which gives in real time all profiles changes.
How to prevent the attack ? Make sure to bind the token to the third party account. This way, if someone else tries to authenticate with the token, the local account won't match.
As a good practice, also send the token in private and not in a public channel.
 
3) Weak or lack of verification
Some applications may forget to actually verify the token (don't laugh, a bug is always possible).
So make sure to test it after each code update.
Another important point: the forums user feed also contains data from the posts liked or messages posted. If the verification function just looks for the token anywhere in the page, a hacker could create a post with his token in the title and this secret will appear in the feed of whoever likes or answers it.
So make sure to only check in profile updates.
 
4) Validating the wrong profile
If the player enters the URL of his profile (on the forum, this is nearly mandatory as there is no easy way to know the profile URL based only on the player name), it is possible to host a webpage on another website with a copy of your profile with modified information about your pledge, title or organizations.
Thus, it is important to double-check when validating the token and gathering player information that the URL domain is actually correct!
Hint: it should be something like *.dualthegame.com (make sure to test against URLs like "*.dualthegame.com.hacker.com" or "hacker.com/*.dualthegame.com").
 
5) Luring someone else to edit his/her own profile
This one is a bit tricky. Let me break it down into a detailed scenario:
I start authenticating on Achilles' Discord which requests me to put the "123456" token in my forums profile. I don't do it right now and instead setup my own application with authentication. I share my application with Hector who tries to authenticate there. He is requested to put the same "123456" token on his profile. Hector put the token on his profile (and finishes authentication on my application for what matters). I finalize authentication on Achilles' Discord indicating that I'm "Hector". And now, Achilles' Discord thinks that I'm Hector. Tricky.
A quick and easy recommendation is to generate a token which is clearly related to your application.
So, for example, Achilles' Discord could have generated a token like `Code for authenticating with Achilles' Discord (don't use this code if it was not given to you by the "Achilles' Bot"): 123456`.
As Hector is a smart guy, he would probably not put this token for authenticating with an application which is not named "Achilles' Discord".
It is not perfect as a player who is not paying attention can blindly copy/paste the code.
 
6) Quits and bans
Last but not least: players may quit an organization, be kicked from ATV or lose their backer title for whatever reasons.
Thus, if a third party application records groups and roles only once during authentication, the player rights may become outdated in the future.
It is important to regularly check the player organisations, titles and rights and update them accordingly (ideally before any request, but realistically a check every hour or day is ok-ish).
 
 
I hope this post will help. Feel free to ask questions or repost it anywhere.
 
Regards,
Shadow

Ha  "The Primary Operations Command-" Thanks for thinking of me

Should we be able to patent our blueprints? If we are able to patent our own blueprints, so that you cannot copy someone’s idea without paying. I think this should be implemented so that is you are trying to make money off a idea you don’t just get it stolen by some one else. 

Hi everyone,
 
As this kind of topic has no legitimate reason to exist, it will be locked down.
 
@LISPYxLUNA:
 
Welcome on the official Dual Universe forum.
However, even if you are new, you are supposed to have read the forum rules, posted here:
https://board.dualthegame.com/index.php?/topic/8-forum-rules/
 
What you just did was exactly breaking the rule III.e: "Naming/accusing people".
Accusing publicly people on the official forum, for any reason or motive, is clearly not authorized.
If you have a problem with a community member, you can contact the customer support team to explain the problem.
Despite being attentive to all community concerns, in certain cases (like this one), the customer support team won't take any action.
The reason: the Unofficial Discord is managed by community members and the Novaquark team has decided from the very beginning to avoid any attempt to take control and/or police media managed by the community.
 
Another broken rule: 
As a general rule, it's not allowed to post any private conversation without the agreement of all involved parties.
Again, if you have a problem with a community member, you can contact the customer support team to explain the issue.
 
As a consequence, any unauthorized screenshot posted publicly regarding a private conversation has been removed from this topic.
As you are new to the forum, this a first warning. 
Please do not insist in this kind of behavior.
 
Thank you for your understanding.
Best Regards,
Nyzaltar. 
 

Ahhhh. I got my laugh in for today. Thank you so much guys. 

While the OP claimed to have contacted the admins and said we've refused to communicate, none of the actual admins have received a message from him. 
 
Which leaves me to think that a solution is not something the OP wants, but is here just to create drama.
 
NQ has been notified by the involved individuals, that being said, 
 
It's in the best interest if everyone would just leave this alone, instead of aggravating the situation.
 
 
Cheers,
Comrademoco

Can you PM screenshots?

I ran out of popcorn during ES. Fml

Being in the community discord is a privilege, not a right. 

There are over 900 people in Discord right now, and everyone knows to treat each other with mutual respect despite arguments that arise when talking about the game. "Be Nice to Each Other" is the core rule of the server rules that everybody has to read before joining the rest of the channels. We have done a lot of work to ensure that it stays that way.
 
I get that people are not 100% happy with the way that moderation decisions are carried out all the time, but we didn't get to be this large by letting everyone run around mistreating each other without any consequences. We try to foster an environment where people can be comfortable talking about the game without fear of being attacked.
 
I highly doubt that the harassment your brother displayed would be well taken if he did the same thing on the forums. Like I said before, if you want a different type of discord where you are free to openly harass people, you are free to create your own. 
 
If your motivation here is to try and get me in trouble, well... I'll let my own record stand as my defense. 
 
Regardless, your actions on Discord, here and (probably most importantly) the threats in private messages you have sent me have shown that neither of you are willing to contribute in a positive way to the discussions taking place on the Unofficial Community Discord. 
 
I have reported this thread for breaking the forum rules (Section 3.E) and the threats you sent me privately accordingly.
 
That is all I have to say about this matter. 
 
 

Welcome to the forums.
 
Yeah it's kinda bad atm, people don't write much here as everyone is afraid to brweak the NDA. So interested ppl get less info than before - guess that's one of the downsides.
 
If you got any questions, just try and ask, maybe ppl hear ya

I don't believe I've introduced myself here on the forums ever which is sad.  The name is PrinceChawmin, i go by many names but this name suits me just fine. I've been watching the forums every so often that i haven't really talked or replied to any thread here. But i tend on changing that. Dual universe caught my eye on kickstarter and was very interested, i haven't backed on kickstarter but i do tend on pledging here very very soon. Im very chill and tend to be open minded, so expect to see me in the threads cracking jokes, giving feedback, or just be outright boring that you'll throw me back in the catacombs of my mom's pantry closet .
 
I hope you guys accept me into your hearts, or for this case space ships, and become cool buds. Unless you want to become enemies for some odd reason then bring it! 

It seems here like you're grouping all resources into one big pool and referring to them as a single entity. You ask "should resources be expensive"; this is like me asking you if, in real life, gold and aluminum and platinum should be expensive.
 
I think you're worried that the whole mining and trading mechanics in the game will be shallow or boring; I can tell you right now that we as players now have the opportunity to help shape the game as it progresses, giving input and suggestions as time goes on. This goes for the processes of scanning and mining, as well as rarity. So I would say don't worry about that stuff now. However, the players and their actions will determine some of the things that it seems you're trying to set in stone, or want set in stone. We cannot choose now what the most efficient way of doing things will be, and circumstances and location will absolutely have effects on how cost effective certain operations will be. 
 
You said it would be dumb if all resources were evenly spread out, and I absolutely agree. Luckily, a while ago it was said that many resources will be rarer than others, and some planets will have 0 of some resources. The developers want you to go out exploring, and they will give incentives for that, don't worry!

If you're trying to find a real life star to put Alioth around, then as Alioths star is like ours, it might be difficult as the further you look into our Galaxy, the harder it is to find smaller objects, like our sun is.
 
I'm a Star Trek fan, but all I can think of when reading Diplos is the dinosaur.  I'd get used to it though. 

While I voted yes and think this is a really great idea, let the record show that NQ has publicly stated that this feature is a serious stretch goal that will not make it into the game for years, if ever. The issue is that weapons are all elements, which are meshes, not voxels; and the current editing system is based entirely on voxels. So, allowing us to create custom elements would require creating a whole new editing system just for meshes, which would require massive amounts of time and money and effort from basically the whole development team. Then there's the issue of balancing all those possibilities, which is itself a major endeavor that would likely require large amounts of additional dev time for the life of the game. 
 
So, while I love the idea, don't get your hopes up. It's really not going to happen any time soon. 

Well, wether you like it or not, the "single shard" expression isn't born yesterday and hasn't been invented by us, as it has been used for more than a decade in the video game industry, and has been widely spread with EVE Online.
 
Edit: According to wikipedia, a "Shard" can be used to designate a database architecture OR a game server (which can be hosted on several computers).
https://en.wikipedia.org/wiki/Shard
 
Best Regards,
Nyzaltar.
 

Hi Dehkur and welcome on the Dual Universe official forum.
 
Nowhere it has been said this will be hosted on a single computer.
It has been said it will be hosted on a single server.
Are you not confusing the words "server" and "computer"?
A server can be hosted on a cluster composed of many computers.
And for Dual Universe, this is definitely the case.

Best Regards,
Nyzaltar.

Yes to a certain extend. Planets will have different gravities, different atmosphere densites, you can put space station in orbit, reaching escape velocity will be different according to the celestial body.... but devs said very often that water mechanics is difficult in a game made of voxel, so water mechanics will be kept simple. So everything won't be perfectly matching real life physics.
 
No import from third-party software are planned at the moment.
 
This game will be released with few planets and this number will increase over the time by procedural generation. You will be able to create static buildings (house, industrial compounds, cities on planets, asteroids, moons...) and mobile construct (space ships, hovercraft...). Big space ships will be able to carry other smaller ships. So, basically, yes, you should be able to launch rockets that will put in orbit a space station... You can modify planets, asteroids, moons because they are all made of voxels; but it will take times (a lot of times: 
Now there is a visual effect when entering in atmosphere, I'm not sure that materials are heated, maybe in future.
 
You should have a look on the official youtube channel: https://www.youtube.com/user/dualthegame/videos and the official wiki:  https://dualuniverse.gamepedia.com/Dual_Universe_Wiki for more information. The wiki collect official info from devblogs, dev's interviews....
 
Final release is aimed for end of 2018, with several versions of pre-alpha, alpha and beta.