Simon

Perhaps you and I are not quite on the same page. This could easily be the result of my lesser knowledge than yours in this field. So I am going to run through a bit of a scenario and you can correct me where I am wrong and hopefully why I am wrong. 

 

---

Assume I run a private server. On this server I keep sensitive information - let's say my bank account details (my name, acct numbers, user names, passwords, etc). This is also the server I use to host my private e-mail. 

 

While conducting myself, I send a person an e-mail from my private server. This person is not a nice person and is quite tech savy. Tracing back my e-mail address he finds the private server I use for things. Would a tech savy person have tools at his disposal to try and access other information on my server (assume I have either no or only mediocre security). 

 

Assume for the moment that instead of me, it was you. You, being the tech-wiz that you are, obviously show more care to update and protect your server(s). Would that not-nice-person be able to access information from your server as well as me (Techy-Dumb-Dumb McSimpleton)? 

 

--

 

As to the security level of the State Department (or any department at the federal level), I think this ignores the point - it will be more secure there than on her private server. Likewise, if there is a breach of some sort, the authorities have a greater chance of being aware of it and the details surrounding it (greater as compared to their ability to monitor a largely non-monitored private server). 

 

Lastly, this still doesn't get around the fact that her actions lead to the loss of e-mails that were deemed relevant to the government and subject to FOI Requests. This paints a bad light on the actions she took at Secretary of State. 

 

Soar. 

No, the State Department will not be more secure than on a private server. It is under more direct attack and often has lesser protection from said attacks due to much of the "political red tape" involved in assessing and securing the systems in question.  There's a reason I don't do security work in the government sector (though they've gotten markedly better at eliminating the obstacles in recent years).

As to your question:

I don't need to receive an email from you (or intercept one) to know where your server is.  Having your email address is enough.  Likewise, knowing where your server is (or having your email address) is not "access to the system."  It doesn't provide access in any form.  Knowing the IP address of a public-facing server is how the intertubes work and does not represent a vulnerability in any way.

Not sure what I'm doing wrong since these are news stories that provide context for the discussion. Would it be inappropriate to link to FBI.gov page on their report on Bryan H Nishimura for his unauthorized removal and retention of classified materials as it has direct parallels to the Clinton case? 

I've stated multiple times in this thread that linking to articles or videos does not absolve you of the rules of the thread -- they will be treated as if you made the statements yourself in a post.

Stop that. Last warning.

It was my understanding that the concern about the hostile actors was less that a single email could be intercepted but that the end points could be discovered and that part could be compromised. The State Department has a wealth of individuals, devices, and procedures on hand to combat this possible threat from outside threats. However, The Secretary's private email server was not covered by the reasonable protections the State department otherwise employs. Thus, I think the issue regarding the Secretary using a private and uncovered server raises issue of security.

Incorrect regarding the risk of a recipient's system being compromised....and I think that you vastly overestimate the State Dept's resources and procedures.  Remember: the federal government's systems were compromised by multiple parties during the time period in question, with at least one of the compromises resulting in a large scale disclosure of information on state department employees.

Determining the source of an email is as simple as knowing the sender's address.  Public lookups will point you to the public-facing systems/servers.  That's how email works.

The risk of a recipient's system being compromised is that any information they receive needs to be considered compromised as well (regardless of its point of origin).  Again, that is the nature of email.

Hostel actors gained access to the private commercial email accounts of people with whom Secretary Clinton was in regular contact with.

She used her personal email extensively outside of the US in potentially hostile environments. 

A lead-in note: be very careful going forward about quoting only those parts of an article or statement that agree with the point that you're looking to make.

From Comey's statement:

In looking back at our investigations into mishandling or removal of classified information, we cannot find a case that would support bringing criminal charges on these facts. All the cases prosecuted involved some combination of: clearly intentional and willful mishandling of classified information; or vast quantities of materials exposed in such a way as to support an inference of intentional misconduct; or indications of disloyalty to the United States; or efforts to obstruct justice. We do not see those things here.

Email is fundamentally different from data at rest.  An obvious enough statement, but one that has been often and repeatedly overlooked in this whole discussion.

Now...I can't speak to hostel actors, who are generally concerned with finding cheap lodging, but hostile actors appear to be defined in Comey's statement as those who serve nation-states whose interests conflict with those of the U.S.  Saying that hostile actors likely had compromised the accounts of some of those Clinton was communicating with is not saying what you think it is -- it's saying that it doesn't matter in the slightest how secure the system she was sending from was, the recipient's system was compromised.  She could have been sending from an email server located in the depths of NORAD with 24/7 armed guard, it wouldn't have mattered in the slightest.

This is part of the problem with email -- it is communication over insecure channels, often to parties/systems with whom you have no direct control or oversight into.

Are we attempting to circumvent the rules by posting videos instead of using your own words?

Anything in links and/or videos that you link will be treated no differently than something that you wrote in an actual post.  I'd suggest spending some time considering what you link to.

"Margins not high enough" is kind of an odd way of phrasing "60-70% loss of one of your core products".  Particularly when you're talking about a core product which is not your "entry level" product/offering (those are available in hardcopy on this site).

So, yeah, I have yet to see you express a grasp (keen or otherwise) of the business considerations for DOJ.

I'll be nice here and spell this out a bit more verbosely.

A company (let's call them DOJ) has an RPG system that is particularly crunchy.  For the sake of argument, we'll refer to it as a 2 volume set: 6E1&2.  Arguments about its merits vs previous versions of the system aside, it is pretty crunchy and presents a fairly intimidating entry to new players (from both a financial and complexity standpoint).

DOJ would like to attract new players to the system (like every other RPG company out there). Realizing that a generalized/universal system is an attraction for a long-term or ongoing player, but not necessarily for a new player (who wants to try the system in a singular setting/genre), they decide to make some entry-level books.  These books should be "complete" in that players looking to play in or run a campaign in a particular genre should need only the one book in question.  Remove many of the examples and explanations from 6E1&2 (since they mainly apply for more experienced players looking to get official guidance on some of the finer points of the system).  Strip off any rules that are not deemed pertinent to the genre (e.g. Classes of Minds, expanded Language Familiarity Chart, etc.).  In general, reduce the size and complexity/crunchiness of the individual books and, in so doing, reduce the cost. Further reduce the cost by cutting DOJ's own profit margin, making the books as cheap/easy of an entry point as they can be.

Note, these books still follow the rules put forth in 6E1&2 -- they represent subsets of those same rules. They don't expand on anything. They don't introduce anything new. They don't even revert some of the controversial changes that were made when moving from one version of the rules to the next. They just represent genre-specific subsets of the main (core) rules for the system. 

As a means to attract new players to the system, this works fairly well.  Not a roaring success, but it's unlikely that that level of success is even possible in an industry that has been shrinking as much as the RPG industry has been.

So...fast forward slightly.  You have some existing players/users of the system approaching DOJ, looking to write supplements (like Strike Force), or run official events at conventions.  They ask what book they should use.  If the book or event falls into one of the genres for which the complete entry level books have been written, they're told they should use them.  Because that's how the books are sold -- if you haul out references to Classes of Minds in your Champions supplement, people are going to cry foul, as Classes of Minds aren't covered in that book.  This does not mean that the complete books replace the core rule books.  It doesn't mean that Classes of Minds are no longer part of the Hero System. It means simply that the complete books are exactly what they were built as: entry point devices for new players which simplify the system.  They're a starting point, not a replacement for the full 6E1&2.

When you misunderstand him or misinterpret what he says?  

1. Look at the top of every page on this site.  Tell me what it says.

2. Saying that you need to be compliant with the rules in CC means you need to be compliant with HERO System 6th Edition.  If you were talking about writing a Champions supplement, then yes, that is the book you'd want to concern yourself with -- that subset of the 6E rules.  If you were talking about writing a Fantasy Hero supplement, guess which book you'd be told to be in compliance with?  Now guess which book you'd be told you need to be in compliance with if you wanted to write a Western Hero supplement or book -- I'll give you a hint: it's in 2 volumes and rhymes with Hero System 6th Edition.

3. Don't trust me on this?  Talk to Jason.  I do it all the time.  CC follows Hero System 6th Edition.  It lacks some of the rules in the main rulebooks...because that's the point behind it.  FHC follows Hero System 6th Edition in the same way.  Know what the official rules for Hero System are?  6th Edition.

Then you have zero concept of business in general or the insanely tight / small market for rpgs in particular.

Please think before you post.

Do you really think that there is an unlimited pool of potential sales out there? That putting a product up for sale in one place (or in one format) won't impact the sales of the product in another place (or another format)?

Do you really not think at ALL about business or relative costs?

Look at the last sentence that I quoted from the TOS.  That part about the margin after print cost of the book is taken off of the sale price.  Pesky little detail, I know.  Apply it to what you know about the various books in question.  Consider the size of 6E1 and 6E2 and the "print cost" that will be taken off of the sale price...prior to the 40% take of drivethrurpg.  That's your cost metric for consideration.

Maybe you thought that the print cost that would be taken off would be static across the board (regardless of the size of the book, the complexity, the amount of graphics, etc.).  If so, I would suggest that you perform similar business calculations as what we'll get into for DriveThruRPG -- they're not going to lose money on their end (even potential money) just because a given book is larger than average.  The risks are greater for them, the costs are greater, and their charges are (correspondingly) greater.

Now let's talk business for a moment, shall we?  Might as well have someone do it, since you don't seem to want to go that route...

The 6E rulebooks are the core of the Hero System.  Does it seem like a particularly sound business idea to take the core of your business model and cut out (at a guess) 60-70% of your return?  Myself (as an admitted neophyte in business), I'd prefer to put out some of my entry-level offerings to POD sources -- take the hit on those in the hopes that you attract new players to the system who will (in turn) purchase your core products.  That's just me, though.

Hmmm...I wonder what the difference could POSSIBLY be?   It couldn't be as simple as "you're an individual and have none of the business concerns facing the publisher of the material", could it?  I mean, that just makes too much sense.

From the TOS on Drivethrurpg: 

 

As with digital sales, you get paid 70% or 65% of the price the customer pays, depending on whether you are an exclusive partner with OneBookShelf or non-exclusive. On print sales, though, you receive your share of the margin after the print cost of the book (or cards) is taken off the selling price.

Huh.  35-40% (or greater) loss on revenue.   I see what you mean -- no reason whatsoever why the 6E1/6E2 volumes shouldn't be offered there.

Sigh.  And here we go again.

This topic is done.  Hugh is now being moderated (and has been "officially" warned rather than relying on the unofficial route which failed previously).  Surrealone - you're done with this topic and this false crusade you appear to be on with Hugh.  Do not post on it again in these forums.  Is that clear enough?

Now, to the subject at hand -- I'll spell things out for those of you too dense to figure it out on your own (even after others have pointed it out to you):

The current ruleset for the Hero System is the Hero System Sixth Edition.  That's it.  That's what it has been since 6E came out.  That's what it says at the top of this site. 

Champions Complete (and FHC, etc.) follow 6E rules.  This is a REALLY EASY one for me to comment on, as I did not need to make a single change to HD when the complete series came out BECAUSE THEY DIDN'T CHANGE OR ADD ANY RULES.  They each have omissions from the full 6E rules...because that's the ENTIRE POINT TO THE SERIES -- to include only the rules you need to run the respective genre (or even sub-genre in some cases). Each book states that it is part of the Hero System Sixth Edition rules.  But you, for some moronic reason, cannot seem to grok that.

Champions Complete contains all of the rules you need to run a Champions campaign.  It does not contain all of the rules for 6E -- that's the job of the 6E rulebooks.  Likewise, FHC contains all of the rules you need to run a fantasy campaign.  It also does not contain all of the rules for 6E.  This means that if you are familiar with the full 6E ruleset you may find things that are missing from CC that you would like to include in your campaign. Guess what? You can!  Go for it.  That's your call...but you don't get to make that call for others.  CC contains everything that someone new to the system needs to run their campaign.  Hence the "complete" part of the title.

Steve Long only references the 6E rulebooks because he wrote them...and because they are the "official" rules for the system -- they contain the entirety of the 6E rules (as their respective titles would indicate). Don't like that? Then don't participate in the free and unadvertised service that Steve offers.  It's really that simple.

The 6E rulebooks are currently only available in PDF.  Don't like that? Great! Buy the PDF and print your own - it's cheaper than the cost of physical copies.  Think the company should take care of it for you? Great! Save up some serious cash and then talk to the company about investing so that you can have input on that decision.  Just be aware that making a print run means not only paying a printer for a large number of physical copies, but also transporting them from the printer, storing them in a warehouse (since you don't have sales for all of them), paying for said warehouse, arranging for distribution, distributing from the warehouse as distribution sales are made (and paying for shipping again), advertising (since you really don't want physical copies to sit around for long periods of time due to aforementioned rent issues), and finally shipping and labor costs for individual sales.  Kinda makes PDF an understandable choice, no?

So.  If all of this pisses you off, I really do not care -- go somewhere else.  If you feel the need to continue posting on this, I really do not care -- go somewhere else.  If you ignore this advice, I will ensure that you are unable to continue posting in these forums.  Is that clear enough?

And...Vondy is now out of this discusson.

READ. THE. RULES.

Please.

Also highly unlikely for a VP to run against a sitting President, so you'd be looking at 2024 before he could run again (at 83 years of age).

And..another one is gone from this thread (and moderated for a while).

Are the rules really that hard to follow?

If the next words out of your mouth are not "Applejack is the very best pony" you're dead to me.

And we've just had two people punted from this thread and placed into the moderation queue.  I'd strongly suggest that everyone else read and follow the rules of this thread.

Please pay particularly close attention to Rule 2 -- you're one post away from moderation (at best).

I think we're actually close to saying the same thing.  The "One True Way" attitude is coming about (IMO) because the rules are attempting to be deterministic -- defining all of the fine-grained options that are available to piece together any given concept.  Remove that deterministic attitude from the rules and you eliminate much of that problem.  What I'm suggesting with Skills is precisely that -- removing the deterministic skill listing (which can never cover the full variety of skills/endeavors no matter how detailed it becomes).  This doesn't mean that you lose the granularity, it means that it's up to you/the GM to determine the level of granularity you want in your Skills and have an understanding of what they represent.  For some, "Physician, 13-" may be enough.  For others, "Maxillofacial Surgeon, 15-" may be the desired level of granularity.  For others still, they may want to have a listing going through all of the knowledge and "sub-skills" that a maxillofacial surgeon possesses.  You don't need to have that all spelled out in an explicit list of skills in the core rules -- that actively detracts from your ability to define your level and to build a character "your way" rather than the "One True Way".

For the amount that skills (non-combat) come into play during a game, you don't need to justify huge point expenditures.  Well-defined skill lists/background on a character should be encouraged.  

Just a thought what if skill levels coukd be bought similar to combat skill levels? Something like occupation skills cost 5pts. but it covers more than traditional 3 pt skills?

Don't get me started on CSLs ;-)

With the new decoupling of OCV/DCV (which I actually quite like), I think that CSLs are a relic that need to go away.  Better handled through limited purchases of OCV and DCV (with a new Advantage that allows one to be used for the other).  Weapon-specific levels then make MUCH more sense and balance better, as the Limitation can be based on how likely it is for the character to be using that particular weapon.  

A barbarian in a fantasy campaign that always uses a broadsword really shouldn't get much of a discount for levels with the broadsword....some, sure...but not as much as the dark champions character.

That skips over the ability to go broad or narrow ... that's my general complaint: Hero does a decebt job describing Skills, it does a poor job describing how to set up a Skill System for your game.

 

In one game PS: Blacksmith may be all you ever need to make and repair weapons.

 

In another game PS: Blacksmith itself may be inappropriate and you have to buy exactly what you're good at: Weaponsmith: Common Melee Weapons & Weaponsmith: Common Firearms.

 

A third campaign might decide that just Weaponsmith itself will cover making any and all weapons, master of arms style.

 

Yes, it's more fiddly tool-kitting BS, but that's the core of the System. Individual campaign books should nail down exactly the kind of granularity the campaign calls for (or enterprising groups can replace it with their comfort level: super detailed or super broad).

I understand the concern.  Really.  But now flip it on its head: how often have you had that come up in a campaign in a meaningful way?

If the campaign is meant to get down to the nitty-gritty level of "you have training as a blacksmith, but that guy has training as a blacksmith and a metallurgist...so you're not going to be able to do what he does" that makes perfect sense...and is something that you know about during character creation.  So you define your character appropriately.  During gameplay, it's already known that the character that is defined as having both metallurgical and blacksmithing knowledge is going to be better suited for certain tasks.  

You don't need to have an explicit list of skills to define all areas of knowledge in order to accomplish that.  In fact, the explicit list of skills detracts from that very idea and gets you bogged down in the morass of what combination of skills to buy to represent a character that is a skilled blacksmith with metallurgical knowledge vs. just buying a skill of "Modern Blacksmith" and agreeing with the GM on what that means/entails.

If you want a character that has practiced a variety of trades, then purchase multiple skills to represent that -- one per trade.

If you want a character that can easily learn new trades, then purchase multiple skills to represent the trades that the character has already learned and a "skill enhancer" to represent their ability to quickly/easily pick up a new one for character growth.

Again, the long/detailed skill listing does nothing for gameplay from what I've seen - it just complicates character creation and detracts from storytelling during the game.

I still fail to see how that adds to either gameplay or storytelling.

If you have a remarkably granular system with a brilliantly designed "fold up" structure so that you can pick just how fine-grained you want to go on any given skill...I don't see that helping you at all.  Quite the contrary, as it comes across as an attempt at a deterministic system for skills, which leads to things like "I know that it makes sense for your character with PS: Blacksmithing to be able to forge a sword, but you didn't purchase Weaponsmith, so you just can't seem to do it. If the system had intended for PS: Blacksmithing to cover making swords, they wouldn't have put in that other skill, now would they?"

In gameplay, you're looking at making the characters believable and playable...and overall to tell a good story that entertains the players (and GM).  Define what a given character does conceptually (i.e. "he's a doctor" or, for more specific campaigns, "he's a maxillofacial surgeon") and leave it at that. If you're worried about balance (and I have RARELY seen skills be unbalancing in the slightest), then have the GM place a premium on skills that are likely to be of significant use in the campaign and a discount on skills that are unlikely to come up (e.g. "There's not going to be too much call or opportunity for a potter in this campaign....but the forensic examiner is going to be called upon quite a bit.").

Even in those campaigns that are highly skill-focused, I think you're better off having one character take a skill that they call "Oncologist" and another take a skill that they call "Cardiac Specialist".  The GM decides in a given situation if a skill roll is needed and, likewise, if the oncologist or the cardiac specialist would be particularly suited to it (or inept at it).  MUCH better (IMO) than saying "I know that it makes sense for the cardiac specialist to be able to tell a lot about a patient's health from their pulse, but you didn't buy SS: Pulse Reading").  

The level of granularity present in the skill system is one of the biggest detractors from the system (and storytelling) in my experience.