It's one of those games where you pick it up by trying to have fun, and through osmosis. It really helps if you like watching youtubers - play a bit, in Ireland for a slow and boring start or anywhere that looks cool, then watch some random series where quill18 or whoever attempts to conquer India from Iceland, or just plays as someone who've never heard of. You'll pick up tips and figure out how to play gradually, suddenly something you had happen in your last game will make sense, or you'll realise what that video was on about.So if you have not heard, crusader kings 2 is free now. You can get old gods dlc for signing up for some newsletter on their website. Anyway... how long/hard is it to actually get into this game? I have heard it takes quite a long time before it becomes enjoyable. Not sure if I should even try because recently I have little patience.
Nope, Epic Launcher allows mods. They actually have a separate tab for mods on the store page.
This. But by virtue of not being UWP, it should allow mods, that is if that particular game does not have an overbearing DRM implementation.
I've always disabled UAC out of habit ever since VIsta but yeah, I'm thinking it wouldn't be such a bad idea to have it enabled these days.Disabling UAC is terrible security wise. Without it you could have applications using admin rights to do horrible things without you knowing.
These days you only see the UAC popup when installing new applications which isn't that often. There's no reason to disable it.
I don't know.
A few months ago, we became aware that, on March 2018, one of the datacenters in Finland we had been renting our servers from was accessed with no authorization. The attacker gained access to the server by exploiting an insecure remote management system left by the datacenter provider while we were unaware that such a system existed. The server itself did not contain any user activity logs; none of our applications send user-created credentials for authentication, so usernames and passwords couldn’t have been intercepted either. The exact configuration file found on the internet by security researchers ceased to exist on March 5, 2018. This was an isolated case, and no other datacenter providers we use have been affected.
Once we found out about the incident, we immediately launched a thorough internal audit to check our entire infrastructure. We double-checked that no other server could possibly be exploited this way and started creating a process to move all of our servers to RAM, which is to be completed next year. We have also raised the bar for all datacenters we work with. Now, before signing up with them, we make sure that they meet even higher standards.
When we learned about the vulnerability the datacenter had a few months back, we immediately terminated the contract with the server provider and shredded all the servers we had been renting from them. We did not disclose the exploit immediately because we had to make sure that none of our infrastructure could be prone to similar issues. This couldn’t be done quickly due to the huge amount of servers and the complexity of our infrastructure.
The timeline is as follows: the affected server was built and added to our server list on January 31, 2018. The data center noticed the vulnerability they had left and deleted the remote management account without notifying us on March 20, 2018. Our techs found that the server provider had had the undisclosed account a few months ago. We then immediately took action to audit our entire server network and accelerated the encryption of all of our servers.
The expired TLS key was taken at the same time the datacenter was exploited. However, the key couldn’t possibly have been used to decrypt the VPN traffic of any other server. On the same note, the only possible way to abuse website traffic was by performing a personalized and complicated MiTM attack to intercept a single connection that tried to access nordvpn.com.
To recap, in early 2018, one isolated datacenter in Finland was accessed without authorization. That was done by exploiting a vulnerability of one of our server providers that hadn’t been disclosed to us. No user credentials have been intercepted. No other server on our network has been affected. The affected server does not exist anymore and the contract with the server provider has been terminated.
Even though only 1 of more than 3000 servers we had at the time was affected, we are not trying to undermine the severity of the issue. We failed by contracting an unreliable server provider and should have done better to ensure the security of our customers. We are taking all the necessary means to enhance our security. We have undergone an application security audit, are working on a second no-logs audit right now, and are preparing a bug bounty program. We will give our all to maximize the security of every aspect of our service, and next year we will launch an independent external audit all of our infrastructure to make sure we did not miss anything else.
With this incident, we learned important lessons about security, communication, and marketing.
I'm not a windows user so just wondering, why do those require admin permissions?I've always disabled UAC out of habit ever since VIsta but yeah, I'm thinking it wouldn't be such a bad idea to have it enabled these days.
However, I'm not very keen on having a prompt each time I want to open trivial apps such as foobar, Discord or any other application that requires administrative privileges for overlays and such.
They don't require admin privileges per se, but they need need it for e.g. presenting overlays on top of a fullscreen app, or responding to keyboard input while playing in fullscreen.