PC Gaming ERA | October 2019 - No Truce With The Outer Worlds


The Fallen
Jul 26, 2018
Gamesplanet has Deadfire cheap, and yet I looked at it and decided no, I won't play it if I buy it at the moment. I should wait. I should save my money for a while. There will be other, later opportunities.

Felt weird tbh.

So if you have not heard, crusader kings 2 is free now. You can get old gods dlc for signing up for some newsletter on their website. Anyway... how long/hard is it to actually get into this game? I have heard it takes quite a long time before it becomes enjoyable. Not sure if I should even try because recently I have little patience.
It's one of those games where you pick it up by trying to have fun, and through osmosis. It really helps if you like watching youtubers - play a bit, in Ireland for a slow and boring start or anywhere that looks cool, then watch some random series where quill18 or whoever attempts to conquer India from Iceland, or just plays as someone who've never heard of. You'll pick up tips and figure out how to play gradually, suddenly something you had happen in your last game will make sense, or you'll realise what that video was on about.

Also, note that you don't have to play to the end date, and that losing everything and ending up as some shitty count is a good opportunity to learn how to hire someone with a cart full of manure and snakes to end your "liege" and his entire line.

It probably will help that with just the game and the old gods, you can only play as Christians and pagans. Islam and the Indian religions, and thus their rulers, aren't available without the DLCs. This is really, really not a problem in terms of content, as you will have a million options and it's not like you can't go and loot them for all their worth without playing as them yourself. Note: if you do get into it, some DLCs are considered worth picking up earlier than others, but mostly you want to grab the Rome one and then whatever topic you feel like expanding on.


Oct 25, 2017
AC Odyssey is just too damn big. After playing it on and off since the end of last year I finally finished the main quest last weekend (or apparently one of three main quests).
I honestly more or less sticked with it because I'm really interested in the Atlantis DLC. But first I still have to finish four questlines that probably add another 5-10 hours to even get to that. By the time I have access to the DLC I'm probably getting sick of the uniform mission design. It's the reason it took me this long to finish this game in the first place.

One task was seriously a Rule of Three quest as part of a Rule of Three quest as part of a Rule of Four quest.

Origins was the better game. They really went overboard in Odyssey.


Oct 25, 2017
3ish hours into Pillars of Eternity and considering just restarting. Playing on easy and the combat is a slog, not a fan of having to use up (very) limited items or walk all the way to an inn to heal, and my character is taking so much damage. Should've just went with a basic soldier class.


Nov 22, 2018
UAC hasn't really been an annoyance since Vista. I usually leave it on default. Not that many things need admin access.
Disabling UAC is terrible security wise. Without it you could have applications using admin rights to do horrible things without you knowing.

These days you only see the UAC popup when installing new applications which isn't that often. There's no reason to disable it.
I've always disabled UAC out of habit ever since VIsta but yeah, I'm thinking it wouldn't be such a bad idea to have it enabled these days.

However, I'm not very keen on having a prompt each time I want to open trivial apps such as foobar, Discord or any other application that requires administrative privileges for overlays and such. 🤷‍♂️


Oct 26, 2017

Attention to NordVPN users!!
I don't know.

A few months ago, we became aware that, on March 2018, one of the datacenters in Finland we had been renting our servers from was accessed with no authorization. The attacker gained access to the server by exploiting an insecure remote management system left by the datacenter provider while we were unaware that such a system existed. The server itself did not contain any user activity logs; none of our applications send user-created credentials for authentication, so usernames and passwords couldn’t have been intercepted either. The exact configuration file found on the internet by security researchers ceased to exist on March 5, 2018. This was an isolated case, and no other datacenter providers we use have been affected.

Once we found out about the incident, we immediately launched a thorough internal audit to check our entire infrastructure. We double-checked that no other server could possibly be exploited this way and started creating a process to move all of our servers to RAM, which is to be completed next year. We have also raised the bar for all datacenters we work with. Now, before signing up with them, we make sure that they meet even higher standards.

When we learned about the vulnerability the datacenter had a few months back, we immediately terminated the contract with the server provider and shredded all the servers we had been renting from them. We did not disclose the exploit immediately because we had to make sure that none of our infrastructure could be prone to similar issues. This couldn’t be done quickly due to the huge amount of servers and the complexity of our infrastructure.

The timeline is as follows: the affected server was built and added to our server list on January 31, 2018. The data center noticed the vulnerability they had left and deleted the remote management account without notifying us on March 20, 2018. Our techs found that the server provider had had the undisclosed account a few months ago. We then immediately took action to audit our entire server network and accelerated the encryption of all of our servers.

The expired TLS key was taken at the same time the datacenter was exploited. However, the key couldn’t possibly have been used to decrypt the VPN traffic of any other server. On the same note, the only possible way to abuse website traffic was by performing a personalized and complicated MiTM attack to intercept a single connection that tried to access nordvpn.com.

To recap, in early 2018, one isolated datacenter in Finland was accessed without authorization. That was done by exploiting a vulnerability of one of our server providers that hadn’t been disclosed to us. No user credentials have been intercepted. No other server on our network has been affected. The affected server does not exist anymore and the contract with the server provider has been terminated.

Even though only 1 of more than 3000 servers we had at the time was affected, we are not trying to undermine the severity of the issue. We failed by contracting an unreliable server provider and should have done better to ensure the security of our customers. We are taking all the necessary means to enhance our security. We have undergone an application security audit, are working on a second no-logs audit right now, and are preparing a bug bounty program. We will give our all to maximize the security of every aspect of our service, and next year we will launch an independent external audit all of our infrastructure to make sure we did not miss anything else.

With this incident, we learned important lessons about security, communication, and marketing.

Daniel Markuson


Oct 27, 2017
I've always disabled UAC out of habit ever since VIsta but yeah, I'm thinking it wouldn't be such a bad idea to have it enabled these days.

However, I'm not very keen on having a prompt each time I want to open trivial apps such as foobar, Discord or any other application that requires administrative privileges for overlays and such. 🤷‍♂️
I'm not a windows user so just wondering, why do those require admin permissions?