After what seems like approximately three hundred requests that I stop the cheating on fastr, I've finally relented and done something about it. The answer is now sent encrypted, and then your guess is encrypted before comparing with the answer. At the end of the set, if you didn't guess it, the browser sends a "give up" signal back to the server, which gives you the answer in plain text, and sets your score to zero, so you can't "give up" and then submit an answer.

You can still cheat, of course. You can open a second window that's slightly ahead in time, and see pictures before guessing in your first window. Or you can refresh your browser after you know it and get ten points. Or you can "give up" under one name and then submit an answer under a different name. But those are all manual cheats, and I expect you'd get tired of doing that eventually. What you can't do any more (as far as I know, at least) is set up a script to automatically cheat for you.

You also can't make long names with no spaces so that they go outside the designated name box. No one asked for that, but it was annoying me, so I fixed it. And the rounds are now six minutes now, which allows for exactly ten sets of photos, plus a ten second break to look at who won. The last set of your first round might get cut off in the middle, but that shouldn't happen after it gets synched up at the end of a round.

I also pulled all the text into localization files, which will make it much easier to create versions in new languages. But I haven't seen many people playing the other languages, so I'm not sure that's even worth the trouble. I'll let the translation volunteers decide that.

In any case, between these last few fixes and the API, I've managed to delegate (that's the verb form of lazy) most of the future work onto other people. So I don't expect to be spending a lot of time working on fastr now. I think it's about time to call it done and move on to another project.

 

Some bright fastr players have pointed out (by exploiting) two bugs that allowed impossible scores. One involved sending a non-number as the score (which I fixed by only accepting numbers as scores). The other involved sending a negative score (which I fixed by not allowing negative scores). Both were simple enough to fix, just problems I hadn't considered previously.

I know at least one, and possibly both, were discovered by a player named "cheatrs nevr prospr," which I must say is a clever (clevr?) name. While I would appreciate more if people mentioned these bugs to me directly, it's still nice that someone is going to the trouble to poke around the edges of the game where I never thought to.

 

One of the most common requests for fastr has been to link the photos to their flickr pages. At first I thought this wouldn't work because then you could click on the link and see the tags, and you wouldn't have much reason to guess the tag. And it's already too easy to cheat. But several people pointed out that it could just add the links after the answer is shown, so this is what the game does now, satisfying both players' desire to have links and my desire to discourage cheating.

Speaking of cheating, there is now — I believe — only one way to cheat. I've fixed every other method known to me. (If you know of another, I'd like to hear it.) I'll go ahead and explain the one remaining in hopes that doing so will make it a less interesting challenge. Basically, the answer is always available in the source of page; it's just hidden until you guess it or the time runs out — then it's shown. It's pretty trivial to add JavaScript to the page, either through a bookmarklet or a greasemonkey script, which makes the answer visible at all times.

What you get out of this is a perfect score. The other methods of cheating, which I fixed today, would allow more than a perfect score. Because it's trivial and you don't get much for it, it's not interesting, and no one is impressed by those who do it, as they might have been when someone had a million points by another cheat.

But even that was pretty boring, and I never saw anyone cheat for more than one round. Basically someone would spend five minutes figuring out how to cheat, and then get bored and go back to playing the game. Luckily the game is more fun than the cheating, or I would have had more trouble with cheating before fixing it today.

So why am I not fixing the last cheat? Because doing so would slow down the game, and I don't think it's a worthwhile sacrifice. To make it impossible to cheat, I'd have to remove the answer from the source of the page. Then when you typed in a guess, it would send the guess back to the server, which would respond saying it was correct or not correct. It's that constant querying of the server that would slow everything down, probably enough to cause the server to die (again). So I have no intent to do that.

Now, back to links. There are also links allowed in player names now. This wasn't formally requested, but I saw people setting their player names to things like myblog.blogspot.com, so I figured I'd make their lives easier. This also gave me a new way to do tech support, by putting a link to my AIM address around "Questions?" as my player name. I answered three or four questions today, all of which were basically "how do I play this game?"

I'm somewhat afraid this will just devolve into a link farm. There is currently someone named "cheap domains" playing fastr. (The domains aren't actually cheap — I checked.) For now, though, low scoring players scroll off the page, so someone has to keep playing to keep their sales link visible. And hopefully while they're doing that, they aren't sending us all emails advertising their "cheap" domains.

If I decide the player names are becoming too full of advertising, I'll just remove the links. But I've seen a few people linking to their flickr pages or personal websites, and it's nice to get a better idea of who exactly I am defeating with my superior tag-guessing skills. (Not to mention my knowledge of all the tags I chose.) For now anyway, fastr is full of links.