Monthly Archives: February 2014

Train2Game News: Play to help beat Cancer

Posted on by

Play to cureA new iOS and Android game allows players to help Cancer Research UK scientists fight cancer in real life.

Play To Cure: Genes In Space is a free game in which the player has to collect a fictional substance dubbed Element Alpha. This represents genetic cancer data, which might underpin certain types of cancer.

By playing the game and collecting Element Alpha, players are actually helping analyse significant amounts of genetic data, which would take Cancer Research scientists hours to do.

The game is actually a cleverly disguised data analysis tool, so by mapping a route through an asteroid field and then collecting the Element Alpha in it (while dodging and shooting asteroids), players are actually sending back data analysis to the Cancer Research labs.

Play To Cure: Genes In Space can be downloaded free on the iOS App Store and the Google Play store.

You can enjoy the trailer for Play To Cure: Genes In Space below.

Train2Game News: Ten tips from CNS to keep your apps safe

Posted on by

Hut-3 1The people at CNS security firm who we interviewed at the end of last year have sent us ten recommendations for staying safe when developing games and applications for mobile devices.

Input Validation

Never assume that the end user won’t try something stupid. If the
application asks the user to enter a number into a field, they could
legitimately type ‘one’. If the application doesn’t check that the input is
a number before trying to process it, it may lead to a security
vulnerability.

Sanitise Onward Data

Don’t rely on the receiving service to filter the content your application
sends. For example, if gamer tags or high scores are sent from the game onto
a third party score site. Attackers may be able to attack the third party
via your application, potentially putting your application at risk.

Least Privilege

Never request that your application be run as a system level account like
root or Administrator. If a bug exists in your application and an attacker
manages to exploit it, they may be able to run commands at the program user
level, with access to the system account meaning the attacker could take
over the entire computer.

It is very rare that an application or game would need a high privilege
level to run, and often operating systems provide APIs to developers that
allow them to access system devices (e.g. graphics cards) without having to
directly run as a system user.

Keep it Simple

Nothing is gained by having overly complex code. Clear and concise code
allows errors to be spotted quicker, and also allows multiple people to
write the code at once without running into problems. If another person or
team takes over development, proper code layout and commenting can reduce
the amount of time required to become familiar with the program, allowing
for faster development of patches and updates.

Tamper Prevention

Important data such as high scores should be kept in a place that the user
cannot modify, preferably on a server where they can be audited and checked
for validity. Storing important data on the device may allow users to easily
cheat in the game.

Transport Security

If information which is potentially sensitive (e.g. user’s address, contact
information, credit card number, etc.) is transmitted over the Internet, it
should be done so over a secure connection, ideally one that uses SSL / TLS
and uses certificates to validate the end server.

Information which is not transmitted in this way can be observed,
intercepted, or even modified by an attacker before it reaches the server.

Encoding is not Encryption

If sensitive data is to be stored, ensure that it is properly encrypted
rather than encoded, using a strong and public encryption algorithm.
Encoding is not a secure way to store data, as anyone with knowledge of the
encoding algorithm can easily retrieve the encoded information. With
encryption, even if the attacker knows the algorithm used (and it should be
assumed that they do), they still have to find the secret key before they
can decrypt the information.

Never try to invent your own encryption algorithm. Cryptographers have
worked for years to create a small set of algorithms that are considered to
be secure by Information Security specialists, which should give you an idea
of how hard creating secure encryption algorithms is!

Fail Safe

Make sure that if your application crashes, is doesn’t drop into a
development or debug mode, but rather catches the exception and returns the
user back to their desktop or home screen.

Mobile Devices

If developing for a mobile device, make sure to look into and make use of
any security features and APIs that the manufacturer provides. An example of
this is the data protection API from Apple for iOS.

Don’t Use Untrusted APIs

There are plenty of APIs out there on the Internet, but not all of them can
be trusted. Make sure to search for any related vulnerabilities in the API
before using it, and if possible, only use open source APIs that have large
communities behind them. Some closed-source APIs are also secure to use, but
be wary and always do proper research on them before including them in your
application.

Train2Game would like to thank CNS for these helpful tips to keep you safe!

Train2Game News: Pokemon bank available in Europe

Posted on by

Pokemon BankThe Pokemon Bank app is finally available in Europe, following a number of delays. Originally scheduled to launch in the US and European eShop on December 27, the app was delayed in response to server troubles and Nintendo Network outages over the holiday season.

The app will be available on the Nintendo 3DS eShop later today and will charge users an annual fee of £4.49 / $5.00 to store their Pokemon online.

A player’s Pokemon Bank account contains 100 boxes, each with 30 Pokemon capacity, allowing for a total of 3000 Pokemon to be stored. Players can deposit and withdraw Pokemon from their copy of Pokemon X & Y.

The service will also enable players to transfer their previously collected Pokemon from Pokemon Black, White, Black 2 and White 2 into their Pokemon Bank using another 3DS app called Pokemon Transfer.

“Pokemon Box is a paid service that will allow players to have secure and convenient access”, Nintendo president Satoru Iwata said during a Pokemon Direct broadcast last year.

Train2Game News: Multiplay announces first batch of content for Insomnia51

Posted on by

InsomniaMultiplay, organiser of the UK’s biggest gaming festivals, is pleased to announce the first wave of content for Insomnia51, taking place at Coventry’s Ricoh Arena April 18-21, 2014.

Building on the success of Insomnia50, Multiplay’s first Insomnia festival of 2014 moves to Coventry’s Ricoh Arena, allowing more visitors than ever before to attend this coming Easter weekend. Tickets can be purchased now, at insomniagamingfestival.com.

Insomnia51 brings a wide variety of content from an array of talented and respected developers and publishers. With huge prize pools, Insomnia is still the best place for the biggest eSports tournaments in the UK, showcasing the greatest teams from across the globe and streamed live on Twitch.TV.

Insomnia will once again have a dedicated Minecraft Zone, featuring free to play tournaments and offering Minecraft fans the chance to meet their YouTube heroes. The line-up so far includes: BeBopVox, FyreUK and Noxcrew with more special guests to be announced in the coming weeks.

Community is a huge part of Insomnia, and this year is no different, with evening activities including live music, casino night, and the world famous pub quiz. However, Insomnia51 is also about showing you the latest and greatest games and merchandise in the exhibition hall and will feature incredible games, like Rust, Starbound, and DayZ. It’ll also feature some of your favourite developers and YouTube stars in an expanded Panel schedule, running throughout the weekend.

“After an incredible 2013, we spent a lot of time talking about what we could do more of, and how we can improve our customers experience. The first stage in taking Insomnia to the next level is the move to the Ricoh Arena, but there’s so much more to come,” Said Craig Fletcher, CEO & Founder of Multiplay.

“We’ll be announcing more exclusive content in the coming weeks, and we’ve got some big surprises to share. Don’t miss out on what will be the biggest year in the history of Insomnia festivals.”

Insomnia51 takes place at the Ricoh Arena over Easter Bank Holiday weekend, Friday, April 18th to Monday, April 21st 2014.

Tickets are available online at www.insomniagamingfestival.com

Train2Game News: UK Top 20 Games – 03.02.14

Posted on by

Tomb RaiderIt took a month into 2014 but FIFA has been knocked off the top spot by Tomb Raider definitive edition for the Xbox One and PlayStation 4. Now we will see how long it will keep it’s number one position.

All formats

Week ending 1 February 2014

POS.  TITLE  PUBLISHER  LAST
WEEK 
1 TOMB RAIDER: DEFINITIVE EDITION SQUARE ENIX
2 FIFA 14 EA SPORTS 1
3 CALL OF DUTY: GHOSTS ACTIVISION 2
4 BATTLEFIELD 4 EA GAMES 3
5 LEGO MARVEL SUPER HEROES WARNER BROS. INTERACTIVE 4
6 ASSASSIN’S CREED IV: BLACK FLAG UBISOFT 5
7 MINECRAFT: XBOX 360 EDITION MICROSOFT 6
8 GRAND THEFT AUTO V ROCKSTAR 8
9 NEED FOR SPEED: RIVALS EA GAMES 9
10 KILLZONE: SHADOW FALL SONY COMPUTER ENT. 7
11 GRAN TURISMO 6 SONY COMPUTER ENT. 18
12 NBA 2K14 2K SPORTS 11
13 WWE 2K14 2K SPORTS 15
14 FOOTBALL MANAGER 2014 SEGA 13
15 FORZA MOTORSPORT 5 MICROSOFT 12
16 ALIENS: COLONIAL MARINES SEGA 14
17 LEGO BATMAN 2: DC SUPER HEROES WARNER BROS. INTERACTIVE 19
18 DISNEY INFINITY DISNEY INFINITY
19 BATMAN: ARKHAM ORIGINS WARNER BROS. INTERACTIVE 20
20 DRAGON BALL Z: BATTLE OF Z NAMCO BANDAI GAMES 10
< previous week
Leisure software charts compiled by Chart Track, (C)2014 UKIE Ltd

These charts cannot be reproduced either in print or online without obtaining permission from Ukie. If you wish to reproduce the charts in print or online, please contact david.smith@ukie.org.uk for the appropriate license.