I have mostly decided that the Batman: Arkham Asylum demo on Steam exists in much the same fashion as the references to the Necronomicon in HP Lovecraft's works. It is completely fictional, but people feel more important when they mention it.
Further more I have decided that as I go through Steam's layout and design, it mostly serves as a demo fro a really slow and glitchy GUI API, rather than a game communication service.
As I cannot seem to figure out a way to launch a game from it (doing so seems to result in either a noop, or causing Steam to quit).
Trying to download a game via Steam produces the same noop results in Steam. Via the Steam website, it seems to produce a popup saying to have Steam running (regardless of whether Steam is running), followed by yet another noop operation.
Generally I have only ever succeeding in getting software to run via a software key--however that only succeeded in getting it to appear in my account. It did not actually allow me to play it.
I then ended up with Killing Floor deciding to destroy my Steam instance. That is, causing it to instantly crash every time I tried to run the trial that was "going on" this weekend. It seems that this has also corrupted my user information, making that instance of Steam completely inoperable--and even partially deleting my user information. Which I found out as I tried to recover my password information from the blob file. Turns out that only part of my password was saved. And not an amount that makes sense on a system that makes use of any form of 8bit WORD.
Upon password recovery I came up with the following issues:
* The recovery key I got was never regenerated. In fact, I constantly got the same recovery key information every time I asked for the password. I mean, even the stuff I sent about two months ago gives the same recovery key. It was not even installed in the same instance of wine as this one, so it should not report it as the correct OS to run it on.
* The interface itself did not give me any information on what form area I filled in wrong.
* The password recovery interface did not even card if I got the recovery key incorrect. Leading my to believe that the recovery key is completely unnecessary, or at least not implemented.
Next issue is the password recovery question. For a choice of what it can be we have:
* City I grew up in: about five minutes of internet stalking can grab this on anybody who speaks even half as much as me.
* Name of Pet: fairly easy to figure out. In fact I quite regularly talk about the story my brother St.AMP talks about, where when he was in Chem School, having a sibling with a bright orange cat named, "Argon" can cause issues. An alternative guess would be from the story I joke around about St.AMP killing my dog Buddy. Other guesses could be any partners I had
* Childhood Hero: yeah--this one is fairly easy to guess BTW
* Mother's maiden name: because talking about Grandma Chiver's visit does not really give the gig up here.
* City I was born in: Yeah, I generally joke about this a lot. This recovery question is not very useful.
* I cannot remember the others... but many of them are _exceedingly_ easy to social engineer out of me. I would be kind of disappointed if somebody could not figure them out on me, and most other people who tend to get a higher profile after about five minutes of a google search.
I kind of want to try something based on the following:
* since the key itself does not seem important. As the password recovery system does not complain when I put things as blantantly wrong as "fish1".
* Making intercepting the email sent not nearly as important.
* since the question itself is easy to social engineer to get around.
Result: this could end up with me hijacking accounts =D
But to what end. All this amounts so far from everything I have seen on it, is to be a very slow GUI demo, with code that has not been implemented yet, and a poorly designed model.
I mean, a few glaring errors I have seen:
* Use of iexplorer.exe for content display instead of something that resembles a competent renderer, like webkit or gecko. I mean, I would not have minded seeing Opera's Renderer being used here either.
* Use of its own GUI toolkit, that appears to run quite a bit slower than anything else on my system. Good move Valve!
* Some third party games seem to require use of Punk Buster. Good job as well! You are really endearing yourself now.
* Poorly designed interface when it comes to grabbing my password. I will give some suggestions later on this.
* Requirement of using Steam.exe itself to recover a password--with no other option out there.
* I honestly do _not_ believe that the Steam.exe is able to recover a password. I have yet to see proof of this as having existed.
Now I have gone over my specs, to see if it is indeed a decent setup for Steam to run. It turns out, yush. do not believe me? Here are my specs:
Video RAM: 256MiB
Chipset: AMD Athalon
Display Resolution: 1366 x 768
Graphics controller: Radeon Xpress 1200
OS: Fedora 11 with Testing Repos enabled
Wine version: 1.1.32 via the opensuse Yum package.
Sound Driver: OSSv4
Colour Support: 24bpp... only thing higher, last I knew was 32bpp, and most people I talked to stated that 24bpp alone had more colours than the human eye can pick up.
It should be noted that this should meet the specs of Steam hardware wise. Steam has a Platinum rating in Wine--which means, it works exactly the same in Wine as it does on Windows (some even reported, that its behaviors in Wine is better than that on Windows--so this makes me only think less of it in Windows).
Suggestions for fixing Steam:
* set it up, so that it is more a form of a natural format on all environments. Meaning, that while it is its own set of executions, it is able to run on other platforms, like it is native to the platform it is on. If they really do not want to do this, hey, I hear .Net is fairly cross platform. Considering that Microsoft^H^H^H^H^H^H^H^H^H Novel is developing it on other systems. If that does not float Valve's boat, there is always Parrot.
* if you are going to use a web based interface, do not use the most blatant piece of tripe on the market. I mean, iexplorer.exe?! WHY? What planet does using iexplorer.exe make sense. Even the techs in the companies that use IE5 for "legacy reasons" do not want to do this. I mean, I kind of half expect that Steam is written in Cobol now.
* As soon as Steam starts up, make an SSL based connection to the server. this should be constant, and the server and Steam should be able to talk back and forth. I generally would recommend openssl. As it is the standard from what I gathered. I may be wrong. If I am, somebody could link me to a better SSL library? However, this way, we can move onto the next step.
* When filling in a login or password recovery form, the information, like key, secret answer and password, should be checked right away. I mean, this is not going to amount to 320B of payload data. That is ~(1/3) of a Kibibyte. Yush, I am aware that a packet _does_ require more here. that is why I said "payload". I doubt this would amount to more than 3KiB in transfer. Processor should not take up much here, mostly just an event that waits for focus to move to another form element. Rendering of the form element. And generating the payload of the form element and sending said data. Listening for the data. Then displaying the response. I mean, even supposing that the bottleneck was the server checking the records in their database. The next thing I need to say is: redesign your database. A database should not take that long to make a single query to it. Even if you have to wait for a socket on the MySQL server on Valve's end, there are designs around that. Such as a Socket Pool. If something needs to be fired off to an app about such a failure or occurrance. How about this? The data base has a few flags that keep track of this (which should not take that long to check out). Then a crond or atd style job, simply checks the database for this data a regular invals, and reports what it needs to the right spot.
* Do _better_ secret questions. I mean, try to avoid anything that can be socially engineered. This is nearly as bad as using my birthday for my password. No, scratch nearly.. IT IS as bad as using my birthday. There are many ways to set this up in a competant manner. How about giving hem a few options? A phone number to call, should login issues occur. An ability to add a public RSA key to the account, to allow entry via there. The ability to make your own secret question for your secret answer. Make it so that every time I get an email my verification code is actually different? Allow for a URL to be sent to the server. Store the user's common IPs used, the ranges they belong to, the ISPs that own those IP ranges and the regions of the world that those belong to.
* Stop using Eris damn Shockwave and Flash. Those are no longer an industry standard. Generally I regard Flash as being similar to Table based layouts and 1998 style web design (think Timecube).
* If you _are_ going to use a GUI, at least make it resemble a responsive GUI. Even on my friends computers (whcih again, I never had it used to buy games, download games or launch games there--making me wonder if those features even exist in reality) the GUI loads slow. And these people are people who know how to set up computers.
So yeah--from this, I can generally gather, people do not actually use Steam.