Ten years ago today, I started cobbling together some Drupal plugins and trying to convince my friends that it would be fun to make weird videogames. I've been having a nostalgic old time poking around at the first handful of posts, as I was trying to figure out just what the hell this place was going to be. (2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 - note, I didn't figure out how to turn on history for wiki pages for a while, but I linked the oldest available ones where possible)

(Parenthetically: I really ought to find that home video and upload it somewhere.)

Don't forget to check out the amazing stuff in the 9th and 10th Anniversary celebration event (and feel free to post some late games to it if you're feeling celebratory)!

Post your fondest Glorious Trainwrecks memories in this thread!

Hey, remember back in 2013 when I updated the password database to not use unsalted md5 for password hashing?

Wellll apparently that change broke password reset links with some regularity. (Occasionally a working password reset link would be sent out if you were persistent.) So if you've been trying to reset your password and it hasn't been working, try again! It should work every time now!

And remember: If you're having trouble logging in, or the site is broken for you in some way, please email me and let me know! I'm friendly and want to help and can definitely fix your problem!

Thanks to denson for the bug report that finally led me to track down and fix the issue.

GORY DETAILS:
I switched to using bcrypt for password hashing. But it turns out that the password reset link uses the password hashing function to generate its url, and bcrypted hashes can contain the "/" character. Which meant that if the hash happened to contain a "/", then during URL parsing only the part of the hash up to the first "/" would be checked, and of course it would decide that the hash didn't match and throw a cryptic error.

Beep Boop! Hi, it's Klik Bot.

~Tue, 11/03/2015 - 17:21 — SpindleyQ

ANYTHING IS A GAME IF YOU MAKE IT A GAME. Because this is Glorious Trainwrecks, making 100 games can be left to interpretation. This isn't an endurance test. You don't have to make 100 Metal Gear Solid V's. Maybe, think of this like gesture sketches in a drawing class where you can easily make 100 drawings in 20 minutes. You do not have to program or make your own assets. Maybe think what is a game? What is 100? You all are creative. Do whatever, who cares, this is Glorious Trainwrecks.

The Klik of the Month Klub usually meets right here on this very website on the third Saturday of every month at 4pm Pacific Time (taking daylight savings into consideration) for a two hour Klik & Play Showdown. Usually, everyone who participates gets two hours to create something from scratch in Klik & Play. This time it will be over the entire Thanksgiving Weekend. Abusing the stock objects is encouraged. If you really loathe Klik & Play you can use whatever game development platform you want. Two hours is a pretty tight time limit, though, so choose wisely!

This time we are doing something different.

100-games-per-person. Let's aim for 10,000 games.
The games don't need to be super long, polished, good, or "games". There just needs to be 100-per-person.

Also, collaboration is encouraged! Upload project files so people can easily edit your games!
Please cite your sources and give credit where credit is due!

Klik & Play is absolutely free to download, and learning it takes minutes, so everyone can get in on the action. In addition, there are tools like Multimedia Fusion 2, RPG Maker, Unity, Game Maker, and Twine. Some engines to help make very very short games are plingpling, flikgame, and tinychoice.

Want to talk to your fellow Klikwreckers? Join us on IRC -- server irc.freenode.net, channel #glorioustrainwrecks. We've also got a Mumble voice chat server -- just connect to glorioustrainwrecks.com using Mumble and you can talk to us like real human beings! Join the mayhem!

After you've made your game, you should upload it here!
Submit games 1 by 1. Let's flood Glorious Trainwrecks! If you don't meet 100 games it's fine. The thing that matters is that you're striving to make 100 games.

For more information, check out the KotM N00B FAQ.

Sign up using the "Sign Up" tab above if you want to get reminded by email the day before the klikkening begins!





Imposter alert!Imposter alert!Imposter alert!Imposter alert!

Also, any suggestions about the event, please post in the comments.

Q: OMG THERE ARE SO MANY GAMES HOW WILL I EVEN DOWNLOAD ALL THESE GAMES?

A: Try GloriousTrainwrecks.exe!

If you are reading this, Glorious Trainwrecks is up and running on a shiny new completely rootkit-free server that hopefully won't randomly lose internet access or freeze up!

I'm currently running a script to update all passwords to be encrypted with bcrypt, which is an excellent password hashing system that makes brute-force password guessing computationally unfeasible. So if we're hacked again, no one can figure out your password! Hooray for modern security practices! If there's anyone out there running Drupal 5 that wants to use actual password hashing instead of just md5 with no salt, GET IN TOUCH, I HAVE A PATCH FOR YOU.

THERE ARE LIKELY TO BE PROBLEMS. I am a fallible human and I forget things. Please post here about them! If you can't login to post about them for some reason, send me an email: .

That's it!

I'm not certain, but I think the server running Glorious Trainwrecks may have been hacked again recently.

IMMEDIATE ACTIONS YOU SHOULD TAKE:
- You should NOT YET change your password on this site, as if it has been hacked, the attacker could still have access.
- You SHOULD change your password on any websites that you're using that share a password with Glorious Trainwrecks.

WHAT I AM DOING TO FIX THIS:
- I am going to create a new, clean Linode instance and migrate the site to use it.
- I am going to modify Drupal to use a more secure password hashing mechanism.
- I will tell you when this is done so that you can change your passwords here, if you wish.

WHAT, EXACTLY, IS GOING ON:
(Warning: gory technical details)
After the last time the site was hacked, I installed a program called rkhunter, which runs daily and searches for changes to the running system that have security implications.

On the morning of March 17th, rkhunter started to send emails that flagged something I had never seen before. This message has persisted since. There is no possible way I accidentally did anything to the server in the 24 hours prior, as on March 16th I was travelling all day.

[blockquote]Warning: Network TCP port 47018 is being used by /usr/lib/libice.log. Possible rootkit: Possible Universal Rootkit (URK) component
Use the 'lsof -i' or 'netstat -an' command to check this.[/blockquote]

According to ls, /usr/lib/libice.log does not exist. Neither 'lsof' nor 'netstat' show anything that has that port open. I can't connect to that port, either locally, or from an external machine. And rkhunter's mailing lists suggest that URK is very old and very unlikely to be seen in the wild.

It is possible that this is a weird false positive. If it doesn't go away after rebooting the server, then that seems very unlikely, since this is very dubious behaviour. I am being cautious.

One other thing happened that I find alarming: This morning, someone logged into my Facebook account from Taiwan. Facebook caught it, locked my account, and notified me. I had been under the belief that the password I was using was A) secure, and B) had yet to be leaked. Clearly it is now out there and associated with my email address, so I have a long slog of password changes ahead.

RE: password hashing, Drupal 5 performs by default an SHA-1 hash of your password with no salt. If you have a common password, this means that someone with access to our database could figure out your password literally by putting your password hash into Google. If you have an uncommon password, the work is slightly more complicated, but because there is no salt, it does not take an attacker much more time.

(I would love to do away with storing passwords entirely and switch to Mozilla Persona or something, but the chances of making that work with Drupal 5 are basically nil. I should be able to fairly easily switch to a bcrypted version of the SHA-1 hash of your password, which won't require a password reset and will bring us up to modern password hashing standards.)

Anyway, I'm sorry that this happened, and I'm hopeful that I can get us transferred over to a fresh, new, more secure server reasonably quickly.

So the Pirate Kart launchers are pretty cool, right? Makes browsing and playing games that little bit easier. It would be cool to have a launcher like that for every event or even one launcher that works for all Glorious Trainwrecks events! (well at least the ones since the new game submission system) I thought that'd be pretty rhinoceros! So I built it!

GLORIOUS TRAINWRECKS DOT EXE

If you see any weird issues or have ideas for improvements, let me know!

UPDATE 19 Feb 2013: Now should launch DosBox so you can play 16-bit EXEs on Win 64. Also some bugs got fixed.

Can you believe we have been making terrible 2-hour games for FIVE YEARS!? It's true! The very first pilot run of what would become the Klik of the Month Klub happened in June 2007. This stupid little jam has far surpassed my wildest expectations. Thank you all for making it amazing.

The Klik of the Month Klub meets right here on this very website on the third Saturday of every month at 4pm Pacific Time (taking daylight savings into consideration) for a two hour Klik & Play Showdown. Everyone who participates gets two hours to create something from scratch in Klik & Play. Abusing the stock objects is encouraged. If you really loathe Klik & Play you can use whatever game development platform you want. Two hours is a pretty tight time limit, though, so choose wisely!

Klik & Play is absolutely free to download, and learning it takes minutes, so everyone can get in on the action.

Want to talk to your fellow Klikwreckers? Join us on IRC -- server irc.freenode.net, channel #glorioustrainwrecks. Join the mayhem!

After you've made your game, you should upload it here!

For more information, check out the KotM N00B FAQ.

Sign up using the "Sign Up" tab above if you want to get reminded by email the day before the klikkening begins!

By the time GDC Play ended, we had 1005 games from 378 different contributors! And there have been more since then!

That's a lot of games! So here's a fancy-pants launcher to make browsing, downloading, and playing them easier!
download it!

Hello all,

I am Francois Lionet from Clickteam. You might know me indirectly, as I am, with Yves Lamoureux, the author of Klik'n Play , published by Europress software in the UK, and by Maxis in the US, in the 90s. I am also the author with Yves of The Games Factory and Multimedia Fusion.

I went to the glorious trainwrecks booth at the GDC, and liked what I saw.

OK, you are using a version of Knp that is supposed to be for schools only, but we dont mind. And it must be a pain to install on nowadays machines.

If someone from the association could contact me, that would be cool, I have some propositions to do.

Please keep up the good work, and most of all, keep having fun making games. Making games have become a serious business these last years, it is good to see people that do not take it so seriously.

Francois

Third from the top.