Cache listing question - external resources

December 12, 2006

ok, first I am a noob geocacher, only having logged my first finds this past weekend. Being a bit of a web programmer also, I had an idea I wanted to run by the community before I pursued it at all.

The idea pertains to puzzle caches. I was thinking of creating a website for "Virtual Cryptexs" and similar things for puzzle caches. The listing would give you all the info you needed to figure out the code to "open" the Cryptex. And a link to the website where you could "unlock and open" it. When you submit the correct code, it would give you whatever the cache owner wanted, ie: coordinates, another piece of the puzzle, etc. The site would be non-profit and free, and would be self contained, with instant results.

I have read the guidelines, and they say you can have people do a general search to find information to solve the puzzle, but you should not require that someone have to wait on a email from the cache owner for the results. I can see where that would not be wanted (having to wait unless someone got around to reading and replying to the email). This seems to fall inbetween those two extremes.

Would it fall into acceptable for cache submission?

December 12, 2006

I recently submitted a puzzle cache with a link to an external website. I was told by the reviewer that externally-hosted puzzles were frowned upon and would soon be prohibited. The problem is that when these external websites disappear, then the cache is broken.

I was directed to make the cache completely self-contained in order to get it approved and published.

Edited December 12, 2006 by ePeterso2

December 12, 2006

I can understand that, websites sometimes come and go. I personally own a half dozen domain names right now. And I change the content on occation. But only if its not actively being used.

Example, I have a website that hosts download for a game, I haven't played the game in over a year, but I still faithly maintain the site because others still use the site frequently. But I have seen others disappear and take the content with them.

If that is the case, I wonder if the admins of geocaching.com would like to add a feature like that to the site. Any powers that be care to comment.

December 12, 2006

I asked that question of the reviewer -- would it be possible to one day upload puzzle programs to make them available on the cache page, much like the Gallery images today? She said that would be unlikely due to the threats of viruses, trojans, and other forms of malware being uploaded to the Groundspeak servers ... it would be too much of security risk to let it go unchecked, and it would require too much effort to check and maintain on the part of the reviewers.

December 12, 2006

I am not talking about uploading any programs though. It would be a very simple PHP page, an input, and a submit button. You type in the answer to the puzzle/riddle and hit submit, the page checks to see if the answer is correct, if it is correct, it displays what the hider wants you to see.

No security risks there, all code that they control, easy to program too. Nothing uploaded by the end user that could be virus.

4.2k · December 12, 2006

Your best bet is to contact a local reviewer and ask them.

20.7k · December 12, 2006

I am not talking about uploading any programs though. It would be a very simple PHP page, an input, and a submit button. You type in the answer to the puzzle/riddle and hit submit, the page checks to see if the answer is correct, if it is correct, it displays what the hider wants you to see. ...

Couldn't you do the same thing using the current requirements?

If the answer is X, go here. If the answer is Y, go there.

3.9k · December 12, 2006

I am not talking about uploading any programs though. It would be a very simple PHP page, an input, and a submit button. You type in the answer to the puzzle/riddle and hit submit, the page checks to see if the answer is correct, if it is correct, it displays what the hider wants you to see. ...
Couldn't you do the same thing using the current requirements?

If the answer is X, go here. If the answer is Y, go there.

Not really, because a person could go to both options (or all 15 if it were the case) and figure out which one is the right one and never solve the puzzle.

As far as the question, the reviewer's interpretations vary. The basis is pretty much set on how available the site is and that the cacher doesn't have to download anything to thier computer.

20.7k · December 12, 2006

I am not talking about uploading any programs though. It would be a very simple PHP page, an input, and a submit button. You type in the answer to the puzzle/riddle and hit submit, the page checks to see if the answer is correct, if it is correct, it displays what the hider wants you to see. ...
Couldn't you do the same thing using the current requirements?

If the answer is X, go here. If the answer is Y, go there.

Not really, because a person could go to both options (or all 15 if it were the case) and figure out which one is the right one and never solve the puzzle.

As far as the question, the reviewer's interpretations vary. The basis is pretty much set on how available the site is and that the cacher doesn't have to download anything to thier computer.

You could also do what most people do and require that coords are computed based on what is found at each location. These puzzles can still be broken by brute force, but the finder would have to search huge areas to do so.

2.7k · December 13, 2006

I recently submitted a puzzle cache with a link to an external website. I was told by the reviewer that externally-hosted puzzles were frowned upon and would soon be prohibited. The problem is that when these external websites disappear, then the cache is broken.

I was directed to make the cache completely self-contained in order to get it approved and published.

BUMMER!

I have one puzzle that simply won't work if totally hosted here because GC modifies images. I would expect that a lot of Greengecko's outstanding puzzles would suffer the same fate (I KNOW some of them would).

Granted depending on other web sites is a little risky, but as it stands, GC.com is not an adequate host for computer puzzles because they have limited abilities for users to store unmodified files.

Hacker's cache #2 is still in the formative stages, but with these proposed guidelines, I guess I'll just scrap the idea completely. Oh well, more time to waste on the forums. :surprise:

7.2k · December 13, 2006

Perhaps Groundspeak could implement a similar scheme by allowing passworded additional waypoints. It could act just like a hidden waypoint does now, except when a password is entered on the site. The revealed text is only revealed on the site and never sent in a GPX file. Allow certain inlines so off site photos could be revealed.

3.3k · December 13, 2006

I have one puzzle that simply won't work if totally hosted here because GC modifies images. I would expect that a lot of Greengecko's outstanding puzzles would suffer the same fate (I KNOW some of them would).

Granted depending on other web sites is a little risky, but as it stands, GC.com is not an adequate host for computer puzzles because they have limited abilities for users to store unmodified files.

Hacker's cache #2 is still in the formative stages, but with these proposed guidelines, I guess I'll just scrap the idea completely. Oh well, more time to waste on the forums.

My puzzles that have "special images" are hosted on Photobucket.

Perhaps Groundspeak could implement a similar scheme by allowing passworded additional waypoints. It could act just like a hidden waypoint does now, except when a password is entered on the site. The revealed text is only revealed on the site and never sent in a GPX file. Allow certain inlines so off site photos could be revealed.

Excellent idea!

2.7k · December 14, 2006

My puzzles that have "special images" are hosted on Photobucket.

I host mine on my personal web storage account that comes with the package from my ISP. Many people host their files on their own web pages.

All in all, I think the potential unreliability of outside hosts is the reason for the GC policy (if indeed it IS policy). A simple change in URL is sufficient to destroy your cache page.

Originally, I used "deviant art" to host my pix, but I had some trouble with apparent URL changes. I don't use Photobucket, so i don't know how reliable they are when it comes to them making changes.

I think that using a paid for site to host the content is probably better than Photobucket or any other source that is "free" because generally paid for sites give the buyer greater control than the "free" sites. But even with a paid for site, one must remember what has been posted where and what is relevant to what.

I think keeping track of which files are in use in cache pages is going to be harder in sites that you also use for other purposes (like storing your family album).

Another drawback of Photobucket is that it is limited to images (I assume). My ISP web hosting account allows me to store and reference by URL any kind of file.

It certainly would be BEST if GC.com hosted the entire contents of puzzle cache pages, but as it stands now, GC is not capable of hosting all types of files (or at least does not offer the capability to members).

24.7k · December 14, 2006

.... The basis is pretty much set on how available the site is and that the cacher doesn't have to download anything to thier computer.

Why not download anything? A PDF file can contain a clue that is unlocked by a password found at a key location for a puzzle cache.

I'm working on a cache that very much depends on this type of thing. When it's done the last thing I would like to see is that the chace is unlistable because the format needed to make the cache work doesn't fit the mold.

24.7k · December 14, 2006

My puzzles that have "special images" are hosted on Photobucket.

I host mine on my personal web storage account that comes with the package from my ISP. Many people host their files on their own web pages.

All in all, I think the potential unreliability of outside hosts is the reason for the GC policy (if indeed it IS policy). A simple change in URL is sufficient to destroy your cache page....

Fixing a broken link is much easier than trecking through the woods to replace a box. Hopefully it's not that reason.

2.7k · December 14, 2006

Fixing a broken link is much easier than trecking through the woods to replace a box.

Once you realise it's broken.

(bummer having to fix the same link repeatedly too.)

Edited December 14, 2006 by Confucius' Cat

2.7k · December 14, 2006

As far as the question, the reviewer's interpretations vary. The basis is pretty much set on how available the site is and that the cacher doesn't have to download anything to thier computer.

I have worked several (actually solved one or two ) that could not be solved without downloading the images to my computer.

Perhaps it is just a technicality. All images are "downloaded" to the client computer even though they might not be easily located as separate files. If they are copied to a file with the "save image as" command or similar method then they are perhaps more likely to be capable of propagating malicious content, but either way they, at least temporarily reside on the client computer.

I can see the issue as being one of protecting clients from malicious software that might be referenced in a cache page. Therefore the types of files available might be an issue. But .jpg's and .gif's are excellent carriers for virtually ANY kind of file and are already hosted by GC.

One thing I don't understand is how the reviewer can determine whether outside resources are needed to solve the puzzle unless the owner confides this information. Do all puzzle submitters explain the solution to the reviewer?

December 14, 2006

Most of my caches are puzzles - I generally make them doable without visiting any particular web page, though many of them do require online research for most finders (unless they happen to be subject matter experts). I maintain a website of my own with a geocaching section that has some information that is otherwise difficult (not impossible) to locate online. As a rule, I do not mention this site on the puzzle cache pages - instead let the finder take the trouble of checking my profile to find out about it.

I have seen puzzle caches that directed the finder to a specific site for a clue - and as long as they work they are great.... but of course they do not always work as advertised.

There are a couple of sites that you can use to allow finders to check the coordinates they come up with in answer before they go haring off to the wrong place - you might try geochecker.com

If you are into programming and want to create some tool that would be generally useful, you might find a general acceptance of it once you have explained it to sufficient folks.

As to puzzles that require downloading stuff to solve, I have one that was approved before that rule was implemented. You probably already know that any time you download an executable file, no matter what the source, you should check to make sure it is clean before you run it.

Edited December 14, 2006 by OHMIKY

2.7k · December 15, 2006

You probably already know that any time you download an executable file, no matter what the source, you should check to make sure it is clean before you run it.

To my thinking that is the biggest issue in requiring downloading of files to solve a puzzle. I would hope that virus scanning is standard procedure for anyone downloading ANYTHING off the internet.

The one I am planning would require downloading a "game" that I would write. I am thinking along the lines of Myst® but of course it would not be quite that elaborate. As it stands, I program in VB6. I suppose I could learn a little more about HTML and make my puzzle right on the cache page, but that would be a big "learning curve", especially to figure out how to hide the final so that simply viewing the code wouldn't "solve" it.

Actually, as devil's advocate, i can see how one could easily place a link to malicious software that would not be caught by virus checkers, especially if the malicious code was written by someone who does not know how to make the code replicate and thus it would not meet the strict definition of a "virus" but could still do some serious damage. For instance, it would be very simple to write a program that would randomly reboot the computer or randomly delete a folder or two. Pretty much anyone with capabilities a little past "hello world" could do it.

Maybe it is best to limit the scope of puzzles for the protection of all.

December 15, 2006

Well, I have no plans to disable or remove my cache that requires software to solve - like everything in life, it is a choice the prospective finder can make.

9.2k · December 15, 2006

You probably already know that any time you download an executable file, no matter what the source, you should check to make sure it is clean before you run it.

That's easy to say. But I doubt if 1 in 1,000 people have the expertise to do that, especially with a custom written compiled executable, that's not going to be in an AV checker's black list.

2.7k · December 16, 2006

You probably already know that any time you download an executable file, no matter what the source, you should check to make sure it is clean before you run it.

That's easy to say. But I doubt if 1 in 1,000 people have the expertise to do that, especially with a custom written compiled executable, that's not going to be in an AV checker's black list.

I'm certainly not an expert on how virus checkers work, but basically I believe they look for certain characteristic patterns. Therefore they can catch a lot of viruses without actually having a list of every possible malicious program. Still there are new viruses released almost daily and it is a formidable job to keep up.

I also agree that one could probably make quite a malicious program and "come in under the radar" of the virus scanners by simply being "amatuerish" which would cause it to fail the pattern matching.

December 16, 2006

ok, first I am a noob geocacher, only having logged my first finds this past weekend. Being a bit of a web programmer also, I had an idea I wanted to run by the community before I pursued it at all.

The idea pertains to puzzle caches. I was thinking of creating a website for "Virtual Cryptexs" and similar things for puzzle caches. The listing would give you all the info you needed to figure out the code to "open" the Cryptex. And a link to the website where you could "unlock and open" it. When you submit the correct code, it would give you whatever the cache owner wanted, ie: coordinates, another piece of the puzzle, etc. The site would be non-profit and free, and would be self contained, with instant results.

I have read the guidelines, and they say you can have people do a general search to find information to solve the puzzle, but you should not require that someone have to wait on a email from the cache owner for the results. I can see where that would not be wanted (having to wait unless someone got around to reading and replying to the email). This seems to fall inbetween those two extremes.

Would it fall into acceptable for cache submission?

There is a website available that someone created that checks the coordinates for puzzle caches, so once you have solved the riddle, you can enter the coords as a check and it will tell you if you are right. Not exactly what you're looking for, but there is precendent... Perhaps you could ge together with the creator of that site and put your heads together. I don't remember the forum that listed the site, but a quick search should find it.

--MGb

1.8k · December 20, 2006

It seems rather ironic that Groundspeak would be so worried about external websites becoming unavailable when GC.com seems to be unavailable half the time...

January 4, 2007

Okay, I know this discussion is two weeks old... but...

I have a true puzzle cache (Rope-a-Dope, here on GC) and I've handled the issue this way: I made the puzzle solvable by the pure means on the GC page (cut it out and solve it the old-fashioned way), but also added a BETTER way to do it (click-n-drag the puzzle pieces in your browser) on a page hosted on my own server. That met the guidelines, but still provided a nicer way for the user. If my externally-hosted bit of HTML disappears, it's a broken link, but the cache is still othewise completely intact.

I see this as a challenge in its own way: can I design a puzzle which fully meets the guidelines for self-contained listings, yet also utilizes external resources effectively?

3.3k · January 4, 2007

Okay, I know this discussion is two weeks old... but...

I have a true puzzle cache (Rope-a-Dope, here on GC) and I've handled the issue this way: I made the puzzle solvable by the pure means on the GC page (cut it out and solve it the old-fashioned way), but also added a BETTER way to do it (click-n-drag the puzzle pieces in your browser) on a page hosted on my own server. That met the guidelines, but still provided a nicer way for the user. If my externally-hosted bit of HTML disappears, it's a broken link, but the cache is still othewise completely intact.

I see this as a challenge in its own way: can I design a puzzle which fully meets the guidelines for self-contained listings, yet also utilizes external resources effectively?

That is a cool puzzle!

As far as Photobucket being unstable, i've had zero URL changes in over 2 years. I also pay for the upgrade account, so my pictures aren't "size reduced."

Cache listing question - external resources

Recommended Posts

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Join the conversation