Merge branch 'develop' of github.com:sFractal-Podii/quizquadaminos in…

…to main
sFractal-Podii · Feb 12, 2024 · 3018fb0 · 3018fb0
2 parents 67eec4f + b7c6bc7
commit 3018fb0
Show file tree

Hide file tree

Showing 120 changed files with 1,647 additions and 1,265 deletions.
diff --git a/docs/HowToPlay.md b/docs/HowToPlay.md
@@ -2,21 +2,16 @@
 Quadblockquiz is a tetrominoes-like game
 that is part tetrominoes and part trivia quiz.
 Being honest, the trivia is to educate on
-supply chain.
+supply chain. 
 
 ## 1. Getting started
-This instance authenticates using GitHub
-(see here for more) therefore you mush have a GitHub ID
-and the conference organizers must have added you to
-the authorized list.
-If you are not yet authorized, see *here* for more info.
+It will hopefully be setup so you can play
+anonomously.
+But signing in allows you to win prizes in the contexts.
+You can authenticate with an existing GitHub account,
+or establish a handle using your email.
 
-![homepage](./home.png)
-
-Clicking on login will authenticate with Github.
-
-![login example](./login_example.gif)
-**replace this with current example**
+**replace this with some current example**
 
 ## 2. Playing
 
@@ -39,64 +34,36 @@ Their fall is influenced by:
 To score the most points
 - Points accumulate with each tick of the clock
 - Completed rows are removed and add points (in addition to letting you play longer)
-- Answering questions add points as well as potentially giving powerups
-- Game ends when the quadblocks pile up and reach the top of the playing area
+- Answering questions add points as well as giving you powerups
+- Game ends when:
+   + you "lose" because the quadblocks pile up and reach the top of the playing area. Note this can occur via cyberattack or licensing lawsuit, not just by you letting the block accumulate
+   + you quit gracefully (ie by hitting space bar and then clicking on quit button)
+   + game times out after 10 min
 
 ## 4. Pausing / Questions
-Typing the space bar pauses the game
+Typing the space bar pauses the game.
+Note "pauses" is a misnomer as it only pauses the falling of the blocks.
+The game timer continues, and lawsuits and cyberattacks can still occur.
 
-A topic screen is displayed,
-allowing the player to either continue back to the game
-or answer questions for points and powerups
+When the space bar is hit, a topic screen is displayed,
+allowing the player to either:
+- continue back to the falling blocks part of the game, 
+- quit the game,
+- answer questions for points and powerups,
+- invoke powerups (see [Power Ups](./powerups.md))
 
 ![topics](./topics.png)
 **replace this with current example**
 
-## 5. Topics / Power-ups
-
-### 5.1 Supply Chain
-- This is the supply chain sandbox so obviously everything is about supply chain.
-- Questions in this section are historical and misc.
-- Answering incorrectly loses points and you remain paused until you answer correctly
-- Answering correctly gets you points.
-
-### 5.2 SBOM
-- Software Bill of Materials is a critical element in supply chain risk management for both licenses and for vulnerabilities. It is also useful for software architecture (who needs 10 different modules with 27 different versions – all to perform the same function).
-- More information at https://www.ntia.gov/sbom
-- Answering incorrectly loses points and you remain paused until you answer correctly.
-- Answering correctly gets you points and a ‘bomb’ powerup which allows you to ‘blow up’ one block (and if you answer enough SBOM questions, blow up an entire row)
-
-### 5.3 OpenC2
-- Automating the defense is a key to cybersecurity. Open Command & Control (OpenC2) is a standardized language for the command and control of technologies that provide or support cyber defenses. By providing a common language for machine-to-machine communication, OpenC2 is vendor and application agnostic, enabling interoperability across a range of cyber security tools and applications. The use of standardized interfaces and protocols enables interoperability of different tools, regardless of the vendor that developed them, the language they are written in or the function they are designed to fulfill.
-- More information at https://openc2.org/
-- Answering incorrectly loses points and you remain paused until you answer correctly.
-- Answering correctly gets you points and a ‘C2’ powerup which allows you to ‘command & control’ one block (and if you answer enough OpenC2 questions, an entire quadblock) to put where you want
+See [Topics](./topics.md) for more on the various categories of topics
+in the question and answer part of the game.
 
-### 5.4 OpenChain
-- The OpenChain Project helps to identify and share the core components of a high quality open source compliance program. OpenChain builds trust in Open Source by making things simpler, more efficient and more consistent. It is the industry-standard for managing Open Source compliance across the supply chain.
-- More information at https://www.openchainproject.org/
-- Answering incorrectly loses points and you remain paused until you answer correctly.
-- Answering correctly gets you points and a ‘Chain’ power-up which prevents black blocks (preventative upstream in supply chain)
+See [Power Ups](./powerups.md) for more on what powerups are 
+and how they help defend against cyberattacks and lawsuits, 
+and help you get more points.
 
-### 5.5 Phoenix
-- Phoenix is a web development framework written in Elixir which implements the server-side Model View Controller (MVC) pattern. Phoenix provides the best of both worlds - high developer productivity and high application performance. It also has some interesting new twists like channels for implementing realtime features and pre-compiled templates for blazing speed. The 'let it fail' philosophy of the underlying OTP ecosystem makes it easier to design in both reliability and security.
-- More information on Phoenix Framework at https://www.phoenixframework.org/
-- More information on Elixir at https://elixir-lang.org/learning.html
-- More information on OTP at https://grox.io/language/otp/course and https://youtu.be/NYkwvVKlbU8
-- More information on Erlang Ecosystem Foundation at
-- Answering incorrectly loses points and you remain paused until you answer correctly
--  Answering correctly gets you points may get a ‘Rebirth’ powerup removing all blocks but keeps your score (and crediting points for the blocks removed), or may get you a ‘reliability’ powerup which "corrects" the vulnerable ‘black block’ into normal removable blocks.
+See [Strategy](./strategy.md) for game strategy. 
+TL;DR - alternating between falling blocks and Question/Answer
+is the best strategy.
 
-### 5.6 Vendors
-- this game, this sandbox, would not be possible without sponsors. Please read about them and answer easy questions to gain points and powerups (row delete)
-- sFractal Consulting - Platinum Sponsor - designed this game, wrote software, funded additional developers, ... sFractal Consulting is a boutique software/cybersecurity consulting firm.
-    + sFractal Consulting strongly believes in Supply Chain Risk Management, and assists its clients with quantitative risk management, SBOM creation as part of the SDLC, and Open Chain.
-    + sFractal Consulting strongly believes in creating SBOMs for all software, but confesses to not always being able to walk that talk. SBOMs are available for this game, but not for all the software sFracal has created. sFractal Consulting commits to continuous improvement in this area and to slowly grow the SBOM corpus will all new software it creates or updates
-    + sFractal Consulting strongly believes in cybersecurity automation and is very active in OpenC2. For example the security of this website is under OpenC2 Control
-    + sFractal Consulting commits to improving it's OpenChain behavior, fully admitting it has not been a focus but intends to change that
-- Podii - In-kind Sponsor - developed much of the quiz software for this game, building on the work of Grox.io. Podii develops "software done right".
-    + blah blah on supply chain, SBOM, OpenC2, OpenChain
-- Grox.io - In-kind Sponsor - developed much of the quadblocks software that is the basis for this game. Grox.io teaches programming. The tetrominoes game that is the basis of this game is developed as part of a Grox.io course.
-    + blah blah on supply chain, SBOM, OpenC2, OpenChain
-- Google - In-kind Sponsor - Google donated the GCP resources to host this game
-    + blah blah on supply chain, SBOM, OpenC2, OpenChain if we can get statements
+See [Intro Video](./needtoadd) for a video with some examples.
diff --git a/docs/powerups.md b/docs/powerups.md
@@ -0,0 +1,127 @@
+# Power-Ups in Quadblockquiz - Supply Chain Edition
+Quadblockquiz is a tetrominoes-like game
+that is part tetrominoes and part question/answer quiz.
+The question/answer less about what you already know,
+and is more about educating on
+supply chain cybersecurity. 
+This page is about the "power-ups" that you get awarded
+in the Question/Answer part of the game.
+
+## 1. Getting started
+The purpose of the game is to learn more about 
+supply chain cybersecurity in a fun way.
+See [How to Play](./HowToPlay.md) to get started.
+
+## 2. Question/answer
+The best strategy is to switch back and forth between
+the falling blocks part of the game and the question/answer
+part of the game. 
+You switch from falling-blocks to question/answer by 
+hitting the space bar.
+You switch back by hitting the 'continue' button.
+Note "pauses" is a misnomer as it only pauses the falling of the blocks.
+The game timer continues, and lawsuits and cyberattacks can still occur.
+Staying too long in either section will almost certainly 
+result in unforseen bad things happening.
+
+This page is about the powerups
+which you earn in question/answer part of the game,
+and you use in the falling blocks part of the game.
+
+## 3. Powerups
+In addition to continue/quit/topics, 
+hitting the space bar also shows you the powerups you
+have already earned, and allows you to use them.
+
+Powerups are earned by answering questions correctly.
+Each question has one powerup associated with it.
+When you answer the question correctly, 
+you get the points added to your score and the powerup
+added to the power bar.
+Note you can have more than one of any powerup.
+
+You use the powerup by clicking on it.
+
+The different types of powerups are described below:
+
+### 3.1 Add Block
+<i class="fas fa-plus-square"></i>
+
+Add block allows you to add one block in any open spot
+on the board. This is handy for completing a row.
+Note a row doesn't complete when you add the block,
+it completes when the next falling block hits the brickyard
+(the jumble of blocks at the bottom of the board).
+This allows you to complete multiple rows at one time
+for exponentially increasing amounts of points.
+
+To use an add-block, click on it's icon and the game board
+will appear. 
+Click on the spot where you want to add the block and it will place it there.
+
+### 3.2 Move Block
+<i class="fas fa-arrows-alt"></i>
+
+Move block allows you to pickup and move a block from one spot to another.
+
+### 3.3 Delete Block
+<i class="fas fa-minus-square"></i>
+
+Delete block removes the block you select from the board. 
+This is one way to get rid of vulnerabilities or licensing issues.
+
+### 3.4 Fix Vulnerability
+<i class="fas fa-wrench"></i>
+
+Fix vulnerability allows you to "fix" a vulnerability - ie change it from a block
+with a vulnerability back to a normal block. 
+Recall if you get too many vulnerabilities, you will be cyber attacked. 
+
+### 3.5 Fix License
+<i class="fas fa-screwdriver"></i>
+
+Fix license allows you to "fix" a licensing issue - ie change it from a block
+with a licensing issue back to a normal block 
+Recall if you get too many licensing issues, you will be sued.
+
+### 3.6 Remove All Vulnerabilities
+<i class="fas fa-hammer"></i>
+
+Remove all vulnerabilities removes from the board (leaving a blank spot)
+all blocks with vulnerabilities.
+
+### 3.7 Remove All License Issues
+<i class="fas fa-tape"></i>
+
+Remove all licensing issues removes from the board (leaving a blank spot)
+all blocks with vulnerabilities.
+
+### 3.8 Slow Down
+<i class="fas fa-fast-backward"></i>
+
+The quadblocks part of the game operates most of the time at a reasonable pace.
+But if you find that is too fast, you can slow it down one speed notch with the 
+slow-down powerup.
+
+Where this powerup is particularly useful is during a cyberattack since cyberattack greatly speeds up the pace of the game.
+
+### 3.9 Speed Up
+<i class="fas fa-fast-forward"></i>
+
+Speed up is the opposite of slow down - it speeds up the pace of the game by one notch.
+This may be because you want to accumlate points faster (assuming you can keep up),
+but most likely is because you've been hit by a lawsuit whh slows the game down to a glacial pace.
+
+### 3.9 Clear Blocks
+<i class="fas fa-eraser"></i>
+
+Clear blocks totally empties the board - but keeps you point total.
+There are many situations where this is useful. Maybe you are accumulating too many vulnerabilitiea and are about to be cyberattacked. Or maybe you have been cyberattacked or are being sued in a lawwuit. Or may be you just have too many blocks in the brickyard.
+
+### 3.9 Superpower
+<i class="fas fa-superpowers"></i>
+
+Superpower is a powerup that you can trade if for another powerup - which ever one you need. This is the wild card of powerups and is very handy to have. 
+Note it is a two-step process. Clicking on the superpower icon lets you pick which other powerup to add to list. THen you must actaully click on that new powerup to use it.
+
+