How do I introduce my co-workers to RPGs via a Virtual Table Top (VTT)?

I am fortunate enough to work at a company that twice a year budgets time and expense so we may have a "team-building" activity. I am on a team of ten people total. There is a stipend to pay for expenses. We’ve gone go-karting one afternoon then out for dinner on the company coin, that kind of thing. Another time we have had lunch at the office followed by an afternoon of table top games like Citadels and there was enthusiasm for that. Currently everyone is working from home in the same timezone, meeting over Slack, Zoom, Microsoft Teams, etc.

Since (a) I am a big fan of tabletop RPGs where the players work together as a team to take down BBEG, and (b) there’s enthusiasm for trying new things, and (c) team building always helps morale, I want to float our next "team building" activity as "I run an afternoon RPG adventure on Roll20.net" as a one-off session; something four hours max.

I have played D&D since 1983. I am quite comfortable as Gamemaster/ DM for six players. I believe I can stretch to nine players for an afternoon. One of my co-workers has also been gaming since the Eighties, knows the concepts very well, and has expressed enthusiasm for the idea. I have not sounded out the rest of my team for their enthusiasm and experience with RPGs; I suspect it is all over the map with at least three novices.

I am looking for specific examples from people who have tried this, such as, "I tried Game Foo and it did not work for reason X," or "I introduced my friends to VTT with Game Bar and the following things worked really well:…"

I’ve used Roll20.net four times with my gaming group. I have the hang of it. I’m not wedded to it, but it seems like it would be a solid fit with some preparation on my part which I’m willing to do. Roll20.net has some good introductory videos.

There’s no negative stigma about Role Playing Games at my employer. I am comfortable enough there that I can float the idea and if my co-workers say "Nope, not at this time," that’d be fine.

I’m flexible as to which game we play. My criteria are:

  1. It’s easy for a novice to pick up the basics
  2. My co-workers work together (no stabbing each other in the back)
  3. My co-workers have fun for the afternoon

My favourite game is Pathfinder 1e; I fear that is WAY too deep for novices, unless I strip it down as suggested here. I don’t want to overwhelm/scare off my co-workers with the PFSRD.

I am familiar with DnD 5e. I don’t have a DnDBeyond account. Since I imagine everyone would need a Roll20.net account to start, I’d rather not require everyone to create two accounts.

I have an idea of how I’d make this work in person: I’d provide nine copies of the Universal Table from TSR’s Marvel Super Heroes, I’d draw a large rough map of the downtown core of our city on the whiteboard, and my co-workers would each pick an Avenger from a set I’ve prepared in advance. Those MSH rules are pretty basic (one table! One!) and I’m sure even those co-workers who have never heard of RPGs have heard of the Marvel movies. Each Avenger would have a token the player could stick to the whiteboard. However, I suspect that super heroes don’t scale into Roll20.net; put another way, my first thought was that it’d be easier on the novice players if they were constrained to the walls of a castle and could not fly.

While I would like to offer my team the choice of game genre, I suspect that with nine people I’d get nine different responses.

I have read this question about introducing kids and this question about introducing novices to Pathfinder 1e in a short session. I believe my question is distinct enough from those two and is not a duplicate.


Host filesystem manipulation from docker vs. virtual machine

When reading about docker, I found a part of the documentation describing the attack surface of the docker daemon. From what I was able to understand, part of the argument is that it is possible to share (basically arbitrary) parts of the host filesystem with the container, which can then be manipulated by a privileged user in the container. This seems to be used as an argument against granting unprivileged users direct access to the docker daemon (see also this Security SE answer).

Would the same be possible from a virtual machine, e.g. in VirtualBox, which on the host is run as an unprivileged user?

A quick test where I was trying to read /etc/sudoers on a Linux Host from a Linux guest running in VirtualBox did produce a permission error, but I would not consider myself an expert in that regard in any way nor was the testing very exhaustive.

Secure a virtual machine during a lab exercise

I recently started the Offensive Security AWAE course. On their connectivity guide page, they warn about the hazards of connecting to their labs:

you will be exposing your computers’ VPN IP to other students taking the course with you. Due to the nature of the course (and its participants!), your computer may be subjected to attacks originating from the VPN network. This is true even if you are located behind a NAT device.

I contacted them and asked what I could do to secure my PC (Windows 10 with the VMware VM, running Kali Linux), and their answer was, that I could "separate the IP segment of my VM with the host machine", but they couldn’t help me regarding how to achieve that.

Can someone please help me finding information how to achieve that with the VMware VM?

How realistic is the risk that someone ‘hacks’ into my machine?

Are there other measures I can take to reduce any risks?

Is it possible to create an “always on” environment from a SQL Server on premises to a virtual machine on azure?

I’ve been looking for a similar question here and reading about it about ""Add Azure Replica Wizard", but I heard the it doesnt works because it’s a deprecated feature.

I used to have a primary server and a secondary server on premises as always on, but because of costs I had to delete the secondary "replica".

I would like to know if it’s possible to recreate this always on environment, and then have the primary server On Premises, and a replicated environment on a virtual machine on Azure Cloud.

Then if something happens with our primary, automatically the secondary replica on azure will take the work.

Is there a standard for “virtual receipts”, and is it actually used anywhere?

I just got another e-mail from my food store after I had placed an order. It has no plaintext version, only a HTML one. Only with extreme amounts of efforts from me could I parse out the products and their individual prices and quantities… until they change their e-mails the next time.

I currently "only" parse out the delivery date/time, the total price for the order and the order id. Which is insanity.

Is there really no "digital receipt" standard? They seem to have no hidden JSON/CSV blob anywhere in their e-mail, or even manually downloadable from their website when logged in. How is one supposed to actually make a local database of what they buy and the prices and stuff? Even just figuring out how to parse their e-mails for the total price was quite a bit of work, and I’m certain that almost nobody out there does this.

How come this was apparently overlooked, in spite of being such an important and basic thing for "e-commerce"? Am I really expected to manually input all of this data or spend countless hours figuring out their broken HTML blob and keep updating it whenever they change their e-mails, and do this for every single store I ever buy anything from?

I strongly suspect that there is some standard, probably released as an RFC in 1997 or something, but nobody wants to implement it because it means "giving away control" in their eyes?