Author Topic: Regaining Game Key (Read 4259 times)

Pecon · April 17, 2015, 07:00:27 PM

Quote from: Goth77 on April 17, 2015, 06:51:59 PM

Disable network sharing on a public network, okay. Not to mention most library computers have deep freeze, so everytime you come back to play you would have to disable network sharing.
How very inconvenient.

The real problem in this hypothetical situation is that you're using a public computer.

Ad Bot · Advertisement

Goth77 · April 17, 2015, 07:32:03 PM

Quote from: Pecon on April 17, 2015, 07:00:27 PM

The real problem in this hypothetical situation is that you're using a public computer.

I don't use the library because I have my own internet and computer; But just imagine how many people actually do play on public networks such as coffee shops, airports, or even fast food restaurants. What if your not even on a public network? What if your on a big work or home network and everyone has access to the same files? You could easily steal a co-worker, friend or family members .dat file. This is where my concern comes from.

This doesn't even include computers used for a peer-to-peer or remote desktop connection.

Quote from: Goth77

If you could clarify for me how this can be used without the possibility of stealing someones auth key I would be more than happy to support development

tony-0222 · April 17, 2015, 07:53:09 PM

Quote from: Goth77 on April 17, 2015, 07:32:03 PM

remote desktop connection.

Yea, this.

I once shared a remote desktop with a friend so we could co-manage a server together. The thought of him using something like this to decrypt the key.dat woulda been terrible, since I had my key put in on it, not him.

And our relationship ended bitterly, and If this was out then he surely would have done it.

Most of the things about this are helpful, but the flaws are too threatening.

Sorry, no support.

Zeblote · April 17, 2015, 08:19:33 PM

Well whether you like it or not has no effect on the tool being created.

Pecon · April 17, 2015, 08:20:52 PM

Don't forget that these tools already exist anyways. Whether you like it or not, it's already completely possible and easy to do. This program is just a safer alternative to the already available software.

Goth77 · April 17, 2015, 09:32:37 PM

Quote from: Zeblote on April 17, 2015, 08:19:33 PM

Well whether you like it or not has no effect on the tool being created.

Quote from: Pecon on April 17, 2015, 08:20:52 PM

Don't forget that these tools already exist anyways. Whether you like it or not, it's already completely possible and easy to do.

Well no stuff. It's not like you can just tell someone not to make something and expect them to listen. Many people disagree with my modified RTB, but I went ahead and kept it alive because I support a better working RTB. The point is, making this kind of thing readily available to everyone and expecting them to use it as some kind of "new standard" is bullstuff and seems sketchy to me.
This is dealing with someones authentication key here, this is serious business.

Quote from: Pecon on April 17, 2015, 08:20:52 PM

This program is just a safer alternative to the already available software.

In what way? This decrypts the key.dat in a very insecure way. The real "safer" alternative is to use the Blockland key recovery through the email you purchased Blockland with. If you forgot the email or password the email provider have means of retrieving them. I believe these "step processes" are much more secure than than decoding the file in the game which contains your encrypted key.
How can you even say this is a safer alternative? Use your brain.

Zeblote · April 17, 2015, 09:35:15 PM

You can only decrypt your own key on your own computer. What's your problem?

Goth77 · April 17, 2015, 09:53:10 PM

Quote from: Zeblote on April 17, 2015, 09:35:15 PM

You can only decrypt your own key on your own computer. What's your problem?

Seriously -.-

My problem is that I fear the stealing of auth keys. Do we have to go over the whole peer-to-peer and remote desktop connection stuff? You know there are ways of executing programs through other user's PC simply by using some "new" software that supposedly helps you regain your information
(as reliable as it may seem)

I can understand the need for regaining your activation key when you only have Blockland on one computer and are stuck such as, but what you don't understand is how the method bypasses authentic security to regain it. If something of this nature were to be released I would rather have it from the official Blockland source, not some 3rd party "open source" that could very well be collecting keys (Not saying Ipquarx would, but with open source anyone could)

-Jetz- · April 17, 2015, 09:56:06 PM

Quote from: Goth77 on April 17, 2015, 07:32:03 PM

I don't use the library because I have my own internet and computer; But just imagine how many people actually do play on public networks such as coffee shops, airports, or even fast food restaurants. What if your not even on a public network? What if your on a big work or home network and everyone has access to the same files? You could easily steal a co-worker, friend or family members .dat file. This is where my concern comes from.

This doesn't even include computers used for a peer-to-peer or remote desktop connection.

Excuse me, who goes around coffee shops looking to steal Blockland keys? If someone with malicious intent has access to your files, there's way more malicious stuff they could be doing.

Zeblote · April 17, 2015, 09:59:16 PM

Quote from: Goth77 on April 17, 2015, 09:53:10 PM

Seriously -.-

My problem is that I fear the stealing of auth keys. Do we have to go over the whole peer-to-peer and remote desktop connection stuff? You know there are ways of executing programs through other user's PC simply by using some "new" software that supposedly helps you regain your information
(as reliable as it may seem)

I can understand the need for regaining your activation key when you only have Blockland on one computer and are stuck such as, but what you don't understand is how the method bypasses authentic security to regain it. If something of this nature were to be released I would rather have it from the official Blockland source, not some 3rd party "open source" that could very well be collecting keys (Not saying Ipquarx would, but with open source anyone could)

What the hell are you even talking about?

If you download a rat that's your own fault, don't blame the tools a attacker might use with it.

The point of open source is that you can verify the code and compile it yourself if you have to. It's not possible to hide a backdoor in there. How do you expect the "collecting keys" to work?

Goth77 · April 17, 2015, 10:06:30 PM

Quote from: Zeblote on April 15, 2015, 03:10:50 AM

The user that lost his email downloads the program, it extracts the key from his key.dat and shows it to the user. Is it that hard to understand?

It's not hard to understand at all. That's the issue at hand.
It's literally exactly what I'm talking about. Where are you

Goth77 · April 17, 2015, 10:16:50 PM

Wish this section had a modify button >.<
U ninja'd your post tho Zeb...

Quote from: -Jetz- on April 17, 2015, 09:56:06 PM

Excuse me, who goes around coffee shops looking to steal Blockland keys? If someone with malicious intent has access to your files, there's way more malicious stuff they could be doing.

What about a group of friends that plays at the library? What about a town that uses public wifi like mine does? I can see any computer on the "town" network and many people use that *slow* stuffty wifi.

I don't know how many people in my town play Blockland, I only know of 2. With this, if they connect to the public wifi and don't have proper security set up on their PC, I could nab the .dats. Guess I'd better just start checking the computers of all networks I join for a Blockland folder. Collect as many key.dats as possible, right?

Your completely forgetting about people who use teamviewer and similar remote desktop and peer-to-peer connections. The whole "airport, resturant" thing is just a possible scenerio

blockguy · April 17, 2015, 10:25:34 PM

Zeblote · April 17, 2015, 10:48:21 PM

Quote from: Goth77 on April 17, 2015, 10:16:50 PM

Wish this section had a modify button >.<
U ninja'd your post tho Zeb...

What about a group of friends that plays at the library? What about a town that uses public wifi like mine does? I can see any computer on the "town" network and many people use that *slow* stuffty wifi.

I don't know how many people in my town play Blockland, I only know of 2. With this, if they connect to the public wifi and don't have proper security set up on their PC, I could nab the .dats. Guess I'd better just start checking the computers of all networks I join for a Blockland folder. Collect as many key.dats as possible, right?

Your completely forgetting about people who use teamviewer and similar remote desktop and peer-to-peer connections. The whole "airport, resturant" thing is just a possible scenerio

Why are you leaving any important data on the library computers? Delete your stuff before you go, problem solved.

Using a public wifi doesn't mean you can freely access other computers??? Try stealing a file from any of them, it won't work.

I'm not sure what point you're trying to make about teamviewer. If you're letting strangers access your computer then there are much worse things to do then stealing a blockland key. You're probably using it wrong.

Zeblote · April 17, 2015, 10:50:53 PM

^^^

Also, collecting key.dats from other computers is useless. You have to run the program on the same computer the key.dat was generated on. You can only decrypt your own key.