Messages

31

Drama / Re: DipMan threatening to hack

« on: April 23, 2016, 09:23:52 AM »

Your IP address is public information.  It's so very much NOT private that the master server gives it out freely whenever you host a Blockland server, and you give it to every website or game server you visit (unless you use a VPN/proxy).  This is essentially the script kiddie level of doxing - it requires almost no effort to achieve, but since most people don't understand what an IP address is or what it's used for, they freak out if you tell them what their IP address is.

You can use someone's IP address to find out where they are, but this is wildly inaccurate in most cases.  Most geoip services I've looked at claim that I'm somewhere fifty miles away from where I actually am.  If you're even reasonably careful about posting personal information online, you shouldn't really be worried if someone says what country and state you live in.  Anyone who joins your server can easily access that information if they have the knowledge to do so.

32

Drama / Re: BOSSBATTLES - "A threat to the server" : here we go again

« on: April 22, 2016, 02:54:56 AM »

The way I behave on the forums does not in any way shape or form reflect how I behave ingame

...um, yes it does.  Believe it or not, your reputation is not discrete or compartmentalized.  You can't have a bad reputation on the forums and a good reputation in-game.  If someone's being an starfish currently, they'll probably still be an starfish if they move twenty feet.  Same principle applies here; if you want people to believe that you've changed, you can't act so immaturely on the forums.

33

Drama / Re: the bloxcity predicament - gamefandan's & darkhawk accounts compromised??

« on: April 17, 2016, 12:13:41 PM »

I don't think can be phishing like Badspot says. why would it exclusively affect old users? Why would inactive users even be inputting their acc info to begin with?

My best guess currently - and bear in mind that I am by no means a security professional - is that the attack was to assume that people used the "Stay Logged In" checkbox, and then to generate the session ID hash based on that.  Assuming someone logs in within a day of creating their account, and never gets logged out, then an attacker could get their session ID by enumerating through 86400 seconds on a single account, which is by no means infeasible.  I don't know if SMF uses any form of randomness to generate the session IDs or if it's a plain hash; if the former is true, then this type of attack wouldn't be possible on the scale that we saw.

34

Add-Ons / Re: Commorose v1.1(i.e. a sfx menu)

« on: April 14, 2016, 05:21:40 AM »

Everyone saying the sounds do not work: please ask someone who has downloaded all files with Download Sounds enabled to completely restart Blockland, then rejoin your server.  The last time I checked, sounds don't work unless you're either the host, or you've completely closed Blockland and restarted.

35

General Discussion / Re: blocklands vignette discovery

« on: April 09, 2016, 01:32:29 AM »

I quickly wrote this Vignette Multiply client which allows for greater server control over the vignette multiply functionality.

Usage: commandToClient(%client, 'setVignette', 0, %vignette, %multiply);

If %multiply has an alpha of 0, then it will be additive; if it has an alpha of 1, it will be subtractive. So "1 0 0 0" makes everything appear redder, "1 0 0 1" makes everything but red appear black.  If %multiply is missing, it will fall back to the default functionality.

36

Suggestions & Requests / Re: Script to change max vehicles

« on: April 07, 2016, 11:51:28 AM »

How high do you want to set it? The limit exists for a reason, physics vehicles hog all the bandwidth.

Unless they're not in motion, but if they're not in motion you don't really need them.

37

Off Topic / Re: [Rant] I think I now have a reason to be worried about my work situation

« on: April 04, 2016, 12:28:07 AM »

I really don't want to do that because there are people there who I really love to hang around who I could almost call my "squad" (definitely more friendly to them than anyone in my entire high school "career")

It's not like you're miles away from them; your other job is right there.

I'm going to feel terrible leaving after we are already extremely short staffed due to many other "long-time" employees have split in just the past couple months, but I simply can't take anymore brash behavior at work.

If many other long-time employees have left, it might be a sign that this is a stuffty place to work and you might want to leave before investing more of your livelyhood into a company that has no plans to reciprocate.

38

Drama / Re: col burton

« on: April 03, 2016, 10:51:13 PM »

Several seperate, rational, level-headed people have vouched for Col. Burton's sanity and rationality as an admin.  Meanwhile, the only things I know about you are that you're American and used to be called Skypaw.  You stated that you "raged", which based on the context, I'm assuming means you spammed the out-of-character chat.  This breaks Rule 0: Use common sense.  Then, you admit to intentionally and repeatedly antagonizing him in in-character chat, which breaks Rule 1: Don't be a richard.
If you try to claim there is no Rule 0, you are inherently breaking it.
Unlike you, Col. Burton had a legitimate reason to repeat himself.  People tend to focus on the game, and will usually not notice messages from admins unless the admins shove their messages down everyone's throat.  I should probably integrate an announce function into Despair Syndrome at some point.

You also tell me to control my server.  Since I can't be on the server at all times, nor do I actually want to be, the way I can exercise control over my server is by having good admins, who mute people who spam chat, ban people who intentionally antagonize everyone else, and try to maintain control and order in the event that everything breaks.  Given that this is exactly what Col. Burton did, I can only conclude that you essentially want me to punish others while giving you a free pass.  This will never happen.  If you want to play on the server, then you will have to abide by the rules.

39

April Fools 2016 / Re: What do you think badspot thinks when looking at this board right now?

« on: April 01, 2016, 09:38:02 AM »

You guys do realize that Badspot can probably still see who posted what, right?

In fact, in all likelyhood, everyone will be able to see what idiotic things you posted on April 2nd.

40

Off Topic / Re: How secure is your password?

« on: March 12, 2016, 01:15:22 PM »

Did you even read the linked article?

41

Off Topic / Re: How secure is your password?

« on: March 12, 2016, 01:09:11 PM »

So, you get the complexity of a generated password with the ability to remember it in your own head.

Whoops!  Wrong.  Unless you're reusing passwords, in which case one plaintext breach completely screws you regardless of how secure your password is.

42

Off Topic / Re: How secure is your password?

« on: March 12, 2016, 12:45:29 PM »

Along with the fact you probably got that from xkcd, xkcd also proves such passwords are actually very secure. Unless, perhaps, you do a dictionary attack or something.

Randall Munroe is not exactly a password management expert.  But sure, let's say people do that.

The overwhelming majority of people's words are going to fall into a top 1000 words or so.  So most people will have a password from a pool of roughly 1000⁴ possible passwords.  Now let's compare that against a secure password - 64 characters, random ASCII.  That's 93⁶⁴ possible passwords.

CHBS-style password:	1000000000000 possibilities
Secure password:	961410160206664622086998474872525329540550991672782179554222730174333739159409986394206895176171912560363787697067327321683201 possibilities

Huh.  It's almost like you shouldn't take advice from a webcartoonist too literally, and should instead go get an actual password manager.

43

Off Topic / Re: How secure is your password?

« on: March 11, 2016, 09:31:13 AM »

correct horse battery staple

"154 octillion years (1.54*10²⁹)"


...somehow, I don't think so.

44

Off Topic / Re: How secure is your password?

« on: March 11, 2016, 09:20:12 AM »

I generated a fairly typical, run-of-the-mill password from my password manager.

j1Yd(!&wS_TMg#\HOI>#,/8E<|+,<rK 8WtNh=H!AEpy4>EV6Qu+/qEIsZw$}3[$

The website in question gives an estimate of 58 quinquatrigintillion (5.8*10¹⁰⁹) years, but of course it doesn't take into account the vast technological improvements that would happen over that timespan.


Mind you, it's a rather moot point, as I will now never use that as a password for anything, due to having posted it here.

45

Off Topic / Re: Suggest me a video to watch to kill time

« on: March 10, 2016, 12:46:46 PM »

CLOCK BLOCKERS