Off Topic > Drama
RBL - Ephialtes
Custard:
--- Quote from: cucumberdude on March 11, 2011, 03:27:41 AM ---According to Ephialtes the reason of removal was 'because it stores passwords'.
There are many player owned web sites on the forums (take, for example, clan forums) that do the same. Why are they not removed?
This is just stupid. The forums has nothing to do with the constitution. It's not a democracy, and there aren't 'laws'.
You seem to think that this has to do with some sort of serious threat to members. While before encryption it was, it no longer was afterward. I'm not trying to somehow diminish the authority of an administrator - I'm questioning whether the behavior was abusive. Of course in a situation where it was likely that I was collecting passwords for some evil master plan, Ephialtes would have been unquestionably in the right. The grey zone here is when does selective, arbitrary administration outside of the written rules become abusive. That's a question that's important to consider - and that's really difficult to answer.
--- End quote ---
I'm not saying you're a threat to the community members, I'm just stating that Ephialtes has absolute authority over taking your topic down, and the necessary and proper clause was a prime example of this power. In this case, Ephialtes has the right to force rules that are necessary and proper for the safety of the community, whether they are actual rules or not.
Thanks to Ephialtes' good jurisdiction, however, there's hardly any corruption from the administrative branch of members. However, when taking laws, or rules, into ones own hands, one must elaborate and interpret what is right and what is wrong according to current rules. This is where Ephialtes has it hard in troubled situations like these.
Also, the process of forcing and creating laws has absolutely nothing to do with Democracy.
And in technicality, anything that must be followed in order to keep order in a certain community is called a law, and that applies towards the forum rules. Of course you're not going to find this rule under the rule list, but that's where this good interpretation and jurisdiction comes in. Ephialtes had a choice to make, and this decision made the most sense at the time.
Now, having been "fixed" of it's issue, I'd suspect Ephialtes would let you continue to advertise your website. I have yet to discover the reasoning behind that.
cucumberdude:
--- Quote from: Custard on March 12, 2011, 12:35:55 AM ---Now, having been "fixed" of it's issue, I'd suspect Ephialtes would let you continue to advertise your website. I have yet to discover the reasoning behind that.
--- End quote ---
Sorry, I must have misunderstood you. This is how I feel as well. The problem being that
--- Quote from: Kalphiter on March 12, 2011, 12:33:20 AM ---at this point it's still not provable
--- End quote ---
There's really no way I can prove that I'm using serverside encryption - people just have to take my word for it.
Of course, that's often the case, even RTB doesn't encrypt clientside, and the data they're handling is far more important (private mods and whatnot).
DontCare4Free:
--- Quote from: cucumberdude on March 11, 2011, 09:00:42 PM ---I use md5 for this.
--- End quote ---
MD5 is old and has been broken. Use SHA1 instead.
--- Quote from: cucumberdude on March 12, 2011, 01:26:45 AM ---Of course, that's often the case, even RTB doesn't encrypt clientside, and the data they're handling is far more important (private mods and whatnot).
--- End quote ---
So you claim that private mods are more important than passwords?
Also, it would be possible to prove that you aren't storing passwords in plaintext if you just used OpenID instead.
UncleNinja:
--- Quote from: DontCare4Free on March 12, 2011, 05:39:27 AM ---MD5 is old and has been broken. Use SHA1 instead.
--- End quote ---
Actually, SHA1 has some issues of its own, although they aren't as serious. Really he should be using a subset of SHA-2 like SHA256.
cucumberdude:
--- Quote from: DontCare4Free on March 12, 2011, 05:39:27 AM ---MD5 is old and has been broken. Use SHA1 instead.
--- End quote ---
Eh, probably safe enough. These aren't bank accounts, and let's face it - I doubt anybody on the forums can even exploit md5's vulnerabilities.
I supposed I could go and SHA-2 hash on top of the md5... lol