Posted: Sun Aug 29, 2010 11:26 pm
PIMP HAND STRONGHSharp wrote:QUOTE (HSharp @ Aug 29 2010, 04:55 PM) With his pimp hand!
Free Allegiance Forums
Space battles since 2000
https://www.freeallegiance.org/forums/
Questions to whoever is in charge
Page 11 of 13
Posted: Sun Aug 29, 2010 11:59 pm
Everything is explained, and FA is taken care of like good fathers take care of their family.
One minor thought came to me. If Pook is the only one who has the source code of ASGS he is the only one who can modify it (like the last time when you-know-who found a *cough* exploit).
/Edit: add quote so you know what I mean.
QUOTE The ASGS license is not a BS reason, it's a valid reason. When Pook granted me access to Thalgor's ASGS server, he told me he would not be giving me the sourcecode. After some debate and lots of time retrying, it was made clear to me: ASGS's source would not be released.[/quote]
One minor thought came to me. If Pook is the only one who has the source code of ASGS he is the only one who can modify it (like the last time when you-know-who found a *cough* exploit).
/Edit: add quote so you know what I mean.
QUOTE The ASGS license is not a BS reason, it's a valid reason. When Pook granted me access to Thalgor's ASGS server, he told me he would not be giving me the sourcecode. After some debate and lots of time retrying, it was made clear to me: ASGS's source would not be released.[/quote]
Posted: Mon Aug 30, 2010 12:03 am
This is why a replacement is being worked on...peet wrote:QUOTE (peet @ Aug 30 2010, 12:59 AM) One minor thought came to me. If Pook is the only one who has the source code of ASGS he is the only one who can modify it (like the last time when you-know-who found a *cough* exploit).
Posted: Mon Aug 30, 2010 12:09 am
I am puzzled. I understand the reasons for ASGS secret source code.
This public recoding of an ASGS replacement looks to me like re-inventing the wheel.
Could such an SSSS arrangement be made for ASGS (same like the passwords for the server?)
This public recoding of an ASGS replacement looks to me like re-inventing the wheel.
Could such an SSSS arrangement be made for ASGS (same like the passwords for the server?)
Gandalf2 wrote:QUOTE (Gandalf2 @ Aug 30 2010, 02:03 AM) This is why a replacement is being worked on...
Posted: Mon Aug 30, 2010 12:13 am
No, because Pook is gone and he has said "no". Why the hell is it that even I know that yet you don't?
Posted: Mon Aug 30, 2010 12:21 am
So, you claim Pook is gone, but who changed the code when you-know-who found said exploit?
Jimen wrote:QUOTE (Jimen @ Aug 30 2010, 02:13 AM) No, because Pook is gone and he has said "no". Why the hell is it that even I know that yet you don't?
Posted: Mon Aug 30, 2010 12:28 am
He came back for a momemt to make the changes needed is my understanding Peet. The currently named CSS has been worked on ever since that time so no one person controls the code to the authentication system, and it will be a more (ugh but the word fits) robust system too.peet wrote:QUOTE (peet @ Aug 29 2010, 07:21 PM) So, you claim Pook is gone, but who changed the code when you-know-who found said exploit?
Posted: Mon Aug 30, 2010 1:33 am
Posted: Mon Aug 30, 2010 2:46 am
WTF WHO DO YOU THINK YOU'RE TALKING TO... DO YOU KNOW WHO I AM!?!?!?!?!?!?!?!!
MrChaos puts on his pimp suit
Buyo a moment later
MrChaos puts on his pimp suit
Buyo a moment later
Posted: Mon Aug 30, 2010 2:52 am
heh 
Thal, it's great to hear from you - it's been a while. I'll take the slap with stride because none of that info was useful to an attacker anyways. Knowing #cores, RAM, or netspeed isn't terribly useful. The physical location can be found with a traceroute and some googling, and that's not an issue either because of the insane amount of security for that building.
Reading your post, Thal, it's good to have reinforcement that none of these debates are new. If anything, it shows the progress the community has made since those times, and underscores the continued need for improvement.
--TE
Thal, it's great to hear from you - it's been a while. I'll take the slap with stride because none of that info was useful to an attacker anyways. Knowing #cores, RAM, or netspeed isn't terribly useful. The physical location can be found with a traceroute and some googling, and that's not an issue either because of the insane amount of security for that building.
Reading your post, Thal, it's good to have reinforcement that none of these debates are new. If anything, it shows the progress the community has made since those times, and underscores the continued need for improvement.
--TE