Time Nick Message 02:36 sofar hmmm, I used to have nodes with `alpha = 160,` but that is now obsolete... what do I replace this with? 02:37 sofar specifically they were water nodes 02:57 MTDiscord texture modifiers as far as I've seen. I considered a hack to do it automatically but some of my stuff was too complex for it to work well. 02:57 sofar *whatever* 02:57 sofar the textures seem to have proper alpha in them 07:11 independent56 Wow... people from equador, egypt, texas, ans the USA are all scaning me... i'm flattered 07:14 independent56 I must be on some sort of database of servers now 07:19 independent56 I'm just wondering, should i send reports of these guys to the government? 07:24 MTDiscord yes 07:24 MTDiscord thou shall 07:25 independent56 XD 07:25 independent56 gtg school. 10:58 MTDiscord independent56: some are probably crawlers of legit search engines and the like, others are probably scanners looking to break into yet another WordPress instance, and a few are surely lurkers like me 11:06 BuckarooBanzai yeah, thats the "usual" background traffic when you expose something to the internet ;) 14:31 allesha hello all 14:47 independent56 well... i dont think a web crawler would "rm -rf thinkphp" 14:49 lusy-grey come to irc freenode chat <== new network for only chat. 14:49 lusy-grey Come fast register your channel, first come, first serve basis. 14:50 rubenwardy independent56: web crawlers don't need to be legit 14:50 rubenwardy a web crawler is just a bot that follows links to discover pages. Legit web crawlers use that data for searching and indexing, but malicious web crawlers could look for vulnerabilities 14:50 independent56 Hmm... Well, how would it find my site? where have i put links to my website? 14:51 rubenwardy it may be enumerating IP addresses 14:51 independent56 Oh... yeah, i was thinking of "legit" ones. 14:54 independent56 And "people from equador", i mean all thos vulnrability scans. It breaks article 1 of the computer misue act - something about seeking unatuthorised access to a computer. 14:55 specing good luck finding the perpetrator 14:56 independent56 i wont. the IP is all the government needs to start their investigation 14:57 MTDiscord Don't expect "article 1 of the computer misuse act" to apply to them either. You have no idea where you'll actually find the people responsible, but there's a good chance that laws we take for granted don't apply there. 14:57 MTDiscord this 14:57 MTDiscord best you'll get is a criminal reference number from the rozzers 14:57 specing Nah, the laws of the land where the crime was perpetrated apply 14:57 independent56 hmm. yeah, i know from the IP address that they aren't from the UK 14:57 MTDiscord No you don't 14:57 MTDiscord second, the misuse act only applies to british citizens in british territories 14:57 MTDiscord you only know the IP address of the computer that scanned you 14:58 independent56 oh yeah 14:58 independent56 could be a vpn/vps 0_0 14:58 MTDiscord The person responsible for the scan (if they'r even aware of it) could be anywhere on earth 14:58 MTDiscord Or technically not on earth, though we assume there aren't any hackers on the ISS right now. 14:58 sfan5 (or not on earth) 14:58 sfan5 there's definitely hackers on the ISS 14:58 sfan5 but not in the popular sense of the word 14:58 MTDiscord Heh, well, I assume they probably have better things to do with their time than run a botnet 14:59 MTDiscord though so much of that is fire-and-forget at this point with automatic vulnerability scans, they very well could have just left their botnet to largely run itself while on a space mission... 15:02 MTDiscord If you got scanned by an IP address in Ecuador there's like a 90% chance that it's someone's home router or a printer/fax machine in some office, that has its management interfaces exposed to the internet and they never changed the default password. 15:03 independent56 oh yeah... maybe it's to much bother then it's worth to reprot to the government. 15:04 MTDiscord if you're that paranoid - don't host at all 15:04 independent56 haha 15:05 MTDiscord i live with an actual red team pentester 15:05 MTDiscord he could probably dumpster your machines in about an hour 15:05 MTDiscord wu tang LAN ain't nothing to mess with 15:06 independent56 haha... oh god 15:15 independent56 correction: if you're that paranoid - make sure you backup very often. 15:18 Pexin what I want to know is, could they be scanning for vulnerabilities FROM THE FUTURE 15:18 Pexin temporal internet when 15:19 MTDiscord What are you talking about? This IS the future, has been for years. 15:26 * Pexin changes PC's internal clock 16:00 VanessaE To the person who just tried to DDoS my server, FUCK YOU. That is all. 16:01 VanessaE (I mention it here since it's more likely to be a disgruntled player than nayone else :P ) 16:01 VanessaE any* 16:01 specing Maybe it was independent56 16:01 VanessaE doubt it. 16:01 independent56 i have my own worries. 16:01 specing VanessaE: stop scanning him and he'll stop DDoSing you. :P 16:01 independent56 i had a 503 error, and ended up worrying about a remote wipe of my system, at school. 16:01 VanessaE heh 16:02 independent56 Explain more about the incident... how did you react? 16:02 independent56 here follows a quote from my document abotu the 503 - "Hello… and I am slightly concerned about my work. If someone managed to exploit a vulnerability, do rm -r /home, then they would have destroyed  all of my backups. I hope they didn’t touch anything. I hope nobody has accessed my server." 16:02 independent56 which is why im scp-ing my backups to my main. 16:09 MTDiscord 99% of the HTTP 503 errors I see are when an application is being restarted (often for maintenance or updates). Kubernetes for example returns 503's if the pods backing an ingress are being recycled. Other systems may return a 502 or a 504 for similar situations. 16:11 independent56 i use XAMPP, and it was working perfectly. 16:11 independent56 and the error was for hours. 16:12 independent56 But i am restarting XAMPP jut to be sure 16:12 Ingar stop worrying about getting scanned, get worried of you don't get scanned 16:12 MTDiscord As someone who sometimes has to do maintenance on web apps, I can confirm that the maintenance sometimes lasts for hours too and they're certainly as frustrated about that as you are :-D 16:18 VanessaE wait, you maintain web apps from time to time... and you're still sane? :P 16:19 independent56 I have to maintain my server. the only thing which stops me from going insane is a froced break called "school". 16:19 Pexin you.. don't really have to maintain your server.. 16:19 independent56 i can't not. if i don't then broken services will be broken forever 16:19 MTDiscord I'll never understand the logic of "I screwed up and got banned, therefore I'm going to waste money making sure I REALLY can't there play again." 16:21 independent56 I mean my webserver, not the mtserver 16:23 VanessaE Benrob0329 well yo be fair I'm only guessing, since the only people I ever seem to piss off are MT players now and then. Could just as easily be random, like "war-dialing" for a target IP. 16:23 VanessaE to* 16:25 MTDiscord "I'm going to temporarily piss someone off in a way that inherently can't benefit me at all" 16:25 MTDiscord Nope, still doesn't make sense 16:25 VanessaE whatever the reason, it only lasted for 15 mins 16:25 Pexin humens - making sense since never 16:27 MTDiscord So not only did they try to piss you off, they also couldn't be arsed to put in the money to make it actually inconvenient for any length of time. 16:27 MTDiscord I don't know if that makes them more or less terrible 16:28 VanessaE haha 16:30 independent56 Pexin, exactly. this is why i have ascended the huan race and become cybor 16:30 independent56 *cyborg 16:30 MTDiscord I suppose I feel the same way about trolls, don't do it, but if you do at least make it worth my time. 16:31 MTDiscord VE: Yes I do maintain web apps, and when did I ever claim to be sane? 16:32 VanessaE haha 16:33 MTDiscord Maybe its a terrible outlook to have, but I'd rather someone (for e.g.) fill my logs with Lenny faces rather than plain old access violations, because at least I'd get a good laugh out of it. 16:35 VanessaE lol 16:35 MTDiscord I'm actually a little surprised to hear that VE even bats an eye about a DoS attack. I figured that running a bunch of large servers and having had to do moderation stuff, you'd come under retaliatory or even random attacks pretty often. 16:35 MTDiscord I suppose the whole point of DDoSing is to waste my time though, but that's hard to do when I'd actually be wasting my time messing with the server so they've just shut down my procrastination. 16:35 VanessaE Ben, well if THAT ever happens you can blame Jordach since he favors that face :) 16:36 MTDiscord Heh 16:36 VanessaE Warr: oh, I do get attacked every once in a while, but it's rare enough that it usually surprises me a little 16:36 independent56 If someone was ever to DDoS me, i would live through it. nobody relies on my server. it can go on for weeks, and iwont pay a ransom. 16:37 VanessaE that's why I pay for a good host with good DDoS-mitigation 16:38 VanessaE if they hadn't emailed me, I wouldn't have known anything unusual was happening :) 16:39 MTDiscord One of the drawbacks of being old enough is that when people talk about DDoS attacks it makes it sound like they're stuttering about old pre-graphical operating systems. 16:39 Ingar @Warr1024 DOS had graphics! 16:39 VanessaE heh 16:40 MTDiscord DOS did not, but it could run software that did. There's a fine distinction... 16:40 MTDiscord I'm assuming they try to DDoS the web server specifically? Since (to my knowledge) the turnkey solutions probably wouldn't target MT 16:40 Ingar The later dos versions actually had a graphical filemanager (forgot the name) DOS 6 I think 16:40 Ingar or maybe in 5 already 16:40 MTDiscord Ah could be... 16:40 MTDiscord You fockin wot VE 16:40 MTDiscord I suspect that turnkey DDoS tools could target MT if it's just a matter of picking a UDP port though. 16:40 VanessaE Ben: dunno, my host's email didn't specify. just that my server's IP was targeted. 16:41 MTDiscord I suppose I should go educate myself on the matter, but I haven't the time right now 16:41 VanessaE Jordach: a joke :P 16:43 MTDiscord I haven’t used a lenny in years 16:43 MTDiscord ? 16:43 VanessaE like I pay attention to that anyway :) 16:43 MTDiscord To be fair people are too uptight these days for a Lenny 16:45 independent56 ( ͡° ͜ʖ ͡°) 16:49 VanessaE looks like they're trying to attack my host now :P 16:50 VanessaE (host's own status pages are slow to respond) 16:54 MTDiscord Arguably the best thing to do is just pretend you don't notice it, since they might just be trying to get a reaction out of you. 16:54 VanessaE heh 16:54 VanessaE all the reaction they'll get out of me is a laugh :) 16:55 VanessaE (the aforementioned "fuck you" was more like "you failed, so fuck you" :) ) 16:55 MTDiscord Well, you DID notice. 16:56 independent56 well, to all those who are scanning the web and trying to exploit thinkphp? fuck you. go buy your own hardware! 16:56 VanessaE Warr: only because my host emailed me :) 16:56 MTDiscord Haha, there's a bit of a difference there, since the exploit hunters are looking for hosts to add to a botnet, while VE's attacker is probably just seeking attention. 16:57 VanessaE the irony of that is how do you get attention if the world doesn't know it was you who did whatever it is :) 16:57 independent56 i want to make my own botnet, with my own computers. 16:57 VanessaE independent56: with blackjack and hookers? 16:57 VanessaE :P 16:57 independent56 Probably will have two - my main and my webserver, as they are the most accessible 16:57 MTDiscord Attention-seeking behavior like attacking somebody's server is not strongly associated with that level of rational thought to begin with. 16:58 VanessaE good point 16:58 VanessaE whoever the attention-seeker is, if he's reading this: consider yourself disregarded and summarily ignored :) 16:59 independent56 most recent scan was 16:13 BST 17:00 independent56 (actually server time, which is a minute or so out of sync with real time.) 17:01 MTDiscord Haha, I don't even remember how many years it's been since I paid attention to logs of people trying to brute-force my SSH port. Probably hundreds of thousands of attempts by now. 17:02 MTDiscord For a while I tried a process of tempbanning them for a while if they had a certain number of failures, but what I ended up doing instead if just rejecting 95% of all incoming SSH connections across the board. 17:02 MTDiscord Scanners often see that and think my port is closed, or maybe get like 1 or 2 attempts in first. If I want to access it though I just have to keep retrying until I roll a natural 20. 17:03 MTDiscord Its funny and terrifying to see SSH brute-force bots trying passwords like "minecraftserver" 17:03 MTDiscord Systems that don't rely on trying to identify and track reputation of clients can't then be turned around to act as DoS vulnerabilities, e.g. by spoofing a source IP to get legit users tempbanned. 17:03 independent56 haha 17:04 VanessaE Warr: fail2ban doesn't work for you? 17:04 MTDiscord I'd love to just greylist all incoming requests from new IPs 17:05 MTDiscord It might but I don't want to bother setting it up. 17:05 VanessaE heh ok 17:05 MTDiscord Also if my server comes under attack by someone who's at the same coffee shop that I am, they could buy themselves some time by just lightly brute-force-attacking it to block my own access to it so I can't respond. 17:05 MTDiscord does that kind of bruteforce work on SSH that don't use password? like mine uses ssh-ed25519 key to get on SSH 17:06 MTDiscord As long as I use a system that treats all 3rd parties as equally untrusted then there's nothing for them to exploit to change the trust level of any other party, either higher OR lower. 17:06 MTDiscord If you can memorize an entire ed25519 key then that's impressive, but so far passwords are the only credentials I've found that don't require some kind of device to store them on. 17:07 MTDiscord My brain is harder to compromise than most devices, and I rarely misplace it. 17:08 VanessaE mine gets left in bed almost every morning. 17:08 MTDiscord Try wearing earplugs to bed to keep it from sneaking out. 17:08 VanessaE though to be fair, that isn't "misplaced", that's just DISplaced :) 17:08 VanessaE lol 17:08 MTDiscord I've got multiple 128-bit passwords memorized so I should be able to actually memorize an ed25519 key, with proper encoding, I guess... 17:11 MTDiscord At the end of the day if you keep your keys out of your computer nobody can steal them without physical access, which is usually fairly easy to deter with e.g. a dog. 17:12 MTDiscord Its scary how comfortable we're gotten storing stuff in random places on the internet 17:12 MTDiscord Yeah, nobody is gonna steal a laptop with a power adapter that a dog's been chewing on. 17:12 MTDiscord Exactly! 17:13 MTDiscord Hmm, I wonder I could mar up a phone case to make it look less appealing to thieves 17:14 MTDiscord In theory airgaps are perfect security while cryptography is only mostly secure. In practice, people generally don't break crypto, but they find all kinds of loopholes in physical access control. You're better off just using decent encryption on a cloud backup than storing your important crap in a shoebox full of USB drives. 17:15 MTDiscord I feel like there must be a name for that as an art form: making things look fake-antique or beat up as a theft deterrent. I heard about a guy who has had his car broken into multiple times to steal his camera equipment, but then was able to leave thousands of dollars worth of high-end professional photography equipment sitting on a park bench undisturbed thanks to strategic use of duct tape. 17:16 MTDiscord I "decorated" my work macbook so that can take it into libraries and coffee shops without any worry. I put down a layer of blue painter's tape first to protect the finish, then add duct tape over top of that, and the tape tends to get scuffed on its own just from packing, unpacking, and handling the thing. 17:19 MTDiscord What's safer, leaving stuff in the tank people are definitely going to go check out while no one is around, or the 1999 Oldsmobile that's had it's hood and bumper attached with duct tape and a prayer? 17:22 MTDiscord Haha, talking about a '99 oldsmobile like it's old ... I still kinda miss my '97 lumina. 17:24 Hawk777 “In theory airgaps are perfect security” except for the part where, to use your password/key/etc., you eventually have to type it into a computer connected to the Internet. You can’t make SSH secure when the computer on which the client is running is compromised. Store the key on a USB stick? OK, after breaking into your computer, the attacker will just leave a trojan behind that waits until you plug in the USB stick and then 17:24 Hawk777 als the key. Store the key on a separate computer and do SSH agent authentication instead, so the key never appears on the Internet-connected computer? The attacker will just leave a trojan behind that waits until you actually have an SSH session open, and then sends fake keyboard input into it to install a remote access trojan on the SSH server and then clear the screen really quickly. Use a password instead so nobody can steal th 17:24 Hawk777 y? Keylogger defeats you. If the SSH client machine is broken, you’ve pretty much lost hope. 17:28 MTDiscord Yeah, you're getting into a lot of the ways that physical security is impossible, like evil maid and cold boot attacks and such. 17:28 MTDiscord It's why when people talk about locking servers up in cages and posting armed guards, I remind them that that's still no substitute for e.g. full disk encryption. 17:29 MTDiscord Even FDE only protects you from threats in one direction, i.e. people walking off with the disk. If they tamper with it but leave in in place ... that's a lot harder to protect against. 17:31 Hawk777 I actually meant the exact opposite—an airgap is useless if the SSH client computer is broken into *from the internet*, even if your physical security is useless. 17:32 Hawk777 Though it’s true that poor physical security can also cause the same problems. 17:32 Hawk777 Sorry, in my first message there, I meant even if your physical security is *perfect*, not useless. 17:33 MTDiscord When I'm talking about airgaps I'm talking about being not connected to the internet. At least, not directly. Everything that's connected to a human is connected to a part of the internet, after all. 17:35 Hawk777 Ah, if you consider information passing through a human to not be airgapped, then sure. Airgaps are secure, but also mostly useless. 17:36 MTDiscord The ambiguity in how you define a proper airgap is itself a big part of the problem with them. 17:36 MTDiscord I still want to have homelab servers with no SSH access that I just manage from a local terminal 17:37 MTDiscord Because while sure, someone could break in and do stuff, at that point my biggest concern is probably not the server 17:38 MTDiscord Heh, I'm sort of the opposite. I would rather have everything be "cloud," I just want it to be cloud that I have control over instead of relying on some third party. This is why I do stuff like use dynamic DNS and run SSH/web servers on my home systems, and why I was annoyed that they just killed HPKP, even if the security model for it was mostly crappy to begin wtih... 17:38 independent56 My biggest concern when someone breaks in is my computer, and the fact it has all my files. Bakup keeps on breaking down. 17:38 MTDiscord My backup coverage is spotty, but the fact that I have my data in like 5 different tiers that all call for different levels of backup doesn't help. :-/ 17:39 Hawk777 While this would be location-dependent, personally I am less concerned with someone stealing my computer and more concerned with parts of it breaking. That’s why I always make time for backups. 17:39 MTDiscord I have backups mostly to protect against my own screw ups, as well as ransomware 17:40 Pexin Warr1024: re graphics running on dos: remembering when "windows" was not (or only ambiguously) an "operating system" 17:40 independent56 I keep backups because i am a human, and i have had human error kill me multiple times. 17:40 MTDiscord protection against the latter being a happy accident of protection against the former 17:41 MTDiscord I have been successfully maliciously attacked by an outsider zero times so far since my switch to unix-likes, and only once on Windows. I have however self-owned multiple times, including 2 separate "rm -rf /$TEMPDIR" when it should have been "TMPDIR" incidents. 17:41 rubenwardy if you're trying to protect against ransomware, make sure the backups aren't on the same network 17:41 MTDiscord A malicious attack is also just a form of human error, it's just an error in the moral processing of another human. 17:42 MTDiscord (Hanlon's Razor Extreme Edition) 17:42 independent56 Haha, i backup onto an old SSD. it stays offline literally 99% of the time 17:43 MTDiscord My PC backups are just my important files to a mostly powered-down external HDD 17:43 MTDiscord I do something like that too, but I've never been quite as comfortable as I was back when I used to use non-rewritable optical media. It's hard to erase them, either accidentally or maliciously, given only software access. 17:43 MTDiscord Anything I intend to share goes on a Git host anyways, so thats already taken care of 17:44 MTDiscord The problem with the "usually offline" approach is that if someone does want to mess with you, there's no reason why they would need to fire off the payload as soon as they get a toehold; they can just sit around for months and make sure they get a chance to infect your backups too. 17:44 Pexin I was always uncomfortable with how physically fragile optical media 17:44 MTDiscord git is a nice backup strategy. Making your projects public and open source helps out a lot too, since anyone else who becomes interested can also help back you up. 17:45 MTDiscord Optical media is fragile but not a ton more fragile than hard disks or SSDs really. All of them have care requirements and none are all that exotic. 17:46 MTDiscord I can't get any 3TB discs though (is it disk or disc for optical media?) 17:47 MTDiscord If you really want data to survive a disaster the single most useful strategy is probably diversity. Diversity of medium, of location, of storage method and timing, etc. 17:47 MTDiscord punch cards 17:47 independent56 i wish git wouldnt bloat my main disk so much if i used it for backup in my home directory 17:47 MTDiscord shallow cloning is a thing 17:48 MTDiscord I would absolutely not backup to SSDss 17:48 MTDiscord git isn't really a good enough tool for general purpose backup to use it indiscriminantly. 17:48 appguru SSDs* 17:48 MTDiscord Why 17:48 appguru Well, backups often involve lots of rewrites. A HDD doesn't care, SSDs have limited TBW. 17:49 MTDiscord I've been using HDDs and I've been thinking SSDs might actually be better, since they handle mechanical and thermal shock much better than HDDs. 17:49 MTDiscord Also the rewrite thing is exactly backwards 17:49 independent56 I wish i had more bakcup types, but i only have "hdd" and "ssd". But i have property in gwynedd, so i can use that to be offsite backup. i also have a location in egland, at myhome. 17:49 Pexin isn't flash storage essentially nano-punchcards? 17:49 MTDiscord that's an excellent reason to use an SSD, because if your SSD can survive being used in a live system, then t definitely has the rewrite capacity to handle periodic backups. 17:49 MTDiscord ^ 17:50 appguru if your system supports delta backups, SSDs are probably fine - but if you backup by just copying everything periodically, I wouldn't want that to wear down a SSD 17:50 MTDiscord SSD rewrite limits are mostly FUD. From what I've seen the various failure modes for mechanical disks will generally kill you long before SSD rewrites start to threaten. 17:51 MTDiscord Backups are generally an append-only process though. 17:51 MTDiscord So each bit of the disk is gonna get written basically once, aside from metadata. 17:51 MTDiscord I use borg for deduping and backup every month to several months. When that disk gets full I buy a new one and "archive" the old one in a safe. 17:52 appguru independent56: What software does the backups for you 17:52 MTDiscord Deduplication is pretty much a superset of the value you get from incrementals. 17:52 appguru I use what ships with Ubuntu, deja-dup 17:53 MTDiscord I've been running my root partition off of an NVME drive more-or-less since I built my PC, and I'm pretty sure my hard drive is gonna fail before the SSD considering that it's the only thing to have giving me any inklings of wear 17:53 MTDiscord *given 17:53 MTDiscord Also you definitely don't want backups that keep only the latest version of everything, or else there are risks to backing up too often, and you will create the wrong incentives. 17:53 appguru Which is another reason to use HDDs: They have more space 17:53 appguru Or at least, cheaper space 17:53 MTDiscord I use HDDs myself for backup. 17:54 MTDiscord The SSD <-> HDD space gap is lessening with time for common use cases 17:54 MTDiscord SSDs may be tougher, but I coddle my backup drives anyway, and I don't need the speed because USB is a bottleneck anyway. 17:54 MTDiscord I do expect SSDs to overtake HDDs within a few years, and I'll probably switch once the price is right. 17:54 MTDiscord I certainly won't avoid SSDs, anyway. 17:55 MTDiscord The only failure mode I've observed from SSDs so far that weren't factory-defective from the outset is obsolesecence. 17:55 celeron55_ SSDs could be a bad idea for backups that need to last for tens of years untouche 17:55 celeron55_ +d 17:55 MTDiscord I wonder whether it would be reasonable for the MTDiscord relay to change it's nickname 17:55 celeron55_ HDDs retain their content better when sitting on a shelf for decades 17:55 MTDiscord Hmm, yeah, you need to leave SSDs powered on for a significant amount of time at least every year or so. 17:56 MTDiscord Heh, if I can keep coasting on my current storage solution long enough SSDs might become the cheaper option 17:56 MTDiscord SSDs gradually discharge and need to internally self-refresh. 17:56 MTDiscord They're still new enough in the field of backups that it's easy to forget their quirks. 17:57 MTDiscord I assume you can't get your TBW back by waiting for your SSD to lose all data? 17:57 celeron55_ i recall some place said it could be a bad idea to rely on an unpowered SSD to retain its data for even just 5 years 17:57 MTDiscord It wasn't too long ago though that the same shit we're arguing about SSD vs HDD people were arguing about HDD vs tape. 17:57 MTDiscord I wonder if there are any cheap ROM usb drives for backup 17:58 MTDiscord tape is still used for cold storage, apparently 17:58 MTDiscord If your SSD's cells self-discharge enough then I'd bet you end up with a brick. They'd probably lose the firmware too. 17:58 MTDiscord c55 actually the worst I heard was only 2 years :-) 17:58 celeron55_ surely SSDs have a separate flash for firmware? 17:58 MTDiscord Haha, "surely" 17:58 celeron55_ i guess it would be cheaper to not have one 17:58 MTDiscord I mean "obviously" no manufacturer would cheap out that bad. ? 18:00 MTDiscord Oh no, they'd never do that 18:00 celeron55_ i'm currently doing backups before a trip that i'll take my laptop with me, and i'm simply copying stuff onto a usb hard disk 18:00 celeron55_ this method has never failed me 18:01 independent56 MicroSD is a horrible backup solution. you spend hours making a backup then "fuck where is it?" 18:02 celeron55_ well just put it on your keychain, encrypted of course 18:02 celeron55_ you can probably 3d print a tiny holder for it 18:02 independent56 celeron55_ i once had all my pre-2020 documents dissapear after i had it on one drive that i reformatted by accident. but they were all cringe. 18:02 independent56 "probably" assues that i have a 3d printer. 18:02 celeron55_ independent56: "had it on one drive" doesn't sound like backups 18:02 celeron55_ a backup is something that's on a second drive 18:03 MTDiscord (doubling back because I had a though) But hey, on the bright side with crime slowly moving towards being tech-based maybe we can rely more on physical security and just limit network access because it'll become the less popular course of action 18:03 MTDiscord Due note however that most physical security is just as bad as most cyber security 18:04 celeron55_ security by obscurity works fairly well for personal things 18:04 celeron55_ just don't use the same obscurity others do 18:04 independent56 What's funny is i have a huge, heavy HDD of 300 gb, and then the tiny ones have 500 gb. Of course i will use the smaller ones! 18:05 MTDiscord c55: Well, at least here in the US most popular lock manufacturers are terrible (ignoring the potential for "loud" entree methods) 18:07 MTDiscord Because while sure, locks are meant to stop easy access, if your lock can be raked open by someone with little experience then it's not much of a deterrent 18:08 celeron55_ yeah i've heard US locks are jokes 18:08 Ingar but, who can access your precious data if you're uncounscious 18:08 MTDiscord It's all in your head, Ingar, it's all in your head 18:09 Ingar well, the widow of my dead friend never knew how much the bitcoins on his encrypted drive were worth 18:09 Ingar (real story) 18:09 appguru Robbing an encrypted drive is probably pretty dumb 18:10 MTDiscord unless the drive itself is expensive /s 18:10 celeron55_ robbing an encrypted drive is more polite than robbing an unencrypted drive 18:10 Ingar I do use encrypted volumes for data transports at work though 18:10 celeron55_ at least you're not stealing the data 8) 18:10 MTDiscord My laptop used to be encrypted, if I ever take it anywhere I'll need to set that back up 18:11 Ingar celeron55_: I might be into funy business :p 18:11 MTDiscord There hasn't been a need though, because..y'know 18:11 rubenwardy the problem with cyber security over physically security is that you don't need to be physical present, or even in the same country 18:11 appguru What if Ingar is a secret agent /s 18:11 rubenwardy you being the attacker 18:11 rubenwardy so you can go somewhere with no extradiction and cause lots of issues 18:11 Ingar I'm in your PC, logging your IRC and securely transporting it 18:11 MTDiscord A physical lock is not a device to protect your stuff from thieves, it's a device to protect your neighbors from becoming thieves. How honest people are depends a lot on their circumstances, so the courteous thing to do is not to place your neighbors in more challenging circumstances. 18:12 rubenwardy plus insurance 18:12 appguru Pro tip: Just be poor and don't have any valuables in your house. 18:12 MTDiscord Decoy safes are an option too 18:12 Ingar it's also a legal thing 18:12 independent56 pro tip: copy all yoru valubles to a backup hose, in case of bugarlies 18:12 Ingar breaking a lock to get to something proves intention 18:13 appguru indeed 18:13 appguru i56: that is pretty engrish 18:13 MTDiscord It also isn't "silent entree" and is less desirable most of the time afaik 18:13 independent56 sorry, i pertend i am brish, but i am acctuall chienes 18:13 MTDiscord Not everyone cares of course 18:14 appguru all right, tell me more about those "bugarlies" 18:14 appguru bug-arlies, bugar-lies, bulgaries? 18:14 independent56 burglas enter home > take valublees > go to police 18:14 Hawk777 It’s when someone tells you there’s a burger available but there really isn’t. 18:14 MTDiscord At the end of the day, the best way to not get burgled is to look less valuable than the guy next to you. 18:15 rubenwardy or more secure 18:15 MTDiscord also that 18:16 Ingar it's like when running from a bear, I only need to be faster than you 18:16 appguru If I'm a rich burglar with 10k worth of stolen items, and you have 5k I can steal, why should I not do it? 18:16 MTDiscord heh, I've just thought about putting expensive gaming rigs in crappy 1999-esque cases so that they look like old trash to your average person 18:17 appguru Just fill it up with sandbags 18:17 MTDiscord lead cases 18:18 MTDiscord or buy cheap hardware and encase it in cement, if it breaks just replace it :P 18:18 independent56 I just get insurance - my hardware is nothing compared to the importance of my files. 18:20 independent56 *would if i was an adult 18:20 appguru Good luck proving the importance of your files to an insurance. 18:20 appguru Especially after they are gone. 18:21 independent56 I mean, that's the use of offsite backup 18:22 appguru Yes. Did I understand you wrong and you meant getting insurance for the hardware? 18:22 independent56 yes 18:23 appguru That's not worth the hassle IMO. Even if you had hardware in the 1k range, it wouldn't be worth the hassle of dealing with the insurance, or paying the insurance fees. 18:23 independent56 but im not an adult™ so i guess it might not exist, and could be a too much cost. 18:23 appguru I'm not an adult either, but there are few cases in which I see insurance as necessary 18:24 appguru Mainly to protect against worst-case-scenarios, which could quickly financially ruin you. Like scratching a Maserati (hence car insurance). 18:24 MTDiscord suddenly feels old 18:25 independent56 i hope there is a way to insure every part of your life with one insurance, like car, ahrdware, home, and everything 18:25 appguru That would be terribly expensive 18:26 independent56 this is where "i am not an adult™" comes into play, 18:34 MTDiscord appguru: (from #-dev) a "kid-friendly" badge sounds like a nice idea, but problematic in practice 18:35 appguru kilbith, here we go: what do you suggest to fix the problem? 18:35 MTDiscord There are too many cultural norms and even personal choices wrapped up in what content would be considered appropriate for a kid... 18:35 appguru Warr1024: why problematic? 18:35 appguru we would have to define "kid-friendly" first 18:35 sfan5 having some sort of official branding for child-friendly servers is going to be cause a big mess once some server admin fails to enforce that at some point in time 18:35 MTDiscord There are standards like PEGI or something we could try to use, assuming we could come up with an arbitration method to actually resolve disagreements about what actually qualifies. 18:36 MTDiscord I'm not even talking about chat swear filters, even just "is this horror mod 'too scary' for this audience" is gonna be hard enough. 18:37 MTDiscord the only scary mods (actually game) I know are still in WIP stage (IKEA) 18:37 MTDiscord What we currently have is the ability for server admins to advertise on their own terms what they think the kid-friendliness level of a server is, but we rely on mostly reputational enforcement. 18:39 rubenwardy Also any curation puts more liability on us 18:41 MTDiscord Ironically there are a lot of servers out there that are targeted to a younger audience but has stuff in there that I could argue is unhealthy or inappropriate for them on it, while I run a server that just barely stops short of having a "no kids" policy but parents love to bring their kids onto it because of the educational potential of the game mechanics XD 18:42 MTDiscord Allowing severs to have content tags would be nice (as well as filtering for them) 18:42 MTDiscord Both "has" and "does not have" tags would be ideal 18:43 MTDiscord Warning children away from certain servers seems fine to me, with it being left ambiguous about any servers not so marked. 18:44 MTDiscord Actually asserting that any server IS child-friendly in any way is more than I'd be comfortable committing to though. 18:44 MTDiscord There is a certain baseline level of risk inherent in any online play anyway, and concerned parties would do well to keep it in mind. 18:46 independent56 child-friendly is not child-welcoming. 18:46 independent56 my server is child-ok. 18:48 MTDiscord I have a "no excess swearing in chat" rule. That means you have to be okay with SOME swearing. In practice if we know someone brought their kid with them to play, we try to tone it down, but we can't make promises. 18:49 MTDiscord The gameplay itself is another issue. There's nothing "bad" for children in it, but it's pretty harsh if you don't have at least a high school level education. 18:49 MTDiscord Technically, because IKEA is more reliant on survival-horror (the scary part is mostly just trying not to die in slightly disturbing circumstances) it'll probably be fine for older kids, even in it's eventual released state (unless I add some deep physiological horror elements to areas like has been discussed) 18:50 MTDiscord Heh, I feel like maybe there's a certain age past which it's unhealthy NOT to have experienced some psychological horror though. 18:50 independent56 what do you mean "harsh"? all that lua? 18:50 MTDiscord well, maybe shallow psychological horror is the better term 18:51 independent56 such as...? 18:51 appguru gore 18:51 MTDiscord By "harsh" I mean the game is difficult and unyielding. 18:52 MTDiscord App: That's the opposite of psychological horror, generally speaking 18:53 appguru That'd be called "visual horror" then? 18:53 independent56 Yeah, stuff which makes you think "oh my god i am a monster why am i like this" 18:53 appguru That's not all that shallow anymore I'd say 18:53 MTDiscord Haha, that's the best kind 18:54 MTDiscord There are other kinds, but yes that is one example 18:54 MTDiscord NodeCore has psychological horror elements but it's very deeply buried, until you realize that every bad thing that's happened to you in gameplay was because of a decision you made :-) 18:55 MTDiscord Psychological horror: some assembly required. 18:55 MTDiscord That would actually be a good way to describe IKEA too, though in a very different sense. 18:56 MTDiscord I believe that the uncanny-valley faceless staffers in IKEA actually fall under a specific "body horror" subgenre 18:56 MTDiscord though tbh the fact that everything in MT is lo-fi so faceless dudes look totally not out of place kind of ruins that. 18:57 MTDiscord My idea has been for the path to the end game to be somewhat disturbing with it's soundscape and feel, with less than comforting results by the end. Perhaps psychological horror isn't the right term either though, since it's not trying to get in your head as much as it'd be trying to make you hate the landscape and feel the dread of your circumstances. 18:58 MTDiscord Then again, that is kind of trying to "get in your head" 18:58 MTDiscord Warr: Just wait until I have fun making new animation sets for them :P 18:59 MTDiscord The funny thing about NC is that I never put any psychological horror or existential dread stuff in the game itself, I just lowered the background noise level enough that you can start to hear that stuff inside your own head... 19:01 MTDiscord Truly, the most terrifying things already live inside your head 19:03 twoelk "hate the landscape" ?? but I like visiting IKEA 19:04 independent56 the background noise? i just listen to music on the background, because i like music. it makes the voices in my head go away 19:06 twoelk haven't tried the IKEA game as of lately - are those little example furnished rooms also included? 19:06 MTDiscord Sidenote, I'd love it if we could define a sound's source as a type of node, but only for the positional side of things 19:06 MTDiscord twoelk: There are basic Warehouse and Showroom departments as of right now 19:06 MTDiscord What do you mean by "sound source as a type of node?" 19:07 MTDiscord positional audio source 19:07 MTDiscord you can play sounds positionally, you just need to be responsible for doing it yourself. 19:07 MTDiscord you can't make it emit from ALL nearby nodes of a given type though unless you send multiple play commands. 19:07 MTDiscord Right 19:08 MTDiscord You can't really do this for music though, or any sound that's very long 19:08 MTDiscord I'd like to have that without having to mess with say, moving an entity around (though that's probably what I'll do though when I revamp the music code) 19:08 twoelk I once experimented with a fountain as sorce of noice - was nice sometimes and a PITA to keep working correctly at times, kept getting unloaded or freezing in mid note 19:08 MTDiscord as far as I know a sound is only delivered to players in range at the time it's started, and if a player walks into range later while it should still be playing, I don't think they hear it... 19:09 MTDiscord If you could have the server track state of positional sound "entities" server-side and replicate them to clients that wander into range of them, and add the ability to start playing a sound with a time offset within the sound file, you could come pretty close to having background music coming from speakers. 19:12 MTDiscord I suppose I don't need to use entities, I can just keep track of the starting timestamp for the song and start up a new sound with the correct offset, and remove the old one when the player leaves 19:12 MTDiscord *leaves the area 19:14 MTDiscord sound_play appears not to have an offset option 19:14 MTDiscord according to lua_api 19:14 MTDiscord feels like it otter 19:15 twoelk what happens if I hop around on sound-area borders? 19:15 MTDiscord granted, there are a number of things that could be improved about sound_play, like the ability to schedule a sound to start at an exact future timestamp relative to some common point of reference, like when the player actually emerged client-side, so that musical things can be timed properly. 19:16 MTDiscord I haven't tested the "sounds don't player for players entering the sound area" thing since like 0.4.16 specifically but I have no reason to believe it's been addressed since then... 19:16 sfan5 Minetest is missing a common timeline between client and server in general 19:16 MTDiscord I did have some sound samples I wanted to play that were like 30 second loops at the time, but I had to cut them down into smaller segments or else a player had time to approach the thing without hearing the sound before it suddenly started on the next cycle. 19:17 twoelk don't we have a church bells mod with a scheduled time of chiming? 19:17 MTDiscord You're right, there is no sound offset parameter 19:17 MTDiscord I could've sworn there was 19:17 MTDiscord Having a full common timeline would be nice, but at least just for sound it'd be good to be able to do like "midi music" sorts of things without network jitter killing the timing. 19:18 MTDiscord There have been a number of no-go mod ideas around dynamic or generated music, or musical sequencing boxes, etc. that end up only working in SP if at all... 19:18 MTDiscord Some people are very sensitive to bad timing in music, though if your network connection is anything less than ideal, you don't have to be all that sensitive even. 19:19 sfan5 SSCSM will give modders the ability to put bandaid on it 19:19 sfan5 still not good ofc 19:20 MTDiscord Nobody seems to like bandaids much but they sure do beat bleeding. 19:20 MTDiscord I suppose barring a starting offset, moving a couple entities between sound sources would probably work 19:21 MTDiscord You don't need timing offsets if you chop your music up into segments and play them in sequence ... but then you'd need the ability to actually carefully time the start point of sounds and not be subject to network jitter. 19:21 MTDiscord Alternatively, being able to A) specify multiple sources as-if it were multiple sounds and B) change that at runtime would work 19:22 MTDiscord But that would require more control over sounds via handles 19:22 twoelk some bandaids are made to look appealing to kids; good enough to trigger the "me too" effect 19:22 MTDiscord Supposedly in theory you could increase the maximum audible range. The problem would be that what you'd have to increase it TO is the amount of distance a player could conceivably travel during one play-through of your song, which could cover a LOT of speaker nodes. 19:23 MTDiscord This is about where I would start to question certain assumptions, like the idea that an otherworldly IKEA inhabited by faceless creatures would play on their speakers sounds that we as humans would recognize as music. 19:24 MTDiscord If you make the speakers play something that's naturally cacophonous then the fact that you can't exactly control it would make it easier to fail to notice the seams. 19:24 twoelk I once tried to set up a market with changing sounds as I wander about between different sellers shouting their offers. Never got any where near good enough to even show anybody 19:25 MTDiscord I suppose I could keep a database of speaker node positions and play the sounds at all of the ones in range, but that's gonna get pricey to filter with time 19:25 MTDiscord Take the free/open music you were going to use, time-stretch it to about 8x length, pick random segments from it, fade in and out each one to make a pool of eerie otherworldly sounds, and then just play random ones at random timings from each speaker. 19:26 MTDiscord Doing that would probably ruin the "This almost seems normal at first" feel I want opening hours to have, though 19:26 MTDiscord Also as players who have been inhabiting the IKEA from the early days we all agree that it "totally sounds normal to me" and "no idea what your'e talking about" when new players ask about the music. 19:27 MTDiscord heh 19:27 MTDiscord Just don't play the music during the day, and only fade it in subtly as closing hour approaches... :-) 19:28 MTDiscord tbh I don't really notice the music, or lack of music, in a store anyway. 19:28 twoelk actually if it doesnt change with time - it might give clues of its age by analyzing its style 19:30 twoelk I sometimes search for a speaker to get a clearer version of a tune that manages to get my attention - usually I get staff attention though as I wander into restricted areas 19:32 MTDiscord It does bring up a lot of questions about the infinite IKEA that people struggling for survival or containment probably never really thought about. We know it's infinite and isotropic in 2 spatial dimensions but not the 3rd, but then that makes you wonder about the time dimension. Does it evolve over time or is everything there timeless and from no era in particular? Or is time perhaps a local phenomenon and you'll travel through eras 19:32 MTDiscord gradually as you move spatially? 19:35 twoelk judging by the original story it does seem to progress in time 19:36 twoelk it probably is not similar to L-space of diskworld 19:40 twoelk would be cool if it was similar in function to the world-of-ponds limbo in "The magicians nephew" with many worlds providing visitor sources 19:43 MTDiscord I'd like to get basic gameplay implemented and a beta released :P 19:44 twoelk for gameplay to work wouldn't a restaurant area be needed for basic food supply? 19:45 twoelk and a reason to leave safebase 19:48 twoelk of course the restaurant area would need to be protected so one could not build there but the vending machines or maybe food stands may be used 19:48 twoelk gtg 19:48 twoelk bye 19:54 MTDiscord You only need one gameplay loop for a beta. Just like "you build, staff destroy" is enough. You don't need hunger or anything immediately. 19:56 benrob0329 !tell twoelk Already planned, though I don't remember if I had any ideas for how to keep players from building there 19:56 MinetestBot benrob0329: I'll pass that on when twoelk is around 20:00 MTDiscord Wait, why shouldn't you be allowed to build in the dining areas? 20:01 MTDiscord Good point 20:02 MTDiscord I suppose it's just an optimal strategy that would take away some of the challenge, but then again the Staff probably need to go there to replenish the food 20:02 MTDiscord Either that or fouling up the cafeteria by building there will cause the food to go bad. 20:03 MTDiscord Or maybe players can be allowed to build there and have unlimited food, but they'll sacrifice some other resource they would have had if they had built elsewhere. Maybe you can exploit one resource for free from anywhere, but there's no single resource that's sufficient to survive indefinitely. 20:08 independent_ is using the nodecore wiki cheating? 20:18 MTDiscord It's not "against the rules" or anything, but be warned that once you already know a thing, it's very difficult to get back the thrill of discovering it yourself. 20:23 independent_ Is it normal behaviour for the fire to extinguish itself after? i might be hitting it accidently during the pummeling... and it's annoying. 20:26 independent_ oh wait it is 20:30 MTDiscord You cannot put fire out by hand in nodecore 20:46 independent_ hmm... 20:51 independent_ yay fire working :-> 20:58 independent_ now i have a bonfire 21:07 independent_ Nodecore trees ar eboring. it slowly grows, not like saplings suddenly popping up, killing those who walk over them. 21:24 specing sofar: but a bit too bleak - everything is too gray 21:25 sofar specing: hah, try some of the levels. But yeah the color palette is on purpose a bit less saturated 21:26 sofar specing: I went for a look that stands out a bit and doesn't do oversaturated textures 21:27 sofar there's enough of that already ;) 21:37 MTDiscord sofar: is it possible to reset a box? I'm not sure but I think I might have broken one of the tutorial ones, maybe hitting buttons too fast? 21:41 MTDiscord Welp, I'm stuck on box 27... 21:42 MTDiscord I see a mechanism but I'm all out of buttons to push to activate it 21:45 MTDiscord n/m, that was pretty well hidden, considering the level had such simple geometry overall 21:51 sofar heh 21:52 sofar there's walkthrough videos for the tutorial parts just for that :) 21:58 independent_ ugh... nodecore is horrible. i started playing at 19:00, but when i looked up from my computer, i saw it was 22:57. ugh! i need to submit an issue - "gameplay too immersive" 21:58 independent_ goodnight 22:01 MTDiscord :-D 22:02 MTDiscord I'm used to expecting there to be timing issues if you trigger mechanisms too quickly so that's why I misled myself into thinking I might have busted box 27 22:02 MTDiscord though I assumed that tutorial levels get the most testing ... but then, not everyone actually checks race conditions 22:02 MTDiscord but the button I needed was pretty obvious, it was just hard to reach with the sneak mechanic disabled and my acrophobia. 22:04 independent_ Just finished backing up t the hdd 22:04 independent_ just need to cpy over some MT backups 22:07 independent_ i need to make another copy for remote backup, then i will be fine.