| Time |
Nick |
Message |
| 00:12 |
|
GreenDimond joined #minetest-hub |
| 01:32 |
|
paramat joined #minetest-hub |
| 02:52 |
|
Ruslan1 joined #minetest-hub |
| 03:17 |
|
Fuchs joined #minetest-hub |
| 04:00 |
|
sys4 joined #minetest-hub |
| 05:15 |
|
paramat joined #minetest-hub |
| 06:00 |
|
Ganome317 joined #minetest-hub |
| 06:31 |
|
pyrollo joined #minetest-hub |
| 06:38 |
|
CWz joined #minetest-hub |
| 08:52 |
|
Fixer joined #minetest-hub |
| 10:08 |
|
pyrollo joined #minetest-hub |
| 11:46 |
|
calcul0n joined #minetest-hub |
| 13:42 |
|
aerozoic joined #minetest-hub |
| 14:04 |
|
behalebabo joined #minetest-hub |
| 14:07 |
|
benrob0329 joined #minetest-hub |
| 14:09 |
|
_scr267 joined #minetest-hub |
| 14:13 |
|
IhrFussel joined #minetest-hub |
| 14:15 |
IhrFussel |
Okay this is just laughable now... it seems that there are seriously people who honestly believe that preventing someone from joining with a certain account and overtaking their current online session actually adds SECURITY to Minetest ... at least according to those downvotes https://github.com/minetest/minetest/pull/8547 ... As if that would help against account theft |
| 14:16 |
IhrFussel |
What are these people thinking? When someone got my password it's OVER already ... there is no need to try to mitigate any login attempts |
| 14:17 |
IhrFussel |
I thought LinuxDirk is the only silly guy who got that opinion |
| 14:18 |
IhrFussel |
Minetest is simply backwards in that regard... I don't have to wait in ANY other game or service until my last session timed out before I can rejoin |
| 14:21 |
IhrFussel |
There should be other methods to actually improve security of accounts ... like builtin login attempt limits |
| 14:23 |
IhrFussel |
And maybe log such an event when someone overtakes the session of another user so that server admins have a clue when it happened and by who (IP) |
| 14:25 |
IhrFussel |
I already implemented a 'anti hack protection' in my server code... it simply stores a timestamp in a table plus a counter and if (within 30 seconds) the same name tries to join 3 times and fails they are blocked from joining for 1 minute |
| 14:30 |
IhrFussel |
And I clearly see how it helps with security on my server... cause most people who try to get into another's account give up exactly after the 3 tries |
| 14:31 |
IhrFussel |
They don't want to wait for 1 minute staring at their screen |
| 14:32 |
IhrFussel |
The majority of players are young kids in MT and that is a fact ... young kids don't have a large attention span |
| 14:33 |
IhrFussel |
Additionally I let the online user know that someone tried to connect as them via PM |
| 14:50 |
IhrFussel |
btw since most mobile users use a third party app that likely implements the random generated name and password features, it is highly unlikely that someone guesses SUCH a password... I mean did you even take a look at one? They look like '5M!7?ctS' |
| 14:51 |
IhrFussel |
iOS users at least are forced to use such apps and they account for a large amount of total mobile users |
| 14:53 |
IhrFussel |
And soon the other Android clones will upgrade to 5.0.0 too... if the app devs need the money |
| 15:20 |
BuckarooBanzai |
IhrFussel: if you have additional security on your server, why not share your mod with the community... :) |
| 15:20 |
* BuckarooBanzai |
hides |
| 15:22 |
IhrFussel |
I don't publish mods cause my coding skills are not the best and therefore the code quality is usually bad ... but as long as the code accomplishes my goals I'm fine ... when people ask me for certain things I like to help ... and I would even take some of my server code and share it with them |
| 15:23 |
IhrFussel |
I code my server mods not as standalone mods, so I can basically depend on many unrelated mods in each of them |
| 15:28 |
IhrFussel |
Also the mod I coded is only a hack... cause in 5.0.0 (which I don't use yet) there is a new callback that can improve it |
| 15:31 |
IhrFussel |
Here it is minetest.register_on_auth_fail(function(name, ip)) |
| 15:32 |
IhrFussel |
Right now I can only use prejoin() callback and have to assume that even if the 3rd try has the right password it still triggers the block |
| 15:46 |
Calinou |
IhrFussel: in my experience, people don't care if your open source code looks ugly |
| 16:09 |
|
aerozoic joined #minetest-hub |
| 16:55 |
|
BuckarooBanzai33 joined #minetest-hub |
| 16:58 |
|
Krock joined #minetest-hub |
| 16:58 |
Krock |
o/ |
| 17:20 |
|
_Xenon joined #minetest-hub |
| 19:18 |
|
FrostRanger joined #minetest-hub |
| 19:47 |
|
Jordach joined #minetest-hub |
| 20:40 |
|
paramat joined #minetest-hub |
| 21:33 |
|
scr267_ joined #minetest-hub |
| 22:41 |
|
aerozoic left #minetest-hub |
| 22:49 |
|
Gael-de-Sailly joined #minetest-hub |
