| Time |
Nick |
Message |
| 00:44 |
|
swift110 joined #minetest |
| 01:01 |
|
Edgy1 joined #minetest |
| 01:55 |
|
reductum joined #minetest |
| 02:43 |
|
Scotty_Trees joined #minetest |
| 03:38 |
|
Hawk777 joined #minetest |
| 05:24 |
|
ssieb joined #minetest |
| 05:45 |
|
reductum joined #minetest |
| 05:48 |
|
dzerk joined #minetest |
| 05:52 |
|
ANAND joined #minetest |
| 06:20 |
|
YuGiOhJCJ joined #minetest |
| 06:30 |
|
comrad joined #minetest |
| 07:04 |
|
nowhere_man joined #minetest |
| 07:07 |
|
Fulgen joined #minetest |
| 07:19 |
|
twoelk joined #minetest |
| 07:53 |
|
CWz joined #minetest |
| 07:54 |
|
dzerk joined #minetest |
| 08:01 |
|
diegojsrw joined #minetest |
| 08:03 |
|
CWz joined #minetest |
| 08:23 |
|
unCork joined #minetest |
| 08:25 |
|
longerstaff13-m joined #minetest |
| 08:25 |
|
aheinecke joined #minetest |
| 09:08 |
|
YuGiOhJCJ joined #minetest |
| 09:09 |
|
ChimneySwift joined #minetest |
| 09:15 |
|
ChimneySwift joined #minetest |
| 09:48 |
|
Fixer joined #minetest |
| 09:49 |
|
Scotty_Trees joined #minetest |
| 09:51 |
|
AspireMint joined #minetest |
| 09:55 |
|
ChimneySwift joined #minetest |
| 10:23 |
|
swift110 joined #minetest |
| 10:30 |
|
Taoki joined #minetest |
| 10:30 |
Taoki |
Hi. Is the Minetest forum moving or upgrading? Logins seem to have broken x_x |
| 10:33 |
Taoki |
Yeah I think the same passwords no longer work. Should I send a request for a reset for my forum account? |
| 10:57 |
Taoki |
Um... it seems the person who advised I email him to reset account passwords is OldCoder (on Twitter). Given what I remember from last time I'm nervous to even speak to him. He's already talking there about people "seeing the truth" and what not... |
| 10:57 |
Taoki |
Can anyone else help with the password procedure thingie please? |
| 11:04 |
|
DI3HARD139 joined #minetest |
| 11:11 |
Taoki |
Yeah it's definitely him. Getting dragged into some weird stuff again after he messaged me. I don't want to have to email him since it seriously creeps me out to talk to him now... please let me know who else can help with the forum issue. |
| 11:14 |
rubenwardy |
Make sure it is Minetest.net |
| 11:14 |
rubenwardy |
Then just use the password reset feature |
| 11:14 |
rubenwardy |
I can trigger one of you like, TC01 |
| 11:14 |
rubenwardy |
Taoki: |
| 11:14 |
rubenwardy |
Lol |
| 11:15 |
Taoki |
Oh... it was minetest.org |
| 11:15 |
rubenwardy |
Lol |
| 11:15 |
rubenwardy |
Make sure you reset anywhere else that you use the password you just entered |
| 11:15 |
rubenwardy |
Consider it compromised |
| 11:15 |
Taoki |
Oh yeah, it still works on minetest.net |
| 11:15 |
Taoki |
I haven't reset my password on either forum in ages |
| 11:16 |
Taoki |
Just a few login attempts in the org site |
| 11:17 |
Taoki |
So yeah no neet to trigger on minetest.net I'm good there. I just wasn't aware the forums had split. |
| 11:20 |
Taoki |
rubenwardy: Is there risk of a password leak for old accounts? Someone mentioned a DDoS attack or something. |
| 11:20 |
rubenwardy |
No |
| 11:20 |
rubenwardy |
If you submit onto the malicious site then you have given the password to the malicious site |
| 11:20 |
Taoki |
Okay. I tried logging into the minetest.org forum with my old passwords, and I'm not sure if those are logged. |
| 11:21 |
rubenwardy |
Assume they are |
| 11:21 |
rubenwardy |
He didn't get any passwords, emails, or ips though |
| 11:21 |
Taoki |
OldCoder seems to be an admin on that one. I don't know what to expect from him since he's acting really crazy. |
| 11:21 |
rubenwardy |
C55 made a semi-public backup of the forums which oldcoder had access to |
| 11:21 |
Taoki |
Okay. So PHPBB logs the attempt but not the password you entered, correct? |
| 11:21 |
rubenwardy |
All passwords were removed |
| 11:21 |
rubenwardy |
No, assume the password was logged |
| 11:22 |
Taoki |
Damn :( |
| 11:22 |
rubenwardy |
You should be using separate passwords for separate sites though |
| 11:22 |
rubenwardy |
Right |
| 11:22 |
Taoki |
It was two passwords I use everywhere and can't change so. |
| 11:22 |
Taoki |
It's hard to use a differnet password for every site. |
| 11:22 |
rubenwardy |
Password manager! |
| 11:23 |
rubenwardy |
More secure than not using one, for this exact reason |
| 11:23 |
Taoki |
Really though, why would PHPBB log every invalid password you enter? |
| 11:23 |
rubenwardy |
The most common way an account is compromised is by passwords being compromised on other sites through SQL leaks and such |
| 11:24 |
rubenwardy |
Not through brute force |
| 11:24 |
Taoki |
That sounds like a crazy thing for the forum to log by default. |
| 11:24 |
rubenwardy |
Phpbb doesn't by default, but you're forgetting who hosts it |
| 11:24 |
Taoki |
Okay. He probably didn't mod the forum itself. |
| 11:24 |
rubenwardy |
He may have though |
| 11:25 |
rubenwardy |
And he may log post requests anyway |
| 11:58 |
|
Fixer joined #minetest |
| 12:01 |
ChimneySwift |
it's safe to say that it's compromised though, it'd really not worth risking it at least for anything important |
| 12:10 |
|
progysm joined #minetest |
| 12:31 |
|
Scotty_Trees joined #minetest |
| 12:42 |
|
Tux[Qyou] joined #minetest |
| 13:02 |
|
ChimneySwift joined #minetest |
| 13:15 |
Taoki |
Well... at least I got to do a nice security checkup with this occasion. Changed several passwords to be sure he couldn't have gotten it. |
| 13:16 |
Taoki |
Doubt he'd be crazy enough to try breaking accounts even if he decided to turn on me in his mind for whatever reason. That is if he even modded PHPBB itself to snoop on passwords. |
| 13:18 |
|
est31 joined #minetest |
| 13:19 |
twoelk |
oops, you went near the oc dangerzone, off to decontamination you go |
| 13:30 |
|
IhrFussel joined #minetest |
| 13:30 |
|
IhrFussel left #minetest |
| 13:58 |
Taoki |
I wonder if people could and should be warned about minetest.org being an unsafe copy of the forum. I don't want to be mean as I couldn't OldCoder as an evil person or anything... however his behavior is scary enough that I worry he may pose a threat to the community if for instance people attempting to login there could have their passwords leaked to him. |
| 13:59 |
|
Krock joined #minetest |
| 14:04 |
air |
anyone using the same password over multiple sites deserves anything they get |
| 14:06 |
Taoki |
Good luck remembering 100 passwords then |
| 14:07 |
Krock |
My password is hunter2 |
| 14:08 |
est31 |
Krock: I only see **** |
| 14:08 |
Krock |
weird. this shouldn't contain any compression |
| 14:09 |
air |
Taoki: I use randomized passwords, not possible to remember even one of them |
| 14:10 |
Taoki |
Sounds good but you're in trouble if you lose wherever you saved them or someone else gets a hold of that file. |
| 14:10 |
Taoki |
Or if you're away from the device where you saved them and try to login from another device. |
| 14:11 |
air |
you need to learn some security, because none of that is an issue |
| 14:12 |
Taoki |
How is none of that an issue I wonder... |
| 14:12 |
air |
backups and encrypted distributed password wallet |
| 14:14 |
air |
you could use something like lastpass to manage all that for you |
| 14:15 |
Taoki |
Ah. Interesting |
| 14:15 |
Taoki |
So it like remembers passwords for every site, and you can search the whole thing to find yours? |
| 14:15 |
rubenwardy |
Password manager, TC01 |
| 14:15 |
rubenwardy |
Taoki: |
| 14:15 |
Taoki |
Like type in www.whatever.com and it tells you "your password for account X is Y"? |
| 14:15 |
rubenwardy |
Also, encryption |
| 14:15 |
air |
you dont need to search, it automatically fills it in |
| 14:16 |
rubenwardy |
Or you can click to do it |
| 14:16 |
rubenwardy |
But it which site you're on |
| 14:16 |
air |
well, you should click to do it, but then it auto fills in |
| 14:16 |
air |
never use auto fill without needing to click, that can leak info without you knowing |
| 14:17 |
Taoki |
How does it automatically fill it in? I assume that requires some browser integration. Do they integrate with Chromium and Firefox? |
| 14:17 |
air |
yes |
| 14:17 |
Taoki |
Nice. I should totally find one for KDE then. |
| 14:17 |
Taoki |
No time now but maybe in the next weeks I'll look into it. Made a mental note now. |
| 14:17 |
rubenwardy |
It's a browser plugin, usually |
| 14:18 |
Taoki |
Would be fun if I could integrate something standard with KDE |
| 14:19 |
air |
why kde? |
| 14:19 |
Taoki |
Cuz it's what I use so then it would be system wide :P But I guess a browser plugin works too since I mainly only use Firefox. |
| 14:19 |
air |
you only need it for web sites, so it only needs to plugin to a browser |
| 14:20 |
Taoki |
My biggest worry is where those passwords are stored, encrypted as they may be. Unless the password file is stored locally in the browser cache AND encrypted, I wouldn't trust anything online based. |
| 14:20 |
Taoki |
Okay |
| 14:20 |
air |
the wallet is stored remotely |
| 14:20 |
air |
you can install the extension on any computer and access your wallet |
| 14:21 |
Taoki |
That makes it very scary to use for me. Unless it's a deentralized open-source system where you can see the code and how the encryption works. |
| 14:21 |
rubenwardy |
It's stored using strong encryptil |
| 14:21 |
air |
encryption happens locally, they cant help if you forget the master password |
| 14:21 |
rubenwardy |
So it's fine to go online |
| 14:21 |
Taoki |
Until it's stored with encryption the server might find some ways to get a hold of them. |
| 14:21 |
Taoki |
Okay |
| 14:21 |
Taoki |
I will look into this later yeah |
| 14:21 |
air |
but you need a good wallet, only a few are good |
| 14:29 |
Taoki |
Firefox does have a builtin PM. But it doesn't seem to be distributed |
| 14:30 |
Taoki |
Actually it might work through Firefox Sync |
| 14:31 |
Taoki |
No such thing as importing / exporting with local files however |
| 14:39 |
twoelk |
ooh, master password - sounds like a nice single point of failure to get completely screwed :-) |
| 14:43 |
|
dzerk joined #minetest |
| 14:43 |
twoelk |
I learned a long time ago that security never makes a job easier and tends to become a burden quite out of scale for otherwise simple tasks - and yet the world has become such that you need even more security than any science fiction author could have ever imagined |
| 14:44 |
Krock |
AES being too strong for weak mobile devices |
| 14:50 |
Taoki |
twoelk: That's another thing... the risk of losing the wallet key itself and someone else stealing it. |
| 14:50 |
Taoki |
I guess the best idea is what others have suggested: Long sentences that only you can remember the words of. |
| 15:09 |
|
Fulgen_ joined #minetest |
| 15:25 |
|
minduser00 joined #minetest |
| 15:29 |
|
Ruslan1 joined #minetest |
| 15:55 |
|
Copenhagen_Bram joined #minetest |
| 16:33 |
|
Copenhagen_Bram joined #minetest |
| 16:38 |
|
Copenhagen_Bram joined #minetest |
| 17:07 |
|
illwieckz joined #minetest |
| 17:12 |
|
AspireMint joined #minetest |
| 17:15 |
|
paramat joined #minetest |
| 17:16 |
AspireMint |
anyone knows why JT2 is green in server list? o.O |
| 17:17 |
AspireMint |
oh wait, nvm |
| 17:19 |
Krock |
oh nice. if the server list allows control characters then you can actually colorize it |
| 17:21 |
* Krock |
tests |
| 17:21 |
AspireMint |
im using script to colorize favourite server, i forgot its still running after years.. |
| 17:22 |
AspireMint |
yes, for old / new versions of mt or official / unofficial / stable it might be cool |
| 17:24 |
Krock |
!up ente.kak.si 34617 |
| 17:24 |
MinetestBot |
ente.kak.si:34617 seems to be down |
| 17:33 |
Krock |
AspireMint: I found out that the server list doesn't trim color codes, but the server list does |
| 17:33 |
Krock |
err. the server list server doesn't - mainmenu does |
| 17:51 |
|
Lunatrius joined #minetest |
| 17:57 |
|
nowhere_man joined #minetest |
| 18:12 |
|
Copenhagen_Bram joined #minetest |
| 18:38 |
|
AndroBuilder joined #minetest |
| 18:41 |
|
Tux[Qyou] joined #minetest |
| 18:43 |
|
paramat joined #minetest |
| 18:46 |
|
Copenhagen_Bram joined #minetest |
| 18:49 |
|
minduser00 joined #minetest |
| 18:57 |
|
ssieb joined #minetest |
| 19:16 |
|
illwieckz joined #minetest |
| 19:28 |
|
Copenhagen_Bram joined #minetest |
| 19:34 |
|
Copenhagen_Bram joined #minetest |
| 19:35 |
|
Ruslan1 joined #minetest |
| 19:35 |
|
Scotty_Trees joined #minetest |
| 20:35 |
|
Copenhagen_Bram joined #minetest |
| 20:46 |
|
AspireMint left #minetest |
| 20:48 |
|
Copenhagen_Bram joined #minetest |
| 20:54 |
|
Weedy joined #minetest |
| 21:08 |
|
paramat joined #minetest |
| 21:25 |
|
Bobr2 joined #minetest |
| 21:28 |
|
Copenhagen_Bram joined #minetest |
| 22:01 |
|
longerstaff13-m joined #minetest |
| 22:08 |
|
Edgy1 joined #minetest |
| 22:45 |
|
nowhereman_ joined #minetest |
| 22:53 |
|
riff-IRC joined #minetest |
| 22:57 |
|
ChimneySwift joined #minetest |
| 23:07 |
|
Cornelia joined #minetest |
| 23:27 |
|
swift110 joined #minetest |
