Java-Gaming.org    
Featured games (81)
games approved by the League of Dukes
Games in Showcase (499)
Games in Android Showcase (118)
games submitted by our members
Games in WIP (567)
games currently in development
News: Read the Java Gaming Resources, or peek at the official Java tutorials
 
    Home     Help   Search   Login   Register   
Pages: [1] 2
  ignore  |  Print  
  Bugs  (Read 4296 times)
0 Members and 1 Guest are viewing this topic.
Offline Best Username Ever

Junior Member





« Posted 2012-11-29 03:19:47 »

Bug 1) Images are not archived if linked to using BB code other than the form [img]http://website.url/whatever[/img]. [img width=100 height=100]http://website.url/whatever[/img] and [IMG]http://website.url/whatever[/IMG] do not work.

Bug 2) Previewing an edit to a wiki page causes an error message even though posting works.

Quote
An Error Has Occurred!
You aren't allowed to modify just any post.
Offline Riven
« League of Dukes »

JGO Overlord


Medals: 801
Projects: 4
Exp: 16 years


Hand over your head.


« Reply #1 - Posted 2012-11-29 03:22:45 »







Hi, appreciate more people! Σ ♥ = ¾
Learn how to award medals... and work your way up the social rankings
Offline Riven
« League of Dukes »

JGO Overlord


Medals: 801
Projects: 4
Exp: 16 years


Hand over your head.


« Reply #2 - Posted 2012-11-29 03:25:22 »


Hi, appreciate more people! Σ ♥ = ¾
Learn how to award medals... and work your way up the social rankings
Games published by our own members! Check 'em out!
Legends of Yore - The Casual Retro Roguelike
Offline Riven
« League of Dukes »

JGO Overlord


Medals: 801
Projects: 4
Exp: 16 years


Hand over your head.


« Reply #3 - Posted 2012-11-29 03:31:08 »

Bug #1; Just like the last mammoth must have thought: cannot reproduce. Everything works and I made two useless posts to prove it. You can see the images are stored on the JGO server. Only [IMG] (img tag with capitals) fails to be picked up, but shows up on your post as a direct reference to the original resource. Nobody uses [IMG] anyway.

In case you had a problem with image retrieval, it's very likely that to access the image, you needed some cookie (like in gmail / attachments, or websites being strict about embedding images, verifying the referer in the http header) in that case, only you can view the image, so posting it on JGO will lead to a failure to download to the JGO server, just like everybody else would be unable to see your image.


As for Bug #2: known bug, reported before. I'm not sure I'm going to put much effort into it. Nobody but Roquen uses the wiki, and I hope he can live with this bug Wink

Hi, appreciate more people! Σ ♥ = ¾
Learn how to award medals... and work your way up the social rankings
Offline Best Username Ever

Junior Member





« Reply #4 - Posted 2012-12-04 23:23:38 »

Websites like Imgur gives users the version with capital letters. So it might be a much more common occurrence.
Offline Best Username Ever

Junior Member





« Reply #5 - Posted 2012-12-22 03:14:34 »

All the images in this thread are not cached.
Additionally, while visiting this thread, I noticed your previous post no longer displays the archived version of resized images.
I've also seen quite a few instances of copy-pasted image links with capital letters besides Imgur.

Edit: Never mind. The resized images on this page work. The others did not link to the archived version. Now there's not even an <img> tag in the post I was talking about (with capitalized and non-capitalized IMG).

If you're in the process of changing something, may I suggest making [img] case sensistive (and fall back to the plain text [ img ] blah blah [/ img]) and exclusively use the lower case version if making the archiver script case insensitive is too difficult.

Edit 2: missed the new post in the process of first editing
Offline Riven
« League of Dukes »

JGO Overlord


Medals: 801
Projects: 4
Exp: 16 years


Hand over your head.


« Reply #6 - Posted 2012-12-22 03:21:20 »

I changed the img-caching code today.

It was blasting through the allotted monthly datatraffic of my Linode VPS, and bandwidth isn't cheap.

The whole goal of the img-caching was to prevent old images to vanish, so the new approach is this: upon posting, the images are fetched from the remote server, but the images will only be hosted from JGO after 2 months - by that time, the amount of required datatraffic should be only a fraction of what it was in the early days of the post. This approach allows me to continue securing the uploaded content, without paying hefty bills.

Hi, appreciate more people! Σ ♥ = ¾
Learn how to award medals... and work your way up the social rankings
Offline Magnesus

Senior Newbie





« Reply #7 - Posted 2013-01-09 16:51:23 »

The spam protection is insane. It's harder to people than to spammers. You can't do the snippet in memory because of the hashCodes, meaning you have to go to a great length to solve it. Also the password restrictions are also insane - why do I need large letters in my password (which is already filled with numbers mixed with small letters) and why does it have to be 8 letters long? Right now I'm certain I will be using "I forgot my password" link anytime my browser forgets it... And it's also hard to input such passwords (with capital letters) on mobile devices.
Offline Jimmt
« League of Dukes »

JGO Kernel


Medals: 133
Projects: 4
Exp: 3 years



« Reply #8 - Posted 2013-01-09 16:54:36 »

You can't handle 8 character long passwords?  Roll Eyes
Some sites require numbers, symbols, and capital letters.
Offline sproingie

JGO Kernel


Medals: 202



« Reply #9 - Posted 2013-01-09 17:01:06 »

The "remember my login" option lasts forever, or at least til you clear out cookies.

The spam protection is a pain, but so are spammers.  Yet there's still an active community here.

Games published by our own members! Check 'em out!
Legends of Yore - The Casual Retro Roguelike
Offline BoBear2681

JGO Coder


Medals: 18



« Reply #10 - Posted 2013-01-09 21:48:46 »

I have the opposite problem.  I get angry when sites require fewer than X characters. (And unbelievably, it's a financial institution I use that does this - where I want a long password the most!).
Offline Best Username Ever

Junior Member





« Reply #11 - Posted 2013-01-09 23:38:41 »

String hashCodes are easy. Read about them. They can be done with the help of Wikipedia and the calculator program that comes with most operating system distributions. See the thread about that topic.

Write down your password. It is seriously the most secure thing you can do. The trick is to put it where you keep your other valuable pieces of paper, such as your wallet (for frequently used websites) or a safe if you really need to store a password long term but don't use it often (like an encryption key.) If you have to do that silly memorization thing, use a passphrase instead of a password.
Offline ReBirth
« Reply #12 - Posted 2013-01-10 00:28:09 »

Some sites require numbers, symbols, and capital letters.
Easy example, PayPal.

Offline Cero
« Reply #13 - Posted 2013-01-10 00:37:42 »

I have the opposite problem.  I get angry when sites require fewer than X characters. (And unbelievably, it's a financial institution I use that does this - where I want a long password the most!).

get this: the website of my ISP, yes my freaking ISP, only accepts user accounts with EXACTLY 8 characters, no more no less

Offline Jimmt
« League of Dukes »

JGO Kernel


Medals: 133
Projects: 4
Exp: 3 years



« Reply #14 - Posted 2013-01-10 00:49:16 »

I have the opposite problem.  I get angry when sites require fewer than X characters. (And unbelievably, it's a financial institution I use that does this - where I want a long password the most!).

get this: the website of my ISP, yes my freaking ISP, only accepts user accounts with EXACTLY 8 characters, no more no less
How has no one brute forced it yet, especially with rainbow tables?
howsecureismypassword.net with test password @0XhrrP* (8 characters, with a number, symbol and upper/lower case) says 3 days Tongue
Offline Best Username Ever

Junior Member





« Reply #15 - Posted 2013-01-10 01:09:12 »

Your main goal for website passwords is to stall an attacker long enough to find out your website was compromised and to respond to it. (Notify users, change passwords, and disable accounts.) You don't always need long passwords. Unless you gain access to hashed passwords, you can only brute force a password as fast as the rate limiter allows it. If you had to give the password over the phone, could only guess a password once per day, and got a phonecall from the people that billed you if someone else tried to guess your password, then it's not a problem.

A website is more automated, so it is harder to effectively rate limit people, easier to attack an account, and harder to reset passwords. You want tougher passwords because they could be guessed more often.

It depends on the usage of the password. It's more of an omen of incompetence when you see maximum limits on password lengths because there is no technical reason for a limit if the website handled passwords correctly.
Offline sproingie

JGO Kernel


Medals: 202



« Reply #16 - Posted 2013-01-10 02:34:14 »

Write down your password. It is seriously the most secure thing you can do. The trick is to put it where you keep your other valuable pieces of paper, such as your wallet (for frequently used websites) or a safe if you really need to store a password long term but don't use it often (like an encryption key.) If you have to do that silly memorization thing, use a passphrase instead of a password.

I use KeePass and store my password safe on dropbox where it's replicated to three desktops, a laptop, a phone, and a tablet (soon to be two tablets).  That ain't getting lost.

I still live in fear that someday someone will get my gmail password and basically have the Keys To The Kingdom, since they could discover my other accounts and have my password reset sent there.  I encrypt my phone now so at least getting my gmail password from that is not as easy, but the unlock is a real pain now, having to tap out a password instead of dragging out a pattern.
Offline Riven
« League of Dukes »

JGO Overlord


Medals: 801
Projects: 4
Exp: 16 years


Hand over your head.


« Reply #17 - Posted 2013-01-10 02:38:01 »

I use KeePass and store my password safe on dropbox where it's replicated to three desktops, a laptop, a phone, and a tablet (soon to be two tablets).  That ain't getting lost.
With one simple command, Dropbox can nuke that file on all devices simultaneously.

At the very least backup that file to a medium that is not active (like an unplugged usb drive)

Hi, appreciate more people! Σ ♥ = ¾
Learn how to award medals... and work your way up the social rankings
Offline sproingie

JGO Kernel


Medals: 202



« Reply #18 - Posted 2013-01-10 02:43:48 »

With one simple command, Dropbox can nuke that file on all devices simultaneously.

Dropbox is convenient, not the ultimate savior of all my data for all time.  Even with Dropbox's poor security record, an attacker will get a very well encrypted database.  Rubber Hose Decryption would be a far more successful strategy if you wanted to get my passwords.

Also, two of the desktops have regular backups, and I make semi-regular ones of the phone.  The phone backup does go onto a thumb drive.



Offline Riven
« League of Dukes »

JGO Overlord


Medals: 801
Projects: 4
Exp: 16 years


Hand over your head.


« Reply #19 - Posted 2013-01-10 02:52:24 »

I meant you can accidentally send that command yourself. You don't need a hacker to nuke a (distributed) file.

Hi, appreciate more people! Σ ♥ = ¾
Learn how to award medals... and work your way up the social rankings
Offline ra4king

JGO Kernel


Medals: 347
Projects: 3
Exp: 5 years


I'm the King!


« Reply #20 - Posted 2013-01-10 03:18:26 »

I meant you can accidentally send that command yourself. You don't need a hacker to nuke a (distributed) file.
Dropbox stores file histories, even deleted files, so it's still safe.

Offline Regenuluz
« Reply #21 - Posted 2013-01-10 17:37:59 »

What on earth is wrong with just remembering your passwords? I use several different passwords for important stuff, and not one of 'em is written down anywhere, except for the few days it takes me to memorize a new 10-20 random char long string.

For websites of no real importance, I just use lastpass(I use 2 factor authentication for logging in(I use 2 factor auth everywhere I can, actually.)) and have that generate a password for me.

For me a limit on the max size of a password means that I wont be using a given service, because that indicates that the passwords are either not encrypted at all(And thus, nothing else probably is) or that the passwords are hashed with some reversible algorithm.(Like XOR and such)
Offline cheatsguy

Junior Member


Medals: 3


Gamer turned Pixel Artist turned Programmer


« Reply #22 - Posted 2013-01-10 17:40:57 »

My password apparently will take 147 octollion quinquagintillion years to crack... (just kidding, it was 33 thousand)

Busy between school, work, life, games, programming and general screwing around.
If you'd like some pixel art for your game, send me a PM, i'll see what I can do.
Current project: http://elementalwarblog.wordpress.com/
Offline sproingie

JGO Kernel


Medals: 202



« Reply #23 - Posted 2013-01-10 21:27:05 »

I have 65 passwords in keepassx and most of them are strings like hAu2I*&Y896987(25&^

So uh, no, I'm not memorizing them.


Offline Regenuluz
« Reply #24 - Posted 2013-01-10 22:42:10 »

I have 65 passwords in keepassx and most of them are strings like hAu2I*&Y896987(25&^

So uh, no, I'm not memorizing them.

I never said you shouldn't use a password manager, I'm using one. What I'm saying is that the important passwords that you DO have to remember isn't that hard to remember. I'm remembering 6 passwords of that type, with length 10+.

I'm using a my password manager for all the useless passwords for sites that is of no real concern to me and I'm using 2-factor authentication with my password manager, even if it's just for junk passwords.

And I highly doubt you use all those 65 passwords on a daily basis, even on a weekly basis. The 6 passwords I *need* to remember also all goes with some sort of 2-factor authentication, be that Yubikey or other. I couldn't really care if I lost all the passwords in lastpass, I'd just have to press a lot of "I forgot my password" buttons, possible answering silly security questions to make sure I'm me.

Of course if I were to suffer memory loss and forget those 6 passwords, I'd be in somewhat of a pickle. But then if that happened, I might be as likely to forget whatever location I stored the passwords in.

My point is, there really shouldn't be any need to write down passwords, you use everyday, and store them somewhere. Important passwords shouldn't go in a password manager anyway. But then I might just be a **** in regards to security and such.

But if you insist that you use 65 different passwords every day and that they're all of equal importance, then I wont argue there.


EDIT:
I didn't know that there were any kind of censorship in this forum Shocked
Offline sproingie

JGO Kernel


Medals: 202



« Reply #25 - Posted 2013-01-10 23:34:36 »

Of course I have to remember at least one password, the one to the password safe, and as a matter of consequence, the ones to my phone and my PCs so I can get to said safe (to say nothing of convenience).  Add in my domain login, gmail, amazon, and one bank password, and that's really all I care to try remembering. 

I really should strengthen the amazon and bank passwords some, but they're at least fairly long, and believe it or not that's still one of the better underpinnings of a strong password regardless of how weak it is, i.e. "foobar333333333333" is a good deal stronger than "foobar" even with the barely added entropy.
Offline Best Username Ever

Junior Member





« Reply #26 - Posted 2013-01-11 00:07:18 »

What on earth is wrong with just remembering your passwords?

It enables a bunch of attacks. You must have a good poker face if you memorize passwords. And this is a thing now. And it makes rubberhose tactics more effective.





Tongue
Offline ReBirth
« Reply #27 - Posted 2013-01-11 03:35:38 »

Black hacker on this thread: "hmm everyone talking about the secret of their pass. yummy~"

Offline Best Username Ever

Junior Member





« Reply #28 - Posted 2013-01-11 04:22:19 »

"foobar333333333333" is a good deal stronger than "foobar" even with the barely added entropy.

No. It is barely stronger than "foobar" because you barely added any entropy to it. That is like saying you can make something a good deal taller by adding a millimeter to its height. (Although that technically could be true if you actually used foobar as the base word in the same way that adding a millimeter to a one millimeter tall structure does make it much taller...)

Your system is basically as secure as passwordxn. No more secure than "foobar3C" (C = Hex 12), but much longer to type and just as hard to remember.

Black hacker on this thread: "hmm everyone talking about the secret of their pass. yummy~"

Diceware.
Offline sproingie

JGO Kernel


Medals: 202



« Reply #29 - Posted 2013-01-11 04:41:23 »

Length is still significant because brute force attacks still exist, and after the most common passwords and their "substitute zeros for the letter O" type of variants, they tend to go shortest first then append suffixes.  There is theory and there is what attackers actually do.

(but yes that's probably too many 3's to be practical, I just held the key down a bit too long)
Pages: [1] 2
  ignore  |  Print  
 
 
You cannot reply to this message, because it is very, very old.

 

Add your game by posting it in the WIP section,
or publish it in Showcase.

The first screenshot will be displayed as a thumbnail.

Pippogeek (38 views)
2014-09-24 16:13:29

Pippogeek (29 views)
2014-09-24 16:12:22

Pippogeek (18 views)
2014-09-24 16:12:06

Grunnt (42 views)
2014-09-23 14:38:19

radar3301 (24 views)
2014-09-21 23:33:17

BurntPizza (61 views)
2014-09-21 02:42:18

BurntPizza (31 views)
2014-09-21 01:30:30

moogie (36 views)
2014-09-21 00:26:15

UprightPath (49 views)
2014-09-20 20:14:06

BurntPizza (53 views)
2014-09-19 03:14:18
List of Learning Resources
by Longor1996
2014-08-16 10:40:00

List of Learning Resources
by SilverTiger
2014-08-05 19:33:27

Resources for WIP games
by CogWheelz
2014-08-01 16:20:17

Resources for WIP games
by CogWheelz
2014-08-01 16:19:50

List of Learning Resources
by SilverTiger
2014-07-31 16:29:50

List of Learning Resources
by SilverTiger
2014-07-31 16:26:06

List of Learning Resources
by SilverTiger
2014-07-31 11:54:12

HotSpot Options
by dleskov
2014-07-08 01:59:08
java-gaming.org is not responsible for the content posted by its members, including references to external websites, and other references that may or may not have a relation with our primarily gaming and game production oriented community. inquiries and complaints can be sent via email to the info‑account of the company managing the website of java‑gaming.org
Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines | Managed by Enhanced Four Valid XHTML 1.0! Valid CSS!