Sadly, I have many imposters going around, pretending they are me. They are obviously making me seem racist and rude, none of which have I been showing (I hope %) :S ). I HATE racism beyond what all of you know. I gets me when people are treated different because of their race. So, my new name is going to be:

Mr. Shifty Nifty©

NEVA, don't worry, you can still call me Splam. :)

My secret code:

I'm not really actually who you think I am....

Last edited: Saturday, December 31, 2005 at 6:28:14 PM

To make sure you're really CS, we'll just ask: "Are you really actually who I think you are?"

Yes, and I will answer, " I'm not actually who you think I am." And I'm only making my PTT name different for a short period of time.

@Sry Splam, I put you on nameregister.cs because I thought your IP wouldn't change. :[

I'm also banned from your server, lol....

WHAT?!?!?!??!?! How? I didn't ban you. Was it someone else?

I checked and you aren't on the banlist. Hmm... :o Dunno, sorry.

I joined as CannedSplam© and it said, "You are not welcome to play at this server."? :S

That's probably the nameregister thing. I'll check it again and restart the server.

Well... Canned really did lose it! :)
Me and him were Changing each other's names to different things until I changed his to ShiftyNifty...
LOL!
He said he would keep it but I didnt take him seriously :P
Congrats Shifty for your Nifty name :)

Oh and BTW....
I got my internet back!!! :)

^ WOOT... So when should I expect my e-mail??. :P :P :P :P :P :P

Last edited: Saturday, December 31, 2005 at 10:21:24 PM

As soon as I can sneak onto a computer that will allow me to do so...
my dad is smart
he blocked yahoo

Actually repent... I am going to leave you a message on your chatlogger to pint you to an address of where you can download it

Forget this load! I can safely say using another name besides my own just doesn't cut it! I'm back to splam. I hope that all off you can judge who is me, and who is a racist imposter.... :S %)

MISTER CannedSplam to YOU... XD

Mr??????????????

Wtf happened to ms??
u get onna dem sex changes??

You will always be Splam to me. BTW, I'm back now Splam. I gotta week to do nothing!

Yeeeeha! XD
@Repent & other Mr skeptics:
Inside joke... But I'll change it. XD

Why dont you make some kind of "password" script that you released... Like Nickserv on mIrc! You enter a server and type "/register PASS" and the name is registered to that Pass (dont use a pass you use for anything else).... Next time you enter the server with that name, you'd get a message: "Your nickname is protected. You have30 seconds to login"
Then you typed "/login PASS" and it'd say "Login successful"
If the pass was wrong it'd let you try again... If the timer ended... Well you were kicked...
if you were kicked 3 times cos of a wrong pass, you were banned!
That'd sure clean all imposters... And I know a way of "encrypting" the passwords for storage in any normal.cs file.... That way the hoster would only be able to remove them, not edit or read them :)

It shouldnt be too hard... But I quit, and so did my scripts ;)

[dreaming]
If we could we could even make a "Password master server", that way it'd prevent anyone from having control on the list... We could make like each hoster have to register and put the info (usern, pass) in his preferences. If there was any abuse we could just ban someone from the password master server... If there needed to be a password change they contacted the admin of the master server and they'd remove the password to be ready for another registration....
That is hard because TGE does support it but we'd have to edit some C++ code, wich we do not have (nor have permission too lol)[/dreaming]

Encryption? Try this: (LINUX USERS ONLY)
1. Go here .
2. After downloading the file, extract it using dpkg.
3. Look for a file in /usr/src/linux/crypto (not sure about the first 2 dirs) called blowfish.c.
4. Giving credit where credit is due, dig in. Blowfish variable-length encryption algorithm in uncompiled C form.
EDIT: Fedora users will have to convert it into an RPM first using Alien.

Last edited: Monday, January 02, 2006 at 10:26:19 PM

Art, Lore Invasion, another torque game, has this password server you are dreaming about so I think it's do-able...
If TT2 were to have this... Say bye bye to imposters!

For now we could make a script for private servers that matches names to a file and checks to see if their password is right
and if they dont have one, we make them an "account" that asks for a password...
its better than checking for IP because some change
Server owners can change the passwords if there is any problem and if you dont encrypt it...

That means imposters would be blocked in private servers but not shockwave's

Lots of hassle if you ask me... But it would work
the file would get real big tho...

Last edited: Tuesday, January 03, 2006 at 1:01:43 AM

I'd love to work on this with you guise! :)

About my above post....
sorry art, I know I said mostly what you said above but I was thinking aloud... Sort of pseudocode for me

Another thing... Would the file that holds the encryptor be open source?
Personaly I wouldent let it be... If it was, someone could just reverse engineer the algorithm and get everyone's pass they use
@canned
I think if it is to be done, it should be done by art... That way it has a gui :)

No it wouldnt, of course... I wouldnt do anything open source if I did this script, just for security ;)
About connecting to a password server, the c++ code had to be changed, so thats why I added [dreaming]...

About GUI, dont think so... That way people would have to have the gui installed to enter your server... WELL we could make it also work through admin codes...

About the file size, it wouldn't matter much ;), it would just be read ONCE in the whole game, and only wroten to if the person registers the name... We could keep the (encrypted, of course) passwords in memory to hold off lag... Or maybe add a pref, if it reads and writes whenever needed, or if it keeps in memory, faster in high-, but slower in short-end computers

And about it being me to do it... Why? You have the source to the GUI... Some hours reading and experimenting and I think you'd be ready! ;)
If you haven't noticed, the worst GUI I made was the password one, as it was the first one... Then the last one I made (main menu) is the best one, as its the one I spent more time perfecting, but not only that, its also the LAST ONE!
I was already much better at GUI scripting ;)
So try it, and we'll soon have an ACTIVE (yay) GUI scriptor ;)

Anyways, if 56k or someone with the source reads this, we'd sure appreciatte to know how the encryption used on the parental password is called (of course not unencrypted, as I dont think it ever is ;) )

Last edited: Tuesday, January 03, 2006 at 1:23:06 AM

An encryption algorithm would be nice... :)
And Yeah I was thinking about doing it like admin codes... Almost like ACAS but independent from the admin script so it can be used with anything
Gui is the way to go most surely... I dont know about yours art but my chatlogger would pick up passwords typed in... I would have to modify it to not log the passwords but nothing is stopping people with an old copy...

Anyways, I have a solution about when to read the nickpass file...
we could store the names and passwords in memory when we start up the server and we could re-read the nick protect file during the onmissionend function.
That way it is up and ready the next mission if anyone new asked for a nick protect :)

Ta da! When a player asks for a nick protect we just need to say "Thank You for using NickProtect©. Your settings will take effect next game!" when they are done!

Looks like I need to learn gui :)

No, if we packaged the main chat function, so the first thing ever it does is for the script ;)
About the reading to memory, we could update right when we use the function, like it's in memory, if someone registered, the script would add a new pref ($), adding it to the memory, and then would write to the file, but then if someone logged in, it'd simply check with the (encrypted) password in memory ;)
We could reload everything during on mission end thou ;) nice idea...

PS: Hello 56k? :P

My internet is down again... The most I can do is sneak on my mothers computer now

About the encryption algorithm... Haven't ANY of you given my last post any thought? What, kernel source not good enough?
EDIT: About the open-source problem... Each person would have their own key to encrypt their own pass with. Sound good?

Last edited: Tuesday, January 03, 2006 at 8:12:15 PM

^ Not that encryption! We'd like to include run-time encryption.. When someone registered, TT would encrypt the password!
About that, a nice idea! Maybe if we encrypt someones password with itself... ;) Nah, one main string is enough... As we would add an unencrypt function, and to compare passes, what we would do was encrypt the password the person entered and see if the encrypted string matches... I only need to know what method BT used to encrypt things like highscores and parental pass ;)

No, these are the actual cryptographic routines you'd use. Runtime encoding sold separately. These are just the algorithms.

What ever they are I need them...
I have a working script, I just need the encryption stuff and a mac tester

About my internet, my father was protecting my PC from a worm that uses codes in pictures.. Its a hole in microsoft that has been there since 1990
he gave me something to run and turned off something that lets the hole work just now...
anyway.. I may or may not have internet access from this point on.. Just a heads up
it all depends on my dad
in the meanwhile I have been working on gui art and learning alot... But this script will not be gui just yet

It works.. I need the algorithm and a mac tester/compiler
details on how it works and how to use it are to come :)

War.. You need the encryption function and that'll probably make you change most of the programs core. If I am to make it (GUI or not) I first would like to know how to encrypt in TT, so I can implement it from the beggining, adding reliability to the script ;)... Something you didnt do... Some of the core changes may just be enough to open a security hole or anything...
Btw, create a junk function that doesnt do anything, then keep calling the function in various parts of the script, with various random strings... That way someone trying to decode the script from the.dso (partly trying to get the algorithm) cant almost do it ;)

PS: Oh that bug... I think I got the fix, but listen to me, UNLESS you visit untrusted sites, you're safe (use something like the netcraft toolbar to know the risk of being in a site, so you can leave at once it the risk bar goes above 1% ;)

Last edited: Wednesday, January 04, 2006 at 2:24:21 PM

Well art if you want to do it then do it!

[Flame]
Reliability. I will make it reliable. I spent HOURS on my chatlogger so it would work every time. I know you just found your life and are moving slowly away from TT, but I found mine a long time ago when I purchased the book "3D Programming All In One" which is all about torque. If it isnt reliable at first, I will make it reliable. It doesnt matter if you do something 1st or last... Adding reliablity to a script is making sure it works before you release it! Right now I have a working script. It does all we want it to and with a little more testing and adding the encryption it will be finished. If we dont have an encryption algorithm, I will make one. Whether it is reliable right this second doesnt matter... No one is using it yet. I know and understand that you know more about torque than me but I am sure as hell not stupid.
[/Flame]

Anyways
Personally I dont think I will have to make many changes because all I need to do is put the encrypt and decrypt stuff in 2 functions and make them return their results...
Nothing unencrypted is stored in a global variable so we dont have to worry about someone getting it from the console from a good guess...

So far my script can:

Ask a player to sign up if they dont have an account on that server.
Ask a player for their password because their name is protected.
Change a player's password if they supply their existing password and a new one.
it checks for correct syntax of commands.
It talks to the client via chat and a player who is protected and not signed in has 30 seconds to to so.
They can't chat anything except the NickProtect commands for this 30 seconds and everything involving NickProtect will not show up on mine or art's chatlogger.

The only problem: We need the encryption codes.

About the internet worm... Lots of people have a fix... My dad is one of them... It aint that special.
And I dont visit untrusted sites but I am sure that people I converse with on various forums do. The worm gets around by your internet browser loading particular pictures with the virus in them.
Anyone can link up any picture on this or other forums so its better to be safe than sorry.

As dateman says...
What a Day!

I forgot to add..
NO LAG!!!!
Unlike the chatloggers this makes all the changes at the end of missions... So no lag during the game...
the only problem with that is the server can go down and the changes won't get done...

Or we could have lag while everyone's changes happen during the game...

Now I was wondering.. Who would recieve this script?
I am sure there is a not so nice admin out there who would mess with the people he doesn't like by messing around in the nickpass.cs file
encryption or not... Messing around in there would screw someone's password up
I was thinking this should be distributed among just the admin cricle... And among other trusted people

^ and ^^ :)
Well about the encrypt and decrypt functions, ONLY ONE WOULD BE ADDED, to prevent people from editing the scrpt to decode the passwords. To check if a password is correct we'd encrypt the one the person entered and compare the 2 encrypted functions...
I was saying that if you do the script once without everything in mind, you might just remove most of the reliability... Might not be the case but you should never do it, NEVER!
About the no-lag thing, NO, what you do is write to the file whenever someone registers, and also add it to the memory.. This saves reading and ALWAYS has it written in the file... You could add an option to disable this and only update at the end of a round thou.
About the distribution, I agree. I'm waiting to get a way to encrypt it (wich I don't think we'll get) to start my version ;) (And GUI too :) wich'll take a while...)

Now, see if you can contact 56k or dan mac on a way to encrypt a string in TT.

When I'm finished I'll like to do some "anti-dso-decoding" stuff... It'll be MUCH harder to decode important functions like encrypt afterwards (wich will also have a RANDOM name, something to do with TT or the script)

Last edited: Thursday, January 05, 2006 at 10:34:41 PM

Alright Art... I like the idea of one encode function
If you are going to do it than I wont bother with it...
I cant contact anyone via e-mail... My dad blocked it...

Well, like WF said, whether the pass is encrypted or not, it can still get screwed up. I think the only way to prevent that is to encrypt the names, etc. --meaning the whole nickpass.cs fie.

Ok now that 56k has given me some functions that seem to encrypt a string... Never tested but I will tomorrow, if it works I'll start tomorrow too ;) If not... Bad luck lol