00:39 <+bridge> [ddnet] ok 00:39 <+bridge> [ddnet] I can't reproduce, like with most issues 00:49 <+bridge> [ddnet] Is there a way for pvp modes to not allow certain resolutions so that people with ultra wide monitors don't get zoom hack? 00:52 <+bridge> [ddnet] ultra wide monitors don't help you 00:53 <+bridge> [ddnet] open editor and view the proof box, that's how far you can see, no further 01:01 <+bridge> [ddnet] https://cdn.discordapp.com/attachments/565178453893316608/900767258903736371/wat1.demo.mp4 01:01 <+bridge> [ddnet] whats up with this 01:01 <+bridge> [ddnet] That's zoomed out 01:01 <+bridge> [ddnet] is this only in demo? 01:01 <+bridge> [ddnet] You can't zoom out in pvp ingame 01:01 <+bridge> [ddnet] only when spectating 01:02 <+bridge> [ddnet] ok nice it was my assumption it was because of his monitor 08:06 <+bridge> [ddnet] @bye-bye ok thanks for your help 08:27 <+bridge> [ddnet] does the tee look wide on ultra wide? 08:27 <+bridge> [ddnet] :monkalaugh: 11:01 <+bridge> [ddnet] @deen can u add word-wrap: break-word; 11:01 <+bridge> [ddnet] to .dlfiles ul {} 11:02 <+bridge> [ddnet] 👀 11:02 <+bridge> [ddnet] https://cdn.discordapp.com/attachments/293493549758939136/924965405011873822/unknown.png 11:02 <+bridge> [ddnet] vs 11:02 <+bridge> [ddnet] https://cdn.discordapp.com/attachments/293493549758939136/924965434556567612/unknown.png 11:03 <+bridge> [ddnet] i think its missing a whitespace too 11:10 <+bridge> [ddnet] there was a random } that had no match xd 11:20 <+bridge> [ddnet] @deen there is still a random } there 11:20 <+bridge> [ddnet] in the css 11:21 <+bridge> [ddnet] https://github.com/ddnet/ddnet-web/blob/master/www/css.css#L794 11:21 <+bridge> [ddnet] that opens in line 691 11:21 <+bridge> [ddnet] oh 11:22 <+bridge> [ddnet] maybe format it a bit xd 11:31 <+bridge> [ddnet] windows build is failing 11:31 <+bridge> [ddnet] Error: fatal: unable to access 'https://github.com/ddnet/ddnet/': OpenSSL SSL_connect: Connection was reset in connection to github.com:443 11:31 <+bridge> [ddnet] Error: The process 'C:\Program Files\Git\bin\git.exe' failed with exit code 128 11:31 <+bridge> [ddnet] 11:31 <+bridge> [ddnet] xd 11:31 <+bridge> [ddnet] i hecking love windows 11:31 <+bridge> [ddnet] :monkalaugh: 11:40 <+bridge> [ddnet] same happened on ubuntu build. it's probably a github or central run problem 11:41 <+bridge> [ddnet] https://github.com/ddnet/ddnet/pull/4475 11:41 <+bridge> [ddnet] swap in team 0 will never be good 11:42 <+bridge> [ddnet] u can get rannks with time 0 11:42 <+bridge> [ddnet] since times are not syncronized as in within a team 11:42 <+bridge> [ddnet] even if it adds some time 11:43 <+bridge> [ddnet] How can you get time 0? It should swap your times too 11:44 <+bridge> [ddnet] (I hope) 11:44 <+bridge> [ddnet] thats not how it works rn 11:44 <+bridge> [ddnet] i think it was coded in mind that ur in a team 11:44 <+bridge> [ddnet] and have the same time 11:44 <+bridge> [ddnet] iirc 11:44 <+bridge> [ddnet] can you check? 11:44 <+bridge> [ddnet] but as long as we switch the times, it should be fine, right? 11:45 <+bridge> [ddnet] It should be fine indeed 11:46 <+bridge> [ddnet] but its a bit weird 11:46 <+bridge> [ddnet] to swap times 11:46 <+bridge> [ddnet] it makes sense to prevent a cheat like big time skip 11:46 <+bridge> [ddnet] but it wouldnt in a part where you are near 11:47 <+bridge> [ddnet] cuz u would get the 300 min time from a afker 11:47 <+bridge> [ddnet] xd 11:47 <+bridge> [ddnet] well u can always swap back 11:47 <+bridge> [ddnet] if other agrees 11:47 <+bridge> [ddnet] 11:47 <+bridge> [ddnet] i think code is here 11:48 <+bridge> [ddnet] ye it should change the time 11:48 <+bridge> [ddnet] the idea is to make it the same as swapping with timeout, which is already possible 11:48 <+bridge> [ddnet] ok 11:48 <+bridge> [ddnet] so we have no further risk than we always had with /timeout 11:48 <+bridge> [ddnet] im fine with it if it doesnt allow the 0' times 11:49 <+bridge> [ddnet] it just makes the /timeout swapping less awkward by providing it ingame instead of having to hard-kill your client etc 11:53 <+bridge> [ddnet] it also removes the risk of timeout not properly working, I saw someone just disconnect normally trying to timeout 😄 11:53 <+bridge> [ddnet] :monkalaugh: 12:21 <+bridge> [ddnet] i think they are not shown on the current version 12:21 <+bridge> [ddnet] only on older 12:22 <+bridge> [ddnet] ah 12:22 <+bridge> [ddnet] probs make sense since they dont exist 13:00 <+bridge> [ddnet] I installed a shady chinese android emulator 13:00 <+bridge> [ddnet] If I randomly start writing things in chinese, ban me 13:03 <+bridge> [ddnet] 好的，我会做。 13:06 <+bridge> [ddnet] oh god, it's starting 13:22 <+bridge> [ddnet] For some reason all the high performance android emulators seem to be made by chinese people and only in chinese 13:40 <+bridge> [ddnet] 👀 13:40 <+bridge> [ddnet] are you doubting the superior chinese engineering 13:41 <+bridge> [ddnet] No, pls don't rat me out to mr xi. I mean no disrespect 13:41 <+bridge> [ddnet] :thonk: 13:41 <+bridge> [ddnet] I have a theory. I think it's because mobile gaming is really popular in china, so it makes sense they make emulators capable of running games 13:42 <+bridge> [ddnet] What emulators are we talking about 13:42 <+bridge> [ddnet] I'm curious 13:44 <+bridge> [ddnet] MuMu is the one I tried, it performs far better than the qemu based android emulator I had 13:45 <+bridge> [ddnet] Oh android emulator 13:45 <+bridge> [ddnet] I thought you mean emulators on android 13:45 <+bridge> [ddnet] :kek: 13:45 <+bridge> [ddnet] Ye, we do have lots of those 13:46 <+bridge> [ddnet] idk what kind of sorcery they employ tbf, doesn't even require VT-X on the cpu somehow 13:46 <+bridge> [ddnet] I think they all need to be licensed by most of the bigger chinese mobile games too. Which is a werid situation. 13:46 <+bridge> [ddnet] If you don't pay up these games blocks that emulator i think 13:46 <+bridge> [ddnet] :kek: 13:47 <+bridge> [ddnet] Chinese market is wack 13:47 <+bridge> [ddnet] I wonder if it is some sort of JVM implementation 13:49 <+bridge> [ddnet] This explains how these companies seem to be okay with their games running on emulated hardware 13:50 <+bridge> [ddnet] Btw, i don't know about mumu, but you can find virtualbox's executables in a lot of these emulators 13:50 <+bridge> [ddnet] Hard for me to dig around this because everything is in chinese 😄 13:50 <+bridge> [ddnet] Even so, they split servers between actual mobile users and emulator users 13:51 <+bridge> [ddnet] Well not all games, gacha games seem to be fine with people mixing 13:51 <+bridge> [ddnet] If there is pvp however, yeah it seems that they do split 13:51 <+bridge> [ddnet] Probably because they don't have gameplay:kek: 13:51 <+bridge> [ddnet] Ofc they have gameplay, it's just insanely boring usually 13:52 <+bridge> [ddnet] Only exception is genshin impact 13:52 <+bridge> [ddnet] Genshin impact is weird in china. People either love it so much or hate it immensely 13:54 <+bridge> [ddnet] Well it's aggressively weeb, that's how such things are treated outside of japan 😛 13:54 <+bridge> [ddnet] fair enough 13:55 <+bridge> [ddnet] If only that game didn't have the weird gacha business model 13:56 <+bridge> [ddnet] Reverse engineer it and make a private server👀 13:56 <+bridge> [ddnet] Great story, great art, great music, decent gameplay, absolutely awful game balance because they don't care if characters are balanced or not 13:56 <+bridge> [ddnet] They only care if characters sell, which means if they look and sound cute they ship it 13:57 <+bridge> [ddnet] Mihoyo would sue me to high heaven, chinese companies are ruthless with IP 13:57 <+bridge> [ddnet] :thonk: we aren't Japanese tho 13:57 <+bridge> [ddnet] True, atleast it's not japanese 😄 13:58 <+bridge> [ddnet] Question\: Does your isps block incoming connections? I wonder if this is a common thing for isps to do. My dormitory just started blocking every port incoming (yes every room has their own static ip which is awesome). 13:58 <+bridge> [ddnet] Question\: Does your isp block incoming connections? I wonder if this is a common thing for isps to do. My dormitory just started blocking every port incoming (yes every room has their own static ip which is awesome). 13:59 <+bridge> [ddnet] How does that work? 13:59 <+bridge> [ddnet] Only traffic allowed on established ports? 13:59 <+bridge> [ddnet] ~~Our isp blocks half of the internet~~ 13:59 <+bridge> [ddnet] heh 13:59 <+bridge> [ddnet] It's for your own safety 14:00 <+bridge> [ddnet] Yeah only established ports, idk how it determines it exactly especially for connectionless protocols but it's a common feature every router supports 14:00 <+bridge> [ddnet] But ye, idk how would blocking incoming connection works 14:00 <+bridge> [ddnet] Well I've only seen it blocked when I was behind NAT, and that you can punch through easily 14:00 <+bridge> [ddnet] I know isps that just drop every udp packets 14:01 <+bridge> [ddnet] My backup was relying on the fact that my backup server here at home has a static ip and devices could always backup to it even if they were on some random wifi anywhere so that broke now 14:43 <+bridge> [ddnet] timakro: Maybe you could poke through it the same way we poke through NAT? 14:44 <+bridge> [ddnet] wireguard does persistent keepalives, maybe you could try that 14:45 <+bridge> [ddnet] Hm, though it needs to be the server that starts the communication, so that probably won't work too well 14:58 <+bridge> [ddnet] why is there no option to set maximum ping 14:58 <+bridge> [ddnet] https://cdn.discordapp.com/attachments/293493549758939136/925024809203683368/unknown.png 15:00 <+bridge> [ddnet] I think we removed the UI option for it because it was just not very useful with the new browser that lacks pings 15:01 <+bridge> [ddnet] kinda annoying 15:01 <+bridge> [ddnet] but i guess i can use the eu and rus countries 15:01 <+bridge> [ddnet] I think we still should have it as a console option for the people that use the leak ips option 15:01 <+bridge> [ddnet] https://cdn.discordapp.com/attachments/293493549758939136/925025667958067280/Screenshot_2021-12-27_at_17.01.10.png 15:01 <+bridge> [ddnet] Maybe try checking the options that start with `br+ 15:02 <+bridge> [ddnet] `br_` 15:18 <+bridge> [ddnet] https://cdn.discordapp.com/attachments/293493549758939136/925029977123061790/unknown.png 16:56 <+bridge> [ddnet] can you add a feature that shows direction input from other players at all times? 16:57 <+bridge> [ddnet] so i can actually see what someone is pressing when in freeze 20:18 < keks_> @noby your bot detection had a false positive (^pDetektiv Keks), if you need the demo or smth just contact oreo 20:32 <+bridge> [ddnet] :think_bot: 21:51 <+bridge> [ddnet] how can i use the cl_run_on_join 21:52 <+bridge> [ddnet] (for multiple command like go on team 2 join a dummy make him join too and after lock) 21:53 <+bridge> [ddnet] Mh, you can't really do that 21:54 <+bridge> [ddnet] does ddnet support | ?? 21:54 <+bridge> [ddnet] i wish we could :feelsbadman: 21:55 <+bridge> [ddnet] there is nothing could do and or & or | ?? 21:56 <+bridge> [ddnet] You can do ; 21:57 <+bridge> [ddnet] But the problem is you cant execute client commands, so you cant get dummy to join automatically 21:57 <+bridge> [ddnet] And there are no delays so lock would happen before dummy joins 21:59 <+bridge> [ddnet] if you want the next best solution is to make a config that does that on a key 22:00 <+bridge> [ddnet] yeah 22:00 <+bridge> [ddnet] i actually wanted to make fthat for myself so if you want i can make it and send it to you 22:00 <+bridge> [ddnet] can i put time in cmd ?? 22:00 <+bridge> [ddnet] if you can i would like you tto send it to me 22:01 <+bridge> [ddnet] No timing in console 22:01 <+bridge> [ddnet] yeah ill make it real quick 22:42 <+bridge> [ddnet] @Robyt3\: could https://github.com/ddnet/ddnet/pull/4536 fix my occasional delta unpack fails? Or tees flying up for a few seconds? 22:48 <+bridge> [ddnet] which social media is good 22:48 <+ChillerDragon> github 22:48 <+bridge> [ddnet] none 22:48 <+bridge> [ddnet] irc 22:48 <+ChillerDragon> how is irc social media? :D 22:48 <+bridge> [ddnet] anything used to communicate is a social media 22:49 <+bridge> [ddnet] by definition of social and media 22:49 <+ChillerDragon> okey 22:49 <+ChillerDragon> what about hooman voice? 22:49 <+bridge> [ddnet] thats overrated 22:49 <+bridge> [ddnet] not sure what the undefined behavior ends up happening on integer overflow, but unless you are packing and unpacking invalid data, I don't think it will affect your bug 22:49 <+bridge> [ddnet] can you give its link 22:50 <+ChillerDragon> real life link? 22:50 <+ChillerDragon> try knock ur neighbours door and yell at them thats social 22:50 <+bridge> [ddnet] xd 22:50 <+bridge> [ddnet] okey 22:51 <+bridge> [ddnet] depends if you are a normal human then https://libera.chat/ if you are a weeb then https://www.rizon.net/ 22:51 <+ChillerDragon> @Robyt3 hm oke i still blame my network but heinrich said it shouldnt happen. And the flying tees idk first i thought its kog then i thought its my hax client not sure yet 22:51 <+ChillerDragon> UwU 22:51 <+bridge> [ddnet] thank you 22:51 <+bridge> [ddnet] (@Ryozuki) 22:52 <+ChillerDragon> imo github is most underrated social media 22:52 <+ChillerDragon> its so fun to comment on random commits 22:52 <+bridge> [ddnet] lmao 22:52 <+bridge> [ddnet] on github i wrote "degraded person" 22:52 <+bridge> [ddnet] instead of degraded perfomance 22:52 <+bridge> [ddnet] xd 22:53 <+ChillerDragon> oof 22:54 <+bridge> [ddnet] Um, irc isn't really social media, is it? 22:54 <+ChillerDragon> thats what i said 22:54 <+ChillerDragon> imo social media is about public postings 22:54 <+ChillerDragon> not just live chats 22:54 <+bridge> [ddnet] Social media for open source nerds would be mastodon 22:54 <+ChillerDragon> ye 22:54 <+ChillerDragon> but does anyone use that? 22:55 <+bridge> [ddnet] Internet Relay Chat (IRC) is a text-based chat (instant messaging) system. IRC is designed for group communication in discussion forums, called channels,[1] but also allows one-on-one communication via private messages[2] as well as chat and data transfer,[3] including file sharing.[4] 22:55 <+bridge> [ddnet] i think it is social media 22:55 <+bridge> [ddnet] the OG 22:55 <+bridge> [ddnet] how can we connect chat with phonr 22:56 <+ChillerDragon> whats phonr 22:56 <+bridge> [ddnet] phone 22:56 <+ChillerDragon> which chat 22:56 <+bridge> [ddnet] how do you open the discord interface with a bot ?? 22:56 <+bridge> [ddnet] irc 22:56 <+bridge> [ddnet] https://xkcd.com/1652/ 22:56 <+ChillerDragon> what os runs ur phone? 22:57 <+ChillerDragon> i did not find a neat irc client for iOS yet 22:57 <+bridge> [ddnet] samsung 22:57 <+bridge> [ddnet] android 22:57 <+ChillerDragon> idk baut android either 22:57 <+ChillerDragon> just search irc client in your fav app repo 22:58 <+bridge> [ddnet] the best way to enjoy irc is first by installing any sort of chad linux distro such as arch linux, gentoo, then proceed to open ur terminal, install irssi or weechat and connect 22:58 <+bridge> [ddnet] okey 22:58 <+bridge> [ddnet] i will try 22:58 <+bridge> [ddnet] thank you 22:58 <+bridge> [ddnet] :monkaS: 22:58 <+ChillerDragon> weechat on my phone sucks tho 22:59 <+bridge> [ddnet] on a 144hz screen 22:59 <+bridge> [ddnet] feels better when the text moves 22:59 <+ChillerDragon> .. 22:59 <+bridge> [ddnet] hm, the android irc clients are actually pretty sad ngl 22:59 <+bridge> [ddnet] i use revolution irc 22:59 <+ChillerDragon> just use the twitch app 22:59 <+ChillerDragon> ... its irc :brain: 22:59 <+bridge> [ddnet] I used yaaic for a while, but I just don't use irc much on phone anymore 22:59 <+bridge> [ddnet] ye i dont even open it 22:59 <+bridge> [ddnet] i dont have friends there 23:00 <+bridge> [ddnet] :feelsbadman: 23:00 <+ChillerDragon> :c 23:00 <+bridge> [ddnet] i was once in a cool niche irc 23:00 <+bridge> [ddnet] but it closed 23:00 <+ChillerDragon> oodnet masterrace 23:00 <+bridge> [ddnet] oodnet feels a bit like a circlejerk of shorefire and friends 23:00 <+ChillerDragon> xd 23:00 <+ChillerDragon> did they move to libera btw? 23:00 <+bridge> [ddnet] ye 23:01 <+ChillerDragon> just realized i am still left alone there xd 23:01 <+ChillerDragon> i barley check irc these days 23:01 <+bridge> [ddnet] xd 23:01 <+ChillerDragon> i got sucked into matrix's electron hell 23:01 <+bridge> [ddnet] i rly dislike it 23:01 <+ChillerDragon> but it runs on my phone -,- 23:02 <+ChillerDragon> and it can do images 23:02 <+bridge> [ddnet] u can use OTR if u want to send ur privat sex texts on irc 23:02 <+bridge> [ddnet] 23:02 <+bridge> [ddnet] :monkalaugh: 23:03 <+bridge> [ddnet] oodnet is cool computer stuff + me ranting about not having an ounce of serotonin left in my brain 23:03 <+bridge> [ddnet] xd 23:03 <+ChillerDragon> u have a brain? 23:03 <+bridge> [ddnet] @Learath2 "cool computer stuff" aka C addicts who think doing everything in c is the epitome of software dev 23:03 <+bridge> [ddnet] and the cool dev club 23:03 <+bridge> [ddnet] xd 23:03 <+ChillerDragon> i dont get OTR 23:03 <+bridge> [ddnet] sry tbh this is just my impression from overlooking it 23:03 <+bridge> [ddnet] its prob more than that xd 23:04 <+ChillerDragon> does anyone use OTR? 23:04 <+bridge> [ddnet] i did once 23:04 <+bridge> [ddnet] it autodetects 23:04 <+bridge> [ddnet] if another has otr support 23:04 <+bridge> [ddnet] well aerx uses haskell a lot, muriii has his own lua like language and there was that one guy who was making a machine coding helper tool 23:04 <+bridge> [ddnet] tho they kicked the last guy because he was also a raging transphobe 23:04 <+bridge> [ddnet] :monkaS: 23:04 <+ChillerDragon> so otr is just about encryption and one slaps it on top of a messaging app? liek pgp? 23:05 <+bridge> [ddnet] did they change the website? 23:05 <+bridge> [ddnet] i remember some kind of skull before 23:05 <+bridge> [ddnet] it was cool 23:05 <+bridge> [ddnet] i need to find my irc rust circlejerk 23:05 <+bridge> [ddnet] kinda 23:06 <+bridge> [ddnet] Off-the-Record Messaging (OTR) is a cryptographic protocol that provides encryption for instant messaging conversations. OTR uses a combination of AES symmetric-key algorithm with 128 bits key length, the Diffie–Hellman key exchange with 1536 bits group size, and the SHA-1 hash function. In addition to authentication and encryption, OTR provides forward secrecy and malleable encryption. 23:06 <+ChillerDragon> ye red that 23:06 <+ChillerDragon> so when encrypt tw? -.- 23:07 <+bridge> [ddnet] it would be cool to do that in tw 23:07 <+bridge> [ddnet] its prob possible 23:07 <+bridge> [ddnet] u dont even need server side support 23:07 <+bridge> [ddnet] but mayebe the character limit fucks it a bit 23:07 <+ChillerDragon> make ddnet to ddnet client whisper secure -.- 23:07 <+bridge> [ddnet] maybe* 23:07 <+bridge> [ddnet] I was coding an OTR lib, but OTR for groups is actually not that easy to set up, especially when the group participants can change 23:07 <+bridge> [ddnet] maybe one would do the signal encryption these days 23:07 <+bridge> [ddnet] for IM encryption 23:08 <+ChillerDragon> signal encryption for tw chat? :D 23:08 <+bridge> [ddnet] ChillerDragon: a lot easier said than done. do you use any encrypted messengers? 😉 23:08 <+ChillerDragon> use? 23:08 <+bridge> [ddnet] I was going to name it libsrsotr 23:08 <+ChillerDragon> wdym 23:09 <+ChillerDragon> isnt it using some crypto lib and slap it in ddnet code base? 23:10 <+bridge> [ddnet] if slapping coded we could probably get some monkeys to do it 23:10 <+ChillerDragon> ay weechat has a otr plugin \o/ 23:10 <+bridge> [ddnet] ChillerDragon: what encrypted messenger do you use? 23:11 <+ChillerDragon> are you trying to embarasse me by not knowing which of my messengers are not encrypted? :D 23:11 <+ChillerDragon> i use wire and signal if i have to 23:11 <+ChillerDragon> think matrix does some crypto too sometimes 23:11 <+bridge> [ddnet] no, I'm trying to embarrass you by checking whether you would've detected a server MITM or no 23:11 <+bridge> [ddnet] t 23:12 <+bridge> [ddnet] did you verify your contact keys for any contact? 23:12 <+ChillerDragon> uhm wat? 23:12 <+ChillerDragon> oh you mean in person? 23:12 <+ChillerDragon> or like over another connection 23:12 <+ChillerDragon> like a pgp party? :D 23:12 <+ChillerDragon> no i didnt 23:13 <+bridge> [ddnet] over another connection fine, I guess 23:13 <+ChillerDragon> yea 23:13 <+bridge> [ddnet] sounds good 🙂 23:13 <+ChillerDragon> see? 23:13 <+ChillerDragon> i didnt and all worked 23:13 <+ChillerDragon> so make it the same in ddnet xd 23:13 <+ChillerDragon> hehe 23:14 <+bridge> [ddnet] hm? 23:14 <+bridge> [ddnet] you didn't? then you can't tell whether the server MITMed you 23:14 <+ChillerDragon> -.- 23:14 <+ChillerDragon> oke 23:14 <+ChillerDragon> so you want to go extra safe 23:14 <+ChillerDragon> even then can't that be done easily? 23:15 <+ChillerDragon> can't we add trusted authorities like ddnet servers to authenticate ? 23:16 <+ChillerDragon> i assume your point is that the decrentalized nature of teeworlds has plenty of fishy servers which could try to MITM 23:17 <+ChillerDragon> If i would not trust signal or wire with their official servers id also have to audit every line of code and selfcompile. 23:18 <+ChillerDragon> same goes for ddnet. If there can be some trusted ddnet server helping against MITM even on other servers that would work wouldn't it? 23:18 <+ChillerDragon> isn't that how the web works? someone decided to trust a bunch of root CAs and then boom SSL for all 23:18 <+bridge> [ddnet] Well, very technically as soon as you have a public key for the person you are sending messages to there is no other security issue 23:19 <+ChillerDragon> but imo it would be best to not confuse the user with keys and signatures and shit. Also not make them think they can now sell drugs in tw chat. 23:20 <+bridge> [ddnet] So the hard part of the issue is finding a way to get public keys to people and let them verify that the key belongs to the person they are trying to communicate 23:20 <+ChillerDragon> Just do some basic crypto so not everyone in starbucks can read my tw chats with a basic tcpdump 23:20 <+bridge> [ddnet] For socially challanged people like the ones in here it's not that difficult, but the system needs to be designed for your grandma to be able to use. So it's not that easy 😄 23:21 <+bridge> [ddnet] ah, transport encryption is doable ChillerDragon 23:21 <+bridge> [ddnet] just e2e is not so easy 23:21 <+bridge> [ddnet] I did start implementing something similar to TLS for teeworlds but heinrich told me he'd slap me if I did my own crypto 23:21 <+ChillerDragon> ye gimme something 23:21 <+bridge> [ddnet] ye doing ur own crypto is bad 23:22 <+bridge> [ddnet] I didn't feel like wrapping the entirety of teeworlds protocol in overhead, and he didn't let me make my own, so I just simply dropped the idea 23:22 <+ChillerDragon> rude heinrich 23:22 <+bridge> [ddnet] https://en.wikipedia.org/wiki/Category:Cryptographic_attacks 23:22 <+bridge> [ddnet] u need to protecc 23:23 <+ChillerDragon> I might get it all wrong and broken crypto is worse than none 23:24 <+bridge> [ddnet] is it? 23:24 <+ChillerDragon> but i feel like there is a hugh difference between plain text and something that requires to be attacked 23:24 <+bridge> [ddnet] when u have the "confidence" that it is "secure" u may say stuff that u wouldnt on a channel you know is insecure 23:24 <+bridge> [ddnet] thats why its bad 23:24 <+ChillerDragon> yes 23:24 <+bridge> [ddnet] Not really, crypto broken in some slight way is not that easy to figure out how to break 23:24 <+ChillerDragon> but what if we tell nobody that it has crypto 23:24 <+ChillerDragon> :D 23:24 <+bridge> [ddnet] I might not be a cryptonerd but I'm not deficient in braincells 23:25 <+bridge> [ddnet] new icons poggers 23:25 <+bridge> [ddnet] sadly github doesnt show em 23:25 <+bridge> [ddnet] oh u need rich diff 23:25 <+bridge> [ddnet] How badly do you think I'd design the protocol? Not like I was considering sending the encryption key in plaintext 😄 23:25 <+bridge> [ddnet] https://cdn.discordapp.com/attachments/293493549758939136/925152497780289586/unknown.png 23:26 <+ChillerDragon> nah my point is currently it is plain text. And heinrichs argument seems to be we do not do crypto because there could be MITM 23:26 <+ChillerDragon> just give me MITM crypto then better than plaintext 23:26 <+bridge> [ddnet] like doing rsa as is without aes 23:26 <+bridge> [ddnet] :monkalaugh: 23:27 <+ChillerDragon> there is no way to know who the other parties are in tw chat anyways there are no accounts and fake names 23:27 <+bridge> [ddnet] Nah, his argument was that doing e2e is hard, since we were talking about OTR, which is about E2E 23:27 <+ChillerDragon> ah ye ok 23:27 <+ChillerDragon> i talk about some crypto in general 23:28 <+bridge> [ddnet] u got some btc? 23:28 <+ChillerDragon> also like not sending the rcon pw in plain text 23:28 <+ChillerDragon> i got some btc 23:28 <+bridge> [ddnet] Transport encryption is as he said much easier, I even started implementing it but I was the only one interested in doing it and I wasn't interested in wrapping the entire protocol in TLS 23:29 <+ChillerDragon> why ryo? 23:30 <+bridge> [ddnet] we need post quantum encryption 23:30 <+bridge> [ddnet] so google cant know 23:30 <+ChillerDragon> u high? 23:30 <+bridge> [ddnet] https://en.wikipedia.org/wiki/Post-quantum_cryptography 23:30 <+ChillerDragon> i doubt google has dumps of my tw traffic 23:31 <+bridge> [ddnet] I don't really like doing homebrew protocol/crypto stuff where not necessary 23:31 <+bridge> [ddnet] standard crypto also has instant wireshark support 23:32 <+ChillerDragon> how much standard crypto is there other than TLS? 23:32 <+bridge> [ddnet] there's dTLS and quic right now AFAIK 23:32 <+ChillerDragon> oh i think i heard quic 23:32 <+bridge> [ddnet] (both use some form of TLS) 23:32 <+ChillerDragon> yea 23:33 <+ChillerDragon> so wrap it all in TLS? 23:33 <+bridge> [ddnet] in quic 23:33 <+bridge> [ddnet] it is far more work to do either of those that encompass the entire protocol, which is why we don't have it at all 23:33 <+ChillerDragon> yea sounds nasty 23:33 <+bridge> [ddnet] https://github.com/microsoft/msquic 23:33 <+bridge> [ddnet] :monkalaugh: 23:33 <+bridge> [ddnet] lets trust m$$ 23:33 <+ChillerDragon> :D 23:34 <+ChillerDragon> wow its c 23:34 <+bridge> [ddnet] it's mostly the backward compatibility and secure detection that's hard 23:34 <+bridge> [ddnet] but that needs to be done in both cases 23:34 <+bridge> [ddnet] quiche has a very simple C api 23:34 <+bridge> [ddnet] I was just going to establish a small portion of netmsgs that should never be in plaintext and do those encrypted 23:34 <+ChillerDragon> I WANT MY HOOK PACKETS TO BE ENRYPTED ! 23:34 <+bridge> [ddnet] While not completely secure, it would work against any attack one would care about 23:34 <+ChillerDragon> enrypted xd 23:35 <+bridge> [ddnet] I think I explained why I think this is insecure against reverse MITM 23:35 <+ChillerDragon> the network sniffer replay attack to steal runs! 23:36 <+bridge> [ddnet] also I think we did some benchmarks on turkey servers to see that the crypto overhead is not big (re performance of encrypting everything) 23:36 <+ChillerDragon> ? 23:36 <+bridge> [ddnet] it won't ever let an attacker execute a rcon command nor will it allow them to read messages 23:36 <+ChillerDragon> wat benchmarks 23:37 <+bridge> [ddnet] it lets people race under other accounts, i.e. botting on other people's accounts 23:37 <+bridge> [ddnet] Yeah performance of encrypting everything would be fine, but I don't see anyone that'll work on it within this decade, I'd have finished that thing within a month or two as I even had the time back then 23:37 <+ChillerDragon> ?? 23:37 <+ChillerDragon> im confused 23:38 <+ChillerDragon> ye prio 0.7 clients :D 23:38 <+bridge> [ddnet] Summary: You aren't getting any encryption until someone has the time to wrap the entire protocol in dTLS or QUIC