02:39 < bridge> Does anyone know how to open tas on ddrace? 02:47 < bridge> sus 02:48 < bridge> sus. why would you want to run Tool Assisted Speedrun software in combination with Teeworlds. :monkaHmm: 03:00 < bridge> speedrun in servers private 03:17 < bridge> tas can run .exe? to make a run 09:37 < bridge> https://cdn.discordapp.com/attachments/293493549758939136/1069536876458942464/RDT_20230130_0937305517512776378440360.jpg 11:06 < bridge> aka the last good thinkpads: x61 11:07 < bridge> :poggers2: 13:08 < bridge> @Robyt3 for #6293 I haven't really had the time to check but I thought passing a bitset would just entail passing the underlying unsigned. That's why I suggested passing by value. I think if we want to make it any power of 2 in the future, the references can be added in that patch. 13:08 < bridge> https://github.com/ddnet/ddnet/pull/6293 13:08 < bridge> I'm fairly happy with my t440p šŸ˜„ 14:02 < bridge> Regarding the account discussion in #general. And my concern to not be able to move progress from a name to an account. Do the ddnet servers store some identifiers like MAC Address? 14:02 < bridge> MAC should be part of the networking from my understanding 14:05 < bridge> MAC should be part of the networking from my understanding. But I doubt DDNet covers for that. Because then banning players shouldn't be a problem. 14:07 < bridge> MAC should be part of the networking from my understanding. But I doubt DDNet covers for that. Because then banning players shouldn't be a problem. 14:07 < bridge> 14:07 < bridge> Edit: Ah nevermind. Forgot my Cisco years. It's ports that handle traffic between outside servers, router and local client. 14:07 < bridge> ~~Regarding the account discussion in #general. And my concern to not be able to move progress from a name to an account. Do the ddnet servers store some identifiers like MAC Address?~~ 14:07 < bridge> ~~MAC should be part of the networking from my understanding. But I doubt DDNet covers for that. Because then banning players shouldn't be a problem.~~ 14:07 < bridge> 14:07 < bridge> Edit: Ah nevermind. Forgot my Cisco years. It's ports that handle traffic between outside servers, router and local client. 14:08 < bridge> ~~MAC should be part of the networking from my understanding. But I doubt DDNet covers for that. Because then banning players shouldn't be a problem.~~ 14:08 < bridge> 14:08 < bridge> Edit: Ah nevermind. Forgot my Cisco years. It's ports that handle traffic between outside servers and router. And network table. For router and local client. 14:10 < bridge> ~~MAC should be part of the networking from my understanding. But I doubt DDNet covers for that. Because then banning players shouldn't be a problem.~~ 14:10 < bridge> 14:10 < bridge> Edit: Ah nevermind. Forgot my Cisco years. It's ports that handle traffic outgoing and incoming from the public IP. And network table. For router knowing where to redirect the traffic inside the network. 14:11 < bridge> ~~MAC should be part of the networking from my understanding. But I doubt DDNet covers for that. Because then banning players shouldn't be a problem.~~ 14:11 < bridge> 14:11 < bridge> Edit: Ah nevermind. Forgot my Cisco years. It's ports that handle traffic outgoing and incoming from the public IP. And network table. For router knowing where to redirect the traffic inside the network. So unless the DDNet client gathers the MAC-Address, you won't have that information. 14:17 < bridge> ~~MAC should be part of the networking from my understanding. But I doubt DDNet covers for that. Because then banning players shouldn't be a problem.~~ 14:17 < bridge> 14:17 < bridge> Edit: Ah nevermind. Forgot my Cisco years. It's ports that handle traffic outgoing and incoming from the public IP. And network table. For the router to know where to redirect the traffic inside the network. So unless the DDNet client gathers the MAC-Address, you won't have that information. 14:41 < bridge> And we can't trust the DDNet client because it's open source and anyone can change it to report a fake mac address 14:43 < bridge> Didn't think about it that way 14:43 < bridge> Might troll a bit in Growtopia then 14:44 < bridge> And ban all MAC-Addresses using TMAC 14:49 < bridge> And something like a MAC + MachineGUID (Windows) combination can't be used either because that wouldn't be cross platform. 14:50 < bridge> anything that the client sends can be faked 14:51 < bridge> Yea but try to fake a combination of multiple identifiers + region change and what not 14:52 < bridge> super easy, just enter anything you want 14:52 < bridge> we can't trust the client, period 14:52 < bridge> Yea but the argument was getting other people banned 14:52 < bridge> and we don't want any of the weird spyware that makes sure you don't modify the client 14:53 < bridge> ok, didn't understand it that way. I thought it's about banning cheaters 14:53 < bridge> You would have to know their location, ISP information, name, and multiple identifiers have to match. 14:53 < bridge> Which would be a lot of failed attempts to get someone like you banned 14:54 < bridge> But I guess being able to ban griefers and rule breakers will never be a thing 14:55 < bridge> Unless you get an actual anticheat. Which is too pricey and overkill for an open source project. 14:55 < bridge> Unless you get an actual anticheat. Which is too pricey and overkill for an open source project. Byfron looked promising. Daax loved it. 14:56 < bridge> im against anti cheat software of any kind 14:56 < bridge> they are predatory and spyware 14:56 < bridge> and the kernel ones even more 14:56 < bridge> >overkill 14:57 < bridge> But they are effective 14:57 < bridge> for now maybe 14:57 < bridge> cheats and anticheats is always a constant race 14:57 < bridge> Next best thing is streaming the game 14:58 < bridge> oof 14:58 < bridge> plenty of ways to cheat even while streaming 14:58 < bridge> Yea but Teeworlds isn't' infested by professional hackers 14:58 < bridge> No. Not streaming as in recording your gameplay. 14:58 < bridge> professional hackers arent paid to "hack" a open source game no one cares about 14:59 < bridge> and the real professionals often have morals 14:59 < bridge> oh i see 14:59 < bridge> the ones without already work for bad actors, and there is no money to be made here 14:59 < bridge> No. Not streaming as in recording your gameplay. Streaning like Stadia. 14:59 < bridge> we only have a kid 15:00 < bridge> Forget about it 15:00 < bridge> That would be too complicated to do 15:00 < bridge> You would have to allow only DDNet clients 15:00 < bridge> And thats not what would ever happen 15:01 < bridge> im now trying to learn genetic algorithms, always wanted to 15:30 < bridge> Are they really? Is there any game out there devoid of hacks? 15:30 < bridge> I think devoid of obvious hacks might be enough 15:31 < bridge> Is there even that? Even kernel anticheats are running on untrusted hardware 15:32 < bridge> At the end of the day I can attach a kernel debugger or load my own module before theirs 15:32 < bridge> I have heard that there are fewer obvious hacks in valorant 15:32 < bridge> kernel debugger: probably not? load own module before theirs: works, but only for n=1 15:33 < bridge> Yea they are punishing cheaters pretty well. Spoofers get detected. And they have to buy another game copy and probably another month of their cheat. Which can get pricy. EFT for example costs 70ā‚¬ (EoD), and a cheat for that game costs you easily 200ā‚¬. Most of them even keep selling subscriptions when they are detected. So foul play makes the life of a cheater hard as well. 15:33 < bridge> Iirc windows allows you to attach all the way at the start. All that remains is to monkeypatch out the ways they would detect the attached debugger 15:33 < bridge> Yea they are punishing cheaters pretty well. Spoofers get detected. And they have to buy another game copy and probably another month of their cheat. Which can get pricy. EFT for example costs 70ā‚¬ (EoD), and a cheat for that game costs you easily 200ā‚¬. Most of them even keep selling subscriptions when they are detected. So foul play makes the life of a cheater hard as well. 15:33 < bridge> 15:33 < bridge> There is no public cheat provider that hasn't been hit. 15:33 < bridge> that's entirely irrelevant to me if I want to play the game without cheaters 15:34 < bridge> > There is no public cheat provider that hasn't been hit. 15:34 < bridge> source? 15:34 < bridge> It should be relevant though 15:34 < bridge> The actual deterrant there isn't that the anticheat is amazing. It' the price 15:34 < bridge> because the script kiddies writing hacks for this game atm 15:34 < bridge> won't be able to get around an actual anticheat 15:34 < bridge> 15:34 < bridge> yes, and the fact that nothing stays undetected for ever 15:34 < bridge> so cheating is expensive overall 15:35 < bridge> it will always be easier to create cheats than it will be to prevent and detect them, especialy in open source games. not that it isnt worth trying 15:35 < bridge> if I play their game, why is it relevant what they do with cheaters? the only relevant thing for *me* is that they're providing a cheat-free environment 15:35 < bridge> sure, they prboably have to do something with cheaters 15:36 < bridge> but that's not what should interest me, I think 15:36 < bridge> they can do the harshest things possible, and if that's not providing a cheat-free environment, that's completely useless for me 15:36 < bridge> yes. as long the cheater can control the environment the game and the anticheat gets run in. there will be cheat. 15:36 < bridge> Yeah I don't think we have anyone with the skills to beat a real commercial anticheat here in the community. But eitherway, it doesnt apply to an opensource game. We'd need to only allow the precompiled client 15:36 < bridge> yes. as long the cheater can control the environment the game and the anticheat gets run in. there will be cheats. 15:36 < bridge> that's the problem 15:37 < bridge> and your serversided bot detection doesn't pickup mouse movement 15:37 < bridge> and your serversided bot detection doesn't pickup injected mouse movement 15:37 < bridge> (note that I don't think that this is a particularly bad problem) 15:37 < bridge> why wouldnt it? 15:37 < bridge> ask heinrich 15:37 < bridge> the server cant know whether the mouse movement is coming from the client itself, or some sort of network/memory injection 15:38 < bridge> it just sees the inputs 15:38 < bridge> Not sure which you mean 15:38 < bridge> that we're an open-source game 15:39 < bridge> the clients out there write the rotation 15:39 < bridge> i assume you do some delta checks 15:39 < bridge> mouse input injection makes the rotation look legit to the server 15:39 < bridge> Most of the successful anticheats rely on some sort of binary verification along with active monitoring of the game memory. Both can vary with self compiled versions of the game 15:40 < bridge> i dont think theres anything inherent about mouse input injection 15:40 < bridge> ie. it can be done in client too 15:40 < bridge> yep, but a blacklist would suffice, no? 15:40 < bridge> if this is what you mean 15:40 < bridge> yea and nearly every shot was detected as suspicious 15:41 < bridge> yes and why would it not have done the same thing if the inputs had came from an external source? 15:41 < bridge> it would be the same inputs 15:41 < bridge> in the case of a triggerbot 15:41 < bridge> not so much 15:41 < bridge> if we talk about aimbot detection 15:41 < bridge> it matters 15:41 < bridge> dont see how 15:41 < bridge> not so much. you detect it using reaction time. 15:41 < bridge> it smooths the rotation 15:41 < bridge> automatically 15:41 < bridge> just like normal mouse movement 15:42 < bridge> yeah so does the client 15:42 < bridge> why is it relevant that it's input via a mouse? 15:42 < bridge> you can do that in software, too 15:42 < bridge> the client is aiming in this video 15:42 < bridge> But blacklists are pretty fragile 15:42 < bridge> that's not how you should set up an anticheat 15:42 < bridge> binary verrification, integrity checks 15:43 < bridge> and an open connection from the anticheat to the ddnet servers 15:44 < bridge> VAC caught a lot of people back in the day by monitoring a single variable in the game memory. Old csgo cheats used to just enable the outlines for all players as if in spectator mode 15:44 < bridge> in case of @DefaultO's ideas, being open source is a problem 15:44 < bridge> it's called glow 15:44 < bridge> That kind of monitoring is probably the most reliable. That boolean should never be true while in a normal competitive game 15:44 < bridge> hmm, sounds fine to me 15:44 < bridge> and glow + radar is detected and decreases your trust factor if not done properly 15:45 < bridge> same with not running VAC (Vac bypasses) while playing CS:GO 15:45 < bridge> steam detects that the anticheat isn't running/doesn't work as intended 15:45 < bridge> unfortunately i think all of these ideas fall foul of this^ 15:46 < bridge> I think fortunately. I wouldn't want this kind of software on my system and so I don't want to impose it on DDNet players either 15:46 < bridge> you probably got the malware on your PC already 15:46 < bridge> yes, it's not nice to punish well-behaving people 15:46 < bridge> i mean unfortunate because it limits the possibilities of anti cheat software. but is worth it in the end 15:46 < bridge> no? 15:46 < bridge> also how is that a good argument? 15:47 < bridge> you want to tell me he doesn't play anything else? 15:47 < bridge> you're already eating bad food, why stop eating this particular one 15:47 < bridge> most definitely not. I haven't played other games for decades 15:47 < bridge> fair point then 15:47 < bridge> your point isn't fair though 15:47 < bridge> because those are in most games 15:47 < bridge> just because other bad things exist 15:47 < bridge> doesn't mean we have to do a bad thing 15:47 < bridge> don't start the discussion people started because of vanguard 15:47 < bridge> when golden standard anticheats like that one existed for a decade already before it 15:48 < bridge> and no one complained about those until one started to run when the system boots up 15:48 < bridge> and no one complained about those until one of them started to run when the system boots up 15:48 < bridge> that's not true 15:48 < bridge> it is true 15:49 < bridge> that's exactly what happened 15:49 < bridge> wanna bet 5 bucks? šŸ™‚ 15:49 < bridge> on what 15:49 < bridge> I always complained about them 15:49 < bridge> I can show you a wikipedia article 15:49 < bridge> that people complained before vanguard 15:49 < bridge> i didn't hear any complains 15:49 < bridge> hence they didn't exist 15:49 < bridge> ESEA was a topic once, because they shipped a crypto miner with it once 15:50 < bridge> I believe you, in that you haven't heard about it 15:50 < bridge> Why not just make the game so that is it fun even if the other side is a bot? If others players have enough power to ruin your fun, does it really mater if it's a bot or not? 15:50 < bridge> although apparently you did hear about something like that 15:50 < bridge> yea but that wasnt the anticheat being bad 15:50 < bridge> that's difficult. people like getting good times, and pros can beat the best time easier 15:50 < bridge> it's mostly about speedrunners 15:50 < bridge> that was an ex-employee abusing his power 15:50 < bridge> bots in pvp generally always ruin the fun, especially instagib 15:50 < bridge> that's difficult. people like getting good times, and bots can beat the best time easier 15:50 < bridge> that was an (now) ex-employee abusing his power 15:50 < bridge> that was an (now) ex-employee abusing his power as a developer 15:50 < bridge> rest of the people are probably not that affected by bots already 15:51 < bridge> For a non-competitive mode like City bots don't matter I guess 15:51 < bridge> havent played it much but from how i understand it botting is even a problem there 15:52 < bridge> I thought City is the Metaverse of Teeworlds, people just walk around and chat? 15:52 < bridge> there is pvp elements so aimbot helps, and there is money farming elements so scripts to find farming spots and stay there would help too 15:52 < bridge> yeah but some people take it seriously 15:53 < bridge> i mean how your anti measurements work now is good enough 15:53 < bridge> runescape doesn't do it differently 15:53 < bridge> Fwiw I'm not convinced about kernel level anticheats. It's just that serious enough people with the actual skills to beat them make hundreds of thousands per year at some company so they don't have to do this kind of stuff for a couple extra bucks 15:53 < bridge> some server sided heuristics from botwatch and player reports 15:54 < bridge> As long as the underlying hardware can't be trusted there is no anticheat that is unbeatable 15:54 < bridge> 4 teams fng is there such a thing? 15:54 < bridge> I don't like you advocating for trusted computing 15:54 < bridge> Iā€™m for kernel level acs as long as it is from a trusted and reputable company 15:54 < bridge> that's why stadia was sacry 15:54 < bridge> that's why stadia was scary 15:54 < bridge> 5.181.50.244:8360 yes 15:54 < bridge> anyway, even then. output is analog, input is analog. it's a lost cause 15:55 < bridge> Through ddnet or teeworld need to come in? 15:55 < bridge> you can still have an aimbot for stadia 15:55 < bridge> i do think i could do some more work on how the heuristics work but the approach seems like the best bet for tw 15:55 < bridge> Well if you want really unbeatable anticheat you want special purpose built computers, with tamper detection, filled to the brim with epoxy and same for peripherals šŸ˜„ 15:56 < bridge> There is dfng now which has 64 teams šŸ˜® which is playable from teeworlds and ddnet 15:56 < bridge> oh yeah dfng 15:56 < bridge> maybe a bit more recording could benefit the game as well 15:56 < bridge> maybe a bit more logging/recording could benefit the game as well 15:56 < bridge> @Learath2 ^ 15:56 < bridge> Even that isn't a 100% but that brings the cost of beating it so high that it's absolutely pointless 15:56 < bridge> maybe a bit more logging/recording could benefit the game as well 15:56 < bridge> for banning trolls/deleting cheated records 15:57 < bridge> teehistorian is already doing a good job with that, but maybe some automatic analysis of these logs would be good 15:57 < bridge> You will be required to have 2 webcams pointing at you while playing, ezclap 15:57 < bridge> maybe a bit more logging/recording could benefit the game as well 15:57 < bridge> for banning trolls/deleting cheated records. player provided proof in #reports isn't good enough to ban people if mods/admins/devs don't see it happening in action. 15:57 < bridge> the bot mouse can be hidden under the desk while u move a fake mouse around that isnt plugged in 15:58 < bridge> You're putting more thought into this than the people making voting machines šŸ˜„ 15:58 < bridge> I'd mention here that we'll try to make dfng gameplay so botting would be worse than useless. 15:58 < bridge> won't help if the hardware is under your control 15:58 < bridge> I detest cheaters 15:58 < bridge> Countries will be taken over by unelected dictators, but at least DDNet server will know client is real šŸ˜„ 15:58 < bridge> DRM protection is nothing different 15:58 < bridge> on consoles 15:59 < bridge> yet shock attacks, etc. grant a shell 15:59 < bridge> yet shock attacks, etc. grant a shell which get used to break that protection 15:59 < bridge> the most reliable woudl be the client not knowing enemy positions at all, which for the glow is needed, i guess they know for prediction thoi 15:59 < bridge> Ofc it will, I'll also fill the case with epoxy and they will be powered by huge batteries, not removable 15:59 < bridge> xd 15:59 < bridge> that's not how real life works 15:59 < bridge> right to repair 16:00 < bridge> he is also on linux btw 16:00 < bridge> I'm obviously joking btw. Everyone that has read a thing or two about security of this kind knows that you have to have an attacker model 16:00 < bridge> yea linux is a whole different rabbit hole 16:00 < bridge> i know linux also have some virus yada yada, but most aimed at servers 16:00 < bridge> people gpu passthrough to run dma cheats on it 16:00 < bridge> Not every system can be built to resist attacks from the chinese state 16:00 < bridge> people gpu passthrough to run dma cheats on it 16:00 < bridge> also most anticheats work worse on linux 16:00 < bridge> @DefaultO btw do u work as some sort of security engineer 16:01 < bridge> people gpu passthrough to run dma cheats on it 16:01 < bridge> also most anticheats work worse on linux or don't even support it 16:01 < bridge> 99% of the attacker model is just random kids who google teeworlds bot client 16:01 < bridge> and install the first ~~malware~~ that pops up 16:01 < bridge> You know what would actually work though? Real ID verification with accounts 16:02 < bridge> that's what they do in asia I believe 16:02 < bridge> for league of legends definetly 16:02 < bridge> xd 16:02 < bridge> they have their own client 16:02 < bridge> You cheat, you are permabanned. Good luck forging a new id and commiting an actual crime bozo 16:02 < bridge> @Learath2 the world is not that easy either 16:02 < bridge> you not only get permabanned in that one game 16:02 < bridge> how do you get back after that? 16:02 < bridge> you usually get banned in all other games as well 16:02 < bridge> @Learath2 ppl would circumvent that also 16:02 < bridge> that sounds dystopian 16:02 < bridge> but that's how it works on the other side of the earth 16:02 < bridge> ever heard of social credit score? 16:03 < bridge> @Learath2 just one extreme example, briving or a corrupted officer that issues ids 16:03 < bridge> Just make players eat a nanotechnology pill and upload their brain data and verify input. 16:03 < bridge> doesn't really exist AFAIK 16:03 < bridge> it does 16:03 < bridge> source? 16:03 < bridge> You file an appeal ofc 16:03 < bridge> first send them to @noby just to be sure 16:03 < bridge> https://www.youtube.com/watch?v=RErdSr0iAcs 16:03 < bridge> no videos, please 16:03 < bridge> somethign I can read 16:04 < bridge> best would be a wikipedia article 16:04 < bridge> iirc credit score does exist 16:04 < bridge> if that really exists, it'll have a wikipedia article 16:04 < bridge> But how many people will risk an actual crime with dozens of years of prison entailed to play a teegame 16:04 < bridge> https://en.wikipedia.org/wiki/Social_Credit_System#:~:text=The%20social%20credit%20system%20is%20an%20extension%20of%20the%20risk,financial%20infidelity%20and%20counterfeit%20goods. 16:04 < bridge> https://en.wikipedia.org/wiki/Social_Credit_System 16:04 < bridge> fixed link 16:05 < bridge> that video isn't bad either 16:05 < bridge> shows humans protesting 16:05 < bridge> > The Social Credit System has generated a large amount of misreporting and misconceptions in the media due to translation errors, sensationalism, conflicting information and lack of comprehensive analysis.[4][18][19][20] Examples of these misconceptions include widespread misassumption that Chinese citizens are rewarded and punished based on a numerical score assigned by the system, that its decisions are taken by AI and that it constantly mo 16:05 < bridge> in a city that was turned into a dictatorship 16:05 < bridge> i think most people on tw would strongly reject any sort of system that links their ingame presence with their real id 16:05 < bridge> from that article 16:05 < bridge> not just ppl on tw, most would 16:06 < bridge> in any game 16:06 < bridge> or platform 16:06 < bridge> xd 16:06 < bridge> true 16:06 < bridge> I honestly do believe some form of real accountability is the only thing that can stop people from these kinds of moral degeneracy 16:06 < bridge> no one will know 16:06 < bridge> asians are pretty damn good at winning this cyberwar 16:06 < bridge> its good and extremely bad 16:06 < bridge> and not letting any information out 16:06 < bridge> i would rather pay money for tw than have to show my ID to play 16:06 < bridge> we are using discord at the very moment 16:06 < bridge> cheater 16:06 < bridge> which is owned mostly by tencent 16:06 < bridge> no u 16:06 < bridge> it discourages for example whistleblowers 16:07 < bridge> which is owned mostly by tencent 16:07 < bridge> which they wouldn't have invested in, if they wouldn't profit from our valueable data 16:07 < bridge> you're saying you're sure that the social credit system exists, but that information cannot appear on wikipedia about it because it's secret? 16:07 < bridge> that sounds counterintuitive 16:07 < bridge> pretty much 16:07 < bridge> similiar to north korea 16:07 < bridge> not rly bruv 16:07 < bridge> you're better informed than wikipedia? 16:07 < bridge> @noby here's a funny talk from the CEO of Battlestate games (Escape From Tarkov) mentioning that without cheaters = no money 16:07 < bridge> I'd actually be okay with that too, there has to be some material consequence 16:07 < bridge> wikipedia would be the first to have it 16:07 < bridge> not a lot of the people living there were able to escape 16:07 < bridge> because you study this field? 16:07 < bridge> not a lot of the people living there were able to escape 16:07 < bridge> and failed escapes will punish the whole family tree 16:07 < bridge> @noby here's a funny talk from the CEO of Battlestate games (Escape From Tarkov) mentioning that without cheaters = no money (use translations) 16:07 < bridge> specially because its about china 16:08 < bridge> if it was about united states i woudl believe you that wikipedia would have censorship 16:08 < bridge> in which case i would refer to wikileaks 16:08 < bridge> I believe there was some form of actual social credit system trialed in shanghai, nothing as insane as the conspiracies, but still. Let me see if I can find it 16:08 < bridge> i saw something about a score in case u recycled correctly or not xd 16:09 < bridge> I mean some cars in germany have a scoring system that shows how environmentally friendly you drive 16:09 < bridge> To battle the problems of cheaters add somewhat good bot detection with moderators, cosmetics and accounts. If someone is banned they lose their cosmetics and have to buy them again. šŸ¤‘ 16:09 < bridge> might be an instance of that 16:09 < bridge> https://www.youtube.com/watch?v=s22tMR4YoN0 16:09 < bridge> another video 16:09 < bridge> if you travel there 16:10 < bridge> they won't let you leave tourist routes 16:10 < bridge> I can find you videos about the earth being flat 16:10 < bridge> Oh it's even on that page anyway, apparently they never made an actual scoring system out of it, just some lists of people 16:10 < bridge> I can find videos about the earth being flat 16:10 < bridge> that works better in some mods than others though i think; often the people using bots on servers like this are just random players who dont join enough to make an account 16:10 < bridge> but we both don't believe what they say 16:10 < bridge> it's not as extreme as I might point it out 16:11 < bridge> but that's why I don't count youtube as a relevant source 16:11 < bridge> but it is a real thing, and makes sure they keep in line with the communist party 16:11 < bridge> force accounts :banhammer: 16:11 < bridge> you keep saying that, I'd like to have a reliable source 16:11 < bridge> travel there yourself 16:11 < bridge> How would you feel about a UID of sorts that would prove you are a single unique person but you don't have to show us your id at any time? 16:11 < bridge> you don't think you'd come up with excuses why I didn't see it there? 16:11 < bridge> "you didn't look closely enough" 16:11 < bridge> that would be good, but not sure how it would be implemented 16:12 < bridge> would asking a good friend who was there count? 16:12 < bridge> then these random players would just make throwaway accounts 16:12 < bridge> Like a govt api for it. We give you a challange, you go on a govt website, you log in with your id, you enter the challange, get a response, give it to us 16:12 < bridge> It'd be so cool 16:12 < bridge> I wish there was variety in the game ddnet 16:12 < bridge> Imagine no more people spamming 16:12 < bridge> that sounds sort of exploitable 16:13 < bridge> yes because cosmetics definitely help with cheaters 16:13 < bridge> if someone manages to reverse it then they get the info of every player 16:13 < bridge> you will still get money from ppl who use cheats and buy cosmetics 16:13 < bridge> the gov and apis are a thing that rarely works 16:13 < bridge> they don't but atleast you get money 16:13 < bridge> they are slow technological wise 16:13 < bridge> and would underspend 16:13 < bridge> It's non reversible, just a message with a MAC 16:13 < bridge> the api doesnt give u votes 16:13 < bridge> whar 16:14 < bridge> I'm just joking xD 16:14 < bridge> what is stopping people from just giving a fake identifier 16:14 < bridge> True, thus we must have a revolution to protect our games integrity 16:14 < bridge> xd 16:14 < bridge> i would first have the AGPL revolution 16:14 < bridge> and abolish patents 16:14 < bridge> The MAC, you can't forge a govt response. So you must log in to their portal with your real id 16:14 < bridge> do whatever you want. but you haven't even looked at the video containing real footage and sources of their system. 16:15 < bridge> but then the tw server would recieve an identifier that links u to ur id 16:16 < bridge> it would be cool if there was a real way to link u to ur pc hardware, more anonymous but still generally does a good job of preventing evasion 16:16 < bridge> We only get the message `is_real_person: true, number_of_prev_acct: 0` 16:16 < bridge> you can spoof your hardware identifiers 16:17 < bridge> and I doubt ddnet would be able to do a better job than anticheats 16:17 < bridge> thats why i said, if there was a real way 16:17 < bridge> because there isnt 16:17 < bridge> and I doubt ddnet would be able to do a better job than anticheats at identifying fake information 16:17 < bridge> I'm sure I can engineer something like this to be actually cryptographically robust given enough time. If only there was political will šŸ˜­ 16:17 < bridge> hmm true, i wonder if it would be possible to brute force it though 16:18 < bridge> During covid a lot of governments and researchers played around with cryptographically anonymous pandemic tracking. I'm sure I can repurpose sth like that 16:18 < bridge> I'm typically not watching videos. I'd probably ask for the sources of that video next. are they provided? 16:19 < bridge> There is ddrace/fng/dfng/zcatch/KoG/ and ctf(tho noone plays it) 16:19 < bridge> Anyway, mine is just a dream. I know everyone enjoys some level of moral degeneracy so there would never be support for anything like this 16:19 < bridge> it seems you can only request specific fields of the german ID card 16:19 < bridge> but not a generic hash of all the fields or so 16:19 < bridge> so we'd have to hash the stuff serverside and have the users trust us 16:19 < bridge> sounds bad 16:20 < bridge> i think most people dont actively enjoy degeneracy they just enjoy privacy and convienence and free/open source games and other factors that make preventing degeneracy more difficult 16:20 < bridge> It's actually impossible as it currently stands. Govts would need to be lobbied to set up something like this, a 0 knowledge proof of person existing and being unique api 16:21 < bridge> I'm not talking about modes, but about blocks 16:22 < bridge> you code your own. I did so with zogtib in dfng (the spikes and later goals) 16:22 < bridge> I mean the german ID card is already pretty close, no? 16:22 < bridge> not there yet, though 16:22 < bridge> and not in our target demographic I guess 16:22 < bridge> people under the age of 18 don't need to have one 16:22 < bridge> the NSA probably already knows everyone in america who has ever downloaded a cheat client just ask them for access to this data šŸ•µļø 16:23 < bridge> I have, please don't ban me 16:23 < bridge> you probably did, too, @noby 16:23 < bridge> I also love privacy, which is why I wouldn't want to handle ids either 16:23 < bridge> guilty 16:23 < bridge> it was just a test 16:23 < bridge> must be a rule breaker because scared to identify yourself 16:24 < bridge> people can do all kinds of harm thru knowing someones real info 16:24 < bridge> must be a rule breaker because scared to identify yourself 16:24 < bridge> sounds pretty much like traffic stops in the us 16:24 < bridge> But is there an api for it where we can get a token of sorts that we'd have no way of connecting back to the id and we don't even get to see the id in the first place? 16:24 < bridge> doxxing swatting intefering with their work or family etc 16:24 < bridge> even if they are doing nothing wrong 16:24 < bridge> yeyeye 16:24 < bridge> no, but it's close 16:25 < bridge> I could imagine it being implemented, actually, if one wanted to go that way 16:25 < bridge> businesses might also be interested in knowing that something is a person 16:26 < bridge> Hm, how does this work? Do you mean the card can electronically provide these? 16:26 < bridge> yes 16:27 < bridge> I used it before, to log into the tax office system 16:27 < bridge> already is on the other side of the world 16:27 < bridge> https://cdn.discordapp.com/attachments/293493549758939136/1069639906852347924/Register-LOL-Korean-Account.png 16:27 < bridge> I guess the issue there is that letting us even query the card the users must trust that we only ask for the field we say we ask for 16:27 < bridge> no, the app shows which data is transmitted 16:28 < bridge> Oh, that's cool. The italian one just has a certificate on it which you can log into stuff with šŸ˜› 16:28 < bridge> isnt that solved with oauth scopes? 16:28 < bridge> xd 16:29 < bridge> Croatia also has very similar online services, so does turkey. But the difference is that these businesses and governments have no need to avoid seeing the id number or the name and stuff 16:29 < bridge> https://www.rfc-editor.org/rfc/rfc6749#section-3.3 16:29 < bridge> I literally only want to know that this is a person and they havent registered on my service before 16:29 < bridge> yea 16:30 < bridge> eu has this principle of data minimization 16:30 < bridge> you could argue (as a business) that you want this 16:31 < bridge> I have new goal, become successful game developer so I can effectively lobby the eu government 16:31 < bridge> I thought I was being clever when I set my German ID card not to support online support šŸ˜„ Now I'm always annoyed that I have to authenticate in person or via snail mail instead of with phone + id card, haha 16:31 < bridge> not to support online auth* 16:31 < bridge> Why did you do that? 16:32 < bridge> I also did that the first time around 16:32 < bridge> Evil state watching me! How dare they! 16:32 < bridge> perhaps being scared of ways they could screw this up 16:32 < bridge> (I don't remember exactly, so long ago) 16:32 < bridge> But it's fine if you never plug it into anything, no? šŸ˜› 16:32 < bridge> it's NFC, so works over some (small) distance 16:33 < bridge> was that disablable? 16:33 < bridge> Oh fancy. My turkish id card only has a standard smartcard chip thingy connection 16:33 < bridge> you can use a smartphone to use the german ID card 16:33 < bridge> it's pretty neat 16:34 < bridge> I thought I'd have to buy hardware 16:34 < bridge> I think I got a form to sign and told them I won't so they disabled it 16:34 < bridge> But maybe something changed inbetween 16:34 < bridge> I have a smartcard reader exactly for this 16:35 < bridge> Like this: https://www.ausweisapp.bund.de/ausweisapp2/handbuch/1.14/de/Windows/settings-pin-management-eid-deactivated.html 17:48 < bridge> eID has been settled by the european comission in the past 2 years. Now european member states are in charge to implement ^^ 17:49 < bridge> https://ec.europa.eu/education/knowledge-centre-interpretation/sites/default/files/kci_eulogin_0.pdf 19:37 < bridge> @heinrich5991 u should make a blog post about how u modified a running server to put a finish line 19:37 < bridge> i totally missed that 19:37 < bridge> > Adrenaline 5, an absolutely insane and insanely faily map, was cut by Pipou into two parts with kill tiles being replaced with teleport tiles. Initially we had the map released in its entirety on December 10, but after realizing that it was too long, cut it into two parts and released the second part a week later. This required adding a finish tile using gdb on the already running servers, so that players could finish in the middle of the map alr 21:11 < bridge> I'm guessing gdb? You just need to pause execution inside somewhere with easy access to the tiles array 22:38 < bridge> @Ryozuki https://blog.rust-lang.org/inside-rust/2023/01/30/cargo-sparse-protocol.html 22:38 < bridge> ohh finally