10:57 <+bridge> Is there a way to change the gravity in my map? 11:02 <+bridge> ask in #questions or #mapping 11:03 <+bridge> Oh ok 11:03 <+bridge> Thanks 11:57 <+ChillerDragon> dont ask me why but for whatever reason i reimplemented bash word split and quotes in javascript... 11:57 <+ChillerDragon> !sh echo hello"world''" 11:57 < chillerbot> helloworld'' 11:58 <+ChillerDragon> !sh x='$HOME' 11:58 <+ChillerDragon> !sh echo $x 11:58 < chillerbot> $HOME 11:58 <+ChillerDragon> !sh x="$HOME" 11:58 <+ChillerDragon> !sh echo $x 11:58 < chillerbot> /home/pi 11:58 <+ChillerDragon> !sh ls LICENSE;ls *.md;ls "Docker'file" 11:58 < chillerbot> LICENSE 11:58 < chillerbot> README.md 11:58 < chillerbot> ls: cannot access '/home/pi/Docker'file': Permission denied 11:59 <+ChillerDragon> close enough xd 11:59 <+ChillerDragon> !sh ;; 11:59 < chillerbot> -bash: syntax error near unexpected token `;' 12:00 <+bridge> Easy peasy 12:00 <+bridge> Now write a javascript engine in bash for ultimate troll 12:00 <+ChillerDragon> holy fuck 12:00 <+ChillerDragon> thats impossible in a human life time 12:00 <+bridge> Xd 12:00 <+ChillerDragon> jk its 10lines of bash cuz bash op 12:01 <+bridge> !sh rustup 12:01 < chillerbot> bash: rustup: command not found 12:01 <+ChillerDragon> this guy 12:01 <+bridge> !sh curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh 12:01 < chillerbot> bash: curl: command not found 12:01 <+bridge> !sh apt install curl 12:01 < chillerbot> E: Could not open lock file /var/lib/dpkg/lock-frontend - open (13: Permission denied) 12:02 < chillerbot> E: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), are you root? 12:02 <+bridge> !sh sudo apt install curl 12:02 < chillerbot> sudo: a password is required 12:02 <+bridge> install curl 12:02 <+bridge> !sh wget 12:02 < chillerbot> bash: wget: command not found 12:02 <+ChillerDragon> no u 12:02 <+ChillerDragon> u dl virus 12:03 <+bridge> No rust no ryo 12:03 <+bridge> !sh function __wget() { 12:03 < chillerbot> bash: function: command not found 12:03 <+bridge> : ${DEBUG:=0} 12:03 <+bridge> local URL=$1 12:03 <+bridge> local tag="Connection: close" 12:03 <+bridge> local mark=0 12:03 <+bridge> 12:03 <+bridge> if [ -z "${URL}" ]; then 12:03 <+bridge> printf "Usage: %s \"URL\" [e.g.: %s http://www.google.com/]" \ 12:03 <+bridge> "${FUNCNAME[0]}" "${FUNCNAME[0]}" 12:03 <+bridge> return 1; 12:03 <+bridge> fi 12:03 <+bridge> read proto server path <<<$(echo ${URL//// }) 12:03 <+bridge> DOC=/${path// //} 12:03 <+bridge> HOST=${server//:*} 12:03 <+bridge> PORT=${server//*:} 12:03 <+bridge> [[ x"${HOST}" == x"${PORT}" ]] && PORT=80 12:03 <+bridge> [[ $DEBUG -eq 1 ]] && echo "HOST=$HOST" 12:03 <+bridge> [[ $DEBUG -eq 1 ]] && echo "PORT=$PORT" 12:03 <+bridge> [[ $DEBUG -eq 1 ]] && echo "DOC =$DOC" 12:03 <+bridge> 12:03 <+bridge> exec 3<>/dev/tcp/${HOST}/$PORT 12:04 <+bridge> echo -en "GET ${DOC} HTTP/1.1\r\nHost: ${HOST}\r\n${tag}\r\n\r\n" >&3 12:04 <+bridge> while read line; do 12:04 <+bridge> [[ $mark -eq 1 ]] && echo $line 12:04 <+bridge> if [[ "${line}" =~ "${tag}" ]]; then 12:04 <+bridge> mark=1 12:04 <+bridge> fi 12:04 <+bridge> done <&3 12:04 <+bridge> exec 3>&- 12:04 <+bridge> }; 12:04 <+bridge> __wget http://example.iana.org/ 12:04 <+bridge> f 12:04 <+bridge> !sh lynx -dump http://www.google.com 12:04 < chillerbot> bash: lynx: command not found 12:04 <+bridge> is it broken 12:04 <+bridge> !sh echo a 12:04 < chillerbot> a 12:04 <+bridge> !sh /usr/bin/printf 'GET / \n' | nc www.google.com 80 12:04 < chillerbot> bash: /usr/bin/printf: command not found 12:04 <+ChillerDragon> !sh which printf 12:04 < chillerbot> which: no printf in (/home/pi/.cargo/bin:/home/pi/.nvm/versions/node/v18.16.0/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/games:/usr/games) 12:04 <+bridge> !sh echo 'GET / \n' | nc www.google.com 80 12:04 < chillerbot> GET / \n | nc www.google.com 80 12:04 <+ChillerDragon> wot 12:04 <+ChillerDragon> i forgot to put printf in right place 12:05 <+ChillerDragon> !sh printf 12:05 < chillerbot> printf: usage: printf [-v var] format [arguments] 12:05 <+bridge> !sh (echo 'GET /'; echo ""; sleep 1; ) | telnet www.google.com 80 12:05 < chillerbot> bash: (echo: command not found 12:05 < chillerbot> bash: sleep: command not found 12:05 < chillerbot> bash: ): command not found 12:05 <+bridge> oh 12:05 <+bridge> u removed everything 12:05 <+bridge> but if u cant do anything its boring 12:05 <+ChillerDragon> i didnt add everything yet* 12:05 <+ChillerDragon> its just running my javscript claiming to be bash xd 12:05 <+ChillerDragon> so its a safe honeypot and u got potted mate 12:06 <+ChillerDragon> but yea its so amazing that you can build wget in 10 lines of bash 12:06 <+ChillerDragon> i actually used that once to fix broken apt 14:20 <+bridge> !sh echo nobo 14:20 < chillerbot> nobo 14:30 <+bridge> !sh bash -c 'bash --version; echo just curius' 14:30 < chillerbot> unsafe bash 14:53 <+ChillerDragon> !sh echo $BASH_VERSION 14:53 < chillerbot> 5.1.4(1)-release 14:54 <+bridge> Lies 14:54 <+ChillerDragon> xd 14:54 <+ChillerDragon> !sh BASH_VERSION="trust me bro" 14:54 <+ChillerDragon> !sh echo $BASH_VERSION 14:54 < chillerbot> trust me bro 14:58 <+bridge> !sh a=1; b=2 14:58 <+bridge> !sh echo $a $b 14:58 < chillerbot> 1 2 14:59 <+bridge> !sh echo !sh echo $$b 14:59 < chillerbot> !sh echo 14:59 <+bridge> !sh printf %d 1 14:59 < chillerbot> %d 15:00 <+bridge> !sh which sh 15:00 < chillerbot> /usr/bin/sh 15:00 <+bridge> !sh $a$b 15:00 < chillerbot> bash: 12: command not found 15:01 <+bridge> !sh a=s; b=h 15:01 <+bridge> !sh $a$b --version 15:01 < chillerbot> unsafe bash 15:01 <+bridge> 😦 15:02 <+bridge> !sh which awk 15:02 < chillerbot> which: no awk in (/home/pi/.cargo/bin:/home/pi/.nvm/versions/node/v18.16.0/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/games:/usr/games) 15:04 <+bridge> !sh timeout 0 $a$b --version 15:04 < chillerbot> bash: timeout: command not found 15:07 <+bridge> (I can stop if playing with pentesting isn't appropriate) 15:07 <+bridge> !sh c=;; echo $c 15:07 < chillerbot> -bash: syntax error near unexpected token `;' 15:09 <+ChillerDragon> wot lerato that should work xd 15:09 <+ChillerDragon> ok my printf tests are not very elaborate tbh 15:09 <+bridge> !sh which find 15:09 < chillerbot> which: no find in (/home/pi/.cargo/bin:/home/pi/.nvm/versions/node/v18.16.0/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/games:/usr/games) 15:09 <+ChillerDragon> !sh PATH= 15:09 <+ChillerDragon> get fucked xd 15:09 <+ChillerDragon> !sh which which 15:10 < chillerbot> which: no which in () 15:10 <+ChillerDragon> :p 15:10 <+bridge> !sh ls /usr/bin | head -2 15:10 < chillerbot> apt 15:10 < chillerbot> bash 15:10 < chillerbot> cat 15:10 < chillerbot> chmod 15:10 < chillerbot> max output ... 15:10 <+ChillerDragon> pipes are still wip 15:10 <+bridge> XD isn't `| head` working 15:10 <+ChillerDragon> no 15:11 <+ChillerDragon> im suprised it didnt say unsafe bash xd 15:11 <+bridge> oh ok good you have the `max output...` limit 15:11 <+ChillerDragon> !sh PATH=/usr/bin:/bin:/games 15:11 <+ChillerDragon> xd 15:12 <+bridge> Is it rm -rf / time yet? 15:12 <+ChillerDragon> !sh command -v reboot 15:12 < chillerbot> /usr/bin/reboot 15:12 <+ChillerDragon> rm isnt supported very well 15:12 <+ChillerDragon> im still focussed on the input parser so pipes redirects quotes etc 15:12 <+bridge> !sh which unlink rmdir 15:12 < chillerbot> which: no unlink in (/usr/bin:/bin:/games) 15:12 <+bridge> !sh which rmdir 15:12 < chillerbot> which: no rmdir in (/usr/bin:/bin:/games) 15:12 <+ChillerDragon> but you shouldnt be able to break stuff @Learath2 xd 15:13 <+ChillerDragon> so rm all you want 15:13 <+bridge> I'll find a v8 zero day 15:13 <+bridge> !sh which mv 15:13 < chillerbot> which: no mv in (/usr/bin:/bin:/games) 15:13 <+ChillerDragon> yikes 15:14 <+bridge> !sh echo 'oops file trucated' > hopefullynewfile 15:15 <+ChillerDragon> !sh cat hopefullynewfile 15:15 < chillerbot> oops file trucated 15:16 <+ChillerDragon> !ls hope* 15:16 <+bridge> !sh echo FATAL: EXPLOIT FOUND 15:16 < chillerbot> FATAL: EXPLOIT FOUND 15:16 <+ChillerDragon> !sh ls hope* 15:16 < chillerbot> hopefullynewfile 15:16 <+bridge> !sh echo gettruncatedagain > hopefullynewfile 15:17 <+bridge> !sh echo 'isthisappended?' >> hopefullynewfile 15:17 <+bridge> !sh cat hopefullynewfile 15:17 < chillerbot> oops file trucated gettruncatedagain isthisappended? > 15:18 <+bridge> hahaha your truncation is broken XD also no '>>' 15:18 <+bridge> !sh echo $PPID 15:18 < chillerbot> 24411 15:19 <+bridge> !sh command -v kill 15:19 < chillerbot> /usr/bin/kill 15:20 <+bridge> !sh ls -l /proc/self 15:20 < chillerbot> ls: cannot access '/proc/self': Permission denied 15:21 <+bridge> !sh echo 1; echo 2 15:21 < chillerbot> 1 15:21 < chillerbot> 2 15:23 <+bridge> !sh /usr/bin/true --version 15:23 < chillerbot> bash: /usr/bin/true: command not found 15:24 <+bridge> !sh which true 15:24 < chillerbot> which: no true in (/usr/bin:/bin:/games) 15:25 <+ChillerDragon> yea im currently refactoring the whole redirect thing is a bit of a buggy implementation 15:25 <+ChillerDragon> !sh kill $PPID 15:25 < chillerbot> bash error 15:25 <+ChillerDragon> xd 15:26 <+bridge> lol did it kill anything? 15:26 <+ChillerDragon> it self? xd 15:26 <+ChillerDragon> no wait 15:26 <+ChillerDragon> ppid is parent right? 15:26 <+ChillerDragon> pid is $$ 15:26 <+bridge> PPID is parent yes 15:26 <+ChillerDragon> !sh echo $$ 15:26 < chillerbot> 24410 15:26 <+ChillerDragon> !sh ps 15:26 < chillerbot> PID TTY TIME CMD 15:26 < chillerbot> 24410 pts/1 00:00:00 bash 15:26 < chillerbot> 24614 pts/1 00:00:00 ps 15:26 <+bridge> !sh who 15:26 < chillerbot> bash: who: command not found 15:26 <+ChillerDragon> what is who? 15:27 <+ChillerDragon> a "w" 15:27 <+ChillerDragon> i only use w xd 15:27 <+bridge> !sh w 15:27 < chillerbot> bash: w: command not found 15:27 <+ChillerDragon> :p 15:28 <+bridge> it seems that you only allow programs you specifically selected 15:28 <+bridge> !sh echo bash --version > abcdef1234985 15:29 <+bridge> !sh . ./abcdef1234985 15:29 < chillerbot> bash: .: command not found 15:29 <+bridge> !sh source ./abcdef1234985 15:29 < chillerbot> bash: source: command not found 15:29 <+bridge> !sh which env 15:29 < chillerbot> which: no env in (/usr/bin:/bin:/games) 15:30 <+bridge> !sh ENVVAR=val printenv ENVVAR 15:30 < chillerbot> bash: printenv: command not found 15:31 <+bridge> !which ln 15:31 <+bridge> !sh which ln 15:31 < chillerbot> which: no ln in (/usr/bin:/bin:/games) 15:32 <+bridge> !sh python -V 15:32 < chillerbot> bash: python: command not found 15:33 <+bridge> !sh which xargs 15:33 < chillerbot> which: no xargs in (/usr/bin:/bin:/games) 15:34 <+bridge> !sh which chmod 15:34 < chillerbot> /usr/bin/chmod 15:35 <+bridge> !sh -ls -l abcdef1234985 15:35 < chillerbot> bash: -ls: command not found 15:35 <+bridge> !sh ls -l abcdef1234985 15:35 < chillerbot> -rw-r--r-- pi pi Apr 30 10:10 abcdef1234985 15:36 <+bridge> !sh chmod +x abcdef1234985 15:36 <+bridge> !sh s=\/; echo $s$sa${s}a 15:36 < chillerbot> \/\/a 15:37 <+bridge> !sh echo .${s}abcdef1234985 15:37 < chillerbot> .\/abcdef1234985 15:37 <+bridge> !sh eval 'a=1; echo $a; a=2; echo $a' 15:37 < chillerbot> bash: eval: command not found 15:37 <+ChillerDragon> :p 15:38 <+bridge> !sh .${s}abcdef1234985 15:38 < chillerbot> bash: .\/abcdef1234985: command not found 15:39 <+bridge> !sh ls -l abcdef1234985 # remember this one tho? 15:39 < chillerbot> -rwxr-xr-x pi pi Apr 30 10:10 abcdef1234985 15:40 <+bridge> !sh cat < hey 15:40 < chillerbot> cat: < $(ls) 15:40 <+bridge> hmm 15:40 <+bridge> EOF 15:41 <+bridge> !sh alias echoe=bash 15:41 < chillerbot> bash: alias: command not found 15:43 <+bridge> !sh which make 15:43 < chillerbot> which: no make in (/usr/bin:/bin:/games) 15:44 <+bridge> !sh echo "$@" 15:44 < chillerbot> $@ 15:46 <+bridge> !sh echo $0 16:11 <+bridge> !sh wget 16:11 < chillerbot> bash: wget: command not found 16:11 <+bridge> !sh ping 16:11 < chillerbot> bash: ping: command not found 16:11 <+bridge> !sh ls 16:11 < chillerbot> .env 16:11 < chillerbot> Dockerfile 16:11 < chillerbot> LICENSE 16:11 < chillerbot> README.md 16:12 < chillerbot> max output ... 16:12 <+bridge> !sh cat Dockerfile| tr '\n' ' ' 16:12 < chillerbot> cat: Dockerfile|: No such file or directory 16:12 <+bridge> !sh cat Dockerfile | tr '\n' ' ' 16:12 < chillerbot> unsafe bash 16:13 <+bridge> !sh cat Dockerfile 16:13 < chillerbot> unsafe bash 16:13 <+bridge> wow 16:13 <+bridge> !sh which nc 16:13 < chillerbot> which: no nc in (/usr/bin:/bin:/games) 16:13 <+bridge> !sh ls /bin 16:13 < chillerbot> bash 16:13 < chillerbot> cat 16:13 < chillerbot> chmod 16:13 < chillerbot> dmesg 16:14 < chillerbot> max output ... 16:14 <+bridge> @ChillerDragon you could maybe do a block of code instead of spamming multiple messages 16:18 <+bridge> !sh echo test > /dev/udp/149.202.19.227/8603 16:18 <+bridge> lmao do u think it would work 16:18 <+bridge> !sh echo "toto" > /dev/udp/149.202.19.227/8603 16:19 <+bridge> nop, ig u made it so u can't send packets 16:22 <+bridge> !sh echo "test" > /dev/tcp/51.91.30.52/8443 16:45 <+ChillerDragon> @ReiTW how? 16:46 <+ChillerDragon> i dont know how to send multiple lines from irc 16:46 <+bridge> you can't 16:46 <+ChillerDragon> sad noises 16:46 <+bridge> IRC only allows single-line messages, by design 16:46 <+ChillerDragon> and discord doesnt accept blocks of code if its a single message right? 16:46 <+ChillerDragon> only ``those`` 16:47 <+bridge> Can't he pass \n? 16:47 <+ChillerDragon> ```multi\nline xd``` 16:47 <+bridge> IRC's protocol is line-based 16:47 <+bridge> Maybe discord will format it 16:47 <+bridge> each message is separated by a newline 16:47 <+bridge> no 16:47 <+bridge> Ah 16:47 <+bridge> IRC messages look like this: 16:47 <+bridge> JOIN #ddnet 16:47 <+bridge> PRIVMSG #ddnet :hello, world! 16:48 <+bridge> QUIT 16:48 <+ChillerDragon> the only good chat protocol 16:48 <+bridge> Aah 17:06 <+bridge> Truly a great chat protocol 17:37 <+bridge> @Ravie @Pipou @marmare_314 I updated the screenshots in https://github.com/ddnet/ddnet/pull/6546#issuecomment-1533261655. What about the "Refocus" button? Seems redundant, as is just goes to (0,0) which you can also do with "Goto". 17:40 <+bridge> @Robyt3 it looks like goto 0, 0 is on the tile and not coord 0, 0 17:40 <+bridge> do mappers use refocus often and is it useful that it's different from goto? 17:41 <+bridge> I use it often for quad stuff, idk about others 17:41 <+bridge> at exactly 0, 0 parallax has no effect 17:49 <+bridge> What do you think about moving the Anim and Move buttons together with the other buttons that they toggle? 17:49 <+bridge> https://cdn.discordapp.com/attachments/293493549758939136/1103347624624529448/image.png 18:55 <+bridge> https://news.ycombinator.com/item?id=35791205 18:57 <+bridge> > 18:57 <+bridge> > Q6T46nT668w6i3m 22 hours ago | next [–] 18:57 <+bridge> > 18:57 <+bridge> > I love MLIR. The modularity and friendly abstractions make it incredibly flexible. I've now used it to write _multiple_ domain-specific optimizations and transformations for some of my recent research! It truly bridges the gap between different devices (CPUs, GPUs, TPUs, etc.). I pray more people adopt it so it doesn't end up abandoned! 18:57 <+bridge> @Jupeyy_Keks MLIR on hn yesterday xd 19:02 <+bridge> please, can you stop with spam bot here? It's getting annoying to read all the feed just to see garbage... 19:03 <+bridge> i agree a bit xd 19:03 <+bridge> the bot is simply not fun 19:05 <+bridge> :poggers2: PostmarketOS booting let's hope it works 🤞 19:05 <+bridge> https://cdn.discordapp.com/attachments/293493549758939136/1103366701984264375/PostmarketOS300.jpg 19:08 <+ChillerDragon> @Chairn send #off-topic bridge then 19:08 <+ChillerDragon> postmarket pog 19:08 <+bridge> im no admin here 19:08 <+ChillerDragon> me neither 19:09 <+ChillerDragon> @admin 19:09 <+ChillerDragon> @admins 19:09 <+ChillerDragon> we need more bridges 19:10 <+ChillerDragon> gimme a webhook token and ill host 19:11 <+ChillerDragon> we can make the irc channel mute by default so no moderation needed 19:25 <+bridge> ez 19:37 <+bridge> https://en.wikipedia.org/wiki/SNOBOL 19:37 <+bridge> @Jupeyy_Keks @Chairn are u SNOBOLs? 19:38 <+bridge> ```snobol 19:38 <+bridge> OUTPUT = "This program will ask you for personal names" 19:38 <+bridge> OUTPUT = "until you press return without giving it one" 19:38 <+bridge> NameCount = 0 :(GETINPUT) 19:38 <+bridge> AGAIN NameCount = NameCount + 1 19:38 <+bridge> OUTPUT = "Name " NameCount ": " PersonalName 19:38 <+bridge> GETINPUT OUTPUT = "Please give me name " NameCount + 1 19:38 <+bridge> PersonalName = INPUT 19:38 <+bridge> PersonalName LEN(1) :S(AGAIN) 19:38 <+bridge> OUTPUT = "Finished. " NameCount " names requested." 19:38 <+bridge> END 19:38 <+bridge> ``` 19:39 <+bridge> ```sno 19:39 <+bridge> OUTPUT = "This program will ask you for personal names" 19:39 <+bridge> OUTPUT = "until you press return without giving it one" 19:39 <+bridge> NameCount = 0 :(GETINPUT) 19:39 <+bridge> AGAIN NameCount = NameCount + 1 19:39 <+bridge> OUTPUT = "Name " NameCount ": " PersonalName 19:39 <+bridge> GETINPUT OUTPUT = "Please give me name " NameCount + 1 19:39 <+bridge> PersonalName = INPUT 19:39 <+bridge> PersonalName LEN(1) :S(AGAIN) 19:39 <+bridge> OUTPUT = "Finished. " NameCount " names requested." 19:39 <+bridge> END 19:39 <+bridge> ``` 19:39 <+bridge> wtf 19:40 <+bridge> https://frame.work/blog/announcing-the-framework-laptop-13-powered-by-amd-ryzen 19:41 <+bridge> @Jupeyy_Keks kek 19:41 <+bridge> today is ryo news day 19:42 <+bridge> they so expensive 19:42 <+bridge> that u probably better bew a new one after a few years xd 19:42 <+bridge> xd 19:43 <+bridge> it has upgradable 19:43 <+bridge> graphics 19:43 <+bridge> xd 20:04 <+bridge> quick question, is it possible to implement a mac address detection into the ddnet client? 20:05 <+ChillerDragon> technically yes sure everything is possible 20:05 <+ChillerDragon> or do you mean by is it possible server side? or if it would be merged into official client? 20:05 <+ChillerDragon> then no i would assume 20:05 <+bridge> merged into the client 20:05 <+ChillerDragon> doubt 20:06 <+bridge> it's not possible? 20:06 <+ChillerDragon> i do not think it would get merged 20:06 <+ChillerDragon> but i do not make that decision so.. 20:06 <+bridge> @Learath2 is that something open for discussion? 20:07 <+ChillerDragon> if your motivation is ban tracking or something like that itll just cause botters to downgrade client or bot devs to mod the client 20:08 <+bridge> mac can be faked 20:08 <+ChillerDragon> yes that too 20:08 <+bridge> https://wiki.archlinux.org/title/MAC_address_spoofing 20:08 <+bridge> arch wiki 20:08 <+ChillerDragon> ye ik 20:08 <+ChillerDragon> but why spoof if you can just change the open src code xd 20:09 <+ChillerDragon> @Iza for that do you need it? 20:09 <+bridge> i've come to the conclusion that alot of botters aren't the brightest light bulbs 20:09 <+ChillerDragon> oh so for that 20:10 <+ChillerDragon> but all bot devs will send random macs 20:10 <+ChillerDragon> so the botters can stay stupid 20:10 <+ChillerDragon> and still bypass 20:11 <+ChillerDragon> also i share a physical device with my brother Konsti and he uses a lot of bots 20:12 <+bridge> technically bot devs can spoof anything, and if done right then they can keep the bot client undercover, but its not often done right. Mac address would serve as an extra factor on top of alot of other factors to determine botters and ban evaders 20:12 <+ChillerDragon> yea maybe 20:13 <+ChillerDragon> question is do we want to waste network bandwith, dev time, code complexity, privacy on some finger printing war 20:13 <+bridge> depends 20:13 <+ChillerDragon> i could add it to chillerbot-ux if u want :) 20:13 <+bridge> ban 20:13 <+bridge> no mention bots 20:13 <+ChillerDragon> hrhr 20:14 <+bridge> whats chillerbot ux 20:14 <+ChillerDragon> virus 20:14 <+ChillerDragon> https://chillerbot.github.io/ 20:15 <+ChillerDragon> download here 20:15 <+ChillerDragon> xd 20:15 <+ChillerDragon> its my fork of ddnet which has like 1 user 20:15 <+bridge> that definitely doesnt look sketchy 20:15 <+ChillerDragon> :p 20:16 <+ChillerDragon> i didnt pay the web dev 20:16 <+ChillerDragon> maybe there could be a ddnet ext msg thats only for fingerprinting 20:16 <+ChillerDragon> and the server can send it if wanted 20:17 <+ChillerDragon> to request all kinds of info that could be extended 20:17 <+ChillerDragon> to start a nice fingerprint war with botters 20:17 <+ChillerDragon> good ol cat and mouse 20:17 <+bridge> i dont trust using this 20:17 <+ChillerDragon> imo stuff like that can be fun. but ddnet is more on the serious side than on the fun side 20:17 <+bridge> sounds like a good war 20:18 <+bridge> all this wouldnt be needed if we just had an account system xd 20:18 <+ChillerDragon> oh boi 20:18 <+ChillerDragon> botters just make new accs 20:18 <+bridge> ye but it takes time and effort for them 20:18 <+bridge> more than our current thing we have 20:18 <+ChillerDragon> and the more time and effort it takes to start playing w out account 20:19 <+ChillerDragon> the more annoying it is for casuals and new players 20:19 <+bridge> how would it be more annoying? you just register once, login and play 20:19 <+ChillerDragon> how would it be time and effort to bot? you rust bot, register again, login and play 20:19 <+ChillerDragon> rust* xd 20:19 <+ChillerDragon> axaxax 20:20 <+ChillerDragon> freudian typo 20:20 <+bridge> if its an email account system, then they would have to create an email everytime 20:20 <+ChillerDragon> i see 20:20 <+ChillerDragon> or u use the + hack xd 20:20 <+bridge> or if its linked with steam, they'd be having to make a new steam account on top of that 20:20 <+ChillerDragon> chillerdragon+bot1@gmail.com 20:21 <+bridge> i think you can counter that 20:21 <+ChillerDragon> if steam is needed to play on ddnet id quit ddnet xd 20:22 <+bridge> then you're not a true ddnet fan 20:22 <+ChillerDragon> i just play the ddnet version w out steam then i mean 20:24 <+bridge> anyway account system would be better in general 20:25 <+bridge> for me it takes like 5 seconds to ban a botter, while it takes them several minutes to create a new account 20:25 <+bridge> Accounts in ddnet :justatest: 20:26 <+ChillerDragon> how do you even know someone is a botter? 20:26 <+bridge> several factors which i won't discuss about 20:26 <+ChillerDragon> wow.. 20:27 <+ChillerDragon> just transform those factors into code and auto ban 20:27 <+ChillerDragon> then it takes 0 seconds 20:27 <+bridge> im not a dev 20:27 <+ChillerDragon> then discuss the factors in this dev channel xd 20:27 <+bridge> Checksum I think 20:28 <+ChillerDragon> is it even sent? 20:28 <+bridge> that would give bot client devs the opportunity to note it, like this individual @Mʎɹ シ 20:28 <+bridge> https://cdn.discordapp.com/emojis/1055910874566627352.png?quality=lossless&size=48 20:28 <+ChillerDragon> ah u mean in the finger print thingy 20:28 <+ChillerDragon> yea 20:31 <+bridge> I think it hard for spoof, I tried, need spoof a lot of stuff, then yea, It can be used for auto ban I think 21:00 <+bridge> kinda stupid thing to solve in open-source 21:00 <+bridge> quake had the same problem after making code public 21:01 <+bridge> this sort of protection is pointless for an opensource game, it's just a single line to edit out in the code, trivially bypassed, and old clients won't even support it 21:01 <+bridge> carmack just said "open-source preventing antibot is useless" and went straight with closed sourced antibot check 21:01 <+bridge> There is not much point to discussing it as it'd be useless no matter how you look at it, malicious people just won't update their clients or use a "cracked" one 21:02 <+bridge> http://www.catb.org/~esr/writings/quake-cheats.html 21:03 <+bridge> 1999 -> 2023 21:03 <+bridge> 24 years passed 21:03 <+bridge> like 21:03 <+bridge> there is no actual solution 21:04 <+bridge> heyt 21:04 <+bridge> you quoted a good blog 21:04 <+bridge> i recommend reading this http://www.catb.org/~esr/faqs/hacker-howto.html 21:04 <+bridge> i remember you sent this like year ago 21:04 <+bridge> or half year ago 21:05 <+bridge> alzheimer 21:05 <+bridge> https://cdn.discordapp.com/attachments/293493549758939136/1103396922858934412/image.png 21:05 <+bridge> lol 21:06 <+bridge> ye i see protecting an open source software from unwanted code like cheats is not something easy fixable 21:07 <+bridge> yep 21:07 <+bridge> its that good 21:07 <+bridge> it aligns with what i think so hard 21:08 <+bridge> honestly, the only approach that is even worth pursuing imho is the approach noby took, try detect it at the server 21:09 <+bridge> noby antichots is not perfect either, you should monitor every value and use nobybot to test them :troll: 21:09 <+bridge> Supplement it with accounts so you can make it extra annoying for banned people to evade 21:10 <+bridge> > To follow the path: 21:10 <+bridge> > look to the master, 21:10 <+bridge> > follow the master, 21:10 <+bridge> > walk with the master, 21:10 <+bridge> > see through the master, 21:10 <+bridge> > become the master. 21:10 <+bridge> yeah master branch 21:10 <+bridge> change master to "ddnet dev" 21:10 <+bridge> xd 21:11 <+bridge> ddnet server coding is easy until you don't need any external resources xd 21:11 <+bridge> so you should mess up with client 21:12 <+bridge> i see you're pro account 21:12 <+bridge> btw are accounts still being discussed or is it settled? 21:13 <+bridge> I'm not only pro account, I'm pro annoying accounts as well, add multiple layers of verification 21:13 <+bridge> accounts are always discussed xd 21:13 <+bridge> but never done 21:13 <+bridge> yess that would be so good 21:13 <+bridge> its a move for ddnet 2 (written in rust^tm) 21:13 <+bridge> !rust 21:13 < chillerbot> @Ryozuki 21:14 <+bridge> I imagine a day where you can set a server +m where n is the level required to chat, 0 only requiring an account, 1 requiring a verified email, 2 requiring linked steam, 3 requiring verified phone 21:15 <+bridge> 4 requiring a ddnet code contribution 21:15 <+bridge> But it's all a dream, we are too privacy conscious to ever do phone verification 21:15 <+bridge> 5 praying to stallman 21:15 <+bridge> 6 using gentoo 21:15 <+bridge> 7 asserting rust over C 21:16 <+bridge> My true dream is governments letting us do zero-knowledge real person verification. That would be soo, soo good 21:16 <+bridge> how to store any sensitive personal information tho 21:17 <+bridge> Use a bot client, bye banned forever. If you want to get back in you write a 300 word essay apologizing to all members of the community 21:17 <+bridge> i mean data leaks every day from different spots of our planet 21:17 <+bridge> 👍 21:17 <+bridge> its so hard it seems 21:18 <+bridge> happening* 21:18 <+bridge> btw how did the last attempt to implement accounts fail? 21:18 <+bridge> but alas, it's all a dream, zero-knowledge real person verifications are not a thing and I'm the only one that thinks they aren't draconian 21:19 <+bridge> its possible 21:19 <+bridge> with a goverment backend ofc 21:19 <+bridge> I think deen wanted to make a simple account system with ddnet2 but people wanted too much from ddnet2 in exchange for letting us have accounts 21:20 <+bridge> usually it's the other way around, at least at the hardware level 21:20 <+bridge> how about we make implementing an account system, not ddnet2 21:20 <+bridge> its just ddnet with accounts, no further discussion needed 21:20 <+bridge> like 0 is machine level, you can do absolutely everything, 1 is os level, 3 is user level 21:20 <+bridge> The old guard wants cake in exchange for their ranks not being moved to their new accounts 21:21 <+bridge> thats the rings 21:21 <+bridge> couldve just not taken all the advice as features that we want immediately, but just take it slowly, implement a basic account system and the build upon it from the ideas given by the community 21:21 <+bridge> actually, i'd be ok to reset everything as long as old ranks are still accessible somewhere 21:21 <+bridge> im also okay with it as long as i can flaunt i was in the old days 21:21 <+bridge> i just hit 10k points and i also would be okay with a reset 21:21 <+bridge> or this 😄 21:21 <+bridge> You don't have enough ranks to matter, are you even r1 in an insane? Opinion rejected 21:21 <+bridge> i used to though 21:22 <+bridge> i think i was r1 on Hellcore for some time 21:22 <+bridge> Get it back and we can talk about it 21:22 <+bridge> i was r1 on arabic nights 21:22 <+bridge> someone stole it 21:23 <+bridge> if you reset ranks first, i can get it back faster \*taps head\* 21:24 <+bridge> how many ranks btw? im not even in top100 points anymore 21:25 <+bridge> reseting might give me motivation to play more actually 21:25 <+bridge> can i get a bonus due to my old ddnet age? 21:25 <+bridge> this year, on 28th of july will mark my 10th anniversary 21:25 <+bridge> +1, publish demos all declined accepted maps and ranks xd 21:26 <+bridge> some kind of heinrich's archive 21:26 <+bridge> demos will take huge space 21:26 <+bridge> my folder is already 15+GB 21:26 <+bridge> 11.9GB of demos 21:26 <+bridge> theyre easily compressed 21:26 <+bridge> but not in ddnet sizes tho 21:27 <+bridge> btw when i think about it, if the bot client would have the line removed, it would just exposed themselves this way 21:27 <+bridge> like how 21:27 <+bridge> client-side protection is no gain 21:27 <+bridge> compress 21:27 <+bridge> Idk, you need to ask the current r1 holders if they consider your opinion valid 21:27 <+bridge> with lzma 21:27 <+bridge> ok, zip 9 reduces demos size by 75% 21:27 <+bridge> server-side protection is too hard to since all inputs are known 21:27 <+bridge> zip bad 21:28 <+bridge> sorry, im on windows only 21:28 <+bridge> oof 21:28 <+bridge> 7z 21:28 <+bridge> zstd probably better 21:28 <+bridge> dont talk to me or my kids 22:41 <+bridge> What happens to ger10 stats? 23:31 <+bridge> that's really pointless, open-source or not 23:32 <+bridge> the program asks the operating system for the mac address, I'm sure there are plenty of "mac address spoofers" out there that lie to the program on behalf of you 23:38 <+bridge> i'm thinking about how many of the botters would actually do that, when half of them dont even change their ingame name when evading 23:39 <+bridge> once you start banning for it, every one of them 23:40 <+bridge> they would need to have a good amount of knowledge about what ddnet is sending to the server, and on top of that, how to spoof their mac address 23:40 <+bridge> and speaking from my experience, not alot of them have a good amount of knowledge 23:40 <+bridge> which they get from the cheat developer 23:41 <+bridge> if they don't know a lot, you can simply IP ban them 23:41 <+bridge> most of them know one thing, and its to restart the router for a new ip address tho 23:41 <+bridge> i mean, everyone knows that 23:41 <+bridge> yes, and why do they know it? 23:41 <+bridge> because they need it to evade a ban 23:42 <+bridge> if you somehow manage the impossible task of transferring the mac address of the network card to the ddnet server, guess what everyone will learn? 23:42 <+bridge> the same way people learn how to change their IP address 23:42 <+bridge> I mean, it might be a good teaching opportunity, I guess 😉 23:43 <+bridge> how are they going to be able to pinpoint on what exactly exposed them? 23:43 <+bridge> what if they think they're ip range banned 23:43 <+bridge> or what if they think, the antibot system detected them again 23:43 <+bridge> because it just takes a single person to figure that out 23:44 <+bridge> and then distribute that knowledge with the cheat client 23:45 <+bridge> there's alot of rather obvious stuff that the bot users and bot devs dont know yet. I'd take the chance to add a new fingerprint factor and see what happens 23:46 <+bridge> because we aren't autobanning for it 23:46 <+bridge> ok, onto more practical factors 23:46 <+bridge> 1) the mac address thing will just be spoofed by bot clients directly 23:47 <+bridge> i didnt suggest autoban for it, just additional server info that can get dumped for the mods 23:47 <+bridge> 2) this has privacy implications that I don't think we should shoulder 23:47 <+bridge> just by discussing it here, people are going to know about it when we add it 23:48 <+bridge> maybe with that, they will unknowingly create a pattern which is detectable for us 23:48 <+bridge> it could happen 23:48 <+bridge> i dont see mac address much of a privacy breach 23:48 <+bridge> its a randomized number depending on your hardware 23:48 <+bridge> and drivers 23:49 <+bridge> it's constant for a single person 23:49 <+bridge> not dependent on your drivers, only for your hardware 23:49 <+bridge> not dependent on your drivers, only on your hardware 23:49 <+bridge> the moderators already get much more privacy breaching information besides mac address 23:50 <+bridge> we're already in breach of the gdpr, let's make it worse? 23:50 <+bridge> I don't get that argument 23:52 <+bridge> i dont get why mac address would be a privacy breach, it doesn't correlate to any location, personal info or anything else 23:52 <+bridge> https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/what-is-personal-data/can-we-identify-an-individual-indirectly/ 23:52 <+bridge> > If an individual can be identified from that MAC address, or other information in the possession of the network operator (the business, in this example), then the data is personal data. Additionally, even if the business does not know the name of the individual, using a MAC address (or other unique identifier) to track a device with the purpose of singling out that individual or treating them differently means the data is also personal data. 23:54 <+bridge> im not an expert on the uk gdpr, i just made a suggestion that would make some things much easier for moderators 23:55 <+bridge> thanks for making that suggestion 23:55 <+bridge> I tried responding why I think it's an unworkable idea on multiple layers 23:56 <+bridge> alright understood 23:57 <+bridge> i saw some other game had mac address tracking, thats why i thought of it 23:58 <+bridge> and they're much bigger than ddnet, i don't know how they're compliant with the gdpr