00:16 <+bridge_> it was only for ppl used discord support i guess ? 00:20 <+bridge_> https://cdn.discordapp.com/attachments/293493549758939136/1470560107380080793/image.png?ex=698bbd53&is=698a6bd3&hm=50be4283c6adffd0ef1d12258750c95109e2dff8797b6be20011ed8773c90432& 00:22 <+bridge_> fwiw that was an external vendor that they only used for under-13 ban appeals and that they have since stopped using; they'll use better methods for the new age verification 00:22 <+bridge_> not that I like either discord or their new age verification policies but this is still important context 00:23 <+bridge_> <12944qwerty> They may be trying, but even with the discord as support leak they were supposed to delete all info when it was closed, but never did so 00:23 <+bridge_> <12944qwerty> They may be trying, but even with the discord support leak they were supposed to delete all info when it was closed, but never did so 02:44 <+bridge_> At least it is a ban for adult content only 02:47 <+bridge_> In the UK they started banning random stuff like Spotify 02:47 <+bridge_> Or Wikipedia 02:55 <+bridge_> <12944qwerty> That's crazy 02:55 <+bridge_> <12944qwerty> Only to think they were all for freedom of content not long ago 02:56 <+bridge_> <12944qwerty> crazy to think that they were all for freedom of content not long ago 02:56 <+bridge_> <12944qwerty> crazy that they were all for freedom of content not long ago 03:13 <+bridge_> <12944qwerty> I'm more concerned with the fact that they're gonna use an ai model to "guess" your age by your activity... 03:13 <+bridge_> <12944qwerty> Which has already backfired for YouTube and Roblox and possibly others. And it's a terrible invasion of privacy 08:57 <+bridge_> I am lost, where do I find the map submission bot code again? I even wrote a PR a year ago and can't find the repo 09:42 <+bridge_> https://www.theverge.com/tech/875309/discord-age-verification-global-roll-out 10:19 <+bridge_> I wonder if they take fucking account age into consideration 10:22 <+bridge_> my dc account is only 10 years old, so I must at least be 11 right? 11:47 <+bridge_> I now tested https://opencode.ai/ and we are cooked. I asked it to fix my webdav mounts and it just worked. 11:48 <+bridge_> AI in terminal :justatest: 12:32 <+bridge_> I basicly finished the work of server-side custom resource. Would it be accepted by DDNet :3? If so, I could port it from our teeworlds fork to DDNet. Anyway, there's a lot of thing to discuss. :3 12:33 <+bridge_> Also #7296 12:33 <+bridge_> https://github.com/ddnet/ddnet/issues/7296 12:37 <+bridge_> have you read the thread? it's not that long 12:37 <+bridge_> are the server side custom resources embedded in the map? 12:37 <+bridge_> you could give a technical overview about your implementation in that thread 12:37 <+bridge_> I have read a long time ago 12:38 <+bridge_> I still disagree with every custom resource must be embedded in the map though. 12:39 <+bridge_> would be good to give your thoughts in the thread 12:39 <+bridge_> I don't see you making that point in the thread yet 12:42 <+bridge_> This is how you get those “Post-Mortem: Claude deleted my entire production database” posts 12:44 <+bridge_> You're absolutely right! I 12:44 <+bridge_> - Deleted your entire database. 12:44 <+bridge_> - Did not ask you for confirmation. 12:44 <+bridge_> - Did not make any backups. 12:44 <+bridge_> 12:44 <+bridge_> I should have 12:44 <+bridge_> - Checked my command before running it 12:44 <+bridge_> - Made backup copies before running dangerous commands 12:44 <+bridge_> 12:44 <+bridge_> Would you like me to make a detailed damage report? 12:47 <+bridge_> I'm deeply sorry, that shouldn't have happened. 12:53 <+bridge_> the first step is to run the AI as a user, that doesn't have that many permissions 12:53 <+bridge_> also you can run it in "suggestion mode" so you need to enter the commands yourself 12:54 <+bridge_> Then you get a little tired, it seems to not make mistakes anyway, the command looks reasonable 12:54 <+bridge_> Boom 12:55 <+bridge_> But then it's *YOUR* fault and not the AIs :pepeRage: 12:55 <+bridge_> 12:55 <+bridge_> Also people seem to delete entire wikis without AI ... 12:57 <+bridge_> I tried that. it asked me whether I'd allow sqlite3 commands in the current directory. how would I evaluate that? 12:57 <+bridge_> sqlite3 surely contains a privilege escalation (in that scenario), like arbitrary file write in the whole filesystem 12:58 <+bridge_> you could ask for the exact command it wants to do and evaluate it - I know this is a lot of work if you do this properly 12:58 <+bridge_> yes, that's what I did 12:58 <+bridge_> but I don't think that's what people do 12:59 <+bridge_> manual command approval ruins the vibes 12:59 <+bridge_> I agree with all of you tbf - this is totally a double edged sword and you can damage yourself with it 12:59 <+bridge_> you're supposed to write an apple script that hits enter every two seconds and leave claude running 12:59 <+bridge_> ||this is not a joke; there was a blog post where someone actually did this|| 13:00 <+bridge_> > Also people seem to delete entire wikis without AI ... 13:00 <+bridge_> we probably fixed that now. https://archive.org/search?query=subject%3A"Miraheze"+subject%3A"DDNet"&sort=-addeddate 13:00 <+bridge_> although I haven't tested that backup yet… 13:00 <+bridge_> Overtime people lose the skill to evaluate it because they offload the task to the ai gods 13:01 <+bridge_> it has 165 MB, looks _reasonable_ without downloading it 13:01 <+bridge_> the old wiki backups also had 165 MB 13:01 <+bridge_> of the deleted wiki 13:01 <+bridge_> they were missing the page texts though 13:01 <+bridge_> only had the images 13:02 <+bridge_> I'll ask the AI questions until I fully understand what it's doing - but I am also not vibe coding 13:03 <+bridge_> I ask it to search for tools for me 13:03 <+bridge_> It found `witr` for me recently, quite useful actually 13:03 <+bridge_> this is the way 13:04 <+bridge_> when you have a question that needs enough context to be tricky to google, describe your use case and ask it for tools/conventions/idioms that apply here, and then look them up yourself 13:05 <+bridge_> oh that looks neat 13:05 <+bridge_> Another one I do is asking it to find me documents. It does dig up some very interesting literature, just don’t ask it to read the pdfs it finds, it will misquote them 13:06 <+bridge_> Like I needed to find a bitsliced implementation of the PRESENT algorithm 13:06 <+bridge_> a while ago an LLM gave me ddrescue which was great 13:06 <+bridge_> but in the same breath it told me that ddrescue and dd_rescue are the same thing which is bullshit 13:08 <+bridge_> Oh yeah, it loves doing that. I was looking for an alternative to GNU Parallel and it kept telling me xargs can do it, by just passing flags that belong to parallel to xargs 13:51 <+bridge_> Also if anyone is interested in this, you can view https://github.com/TeeworldsArchive/teeworlds/pull/46 😄 13:58 <+bridge_> This could happen to a human as well 13:58 <+bridge_> At least then you are a regular moron 14:00 <+bridge_> The same if you just allow any command to be executed from any LLM agentic driven tooling 14:00 <+bridge_> this seems to be the modus operandi of a lot of vocal people on the internet 14:01 <+bridge_> But this was the same before LLM where here for the mass 14:01 <+bridge_> But nobody wanted to get blamed on X (formerly X) for deleting prod after executing a stackoverflow command 14:02 <+bridge_> Now you just blame LLMs that its their fault 14:03 <+bridge_> I don't think you can take that from the first post 14:03 <+bridge_> > This is how you get those “Post-Mortem: Claude deleted my entire production database” posts 14:03 <+bridge_> https://axcient.com/blog/how-google-cloud-deleted-a-125-billion-account/ 14:04 <+bridge_> it seems we're in agreement? I fail to find any difference in opinion 14:05 <+bridge_> I would rename it to: "Post-Mortem: How I deleted my entire production database" 14:06 <+bridge_> but these blog posts exists 14:07 <+bridge_> you can't rename them for the people who write them 14:08 <+bridge_> see e.g. https://old.reddit.com/r/ClaudeAI/comments/1pgxckk/claude_cli_deleted_my_entire_home_directory_wiped/ 14:09 <+bridge_> But its the same here, human error 14:09 <+bridge_> He just allowed the rm -rf command to be executed 14:09 <+bridge_> yes, the blog post is called "claude cli deleted my entire home directory" 14:09 <+bridge_> so I think a "post-mortem: claude deleted my entire production database" is also likely 14:10 <+bridge_> Its just the tool 14:10 <+bridge_> You could also say: "rm -rf deleted my entire home directory" 14:10 <+bridge_> Which is intended 14:10 <+bridge_> @avolicious would like to blame someone else, but agrees that the blog post is likely to be called 'This is how you get those “Post-Mortem: Claude deleted my entire production database” posts'? 14:10 <+bridge_> @avolicious would like to blame someone else, but agrees that the blog post is likely to be called "Post-Mortem: Claude deleted my entire production database"? 14:11 <+bridge_> "I deleted"* 14:11 <+bridge_> Not claude 14:11 <+bridge_> you don't believe someone would write a blog post with that title? 14:11 <+bridge_> I guess we're really disagreeing then 14:11 <+bridge_> I do, because obv. they are using "claude" already 14:11 <+bridge_> But blaming an LLM for their fault is not correct 14:12 <+bridge_> that seems to be a discussion you've opened 14:12 <+bridge_> I'm not really interested in discussing who's to blame, I just wanted to understand where your difference comes from 14:13 <+bridge_> you apparently don't want to cmoment on whether you think such a blog post title is likely 14:13 <+bridge_> so I guess the discussion is over, with us discussing different things 14:13 <+bridge_> time to check ddnet for vulnerabilities for AI 14:13 <+bridge_> time to check ddnet for vulnerabilities with AI 14:13 <+bridge_> time to fix existing known vulnerabilities 😉 14:14 <+bridge_> are there many? Except in the map io 14:14 <+bridge_> UDP 14:14 <+bridge_> plain text password transfer 14:14 <+bridge_> Time to move to QUIC 14:14 <+bridge_> well yeah a MITM is always hard 14:14 <+bridge_> Then accounts 14:15 <+bridge_> Then getting rid of the old protocol entirely 14:15 <+bridge_> Yeah, I give AI heinrichs PR and say "implement the rest of it" 14:15 <+bridge_> Sounds like a good plan 14:15 <+bridge_> who wants to review 12K LOC? 14:16 <+bridge_> Just add "Keep it simple, stupid" in the prompt 14:17 <+bridge_> like I recently said to Learath2: 14:17 <+bridge_> > there's some unsexy stuff that needs to be done, e.g. writing build files, making sure it works on windows and while cross-compiling 14:17 <+bridge_> the latter part is probably not doable by LLMs on their own 14:17 <+bridge_> since it's integration work 14:18 <+bridge_> If it can delete prod databases, it can fix this too ^^ 14:18 <+bridge_> I wouldn't be that sure about it :justatest: 14:18 <+bridge_> claude code doesn't run on windows, as a starter 14:18 <+bridge_> WSL 14:19 <+bridge_> yes, but then you're not in the environment you want to work in anymore 14:19 <+bridge_> if you give me a WSL shell, I'm going to have a really hard time checking windows compiles 14:19 <+bridge_> ? 14:19 <+bridge_> it doesn't need to - you only need a tool on windows that goes against the existing openapi spec - i.e. opencode 14:19 <+bridge_> by all means, do it if you think it's easy 14:19 <+bridge_> you can host the server fully remotely like we do at work 14:20 <+bridge_> and you can host all models afaict in a docker container, which should also work on windows (which also makes use of WSL) 14:20 <+bridge_> just be warned about the 12 GB used memory 14:22 <+bridge_> @avolicious @essigautomat when can I expect the report on how to make the PR build on windows? 14:23 <+bridge_> I am currently working on something else, but I'll add it on the ToDo 14:24 <+bridge_> please make it a short report on what needs to be changed and not a +10000 lines PR 14:24 <+bridge_> I'd really appreciate it 14:24 <+bridge_> I am so overworked right now - I'll also put it on my todo right after fixing my homeserver and having my resin 3D printer in a usable state :justatest: 14:24 <+bridge_> Sure, the report is a PoC, not the PR itself 14:25 <+bridge_> and ideally understand the LLM solution yourself so I'll not be the human interface for the LLM to fix up its solution 14:25 <+bridge_> I think I'll ask the AI first to understand your PR 14:55 <+bridge_> Software peoples burning desire to be replaced by AI models ASAP will be studied in the coming decades 15:03 <+bridge_> Do you mean the quic one? It's blocked by building on windows? 15:05 <+bridge_> see checkboxes at https://github.com/ddnet/ddnet/pull/6961 15:33 <+bridge_> I see 15:52 <+bridge_> Are there any advantages to move to QUIC? 15:55 <+bridge_> Ah I saw 15:55 <+bridge_> Depends on Rust creates 15:55 <+bridge_> :frozen: 16:04 <+bridge_> 1) encrypted connection 2) a way to make accounts work securely 16:06 <+bridge_> :thonk: 16:06 <+bridge_> I guess 3) no longer implementing our own reliable messaging 16:08 <+bridge_> I always felt that ddnet was aggressive in these regards. 16:09 <+bridge_> in what regards? 16:10 <+bridge_> e.g. QUIC. 16:12 <+bridge_> There are more things which have been the parts of DDNet. 16:16 <+bridge_> :thonk: 16:16 <+bridge_> ah 16:17 <+bridge_> I think we're moving exceptionally slow with QUIC tbh 16:17 <+bridge_> That's my word issue. 16:18 <+bridge_> `aggressive` should be `radical` 16:19 <+bridge_> also I think DDNet is the first game project I have seen that use HTTP master server. 16:20 <+bridge_> I'd guess most games fetch most their stuff via HTTPS these days 16:21 <+bridge_> At least we could see that some Steam games community servers are fetched not by HTTPS. 16:23 <+bridge_> And 16:24 <+bridge_> I think it has been 2 years. 16:24 <+bridge_> however, nobody cares #5156 16:24 <+bridge_> https://github.com/ddnet/ddnet/issues/5156 16:25 <+bridge_> yea, no one cared enough to solve the issue 16:26 <+bridge_> if you want to solve the issue, we can have a chat about how it could be implemented 16:28 <+bridge_> Maybe could send a heartbeat to verify the latency and if the master is alive 16:29 <+bridge_> yea, could try registering with a random and if it works, continue to use that one 16:29 <+bridge_> if it fails, select the next one, I guess? 16:29 <+bridge_> Also 16:29 <+bridge_> what is "failure" here? port forward check included, I guess? 16:29 <+bridge_> if the master reports that it couldn 16:30 <+bridge_> if the master reports that it couldn't go through the firewall, then select the next one. 16:30 <+bridge_> yea, sounds good 🙂 want to implement that? 16:31 <+bridge_> I would like to work on the cpp part :3 16:32 <+bridge_> it only has a C++ part, I think 16:33 <+bridge_> Shouldn't the master send a heartbeat packet back? 16:33 <+bridge_> I'd just try registering immediately 16:34 <+bridge_> there seems to be only one master now. 16:34 <+bridge_> yes 16:34 <+bridge_> do you need another one for testing? 16:35 <+bridge_> Would be useful after the PR opens. 16:37 <+bridge_> hmm 16:37 <+bridge_> make the default config from 16:37 <+bridge_> `https://master1.ddnet.org/ddnet/15/register` to `https://master%d.ddnet.org/ddnet/15/register`? 16:38 <+bridge_> you can do that for now, for the final PR probably `https://register%d.ddnet.org/ddnet/15/register` 16:38 <+bridge_> so that we can host the server list and the registration on different domains 16:40 <+bridge_> ah 16:40 <+bridge_> so the best master server is the server could register? 16:40 <+bridge_> (first) 16:40 <+bridge_> yes 16:42 <+bridge_> Are there only 4 masters' domains could be used? 16:42 <+bridge_> yes 16:52 <+bridge_> hm.. skip after the server reports error three times? 16:53 <+bridge_> yea, maybe something like that 🙂 17:20 <+bridge_> oh no, 17:21 <+bridge_> there would be warning 17:30 <+bridge_> master1 reports me The requested URL returned error: 400 17:31 <+bridge_> when register to master4, it reports me: `The requested URL returned error: 400` 17:32 <+bridge_> that makes sense, there's no register endpoint on that server, currently 17:32 <+bridge_> I saw a double register problem 17:33 <+bridge_> ``` 17:33 <+bridge_> 2026-02-11 00:31:51 I register/6/ipv6: registering... 17:33 <+bridge_> 2026-02-11 00:31:51 I register/6/ipv4: registering... 17:33 <+bridge_> 2026-02-11 00:31:51 I register/7/ipv6: registering... 17:33 <+bridge_> 2026-02-11 00:31:51 I register/7/ipv4: registering... 17:33 <+bridge_> 2026-02-11 00:32:06 I register/6/ipv6: registering... 17:33 <+bridge_> 2026-02-11 00:32:06 I register/6/ipv4: registering... 17:33 <+bridge_> 2026-02-11 00:32:06 I register/7/ipv6: registering... 17:33 <+bridge_> 2026-02-11 00:32:06 I register/7/ipv4: registering... 17:33 <+bridge_> 2026-02-11 00:32:06 E register/7/ipv6: ERROR: the master server reports that clients can not connect to this server. 17:33 <+bridge_> 2026-02-11 00:32:06 E register/7/ipv6: ERROR: configure your firewall/nat to let through udp on port 8303. 17:33 <+bridge_> 2026-02-11 00:32:06 E register/6/ipv6: ERROR: the master server reports that clients can not connect to this server. 17:33 <+bridge_> 2026-02-11 00:32:06 E register/6/ipv6: ERROR: configure your firewall/nat to let through udp on port 8303. 17:33 <+bridge_> 2026-02-11 00:32:06 E register/7/ipv4: ERROR: the master server reports that clients can not connect to this server. 17:33 <+bridge_> 2026-02-11 00:32:06 E register/7/ipv4: ERROR: configure your firewall/nat to let through udp on port 8303. 17:33 <+bridge_> 2026-02-11 00:32:06 E register/6/ipv4: ERROR: the master server reports that clients can not connect to this server. 17:33 <+bridge_> 2026-02-11 00:32:06 E register/6/ipv4: ERROR: configure your firewall/nat to let through udp on port 8303. 17:33 <+bridge_> ``` 17:36 <+bridge_> hm 17:38 <+bridge_> ``` 17:38 <+bridge_> - [ ] Tested the change ingame 17:38 <+bridge_> ``` 17:38 <+bridge_> Does this `ingame` mean `in the client`? 17:39 <+bridge_> yes, but ignore that part or remove it from the check box 17:39 <+bridge_> just tick it if you tested it 🙂 17:42 <+bridge_> How could I test a master server thing in client???? 17:43 <+bridge_> How could I test a master server thing in client???? (which is not related) 17:47 <+bridge_> ignore that part or remove the word "ingame" from the checkbox ^^ 17:47 <+bridge_> we don't reject your PR if it doesn't have all boxes ticked ^^ 17:51 <+bridge_> Ah right 17:51 <+bridge_> where the next master is 18:20 <+bridge_> @heinrich5991