Posts by videogamesm12

A few months ago, geteso (previously known as esoTalk) allegedly suffered a breach. While the nature of the breach is not known, what is known is that accounts were compromised (resulting in the website mandating a password change for all user accounts) and email addresses connected to user accounts were flooded with password reset requests from the site. The identity of the perpetrator behind the breach is widely disputed amongst its community.

What likely happened here is that someone spammed the everlasting shit out of this forum's password reset system using email addresses obtained from the geteso breach. This means that anyone who used the same email address to sign up for geteso as they did to sign up to this forum would get absolutely buttfucked by email reset requests. This appears to be what happened in your case.

What the fuck

In July 2019, I recorded myself browsing the forums using my Xbox 360. At the time I had a tendency to record myself browsing the forums on older hardware (including the Nintendo Wii) mainly as proof that it was possible to do so. The Xbox 360 was one of the systems I showcased.

https://www.youtube.com/watch?v=ogs5pal6VV8

Apologies for the shit quality, I for whatever reason recorded this on a fucking VHS tape. I had previously mentioned this exact recording, but I only just now got around to releasing it.

...and he did it again.

You literally just bypassed your ban to build a shitty swastika (you didn't even do the proportions right, by the way) using signs containing some of the most cringy anime villain type shit I have ever seen on this server. I don't think you intended to be funny, but holy shit did I laugh my ass off.

Object.

Quote

↩  DragonSlayer2189 i’m about 80% sure that the reason darth begged for this to be the statue when he was AECD and we were making this hub was purely because he wanted it to essentially be a statue of him,

So instead of delivering a statue of someone that he promised, he decided to instead have a statue of the grim reaper of all things (yeah, really fucking smart of him to put something often associated with death at the fucking hubworld where everyone spawns at).

Nice.

↩  Paldiu Mojang has apparently fixed this in 1.18.2 Prerelease 3 - https://bugs.mojang.com/browse/MC-248680.

It's not the first time Mr. Putin acted too big for his shoes.

If it needs to be a statue, make it the Statue of Liberty.

↩  Luke I've come under fire from the other developers for it. See #development-discussion on the Discord.

↩  videogamesm12 I've since come under fire for this suggestion, so let me just double down and support my claims even further by explaining why this solution makes more sense than using a plugin like VulnerabilityPatcher.

VulnerabilityPatcher works by listening for any events and cancels/modifies them if they meet a certain criteria. While this does help protect against exploits to an extent, as long as Minecraft continues to be developed these workarounds will continue to be bypassable, as the plugin doesn't fix the root cause of the exploits in question.

If we were to use a fork of Paper specifically intended to fix the root cause of these exploits (many of which are extremely simple to fix), we would actually resolve what is causing the exploits in the first place. This means that even if someone were to embed the item into a chest/dispenser/whatever, the exploit would already be fixed so it still wouldn't work. No extra bullshit needed!

Of course, there are shortcomings to my solution. The main one is that it may make moving versions or updating from upstream more difficult, but frankly I don't see how that's a dealbreaker (unless the changes from upstream fixes critical vulnerabilities on par with Log4Shell) if the outcome is server software more stable than if we were just using regular Paper. Some argue that it would take more development effort - I disagree. I'd argue that adding workarounds to VulnerabilityPatcher to that would be more difficult to pull off than fixing the root problem.

↩ @'wxtermelon' It is worth mentioning that we could still have some dynamic content on these static pages by the use of a short and simple JavaScript file, which would need to be written specifically to query from something like the TFM HTTPD server.

↩  matscalle That won't do you any good, their sites are filled to the brim with JS files that bog down performance.

↩  matscalle Some points I made in a previous thread about Wix as a service:

• They collect data about you (including some personal details!) and then share it to marketing companies for use in targeted advertisements.

• If we used Wix unironically, we would be relentlessly made fun of by pretty much everyone for it.

• You have to pay them to get rid of all the branding that they slap onto your website like a bumper sticker.

• Migrating to a third party service like Wix which forces us to rely on them is like the last thing Ryan wants to do.

• You have to pay them $18 a month just to get basic things like analytics about your site or even a basic calendar.

@"erin"#107 You better not be getting any funny ideas now.

Congratulations.

This server is constantly crashing due to users exploiting bugs in the server software. With Mojang's absolute incompetency and Paper's refusal to fix several server-crashing exploits, it is in our best interest to just maintain a fork of Paper ourselves and fix the root cause of these exploits.

↩  root Thanks, Mojang.

↩  Paldiu We literally use it in IP address bans for offline players.

Quote

↩  Paldiu With the conversion to uuids from ip addresses, we would need to add a uuid value and remove the ip value.

No, we wouldn't. The implementation I did in my fork changes how player data entries are accessed to only get UUIDs (instead of a whackass combination of name and IPs) by default. IPs are still stored there, but that's only for compatibility with banning commands and stuff like /findip. The only form of conversion we need to do is names -> UUIDs.

Key:

• Yellow Highlight - Application window opens
• Red Highlight - Application window closes, voting begins
• Aqua Highlight - Voting concludes, votes counted, and Senior-level poll begins
• Green Highlight - Senior-level poll concludes, and end decision is made