Pages: 1 2 [3] 4 5 :: one page |
|
Author |
Thread Statistics | Show CCP posts - 5 post(s) |
Joe Starbreaker
The Fighting Republicans
|
Posted - 2009.08.15 15:42:00 -
[61]
Hallelujah!
= the GOP is recruiting = |
WheatGrass
Gallente Silent but Friendly
|
Posted - 2009.08.15 16:58:00 -
[62]
Thank you, Sir!
This looks SO good on 'paper'. I'll look forward to the test drive.
|
Vorononv Circut
The Maverick Navy Atlas Alliance
|
Posted - 2009.08.15 20:08:00 -
[63]
Best dev blog EVER!
|
Agent Stone
Volition Cult The Volition Cult
|
Posted - 2009.08.15 20:59:00 -
[64]
Awesome! Best news I have had this week!
|
Messoroz
|
Posted - 2009.08.15 22:00:00 -
[65]
Edited by: Messoroz on 15/08/2009 22:00:15 Anyone with IGB sites should just shoot themselves if they complain about Moondoggie breaking things. I personally can't believe people use IGB sites.
|
Kessiaan
Minmatar DEATHFUNK Atlas Alliance
|
Posted - 2009.08.16 02:13:00 -
[66]
Edited by: Kessiaan on 16/08/2009 02:14:31 Sounds great!
But.. if CCP is using a 3rd party browser as the 'guts' of the new IGB, it's going to be a huge target for keyloggers. I can see it now - "BUY YOUR ISK AT <whatever URL>!" Click link, get keylogger.
But I have a lot more faith in Google than Microsoft at making code that won't crap out if you show it a funny image.
|
Abortion Engine
GoonFleet GoonSwarm
|
Posted - 2009.08.16 03:47:00 -
[67]
Quote: Plus, unless they provide some PKI with this it's going to be as useless in trusting as the current IGB. HTTP headers are trivial to forge. What they need to do is generate RSA key pairs for every user and allow the public key to be retrieved via the API then use THAT for authentication.
Pulling this from elsewhere to post here.
|
Kirsten Fud
Galactic Shipyards Inc HUZZAH FEDERATION
|
Posted - 2009.08.16 04:13:00 -
[68]
Originally by: Abortion Engine
Quote: Plus, unless they provide some PKI with this it's going to be as useless in trusting as the current IGB. HTTP headers are trivial to forge. What they need to do is generate RSA key pairs for every user and allow the public key to be retrieved via the API then use THAT for authentication.
Pulling this from elsewhere to post here.
Agree!
This or OpenID providers, either would be perfect.
|
Twistalous
Gallente Arkons of Myth KIA Alliance
|
Posted - 2009.08.16 06:05:00 -
[69]
Originally by: Kirsten Fud
Originally by: Abortion Engine
Quote: Plus, unless they provide some PKI with this it's going to be as useless in trusting as the current IGB. HTTP headers are trivial to forge. What they need to do is generate RSA key pairs for every user and allow the public key to be retrieved via the API then use THAT for authentication.
Pulling this from elsewhere to post here.
Agree!
This or OpenID providers, either would be perfect.
Honestly, it's not that hard to secure an IGB site. You just require them to log in with a password each time to use the site. They can forge headers all they want but if they don't know your password, they won't get in, no matter what their headers say.
|
Zex Maxwell
Caldari
|
Posted - 2009.08.16 08:02:00 -
[70]
Ho-ly ****! A feature that been around for ages is FINALLY getting an much needed upgrade. KICK ASS CCP!
|
|
Sade Onyx
|
Posted - 2009.08.16 12:19:00 -
[71]
Am I missing something?
Is the blog indicating what they would like to do, are working on, or is coming imminently?
Nice to blind us with complicated words and suedanims but when! is a subject given the widest birth that is only desired from a moon sized aseroid in close proximity to our planet earth.
|
Ix Forres
Caldari Vanguard Frontiers
|
Posted - 2009.08.16 12:31:00 -
[72]
Edited by: Ix Forres on 16/08/2009 12:31:42 Absolutely fantastic, but took you a while.
As others have said, the lack of any cryptographically secure mechanism for identifying users in the IGB is one of the major blockers for IGB websites. CCP setting up a key infrastructure such that public keys could be obtained via the API (given a character ID, no restrictions) and that private keys could be used to sign browser requests in the IGB (and perhaps could be leveraged in the API, too?) would make life a lot easier for devs.
I'm glad to see we'll finally get a proper browser and I'm looking forward to deleting all my IGB-specific templates in favour of simply handing out full-blown site templates with some extra javascript (assuming JS is used for these new functions). This of course assumes the on-paper implementation actually works and isn't burdened with bugs as the current IGB is.
Thanks for (finally) listening to us, CCP! -- Ix Forres EVE Application Developer Charactr (NEW) | EVE Metrics | I Tweet |
Serenity Steele
Dynamic Data Distribution
|
Posted - 2009.08.16 14:10:00 -
[73]
Very exciting. Looking forward to getting a shot to use it on SiSi.
≡v≡ Strategic Maps in Eve-Online Store | eve-maps.com |
Derus Grobb
Selectus Pravus Lupus
|
Posted - 2009.08.16 20:58:00 -
[74]
Great news, looks like they are doing it the right way. ---
|
Haradgrim
Tyrell Corp Fuzzy Nut Attack Squirrels
|
Posted - 2009.08.16 22:01:00 -
[75]
\o/
Thats some serious awesomeness, let the IGB revolution begin! --
Originally by: CCP Oveur Just donęt forget the reach-around.
|
Zeba
Minmatar Honourable East India Trading Company
|
Posted - 2009.08.16 22:47:00 -
[76]
Holy crapola! How did I miss this. *cheers* *\o/*
Quote: [03:39:05] Emperor Salazar > HOLY **** ITS ZEBA [03:39:20] Emperor Salazar > NEVER STOP POASTING
|
Citrute
|
Posted - 2009.08.17 03:49:00 -
[77]
Take some Win-And-A-Half, Multiply by pie and then sprinkle little bits of the ForceÖ on top, serve chilled.
|
Lusulpher
Blackwater Syndicate Raining Doom
|
Posted - 2009.08.17 07:18:00 -
[78]
http://princeofcode.com/awesomium.php
That first video, shows imbedded browsers are manipulatible 3D objects...that + this being in EVE + avatars(WiS) = HOLOGRAM CORP MEETING that has browser links to Enemy webpages for Intel, forums for combat plan ideas, and an imbedded "Big Board" for Tactical diagrams(online Notepad).
And everyone bookmarks it at the end...I think I just came a little.
Now that's how gamers[the best in existence]should game.
+1 Level to CCP Fanboyism, now at Level 7.\/ 7 |
Nareg Maxence
Gallente
|
Posted - 2009.08.17 08:01:00 -
[79]
o/ awesomiumsauce.
|
Kronsur Boon
|
Posted - 2009.08.17 08:16:00 -
[80]
Great to hear that CCP are using Chromium.
I really hope CCP fully implement the ability to whitelist and blacklist websites. Fuctionality, like we see in the Firefox plugin NoScript, really needs to be included from the start.
|
|
Poreuomai
Minmatar Mirkur Draug'Tyr Ushra'Khan
|
Posted - 2009.08.17 10:42:00 -
[81]
Quote: Here at Team Slartibartfast, we want you to feel good. We want you to feel good and do it a lot.
Let My People Go |
Elissen
Amarr Serenity Inc
|
Posted - 2009.08.17 10:48:00 -
[82]
Most exciting news in a long time!
And o/ for linking to the Jumpplanner ---- Weeks of programming can save you hours of planning. Jumpplanner |
|
CCP Pleognost
|
Posted - 2009.08.17 11:31:00 -
[83]
Originally by: D Gelalder Now for some questions, as I prefer to browse around using a white-lists. Meaning i have to give a site permission to to either store cookies or run java-scripts. I would like to know if this will be possible with the "moondoggie".
We're already planning on locking-down plug-ins, and we're still investigating just how fine-grained we can make our controls for things like Cookies and scripting without making the browser a usability nightmare.
Originally by: D Gelalder - Ability to define which headers are being send using the "trusted site". For example, split them up in categories. Character, location, roles. This should be self-explanatory, but an example none the less: Lets take a travel planning site, the only info it would need is your current location. It doesn't need to know who you are or what your roles are.
Also ability to blacklist sites to stop them from asking would be nice.
We have the tools to do this internally, it's largely a question of whether we can expose this in a user-friendly way. We'll take a look at it.
Originally by: D Gelalder - Ability to create "give money to.." links with target character or corp with amount and reason. This should make things easier for corps that handle a lot of isk transfers, like payouts or banks or whatever else.
While we'd like to do stuff like this, it would also make website-driven fraud a lot easier to perpetrate. Any kind of browser-IGB interaction is going to require a full in-game confirmation prompt. That said, we can take a "give money" command under consideration.
|
|
|
CCP Pleognost
|
Posted - 2009.08.17 11:36:00 -
[84]
Originally by: Taunting Yu Glad to see this is coming around. The downside to the currently IGB-compatible webpages will be that many of them are no longer updated for various reasons (person has quit playing and left the site as a convenience to the rest of the world, etc).
It would be interesting to see some of the more typical websites being able to display. I have a feeling that if it requires a plug-in (such as Flash scripts and movies), it won't be supported, as that requires trust of CCP to allow in the client. I could be completely wrong, too. Comments, devs?
On the first note, we've developed a "compatibility tool" that corrects older IGB websites and should keep them mostly operational. It's just a bit of Javascript that we can run in the context of the older sites to correct hyperlinks, images and the like.
You're correct on plug-ins. We're currently planning to lock-down or disable all external plug-ins in Moondoggie - this means no Flash for the first release. We would all love to be able to view YouTube while fighting, though, so we'd like to revisit that in the future.
|
|
|
CCP Pleognost
|
Posted - 2009.08.17 11:43:00 -
[85]
Originally by: Regat Kozovv I'm absolutely ecstatic that CCP is taking security this seriously. However, should vulnerabilities be found in the Chromium toolkit (and no doubt they will in the future as more scrutiny is placed on it) then there's a chance that the IGB would be vulnerable in certain instances as well.
We have some plans on how to handle this contingency. One of the first things we discussed after we decided to integrate with Webkit and Awesomium was the potential impact of zero-day vulnerabilities. We've worked out an architecture for "Defcon 1" scenarios that will severely restrict the functionality of the IGB until a security update is available and integrated into EVE.
All we need now is a big red button to trigger it.
|
|
|
CCP Pleognost
|
Posted - 2009.08.17 11:49:00 -
[86]
Originally by: Dex Nederland So...
1 - When is this coming? I have a site that will be getting a face lift because of it.
2 - Will the stack of utilities be made available to the public? or will we have to hunt for them?
1 - Our first release will coincide with the next EVE expansion. We're going to try to get a build onto SiSi ASAP. tl;dr: SoonÖ.
2 - Much of it, yes. There's a library of Javascript functions that IGB authors will need to use in order to do things like open Show-Info windows. We also have some compatibility scripts that you can run on a pre-Moondoggie IGB site to make it work in the new browser.
We're also planning to release some documentation on how to use it, of course.
|
|
Darcon Kylote
Terminal Impact
|
Posted - 2009.08.17 12:04:00 -
[87]
Originally by: Gnulpie As good as these changes might be, I think there are MUCH MORE IMPORTANT things necessary to be fixed in Eve first.
The whole pos, corp, alliance interfaces for example. Alchemy, sov system, supercaps, epic arcs and and and. Fix the GAME STUFF first I would say (yeah, I know, some of that stuff will be tackled in the winter expansion).
...
Well, yeah.... I am a software architect at my job, and I find I often have to control the tendency of my developers to go after the shiny, fun, techie stuff (that users don't care about), and ignore the boring usability changes and such that'll make a real difference to the bottom line. Seems like someone needs to be doing more of this at CCP.
I would rather lose the IGB entirely if I could get just a handful more keyboard shortcuts for example.
|
Hel O'Ween
Academy of Truth
|
Posted - 2009.08.17 12:37:00 -
[88]
Originally by: Miraqu I really don't like this. Eve is a game and a game should not be a browser.
If this supports flash, javascript and all the nice tools, it will also support many flash and java exploits and the other nice things like redirecting of links and tracking scripts and cookies.
This!
Basically, any website then might interact with "my" client? A very scary imagination. I do hope this is read only, like the EVE API. Although this is scary enough, at least no one can run away with your ISKies this way. And as we all know, for a long time CCP's logs "do show nothing", if that happens. -- EVEWalletAware - an offline wallet manager |
Banedon Runestar
Gallente Gallente Mining and Manufacturing Inc Cloud 7 Nebulosa
|
Posted - 2009.08.17 14:09:00 -
[89]
Congrats on finally making the IGB relavant, useful, and effective. Now is there a time-line on making the same changes to EveOnline.com?
The first place I'd fix is the search function. It's broken, useless, and the fact that you can't find anythin has prevented most of my friends from even playing the trial. Quote: "If they can't take care of their webcode, they can't take care of their game code."
Fix your website and you'll have a half-dozen new paying accounts. ______________________ Join Channel Profit
|
Casiella Truza
Ecliptic Rift
|
Posted - 2009.08.17 15:19:00 -
[90]
Originally by: CCP Pleognost You're correct on plug-ins. We're currently planning to lock-down or disable all external plug-ins in Moondoggie - this means no Flash for the first release. We would all love to be able to view YouTube while fighting, though, so we'd like to revisit that in the future.
The lack of Flash support is particularly disappointing. Maybe this one plugin can get installed while the ability to install others is disabled? -- EVE Blog EVE Twitter |
|
|
|
|
Pages: 1 2 [3] 4 5 :: one page |
First page | Previous page | Next page | Last page |