|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
John'eh
Asteroid Belt Protection Services
|
Posted - 2010.09.01 10:05:00 -
[1]
Please provide sources.
This tool is unsafe to use unless we the community have a chance to look it over; And interacting with *any* of the eve online client files is against the EULA as I understand it, so I dont understand how you can say this application is "safe" when it can get your account banned if the eve client tries to look in a file and cant because your application already has it locked or has an open reference that it mistakenly or not detects as hacking. - John'eh
Your Critics Are Your Best Friends, because they help you find your faults and help you improve to be better. Don't take my criticisms personally, I care about Eve just as much as you |
John'eh
Asteroid Belt Protection Services
|
Posted - 2010.09.01 20:30:00 -
[2]
Originally by: Thart
Originally by: John'eh Please provide sources.
There are no security issues found since the first EVE Mentat version was released. Not recorded any complaints in this field.
You dont get it: I am complaining now. I want to do my own audit.
Originally by: Thart
Also you are free to use 3rd party security web sites to check this software (VirusTotal.com for instance). Also anybody can use advanced firewalls and anti-malware software to check application's outgoing internet traffic.
Funny thing is with panda, it actually gives me a warning unless I update to the most recent version.. so I have to wonder if it was a false posative, or a new false negative. Either way the fact that an AV goes "wait, what?" is sort of creepy.
Originally by: Thart
This program doesn't collect or share your private (EVE related or not) information. As a developer I'm not interested in Mentat's unsafety.
This is your claim, but it has not been proven yet. I want to do an audit, because I did find some suspicious actions on the part of your application by third party security tools and I want to investigate further.
Originally by: Thart
Also you can find few popular tools for EVE with no sources available. EFT, for instance.
And I don't use these tools for exactly that reason, especially since tools like EveHQ provide sources and do the exact same thing.
Originally by: Thart
EVE cache reader (and EVE Mentat in general) doesn't violates EULA as mentioned by Dragonaire.
Originally by: Dragonaire If it's just reading the cache and not modifying it CCP has said already that that is ok and there's no EULA problems. I would like to see this made open source as well. I'd also like all Eve 3rd party software developers to remember that Eve does run on OSes other than Windows like OSX and Linux and cutting yourself off from 10% of the player base or more IMHO is just a bad idea.
Where has CCP said that? All I have to go on is the EULA so if they made a post somewhere, please link with your claims. - John'eh
Your Critics Are Your Best Friends, because they help you find your faults and help you improve to be better. Don't take my criticisms personally, I care about Eve just as much as you |
John'eh
Asteroid Belt Protection Services
|
Posted - 2010.09.03 09:25:00 -
[3]
I'm on record as being against "private" code for tools that use the Eve-API because as a guy who has professional experience in the computer security industry I think its incompetent of CCP to allow it. I wont dispute that. And Ta' is right, I have in the past used the wrong methods to ask for source. My bad, my apologies.
But here I am getting "oh sh*t" warnings created by a third party anti virus from an application that heavily obfuscates its code, connects to sites other than sites owned by CCP, will at times encrypt its traffic so it network traffic cant be sniffed, and has no source code available. What the heck am I supposed to think?
- John'eh
Your Critics Are Your Best Friends, because they help you find your faults and help you improve to be better. Don't take my criticisms personally, I care about Eve just as much as you |
John'eh
Asteroid Belt Protection Services
|
Posted - 2010.09.03 10:21:00 -
[4]
Insulting me will not make this perfectly legitimate request go away. - John'eh
Your Critics Are Your Best Friends, because they help you find your faults and help you improve to be better. Don't take my criticisms personally, I care about Eve just as much as you |
John'eh
Asteroid Belt Protection Services
|
Posted - 2010.09.03 19:57:00 -
[5]
Originally by: Thart
Originally by: John'eh Insulting me will not make this perfectly legitimate request go away.
You can easily prove that I'm wrong just by using your professional skills.
And open myself up to a lawsuit for de-compiling your "private" code without your written consent? No thanks. I know the rules of the software industry. My anti virus said it detected a backdoor in the exe, and that is why I'm requesting source, because I want to find out if it was a false positive or not. As it is I had to delete that Virtual Machine because I cant trust it now. - John'eh
Your Critics Are Your Best Friends, because they help you find your faults and help you improve to be better. Don't take my criticisms personally, I care about Eve just as much as you. |
John'eh
Asteroid Belt Protection Services
|
Posted - 2010.09.03 21:42:00 -
[6]
Like I said, I have delete that VM so no longer have access to its data. Why ask questions when I have already given you the answer?
Besides, its common knowledge in the industry that heavy obfuscation can fool some virus detection software. You have admitted that you use heavy obfuscation.
I'm just saying "hey I want your blessing/source to look at this", I'm not accusing you of anything yet. And if I'm wrong, you get a nice guy like me saying your ok with that version. Its a win-win. - John'eh
Your Critics Are Your Best Friends, because they help you find your faults and help you improve to be better. Don't take my criticisms personally, I care about Eve just as much as you. |
|
|
|