Pages: [1] 2 3 4 :: one page |
|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
EVE Settings
|
Posted - 2007.01.08 17:14:00 -
[1]
Edited by: EVE Settings on 08/01/2007 19:56:55 Edited by: EVE Settings on 08/01/2007 19:55:15 Good evening !
I would like to announce a litte something here that might interest you.
EVE Settings
What it is all about ? Well, I have been playing EVE since release and the only thing I always wanted and never got was a way to port my settings from one computer to the other without much hassle. I play EVE-Online on various computers and always had a problem with settings, folders etc. Basically all the settings stored on a per client/machine basis.
What do I intend to do about it ? I have developed a little appliction that launches before EVE-Online.
What does it do ? The application is configurable ... it could obtain the latest version of my settings folder from a remote server or it simply does back them up when I close the EVE-Online client. It also could restore from a "Restore Point" you select ( Please note that if I detect that the client cache has been made incompatible with such a RP, I reserve the right to delete [ or rather, make them inaccessible ] those RP ).
Oh really ? Yes ... it's just a matter of database/diskspace.
You're nuts, I am not sending you my settings !!! You are right, I am and you won't. The files are encrypted locally ( within the EVE Settings application ) with a password that you only know, it will never get transmitted to the servers. Only the encrypted content will arrive at the servers and be stored in a database ( timestamped and all that ).
What's required on my side ? EVE-Online client and Microsoft ( boh hiss, stop the flames ) .NET Framework 2.0.
Where can I download it ? You can't ... at least not yet. It's almost public beta ready and this is just a test-balloon to see if players are interested. Donations are accepted. If I get enough "YAY !" replies to this post to convince me to go public ... here's the plan:
From now til 31.Jan.2007 I will polish the UI, database, licensing ( yes ... you NEED a key ) website to manage your settings, subscription, key-recovery etc blah blah pp.
01.Feb.2007 the people that want to will get the application and license key ( and if they find stuff, break stuff for me to fix or have general ideas how to make it better they also get a mention somewhere [ no clue where, but they will ] ).
01.Mar.2007 Beta over ... public we go.
Please the following:
EVE Settings is a SOAP based application ... it consists of a server-sided application that does accept the files prepared by the EVE Settings client and sends them to the client if requested. Traffic goes thru port 80 as all HTTP traffic.
Source Code ? If possible, OpenSource ... I will have to remove some code from both client and server that is pretty close to what I use at work.
Am I an optimist ? Yes, I am.
Why donate ? I love ISK and they make MY own personal world go round.
Regards,
EVE Settings
PS: This char is less then a day old. I created it for the sole purpose of posting here. PPS: Is this a scam ... No ... but based on the playerbase feedback it will go live or not. Eventual donations will be refunded if it doesn't make it to production state. PPPS: English is not my first language.
Forum mods ... if I am totally off-topic, off-forum or in some other way doing something against the rules ... wipe this clean as if it never existed.
Items edited after original posting are shown in bold
|
Dark Shikari
Caldari Imperium Technologies Firmus Ixion
|
Posted - 2007.01.08 17:20:00 -
[2]
Edited by: Dark Shikari on 08/01/2007 17:17:33
Good idea, and legal by the EULA... but why the heck is this going to be closed-source?
You see, you're providing a program that, being a non-interpreted executable, has the potential to steal passwords and the like. While the passwords are not stored in the cache folder, the program could keylog or the like as necessary.
The only way people can trust such a program is if the source code is available to download. The source would not allow people to avoid paying your fee either, as your fee is for the online database which you provide.
Thus, the only possible reason why you could refuse to provide the source is because you intend to scam people and/or steal their passwords.
-[23] Member-
Listen to EVE-Trance Radio! (DSTrance channel ingame) |
FingerThief
Gallente
|
Posted - 2007.01.08 17:29:00 -
[3]
Originally by: Dark Shikari Edited by: Dark Shikari on 08/01/2007 17:17:33
Good idea, and legal by the EULA... but why the heck is this going to be closed-source?
You see, you're providing a program that, being a non-interpreted executable, has the potential to steal passwords and the like. While the passwords are not stored in the cache folder, the program could keylog or the like as necessary.
The only way people can trust such a program is if the source code is available to download. The source would not allow people to avoid paying your fee either, as your fee is for the online database which you provide.
Thus, the only possible reason why you could refuse to provide the source is because you intend to scam people and/or steal their passwords.
I was actually just waiting for your post there DS and I would like to advise you to read my post again. I provide source-code, but not to you ... only to CCP.
One of these days you need to show me the EVE-Online source code and explain it to me, since according to your post, it could have keyloggers, steal passwords for e-mail, online accounting also [ as could any other application that you install ].
So ... if you do not like it ... ignore it, like the readers before you have done.
Regards,
EVE Settings
|
Jim McGregor
|
Posted - 2007.01.08 17:33:00 -
[4]
Edited by: Jim McGregor on 08/01/2007 17:32:00
Eve Online steals my password every time i log on.
Anyway, in what scenarios will this be used? A monthly subscription fee to backup your settings to a remote server? Why not do it yourself? You could basicly upload a zipped file to eve-files or whatever. :)
Its just settings... whats the big deal with encryption etc? The password isnt even saved in the settings anymore?
--- Eve Wiki | Eve Tribune | Eve Pirate |
Dark Shikari
Caldari Imperium Technologies Firmus Ixion
|
Posted - 2007.01.08 17:33:00 -
[5]
Originally by: FingerThief
Originally by: Dark Shikari Edited by: Dark Shikari on 08/01/2007 17:17:33
Good idea, and legal by the EULA... but why the heck is this going to be closed-source?
You see, you're providing a program that, being a non-interpreted executable, has the potential to steal passwords and the like. While the passwords are not stored in the cache folder, the program could keylog or the like as necessary.
The only way people can trust such a program is if the source code is available to download. The source would not allow people to avoid paying your fee either, as your fee is for the online database which you provide.
Thus, the only possible reason why you could refuse to provide the source is because you intend to scam people and/or steal their passwords.
I was actually just waiting for your post there DS and I would like to advise you to read my post again. I provide source-code, but not to you ... only to CCP.
Why do you expect CCP to investigate the whole of your source code for you? Perhaps I would accept this if Kieron came in and said that he's going to waste a few hours of dev time to analyze your program, when they should be fixing our bugs.
Originally by: FingerThief
One of these days you need to show me the EVE-Online source code and explain it to me, since according to your post, it could have keyloggers, steal passwords for e-mail, online accounting also [ as could any other application that you install ].
Because I trust CCP. I don't trust a random EVE Online player who I've never heard of and who has no obvious link to anyone accountable in real life.
-[23] Member-
Listen to EVE-Trance Radio! (DSTrance channel ingame) |
EVE Settings
|
Posted - 2007.01.08 17:34:00 -
[6]
Originally by: Dark Shikari
Originally by: FingerThief
Originally by: Dark Shikari Edited by: Dark Shikari on 08/01/2007 17:17:33
Good idea, and legal by the EULA... but why the heck is this going to be closed-source?
You see, you're providing a program that, being a non-interpreted executable, has the potential to steal passwords and the like. While the passwords are not stored in the cache folder, the program could keylog or the like as necessary.
The only way people can trust such a program is if the source code is available to download. The source would not allow people to avoid paying your fee either, as your fee is for the online database which you provide.
Thus, the only possible reason why you could refuse to provide the source is because you intend to scam people and/or steal their passwords.
I was actually just waiting for your post there DS and I would like to advise you to read my post again. I provide source-code, but not to you ... only to CCP.
Why do you expect CCP to investigate the whole of your source code for you? Perhaps I would accept this if Kieron came in and said that he's going to waste a few hours of dev time to analyze your program, when they should be fixing our bugs.
Originally by: FingerThief
One of these days you need to show me the EVE-Online source code and explain it to me, since according to your post, it could have keyloggers, steal passwords for e-mail, online accounting also [ as could any other application that you install ].
Because I trust CCP. I don't trust a random EVE Online player who I've never heard of and who has no obvious link to anyone accountable in real life.
To you I haven't.
|
Redbad
Minmatar Gingerbread Reapers Inc.
|
Posted - 2007.01.08 17:36:00 -
[7]
Originally by: EVE Settings G
... stuff deleted ...
What do I intend to do about it ? I have developed a little appliction that launches before EVE-Online.
... stuff deleted ...
You're nuts, I am not sending you my settings !!! You are right, I am and you won't. The files are encrypted locally ( within the EVE Settings application ) with a password that you only know, it will never get transmitted to the servers. Only the encrypted content will arrive at the servers and be stored in a database ( timestamped and all that ).
... stuff deleted ..
Hmm, I dont like programs to launch before I log into Eve. Futhermore, a password isn't secure, its the way you handle it in your datatraffic and the encryption methods that are used that will make data more or less safe or not safe at all. And not knowing what you send and how (because of encryption and not giving source) makes me a bit jumpy.
Although I like the idea very much, because I use EVE on more then one computer too,; and ofcourse assuming your intentions with this program/service are most genuine, I have to say: sorry mate, I'm not interested. I find it a bit too risky at first glance.
|
Draco Romuli
|
Posted - 2007.01.08 17:41:00 -
[8]
Edited by: Draco Romuli on 08/01/2007 17:40:16 1) What encryption algorithm did you use?
2) Is the data encrypted during transmission?
3) If the password is never sent to your server, how is authentication performed?
|
EVE Settings
|
Posted - 2007.01.08 17:42:00 -
[9]
Originally by: Jim McGregor Edited by: Jim McGregor on 08/01/2007 17:30:46
Eve Online steals my password every time i log on.
Anyway, in what scenarios will this be used? A monthly subscription fee to backup your settings to a remote server? Why not do it yourself? You could basicly upload a zipped file to eve-files or whatever. :)
You can do it yourself, certainly.
I just been using a nasty-nitty-gritty version of it since I am old and forget to do it all the time.
The scenarios ?
What it does is monitoring the eve-client ... when the client process is killed it goes to the settings folder, compacts it in memory, encrypts it and sends it to a centralized webserver. You also can launch it in UI mode and without the client running upload the settings.
From there you can automatically download to another computer using the EVE-Client ... before you login, you can even disable the application during the logon process and start it later. Or you can launch it in UI mode and select a version from a "Restore Point" and download that, exit the EVE Settings client and then launch EVE.
It is NOT required to have EVE-Online running to use it. You can use if BEFORE or AFTER.
The subscription ... it's an idea ... as is the going public with it. If players want such a tool ... why not ? To me it just means, as explained, streamline database, create a few pages to manage accounts/subscriptions.
Regards,
EVE Settings
|
Dark Shikari
Caldari Imperium Technologies Firmus Ixion
|
Posted - 2007.01.08 17:46:00 -
[10]
Originally by: Draco Romuli Edited by: Draco Romuli on 08/01/2007 17:40:16 1) What encryption algorithm did you use?
2) Is the data encrypted during transmission?
3) If the password is never sent to your server, how is authentication performed?
The cache does NOT hold your password, so the risk of interception is basically nil--even if someone gets it, all they get is your settings (and possibly username, if prefs.ini is sent).
-[23] Member-
Listen to EVE-Trance Radio! (DSTrance channel ingame) |
|
Kerushi
Caldari BIG
|
Posted - 2007.01.08 17:49:00 -
[11]
u know that the account name is stored in the prefs.ini? u know the password is saved as an hash in the prefs.ini? u know the ip`s of every one using it, including their account name, hashed password and their choosen password for the "cache" dump (closed source and u can send what ever u want...)
uhh... no open source of the program for a few guru`s to run over it = 0 trust
|
FingerThief
Gallente
|
Posted - 2007.01.08 17:50:00 -
[12]
Originally by: Draco Romuli What encryption algorithm did you use?
That is to be decided ... I want it to be Framework 2.0 only and System.Security.Cryptography Namespace (TripleDES, RijnDael ) is what I would like to use to keep the .exe compact without *.dll to be distributed ( Or bloating it with ILMerge )
So far it has served me well ... but certainly am open to suggestions on other commercial products that provide fast, good encryption.
|
Draco Romuli
|
Posted - 2007.01.08 17:51:00 -
[13]
Edited by: Draco Romuli on 08/01/2007 17:49:44
Originally by: Dark Shikari The cache does NOT hold your password, so the risk of interception is basically nil--even if someone gets it, all they get is your settings (and possibly username, if prefs.ini is sent).
Granted. But I'm still curious how he's encrypting it. Curious IT security monkeys want to know.
BTW, love the signatures.
Edit: TY for the answer.
|
Kerushi
Caldari BIG
|
Posted - 2007.01.08 17:51:00 -
[14]
Originally by: Dark Shikari
Originally by: Draco Romuli Edited by: Draco Romuli on 08/01/2007 17:40:16 1) What encryption algorithm did you use?
2) Is the data encrypted during transmission?
3) If the password is never sent to your server, how is authentication performed?
The cache does NOT hold your password, so the risk of interception is basically nil--even if someone gets it, all they get is your settings (and possibly username, if prefs.ini is sent).
it is still stored in it if u had it befor the nerfÖ i still have it on all my accounts ini`s (just checked)
|
FingerThief
Gallente
|
Posted - 2007.01.08 17:51:00 -
[15]
Originally by: Draco Romuli Edited by: Draco Romuli on 08/01/2007 17:40:16 1) What encryption algorithm did you use?
2) Is the data encrypted during transmission?
3) If the password is never sent to your server, how is authentication performed?
1. Answered
2. Before sending
3. License key given to you
|
ToxicFire
Warlords Corp The Core Collective
|
Posted - 2007.01.08 17:52:00 -
[16]
No open source no deal
Join the save Stargate SG1 Campaign Today! http://savestargatesg1.com/
|
EVE Settings
|
Posted - 2007.01.08 17:53:00 -
[17]
Originally by: Kerushi u know that the account name is stored in the prefs.ini? u know the password is saved as an hash in the prefs.ini? u know the ip`s of every one using it, including their account name, hashed password and their choosen password for the "cache" dump (closed source and u can send what ever u want...)
uhh... no open source of the program for a few guru`s to run over it = 0 trust
prefs.ini is NOT part of the settings folder ... it's a level above it.
|
Taedrin
Gallente Mercatoris Technologies
|
Posted - 2007.01.08 17:53:00 -
[18]
Quote:
I was actually just waiting for your post there DS and I would like to advise you to read my post again. I provide source-code, but not to you ... only to CCP.
One of these days you need to show me the EVE-Online source code and explain it to me, since according to your post, it could have keyloggers, steal passwords for e-mail, online accounting also [ as could any other application that you install ].
So ... if you do not like it ... ignore it, like the readers before you have done.
Actually, there is one key difference. If EVE-Online stole passwords/credit card numbers then people could sue the pants off of CCP, because CCP is a corporation.
However, if "FingerThief"s program were to steal our password/credit card numbers, we can't sue you, because we do not know who you actually are. "FingerThief" is not a legal entity, but CCP is. The only way we could sue you would be if CCP released your personal information, which they definately would not.
To put it concisely - CCP can be held responsible for what their program does, while you can not.
|
Kerushi
Caldari BIG
|
Posted - 2007.01.08 17:54:00 -
[19]
Originally by: EVE Settings
Originally by: Kerushi u know that the account name is stored in the prefs.ini? u know the password is saved as an hash in the prefs.ini? u know the ip`s of every one using it, including their account name, hashed password and their choosen password for the "cache" dump (closed source and u can send what ever u want...)
uhh... no open source of the program for a few guru`s to run over it = 0 trust
prefs.ini is NOT part of the settings folder ... it's a level above it.
how would u know he isn`t taking that file aswell as it`s closed source?
|
EVE Settings
|
Posted - 2007.01.08 17:55:00 -
[20]
Originally by: Kerushi u know that the account name is stored in the prefs.ini? u know the password is saved as an hash in the prefs.ini? u know the ip`s of every one using it, including their account name, hashed password and their choosen password for the "cache" dump (closed source and u can send what ever u want...)
uhh... no open source of the program for a few guru`s to run over it = 0 trust
I know the IP's ... yes Account name ... no Hashed password ... no Chosen password ... no
|
|
EVE Settings
|
Posted - 2007.01.08 17:56:00 -
[21]
Edited by: EVE Settings on 08/01/2007 17:53:24
Originally by: Taedrin
Quote:
I was actually just waiting for your post there DS and I would like to advise you to read my post again. I provide source-code, but not to you ... only to CCP.
One of these days you need to show me the EVE-Online source code and explain it to me, since according to your post, it could have keyloggers, steal passwords for e-mail, online accounting also [ as could any other application that you install ].
So ... if you do not like it ... ignore it, like the readers before you have done.
Actually, there is one key difference. If EVE-Online stole passwords/credit card numbers then people could sue the pants off of CCP, because CCP is a corporation.
However, if "FingerThief"s program were to steal our password/credit card numbers, we can't sue you, because we do not know who you actually are. "FingerThief" is not a legal entity, but CCP is. The only way we could sue you would be if CCP released your personal information, which they definately would not.
That is correct ... But since I, foolishly, posted with my main already ... I would be a friggin huge target ingame.
|
Kerushi
Caldari BIG
|
Posted - 2007.01.08 17:57:00 -
[22]
Originally by: EVE Settings
Originally by: Kerushi u know that the account name is stored in the prefs.ini? u know the password is saved as an hash in the prefs.ini? u know the ip`s of every one using it, including their account name, hashed password and their choosen password for the "cache" dump (closed source and u can send what ever u want...)
uhh... no open source of the program for a few guru`s to run over it = 0 trust
I know the IP's ... yes Account name ... no Hashed password ... no Chosen password ... no
make it open source and prove it
|
Dark Shikari
Caldari Imperium Technologies Firmus Ixion
|
Posted - 2007.01.08 17:57:00 -
[23]
Originally by: Kerushi
Originally by: EVE Settings
Originally by: Kerushi u know that the account name is stored in the prefs.ini? u know the password is saved as an hash in the prefs.ini? u know the ip`s of every one using it, including their account name, hashed password and their choosen password for the "cache" dump (closed source and u can send what ever u want...)
uhh... no open source of the program for a few guru`s to run over it = 0 trust
prefs.ini is NOT part of the settings folder ... it's a level above it.
how would u know he isn`t taking that file aswell as it`s closed source?
Exactly.
No open source, no deal.
-[23] Member-
Listen to EVE-Trance Radio! (DSTrance channel ingame) |
Jim McGregor
|
Posted - 2007.01.08 18:01:00 -
[24]
Edited by: Jim McGregor on 08/01/2007 17:58:14
An alternative to making it open source would be to make it web based. Allow people to upload their settings to your server, using a web browser. Then they can choose what files to upload.
--- Eve Wiki | Eve Tribune | Eve Pirate |
Dark Shikari
Caldari Imperium Technologies Firmus Ixion
|
Posted - 2007.01.08 18:04:00 -
[25]
Originally by: Jim McGregor An alternative to making it open source would be to make it web based. Allow people to upload their settings to your server, using a web browser. Then they can choose what files to upload.
Easier:
1. Zip up the settings folder into a self-extractor with the free 7Zip. 2. Mediafire. 3. Tinyurl. 4. Write down the 5 letters/numbers of your TinyUrl. 5. When you get to the computer you want to transfer your settings to, read the letters of your TinyUrl, download the self-extractor, and save it.
Takes a mere one or two minutes and requires no fancy services.
-[23] Member-
Listen to EVE-Trance Radio! (DSTrance channel ingame) |
CrayC
Gallente CrayC Inc.
|
Posted - 2007.01.08 18:05:00 -
[26]
If you are playing on several computers where you KNOW EVE is installed (and it's not in an internet-cafT), I have only ONE word for you all, that wants to import your settings to that machine...
FLOPPY!
No download of creepy programs, no risk other than what you imagine and no hassle other than the time it takes to do a copy/paste twice...
|
EVE Settings
|
Posted - 2007.01.08 18:05:00 -
[27]
Originally by: Kerushi
Originally by: EVE Settings
Originally by: Kerushi u know that the account name is stored in the prefs.ini? u know the password is saved as an hash in the prefs.ini? u know the ip`s of every one using it, including their account name, hashed password and their choosen password for the "cache" dump (closed source and u can send what ever u want...)
uhh... no open source of the program for a few guru`s to run over it = 0 trust
I know the IP's ... yes Account name ... no Hashed password ... no Chosen password ... no
make it open source and prove it
This all was an idea to make a public version of something I have used for ages myself ... as per original topic ... more "NAY !" then "YAY !" ... it will never get out of my hands.
At the moment ... I see more "painting the world darker then it is" then anything else.
I just wanted to know if people would be interested to see something like it or use it. THEN ... and only then a decission will be made if OpenSource, ClosedSource or whatever. It's not that I supplied a download link for a vague exe file to be executed. Get a grip.
|
Dark Shikari
Caldari Imperium Technologies Firmus Ixion
|
Posted - 2007.01.08 18:06:00 -
[28]
Edited by: Dark Shikari on 08/01/2007 18:03:10
Originally by: EVE Settings
I just wanted to know if people would be interested to see something like it or use it. THEN ... and only then a decission will be made if OpenSource, ClosedSource or whatever.
Originally by: EVE Settings
Source Code ? No, never ever. ONLY to Crowd Control Games by request and there only client-side ... since the server side don't matter anyhow.
Or not
-[23] Member-
Listen to EVE-Trance Radio! (DSTrance channel ingame) |
Jim McGregor
|
Posted - 2007.01.08 18:06:00 -
[29]
Originally by: Dark Shikari
Originally by: Jim McGregor An alternative to making it open source would be to make it web based. Allow people to upload their settings to your server, using a web browser. Then they can choose what files to upload.
Easier:
1. Zip up the settings folder into a self-extractor with the free 7Zip. 2. Mediafire. 3. Tinyurl. 4. Write down the 5 letters/numbers of your TinyUrl. 5. When you get to the computer you want to transfer your settings to, read the letters of your TinyUrl, download the self-extractor, and save it.
Takes a mere one or two minutes and requires no fancy services.
Well, thats more or less what i suggested in the beginning of the thread. :) Im just thinking of a way for him to continue building his program to make it work with suspicious eve players. :)
--- Eve Wiki | Eve Tribune | Eve Pirate |
EVE Settings
|
Posted - 2007.01.08 18:06:00 -
[30]
Edited by: EVE Settings on 08/01/2007 18:03:55
Originally by: Jim McGregor Edited by: Jim McGregor on 08/01/2007 17:58:14
An alternative to making it open source would be to make it web based. Allow people to upload their settings to your server, using a web browser. Then they can choose what files to upload.
With the server backend in place that could be easily achieved ... using the same authentication, licensing etc.
Using a thrid party product you can upload folders ( 3rd party, not mine, trust issues )
|
|
|
|
|
Pages: [1] 2 3 4 :: one page |
First page | Previous page | Next page | Last page |