OpenXcom Forum

Modding => Released Mods => XPiratez => Topic started by: Rakune on August 24, 2016, 03:07:51 am

Title: Welcome! Join the chat!
Post by: Rakune on August 24, 2016, 03:07:51 am
Hello! Welcome, if you are new (Or not!). There are currently three places where you can meet and talk with people who play X-PirateZ.

1) The forum, duh.

2) Discord Channel.
https://discord.gg/7f58BnS

3) IRC Channel!
https://webchat.freenode.net/?channels=x-piratez

All of them have active members who will happily answer any question you have, and you can always hang out and share your experience with the game!
Title: Re: Unofficial Piratez Extended Discord Channel!
Post by: ivandogovich on August 24, 2016, 09:06:04 pm
icymi:

https://webchat.freenode.net/?channels=x-piratez

Nothing against Discord, but we've had an IRC up for a while now, and there are a few regulars who hang out there.
Title: Re: Welcome! Join the chat!
Post by: Rakune on August 27, 2016, 05:59:51 am
Can we make this sticky or that Dioxine/Meridian makes a official thread about the places where people can come and chat with other players? New people joined the IRC because you posted it in my thread actually
Title: Re: Welcome! Join the chat!
Post by: Dioxine on August 27, 2016, 03:03:06 pm
Done, it's a sticky now.
Title: Re: Welcome! Join the chat!
Post by: BetaSpectre on August 28, 2016, 08:28:39 am
Oh there's a chat?
Title: Re: Welcome! Join the chat!
Post by: hellrazor on January 06, 2017, 03:59:03 pm
Before using discord it really helps to read and understand the privacy terms of service: https://discordapp.com/privacy

To be honest, i wouldn't use such a service. to much data sniffing, IRC is better =)
Title: Re: Welcome! Join the chat!
Post by: Solarius Scorch on January 06, 2017, 05:10:30 pm
Before using discord it really helps to read and understand the privacy terms of service: https://discordapp.com/privacy

To be honest, i wouldn't use such a service. to much data sniffing, IRC is better =)

I can't really see anything I'd care about, but I am no expert and I understand your point. Could you specify which points are worrying?

But anyway, it's not like I have a choice... 100% of Piratez-related interaction (apart from this forum) is on Discord.
Title: Re: Welcome! Join the chat!
Post by: ivandogovich on January 06, 2017, 05:17:42 pm
But anyway, it's not like I have a choice... 100% of Piratez-related interaction (apart from this forum) is on Discord.

Yep. Discord has become the default XPirateZ and OXCE+ dev hangout space for brainstorming, player questions, and just generally talking about anything.

My weblink to the XPirateZ channel for those interested:

https://discordapp.com/channels/217792132633591809/217792132633591809

(and yeah, can all be done through a browser with no need for installing a client on your PC)
Title: Re: Welcome! Join the chat!
Post by: legionof1 on January 06, 2017, 08:42:35 pm
The issues that i see in discords policy are that it's quite nebulous and wide covering on several points. Normally such wide areas would be refined in following paragraphs and clauses. This document is however quite short and open to interpretation. The worst case is they can freely hand the info they gather(sufficient data about your device to track/hijack it at a whim) and any info you provide them(the full content of messages+any linked social media) to anyone they care too. The only restraint is "in a manner consistent with this privacy policy".  Given the briefness of the policy itself that clause means almost nothing.

Mostly this sort of thing is not a problem and pretty common in internet concerns trying to function worldwide. Just be aware that a data breach could occur and cost you the machine you used discord on, even without the app. Also note that anything you say could end up anywhere and you MIGHT have no legal recourse to defend yourself.

99.99% percent of the time nothing will ever happen but the one in a million will supremely bite the end user in the butt. Be cautious and aware of the possibilities.

I use discord frequently myself but i know how to mitigate the risks to my hardware and accept that the internet is the internet, anything i say will live forever and be interpreted as stupidly as possible by somebody.
Title: Re: Welcome! Join the chat!
Post by: sectopod on March 08, 2017, 06:48:27 am
once i suspected an organisation to work on partly illegal terrain. i subscribed to their newsletter to get a sense of what they are offering. then they got hacked. the partly illegal business practices of the organisation were uncovered. and the list of subscribing email addresses got published on the web. i was very glad my real name didn't show up there, or an email address i used elsewhere, as i created an freemail account for just this purpose. other people who subscribed with their personal addresses had to face a public and media outrage, maybe even consequences on their jobs.

I totally was in favor of what happened to that organisation. the account i used also received an email by the hackers basically telling me, that if i want to protest the events that happened, i should write down my protest and stick it up my ass. this and the publication of the list was a nice, small payback to the people profiting from this organisation or interested in its services.



EVERYTHING YOU REVEAL TO THE INTERNET ABOUT YOURSELF, CAN END UP IN PLACES YOU WOULD NOT HAVE NIGHTMARED ABOUT!

(it probably already did, considering that data about us on facebook or google is used to tailor political or consumer messages towards us)




Title: Re: Welcome! Join the chat!
Post by: Dioxine on March 08, 2017, 07:06:29 am
It doesn't matter all that much, if one is to believe the latest WikiLeaks report. It's not even an issue of CIA having hacked basically every notable platform, OS and community protocol. Even more worrying is the fact that all these hacking tools have long since leaked out and are available to anyone who can steal or buy them. The best way not to get f*cked seems to be not worthy of being f*cked; then, the worst can happen is becoming part of a botnet (or several). Anonymity on internet is a myth.

Not saying that one shouldn't be careful and guarded by security software; but such protection only makes sure you won't get swamped by random malware and adware. If someone wants to break it, they will.
Title: Re: Welcome! Join the chat!
Post by: Juku121 on March 08, 2017, 06:15:44 pm
It's not quite as bad as that. It's been the guarded opinion of crypto experts for a while now that cryptography itself has not been broken. Most breaches come from unpatched vulnerabilities, malicious service providers (that includes Google!) and the stupid trend of exposing all your life to the internet.

It doesn't matter all that much, if one is to believe the latest WikiLeaks report.

Anonymity on internet is a myth.

I see no reason not to believe it, but how you arrive at that conclusion is really... backwards. The source says CIA and those who use their tools spy on you by hacking your device on the OS/hardware level, this by definition requires you not to be anonymous anymore. Even the NSA data centers can't hold the whole planet's phone calls yet.  8)

It's basically business as usual, except shady botnet types have been replaced by NSA/CIA/[your acronym of choice] and these people take the business of weaponizing SW/HW vulnetabilities a lot more seriously and professionally.

I'd say casual anonymity is a myth and maintaining it in the face of a resourceful opponent takes serious effort, but it's still quite possible. But indeed the best way to do it is to stay below the radar.

If someone wants to break it, they will.

Depends. If a nation-state wants to break it, they have good odds of succeeding. But if we take e.g. the FBiOS debacle at face value, even that may not be sufficient.
Title: Re: Welcome! Join the chat!
Post by: Dioxine on March 08, 2017, 06:38:50 pm
Cryptography amounts to not much if your software and hardware is full of backdoors... Which is exactly how it is with most normal users and machines.

It doesn't take the resources of a nation-state to use these, either; the most worrying part of the WikiLeaks report are clear indications that all these cutting edge hacking tools  are leaking out; and how they wouldn't, they're just software, and software is easy to copy. There also has been an increasing number of high level hacks done by various criminals, from social networks to banking networks; it's strange how these get little attention in the MSM.

Naturally there are systems that are very secure and hard to break in; it is easier to secure one own's private machine than a whole network. However, not so long ago my friend's computer got hacked. And he is a skilled user, paranoid and meticulous about his cybersecurity (as much as one can be while still using Windows, at least), and no-one important.
Title: Re: Welcome! Join the chat!
Post by: Juku121 on March 08, 2017, 07:51:56 pm
Cryptography amounts to not much if your software and hardware is full of backdoors...

Crypto keeps the playing field level. Unless you go full-blown conspiracy-theory-mode, most software suffers from unintended vulnerabilities rather than outright backdoors. These get patched, new ones are introduced/discovered and attack vectors need ro be reworked, while still bypassing as much crypto as possible. If you suddenly broke integer factorization, or some popular hash functions etc., this step goes away and you can dispense with hacking devices and just grab all the traffic/physical data from your target. Then privacy is truly gone and buried.

Hardware backdoors are still mostly a proof-of-concept thing, and largely restricted to operations involving nation-states when they’re not. Fiddling with physical objects is difficult and expensive, compared to software.

It doesn't take the resources of a nation-state to use these

But it does to develop them, or at least close enough. And I was more referring to the fact that a nation-state can supplement remote hacking with a lot more, in terms of techniques, tools, physical access and legal authority.

and software is easy to copy.

Yes, and that's the lesson from the crypto wars of the 90s the US government is hell-bent on unlearning.

Banks have always had a strangely relaxed stance regarding cybersecurity, for that matter.

However, not so long ago my friend's computer got hacked.

I'm curious, do you mean someone deliberately hijacked/infected his computer in particular?
Title: Re: Welcome! Join the chat!
Post by: sectopod on March 08, 2017, 08:50:40 pm
It doesn't matter all that much, if one is to believe the latest WikiLeaks report. It's not even an issue of CIA having hacked basically every notable platform, OS and community protocol. Even more worrying is the fact that all these hacking tools have long since leaked out and are available to anyone who can steal or buy them. The best way not to get f*cked seems to be not worthy of being f*cked; then, the worst can happen is becoming part of a botnet (or several). Anonymity on internet is a myth.

Not saying that one shouldn't be careful and guarded by security software; but such protection only makes sure you won't get swamped by random malware and adware. If someone wants to break it, they will.

My point is, I can protect best against a breach of any kind, if I don't give away information about myself in the first place. e.g. on my calendar app which synchronizes with an online service, i never write anything someone would be able to make sense of. if i go to the general doctor i write w0, if i go to the dentist i write w10 etc ... I don't want anyone to know what doctors i am consulting because I always anticipate, that everything that is stored about me on the internet or even my phone already being copied and channeled to places, the knowledge about would make me shiver.

Like legionof1 wrote:
99.99% percent of the time nothing will ever happen but the one in a million will supremely bite the end user in the butt. Be cautious and aware of the possibilities.

Which i agree with, when we are talking about illegal activity, hacking, pishing, data theft, etc.
Title: Re: Welcome! Join the chat!
Post by: legionof1 on March 08, 2017, 08:51:36 pm
Snip
Banks have always had a strangely relaxed stance regarding cybersecurity, for that matter.
Snip

Because banks as an institution are rather immune to direct hacking damage(not hacking itself). Banks are riddled with double checks and cross checks with other banks to prevent damaging direct attacks on the institution. Far easier to rob a bank in person of physical funds, unless you have access to multiple sets of customer data. And if you have that credit card fraud is faster and more rewarding and harder to track. Factor in that attacking a bank via the internet is just about the closest thing to a global crime that exists in modern law. Banks don't have to care about the front end because the back-end is a steel trap protected by every nation they conduct business in.
   
Title: Re: Welcome! Join the chat!
Post by: Dioxine on March 09, 2017, 02:18:57 am

Banks have always had a strangely relaxed stance regarding cybersecurity, for that matter.

Somehow I'm not surprised - why should they care for money getting stolen... these are insured, and as we all know, banks are too big to go bankrupt... Sure it's the biggest banks, but are there really that many independent small and medium banks, or just a huge interconnected network of a few big ones and their clients...? Poland's national bank, for example, belongs (partially) to the CityGroup.

I'm curious, do you mean someone deliberately hijacked/infected his computer in particular?

Details are unclear, and I don't think it was an attack on him specifically. He woke in the middle of the night, when his computer turned itself on and started to work hdd's like crazy. He cut the power and didn't relaunch it before retrieving hdd data using another machine, formatting system drives and reinstalling. There was no data loss either. Case in point is, he's skilled and paranoid about security, yet it didn't help him at all.

I'm actually quite distressed by how you downplay the capabilities of cyber-criminals. While they lack resources of nation-states, cyber warfare is cheap and invisible; and once developed, state-funded soft can and will find its way into the world of organized crime, especially in places and times of high corruption. It wouldn't be possible in Cold War US, but nowadays the scrutiny is much less strict. It's also no secret that Chinese and even NK spies managed to procure a staggering body of secret knowledge from the US; it is also no secret that nation-states are not the only actors who use spies, or that some spies do not mind making some extra cash on the side.

Hardware backdoors - there is indeed little factual knowledge on this; it only surfaced a few times regarding backdoors in military chips sold by country x to country y. However, I'd be surprised if countries like US didn't strike any deals with hardware producers like Intel to install backdoors, because it was pretty clear that who controls the Intel, will have an enormous strategical advantage once computerization becomes prevalent. Also, considering the complexity of microchips, such backdoors could be indetectible. It is just a theory, but major powers DO try to avoid using foreign-made computer hardware for their militaries, if possible...
Title: Re: Welcome! Join the chat!
Post by: Dioxine on February 06, 2022, 02:23:59 pm
Since both links are dead now, I'm locking and unpinning this thread.