Bob Loblaw

I mean you're not wrong. A "normal password" (as long as it is reasonably strong, primarily using Lower Case, Upper, Number and Symbol) that isn't something like Password1234! (might hold up but wouldn't risk it) should hold up. But it's also saying your password doesn't have to be impossible to memorize like I*#n0sM3jKd3f. Words and phrases are much easier to remember, but are also susceptible to dictionary attacks, so these are just ways to have a secure password that is easy to remember (padding/sentences (or abbreviations, take a sentence and take the first letter of each one, interspercing numbers, symbols, upper/lower case letters)). And while that is virtually uncrackable, it wouldn't necessarily take longer than one's lifetime to do so, as a hacker could have many infected computers all attempting to crack a password at once. (instead of 1 computer cracking 1 password, think a botnet of 1000 computers cracking 1 password - for instance).

I bring this up, (obviously) based on the recent hackings. When looking at the passwords that were cracked, it appeared that the only ones that were, strictly used lower case letters and numbers (up to a length of I believe 11). That being said, just because your password wasn't cracked, does NOT mean you shouldn't change it. If he has the password hash now, and you don't change it, he can spend as long as he wants decrypting it, and will eventually get it. As for whether or not the hacker got passwords the second time around doesn't matter. He could have, and that's all that does. For that reason I recommend you change your passwords to be safe (again, if he has the hash, eventually, if he wanted to, he could decrypt it, and gain access to your account if you didn't change it). This isn't aimed to be a lecture, and you might absolutely not give a fuck at all, but I recommend you at least read/understand it. It's mostly intuitive, but it is informative, and interesting (imo). Let me preface this with that this is aimed at cracking a password. S3pt1991 might be alright in an exhaustive password search, but if he knows my birthday is in September of 1991, it just got significantly worse. Keeping your password safe is still up to you, it doesn't much matter how strong your password is if you have a keylogger that just jots it down character for character. Password Haystacks: How Well Hidden is Your Needle? I'll sum up the key points: Use 1 lower case letter, 1 upper case letter, 1 number, and 1 symbol. Take a 4 letter password (too short, but for example). If it is all lower case, there is 26 x 26 x 26 x 26 guesses to be GUARANTEED to have guessed the correct password. ie. 456,976 guesses total. For a human this may seem satisfactory, but for a computer (or many computers) trying to crack your password, it is definitely not. If you add in upper case, numbers, and symbols to the possible characters of your password means it's 95 x 95 x 95 x 95 possible answers for your password. ie. 81,450,625 possible passwords. But again, 4 character long password is not long enough. At the end of the day, the hacker does not know what your password LOOKS LIKE. He does not know if he was close, he only knows if he was CORRECT. Ex. D0g..................... PrXyc.N(n4k77#L!eVdAfp9 Which of these two passwords is more secure? In reality, D0g is a much stronger password But wouldn't something like “D0g” be in a dictionary, even with the 'o' being a zero? Sure, it might be. But that doesn't matter, because the attacker is totally blind to the way your passwords look. The old expression “Close only counts in horseshoes and hand grenades” applies here. The only thing an attacker can know is whether a password guess was an exact match . . . or not. The attacker doesn't know how long the password is, nor anything about what it might look like. So after exhausting all of the standard password cracking lists, databases and dictionaries, the attacker has no option other than to either give up and move on to someone else, or start guessing every possible password. Password Padding. Take an easy to memorize password, and add some form of padding to it to make it much stronger. "password" might be the very first guess that is tried, but if your password is "-+P4ssw0rd[....]" then it goes from being the first guess, to uncrackable (not really, but in comparison to "password" it might as well be). Once an exhaustive password search begins, the most important factor is password length! And on a final note, a sentence is incredibly easy to remember, and incredibly hard to crack. "Th3n they ran through the store" There you have an uppercase, lowercase, number, and symbol (whitespaces are symbols). You likely wouldn't want a password this long, but just take it as an example. It's easy to memorize, and would take a VERY long time for a computer to crack your password. This refers back to "Once an exhaustive password search begins, the most important factor is password length!".

I [truly] hope I am not speaking too soon, but it appears like it is back under control. I don't really have much information for you guys right now, but I believe (am told) SG is secure once again. Congratulations us, we have made it to helms deep. That being said, I (or somebody else - Amit perhaps) will update you with more information when it becomes available. To everybody with picture names, rejoice for now, as I can't even revert it if I wanted to atm. Rest assured, names and whatever else (I don't recall him changing too many people) will be reverted hopefully sometime tomorrow.

Yeah sorry about that, Crazy Swede notified me so thank him . If anyone else is seeing something they shouldn't, or not seeing something they should, or anything seems off send me a PM.

Thanks are currently disabled, but will hopefully enable them soon. I just don't want to enable certain plugins if the exploit that hacked the site was a plugin exploit to begin with (otherwise nightmare round 2).

Yeah, like in vent, I want to avoid people joining and spamming people who are doing things, so people not set up will be unable to leave the root channel. I try to idle in Mumble whenever I can, although considering I came home for the weekend, I'm kinda busy, but shoot me a message and if I'm on I'll set people up. (Registering is not the same as setting someone up, anyone can register themselves).

Just to clear it up, I am waiting on a reply from Spartans ticket to nfo to make sure we can host it on the dedi which is why I didn't want it up permanently, so I took it down overnight. And technically you can connect to it with any server IP on the dedi atm. I just posted the default one (happens to be mg). Worst comes to worse, I would expect we would just need to purchase an extra IP from them to host it, at which point I will be changing the Mumble IP to the new one (assuming that's the route we choose, if we're sticking with Mumble) and making it so you can't connect with any of the IPs, so you'd just have to change it in the connection info. Spartan has requested (kind of) I wait for a reply to his ticket. So for now it will be staying down, but again, I can't see how they could possibly say no especially if we purchase an extra IP for it, since we basically paid for the specs the dedi can handle, and the IP's, so... It wouldn't make sense for them to even be allowed to deny us if we purchase an extra IP for it. But until I get a response from Spartan confirming if I should wait for a reply to his ticket or not, (or if he gets a reply), then it will be down. ------------------------ Edit: Spartan has received a reply, and we are allowed to host it freely on the dedi. So Mumble is back up (and for good [until we decide if we are switching to Mumble or sticking with Vent])

Okay I've taken down Mumble for the night. Some people have abused the picture messages/comments. I've limited pictures to 50kb now (Mumble does resizing, so larger sized pictures can still sometimes make it through). Abusing huge pictures, or posting porn/other inappropriate images will result in image messaging being disabled (this includes image comments) or you being dealt with personally. If you hear quality cracks (when someone gets too loud), it's because THEY haven't configured their settings properly (or maybe they have it close, but not perfect). I thought it was Mumble, which is why I was against Mumble in the past, but then I realized it was actually people not configuring their mic quite right. Turn your mic down and reconfigure, or don't get so excited. For most of the day I had it set so everyone could move freely. This has now been set back to normal, and you need to be set up by a higher up in order to move to a new channel. (So that people don't think they've been set up just because they've registered.)

IP (Address): 70.42.74.124 Port: 64738 Status: Active Download DO THE AUDIO WIZARD How to do the Audio Wizard: Click Audio Wizard and follow the instructions. How to register yourself: Mine is greyed out because I of course am already registered. If you haven't registered, it won't be greyed out. You can tell if you're registered if there is a grey man with a green cross to the right of your name (at the far side of the Mumble window). This won't let you move freely, but it will add you to the mumble user database, after which, a higher up can set you into your appropriate group, and you'll be able to move freely. You can not change your name after registering. And Mumble uses certificates rather than passwords. Whatever certificate you register with you will need to log into your account. If you use the default one, then create a certificate afterwards, it won't let you log in, but you can use the default one if you want. How to configure basic Mumble settings: Click this to get into settings (or go Configure > Settings). From here click advanced in the bottom left. This shortcuts section allows you to change your push-to-talk key (should be set up from audio wizard config), as well as allowing you to add new shortcuts: Push-to-talk Reset Audio Processor Mute self Deafen self Unlink Plugin Push to mute Join channel Toggle overlay Toggle minimal Volume up(+10%) Volume down(-10%) Whisper/Shout These are your messages/notifications. You can choose if events play sounds, display notifications (from your task bar), or writes to the console (on the left by default, but you can change that too). ------------------------------------------------------------ I've set up a Mumble server (for the time being, can't guarantee it will stick around). I will be putting it up and taking it down periodically until Spartan receives a reply on the ticket he sent regarding whether or not nfo will allow us to host it on the dedi, at which point I will be leaving it up, or taking it down. It's up atm, so hop on. Right now I've set it up so that without being set up at all you can still move between channels (except higher up channels). At some point (soon), I will be reverting it back similar to vent so unless you are set up, you can't leave the root channel. No point having this set right now, or it'll be a bunch of people that can't move anywhere. And you can create a certificate (very simple) before getting registered, if you register without a certificate, then create one, it won't let you join the server until your own "account" is deleted. But you don't have to create one (it will use a default one, and you will always need this certificate to sign in with your name, and while this certificate is active you won't be able to sign in under a different name). Once you register, you will not be able to change your name. So register under your real name (the name you go by, not your first and last name lol). Registering doesn't actually do anything except add your name to the server database, which an AO+ will have to add you to a group afterwards. So even if you register yourself, you will need a higher up to give you permissions. Other than that, feel free to get on, try to get used to the mumble interface and see if you like it, comment on whether or not you like it (so we know), and I'll probably make a slightly more in depth tutorial on it soon.

Would vote yes; too busy doing homework.

Ah okay was just hoping it was possible when I'm already ssh'd in. Thanks Harry! And yeah I looked at the man pages along with googling it a bunch but I couldn't find the specific information I wanted

Okay so, I am using mintty with MinGW (which acts like a Unix terminal). Anyways, this explains everything EXCEPT the 1 thing I need. So basically, I ssh into the schools server. We will refer to it as tch@tux and we will call the file lab.txt. Let's assume my current directory has lab.txt in it. so ssh tch@tux Now I'm in the schools server through this terminal. I want to use scp to copy a file from my account on their server, onto my computer here at home (I can use a program like WinSCP or Filezilla, but I don't want to). So I'm wondering how the command would look to copy it like that. I tried everything from "scp lab.txt C:/Users/Bob" Which I was hoping would copy it to my computer into the directory "Bob". No luck. So I tried "scp lab.txt localhost:/C:/Users/Bob", and "scp lab.txt localhost:~/C:/Users/Bob" etc but nothing works. tch@tux:~/home/Desktop/Mine> scp lab.txt localhost:~/C:/Users/Bob Password: scp: /student/tch/C:/Users/Bob: No such file or directory So seemingly localhost brings it to /student/tch/ (which is my account on the school servers). How would I specify it to come to my computer here at home? However as it says on that site, I can download the file via [bob@Bob-PC /c/Users/Bob ~]$ scp tch@tux/home/Desktop/Mine/lab.txt . Which connects to the server, finds that file, and downloads it to my current directory (wherever I'm cd'd to in terminal) but I want to know how to do it when I'm already connected to the server via ssh, and want to send it to somewhere locally on my computer. Any help appreciated. Thanks. tch@tux:~/home/Desktop/Mine> scp lab.txt localhost:\C:\Users\Bob\ Password: lab.txt 100% 3536 3.5KB/s 00:00 Using the command like this says it downloaded, but it doesn't appear in the directory I specified. So I'm not sure. I realized this was saving it as a file called c:UsersBob and it was still on the server at school.

Congrats.

I like the haircut idea, and the working out (neither of which would hurt someone, but they would still teach you a lesson). I don't reallyagree with using the belt. Which kinda surprised myself. I thought I was in favour of being able to slap/use a belt or like a wooden spoon on your kid, but apparently not. Just disagree with that part. The rest is actually really good (haircut teaches him a lesson, so does the workout, and the workout is actually even good for him).

Sounds interesting actually. Makes me want to read it, but then I look at how long it is again and decide not to.

Can someone post a tl;dr?

I got married with a cookie jar because I'm sexy.

Can anyone verify this? All I even really care that much about is T spawn points. Only having 12 T spawnpoints will pretty much warrant a removal. Just need to know it's true, but also interested in all 4 "bugs" mentioned. Thanks.

Couldn't figure out how to watch/read it, didn't care enough to keep trying :\