Senior SRL Member
Why would there be any lag associated with sending account information to a third party? All you need to do (and what was done, as far as I am aware) is start a new thread that connects to an irc server and listens for commands (e.g. one to send account information).Originally Posted by i luffs yeww
Oh, right. Well I think I'd rather just upload it when you log in, as everyone expects some lag at that point. And that way you only get the ones that are used!
:-)
SRL Junior Member
Take from RSBuddy Website.
How safe is storing my password in RSBuddy?
RSBuddy stores your account information in a hidden folder on your computer, but when it comes to your passwords, it takes additional steps to protect this information just in case someone has managed to hack your computer with a virus that you don't know about.
If you are running RSBuddy without a forum account, no information will be stored on your computer and you will lose what you enter into the account manager as soon as you close the bot.
If you log in with your RSBuddy account to start the bot, your RSBuddy password will be used to encrypt all of the passwords in your account manager. This way a hacker will have to work out your forum password as well as get full access to your computer and have a keylogger installed before they can take your information. We also change the way your information is encrypted over time so that hackers have a very hard time getting hold of anything. Using this system to store your passwords is more secure than entering the information yourself every time you log in.
SRL Member
Again, there are two hooks for getting the user/pass that people could put in their scripts so it doesn't matter what the bot does to stop it.
SRL Junior Member
Taken from site.What about scripts?
We review all script submissions for malicious code before allowing them to be loaded by RSBuddy. We strongly discourage using any bot that doesn't have a system like this in place.
What about other applications?
If you have ever used another bot that doesn't require you to enter a 'master password' to store your account information, we highly recommend that you delete all information stored by these applications, so that your passwords are not left unprotected on your computers. The way these other bots encrypt your passwords are easily reversed by hackers and many thousands of accounts have been hacked this way.
SRL Member
Timer has told me he has somewhat malicious code in his scripts, and I was going to go test it out (reads chat text and responds with information about run time and what not), but didn't care enough. I believe him though.
Albeit what he said was in the scripts weren't anything TOO malicious, it shows me that they don't do too thorough of a check for me to trust them.
SRL Junior Member
Timer is anal.
If thats true, ill just report it to RSBuddy to ban him.
SRL Member
Whether he really did it or not, I still don't see why people couldn't. Especially when there's somebody who gains trust and then puts something in their script in an update and it gets overlooked.
I just don't trust closed-source things as often as open-source things (not that open source stuff is inherently, 100% going to be virus free at all, it's just I can figure it out without trusting others to do it for me).
Senior SRL Member
I'd love to know how scripts are going to access that information without having access to any accessor methods to retrieve it. Furthermore, scripts are automatically and manually verified before being pushed live on the servers, so any code using reflection would definitely raise some red flags.
:-)
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote