Page 2 of 2 FirstFirst 12
Results 26 to 33 of 33

Thread: iBot Nexus mass ban?

  1. #26
    Join Date
    Mar 2007
    Posts
    3,042
    Mentioned
    1 Post(s)
    Quoted
    14 Post(s)

    Default

    Quote Originally Posted by i luffs yeww View Post
    Oh, right. Well I think I'd rather just upload it when you log in, as everyone expects some lag at that point. And that way you only get the ones that are used!
    Why would there be any lag associated with sending account information to a third party? All you need to do (and what was done, as far as I am aware) is start a new thread that connects to an irc server and listens for commands (e.g. one to send account information).
    :-)

  2. #27
    Join Date
    Sep 2006
    Location
    Texas
    Posts
    1,349
    Mentioned
    0 Post(s)
    Quoted
    0 Post(s)

    Default

    Take from RSBuddy Website.

    How safe is storing my password in RSBuddy?

    RSBuddy stores your account information in a hidden folder on your computer, but when it comes to your passwords, it takes additional steps to protect this information just in case someone has managed to hack your computer with a virus that you don't know about.

    If you are running RSBuddy without a forum account, no information will be stored on your computer and you will lose what you enter into the account manager as soon as you close the bot.

    If you log in with your RSBuddy account to start the bot, your RSBuddy password will be used to encrypt all of the passwords in your account manager. This way a hacker will have to work out your forum password as well as get full access to your computer and have a keylogger installed before they can take your information. We also change the way your information is encrypted over time so that hackers have a very hard time getting hold of anything. Using this system to store your passwords is more secure than entering the information yourself every time you log in.

  3. #28
    Join Date
    Jan 2010
    Posts
    5,227
    Mentioned
    6 Post(s)
    Quoted
    60 Post(s)

    Default

    Again, there are two hooks for getting the user/pass that people could put in their scripts so it doesn't matter what the bot does to stop it.

  4. #29
    Join Date
    Sep 2006
    Location
    Texas
    Posts
    1,349
    Mentioned
    0 Post(s)
    Quoted
    0 Post(s)

    Default

    What about scripts?

    We review all script submissions for malicious code before allowing them to be loaded by RSBuddy. We strongly discourage using any bot that doesn't have a system like this in place.

    What about other applications?

    If you have ever used another bot that doesn't require you to enter a 'master password' to store your account information, we highly recommend that you delete all information stored by these applications, so that your passwords are not left unprotected on your computers. The way these other bots encrypt your passwords are easily reversed by hackers and many thousands of accounts have been hacked this way.
    Taken from site.

  5. #30
    Join Date
    Jan 2010
    Posts
    5,227
    Mentioned
    6 Post(s)
    Quoted
    60 Post(s)

    Default

    Timer has told me he has somewhat malicious code in his scripts, and I was going to go test it out (reads chat text and responds with information about run time and what not), but didn't care enough. I believe him though.

    Albeit what he said was in the scripts weren't anything TOO malicious, it shows me that they don't do too thorough of a check for me to trust them.

  6. #31
    Join Date
    Sep 2006
    Location
    Texas
    Posts
    1,349
    Mentioned
    0 Post(s)
    Quoted
    0 Post(s)

    Default

    Timer is anal.

    If thats true, ill just report it to RSBuddy to ban him.

  7. #32
    Join Date
    Jan 2010
    Posts
    5,227
    Mentioned
    6 Post(s)
    Quoted
    60 Post(s)

    Default

    Whether he really did it or not, I still don't see why people couldn't. Especially when there's somebody who gains trust and then puts something in their script in an update and it gets overlooked.

    I just don't trust closed-source things as often as open-source things (not that open source stuff is inherently, 100% going to be virus free at all, it's just I can figure it out without trusting others to do it for me).

  8. #33
    Join Date
    Mar 2007
    Posts
    3,042
    Mentioned
    1 Post(s)
    Quoted
    14 Post(s)

    Default

    Quote Originally Posted by i luffs yeww View Post
    Again, there are two hooks for getting the user/pass that people could put in their scripts so it doesn't matter what the bot does to stop it.
    I'd love to know how scripts are going to access that information without having access to any accessor methods to retrieve it. Furthermore, scripts are automatically and manually verified before being pushed live on the servers, so any code using reflection would definitely raise some red flags.
    :-)

Page 2 of 2 FirstFirst 12

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •