18 Dec, 2008, Guest wrote in the 41st comment:
Votes: 0
Seriously, Crat, it doesn't rise to the level of alarmism you used to have nesessitated a huge public spectacle over it. I think the large number of responses you got saying to more or less agree with me on this. So you can put away your straw men and go find something else to play with. This really isn't worthy of dragging out any farther than it has been. Oh, and turn your IM client off. After all, AOL might be spying on you. ( sarcasm to make the point, in case nobody could tell )
18 Dec, 2008, Cratylus wrote in the 42nd comment:
Votes: 0
Samson said:
Seriously, Crat, it doesn't rise to the level of alarmism you used to have nesessitated a huge public spectacle over it.


It's funny you should say this. I was just now telling
Kayle that I don't think it's an especially big deal. I'm
sitting here articulating my opinion, and people are
flipping their wigs all over it. Maybe you can explain
why you are making a fuss. I'm just saying what I think.

-Crat
http://lpmuds.net
18 Dec, 2008, Guest wrote in the 43rd comment:
Votes: 0
I wasn't the one who ran to TMC to see who else was being evil. :)

You made a big deal out of it.

I simply pointed out it was no different...

I fail to see how your having gone to such lengths to investigate it beyond that makes me the one making a spectacle of it, but ok.
18 Dec, 2008, Cratylus wrote in the 44th comment:
Votes: 0
Samson said:
I wasn't the one who ran to TMC to see who else was being evil. :)


I checked out the TMC client to determine whether what
was said here was true. I'm pretty sure evil didn't
enter into it. Where did you see me use this term?




We'll have to agree that we have different thresholds
for "big deal". That looks like a request for clarification to me.


Samson said:
I simply pointed out it was no different...

I fail to see how your having gone to such lengths to investigate it beyond that makes me the one making a spectacle of it, but ok.


Well yknow, I guess the use of adjectives like "stupid" and
"paranoid" made me imagine maybe you were getting a little
miffed, but maybe that's just how you talk.

My bad! Friends again!

-Crat
http://lpmuds.net
18 Dec, 2008, Guest wrote in the 45th comment:
Votes: 0
My use of the words "stupid" and "paranoid" were largely reactions to how much of a big deal you were making of it. Guess we'll just have to agree to disagree on that.
18 Dec, 2008, Cratylus wrote in the 46th comment:
Votes: 0
18 Dec, 2008, The_Fury wrote in the 47th comment:
Votes: 0
Cratylus, I think the reason why a lot of people have jumped on you about this is because of how you have gone about it. You asked questions that you already knew the answer to then jumped on IMC and had a giggle about how Orrin was going to answer it. You knew the answer from the beginning that it was a proxy and it was telnet and that it was insecure. Rather than suggest to Orrin that disclaimer stating these facts might be the order of the day, you did the Bart Man and made a scene about something that could have been handled in a much more mature and sensitive way.

You got awfully upset when i accused you of being divisive and having a personal adgenda, i think your reply was "Well thanks for giving me the benefit of the doubt", do you not think that Orrin deserves the same and not be accused of snooping your data, when there is no real reason to accuse anyone of anything. Now if there was a spate of immortal accounts that used service X being hijacked then there might be grounds for an accusation, but as it currently stands there is no such cause for concern.

I feel Orrin is owed an apology, especially considering it was pointed out in the thread on TMC that there is a legal disclaimer already on the site that is freely readable by all and sundry point out that all data is in a readable format.
18 Dec, 2008, Cratylus wrote in the 48th comment:
Votes: 0
Well, I was perfectly happy to let this fall off the front
page, but since you insist…


The_Fury said:
You asked questions that you already knew the answer to


No. You are not in my head, you don't get to make this assertion
uncontested. When I first read David's response to my question about
what was meant by a proxy, it introduced uncertainty in my thinking
that I don't really feel is necessary to detail. Suffice it
to say I honestly was not certain, and my question was a
real question, not a rhetorical one.


The_Fury said:
You asked questions that you already knew the answer to then jumped on IMC and had a giggle about how Orrin was going to answer it.


Please quote the evidence I knew the answer, and quote the giggle.
I've just had a look at the logs and it looks like you getting
in my face about it, not me laughing about it, so I'm curious
what exactly you're talking about. If you have trouble digging up
the logs let me know. I have them.


The_Fury said:
Rather than suggest to Orrin that disclaimer stating these facts might be the order of the day, you did the Bart Man and made a scene about something that could have been handled in a much more mature and sensitive way.


Not too sure what this means, really, but it's clear you didn't like
my approach. Take a number.


The_Fury said:
do you not think that Orrin deserves the same and not be accused of snooping your data


I didn't accuse him of snooping my data, Fury. I think you need to
chill out because your imagination is running away with you.


The_Fury said:
Now if there was a spate of immortal accounts that used service X being hijacked then there might be grounds for an accusation, but as it currently stands there is no such cause for concern.


After you chill out, I think you should calmly read what I
actually wrote.


The_Fury said:
I feel Orrin is owed an apology, especially considering it was pointed out in the thread on TMC that there is a legal disclaimer already on the site that is freely readable by all and sundry point out that all data is in a readable format.


I saw no disclaimer on his site about personal information
passed through the client being subject to Orrin's data mining.
If that was in there somewhere, then the error is mine. Please
show me where it was.


-Crat
http://lpmuds.net
18 Dec, 2008, Tyche wrote in the 49th comment:
Votes: 0
I agree. That is to say I am definitely paranoid about issues relating to privacy. That includes, but is not limited to, mud hosts, proxies, snooping/logging, "private" rooms, I3/IMC private channels and PMs on BBSs.
18 Dec, 2008, Zenn wrote in the 50th comment:
Votes: 0
18 Dec, 2008, The_Fury wrote in the 51st comment:
Votes: 0
Quote
Take a number.


Should we take a vote and see who is correct :)
18 Dec, 2008, David Haley wrote in the 52nd comment:
Votes: 0
I have to admit that this mainly just seems like a bunch of people hollering at Crat for asking a question. Basically, the reaction is "omgwtfbbq are you st00pid, obviously it's telnet so everybody can see anyhow, d'uh". I don't think it's that unreasonable to at least mention that the proxy is not secure.

Believe it or not, but I have more faith in the more or less random machines between me and my MUD than a very specific site hosting a proxy. This has nothing to do with a judgment of Orrin's character or integrity: I have no reason to doubt them, and frankly since I do not know him terribly well I have no reason to vouch for him either. I would simply be wary of adding anybody to the line of people who can read passwords to my imm account on an active MUD, when this somebody has any kind of vested interest whatsoever in MUDs, as opposed to some random machine that sees bazillions of random packets all of the time.

Incidentally, people who use proxies in their web surfing aren't after security; they are after anonymity. The two are very different (if linked in some cases according to the protocol in question). Indeed, people who think that using proxies increases security are misguided. But people who believe that people using proxies are all trying to increase security are also misguided.

Anyhow, it seems to me that people are making more of a fuss about Crat asking for the disclaimer than Crat did in the first place. :shrug: With that said, I will endeavor to not contribute any more to the fuss that is this particular line of discussion. :smile:
18 Dec, 2008, tphegley wrote in the 53rd comment:
Votes: 0
I will say that I was unaware of proxies and how they worked with telnet until now. I do think Crat is right in asking Orrin to update the disclaimer on his site about how his site works. I think everyonewent about it the wrong way though. :blues:
18 Dec, 2008, Hades_Kane wrote in the 54th comment:
Votes: 0
After a recent incident and how I was not proud of how I handled, I've done my best to just be quiet for a bit.

But I've been following this thread and feel the need to comment.

I second tphegley… I, too, wa unaware of proxies and how they worked until now.

This thread has actually educated me on something I was unaware of, and I'm thankful for that.

If I were connecting through Orrin's flash client and without some sort of disclaimer that's within a reasonable distance of the link or whatever, I would have been unaware that he could have gained access to my passwords and whatnot. I think the casual internet user, gamer, or MUDer, would likely be unaware as well.

I've seen nothing to suggest that Cratylus is trying to attack Orrin, to smear his name, to accuse him of anything. All I've taken from what he is asking is "Hey man, how does your flash client work? Oh, through an unsecure proxy? I think maybe you should make people more aware of that."

My opinion of Orrin hasn't been affected by anything Crat has said, and I really don't think that's been his intent. I see someone trying to keep what could become an important part of our community transparent, and I don't see anything wrong with that.

Could it have been handled through PMs? Perhaps, but I don't think this has been some sort of bad publicity stunt directed at Orrin, so I don't see any negativity that would suggest this should have been private. I honestly don't believe Crat has "made such a big deal" about all of this. I think what people are seeing is Crat responding to several posts aimed directly at him personally, not Crat running around waving an "Orrin is evil" banner trying to stir something up.

Overall, I think we all should just chill out, and maybe stop assuming so much what people's motives are, or stop assuming that the casual internet user is as informed about proxies and such as the rest of you seem to be.

I don't think that even -most- internet users would be aware of proxies and how they work, so I don't see the problem in asking someone to add some sort of disclaimer about that in an conspicuous place. I think we can all agree there is no harm in doing that, and can all probably agree that if anything, it would be a positive thing to make his users aware. If we can all agree on that, then maybe we can stop this pointless bickering based pretty much on -assumptions- about someone's motives. After all, I'm a good example of how assumptions can make you look.
18 Dec, 2008, Asylumius wrote in the 55th comment:
Votes: 0
I'll echo what Hades_Kane said, and also say that even though I know that telnet in an insecure protocol and that's well and good, I don't see the harm in asking how the Flash client works under the hood. Some people may not know, and it's worth pointing out. I trust my friends, but I still wouldn't give them my passwords. I'm sure most of us trust Orrin, but I'd still just rather not expose my passwords (or conversations) like that; I have a basic set of ground rules for how I handle myself with regards to security and privacy, and I try not to make exceptions, even when I probably could.

In true Ego-Geek fashion, I'm not surprised to see people piling on Cratylus yelling, "DUH, WUT R j00 ST00PID?! CORS ITS INSEKUR, 'TARD!", but frankly, he had a point, he made it, and his initial post was more on-topic than most of the stuff anyone else came back at him with. This thread feels way too much like Slashdot.

On the flip side, the Flash client looks very cool and I like it. I probably wouldn't use it to log on an admin character, but otherwise it seems like a solid client if you're forced to resort to something web-based.
18 Dec, 2008, Zenn wrote in the 56th comment:
Votes: 0
Can you yell on a forum?

I didn't see people yelling. :P
18 Dec, 2008, Asylumius wrote in the 57th comment:
Votes: 0
I hate it when people respond to serious posts with dumb questions and the obligatory ":P"
18 Dec, 2008, Zenn wrote in the 58th comment:
Votes: 0
I changed the subject, didn't I?
18 Dec, 2008, Lyanic wrote in the 59th comment:
Votes: 0
Quote
On the flip side, the Flash client looks very cool and I like it. I probably wouldn't use it to log on an admin character, but otherwise it seems like a solid client if you're forced to resort to something web-based.


Actually, it'd be more worrisome for logging a player character. In that event, you'd have to go through bureaucratic channels to get your character back. On the other hand, I'd think having the password to my admin character stolen would be no big deal at all. I would promptly login to the shell, directly modify the password in the pfile/database, quickly look over the log to see if any damage had been done (and undo it), then make note of the IP it was hijacked from before logging back in myself. After verifying who the IP belonged to - crucify the individual.
18 Dec, 2008, Cratylus wrote in the 60th comment:
Votes: 0
Asylumius said:
I hate it when people respond to serious posts with dumb questions and the obligatory ":P"


Lol u didnt liek it? :P

Anyway, I'd like to express my thanks to the folks speaking up on
this. It was kind of weird feeling like I was the only one who thought
a little disclosure would be a good idea, and it was a little confusing
how quickly things went all personal..from people other than Orrin.

: confused shruggy emoticon :

Anyway, no harm done, hopefully we can get off the personal
stuff and just agree that some of us disagree on the the disclosure
thing, and drive on.

-Crat
http://lpmuds.net/hugstime.jpg
40.0/77