Xatu Posted August 15, 2017 Share Posted August 15, 2017 (edited) It would allow us to link n00bs to tuts on the forums whenever they ask specific questions. Have the link shorten too to not display it all as to not spam the chat so like " https://forums.pokemmo.eu/index.php?.... Edited August 15, 2017 by Xatu KoolT93, ShadowHunter605, Suneet and 1 other 4 Link to comment
0 XelaKebert Posted September 6, 2017 Share Posted September 6, 2017 On 9/3/2017 at 10:28 PM, Kyokatsu said: Maybe it could be done if the guy sending the link was on the receiver's friend list? I mean, links sent on the team chat are already clickable, and I never heard of anyone getting hacked because of that Just because you haven't heard of it happening that doesn't mean it doesn't happen. I'm not saying it has or anything of that nature. Teams can kick players who abuse links and report them to us for further action. The issue is players spamming links in chat to other players has the inherent security risk of compromising the account of the person following it. This stuff still happens even with links not clickable. Having any link clickable is a very severe security risk which is why public clicky links are reserved for staff only. fredrichnietze and Kyokatsu 2 Link to comment
0 BudsBender Posted October 2, 2017 Share Posted October 2, 2017 Honestly just say it: you dont want to spend any time on somehow make it workable for all. You simply won´t get hacked just by following a link unless u click something else. Common Internet knowledge that either everyone should have or learn it asap. If ppl dont know they deserve to be hacked in order to learn such things. Definetly not the Task of a Staff. Ofc you are interested in account security, but infact as others already mentioned: you can do it already in Teamchat. Also in PM at Forums. So if I wanted to get somebodys account info i would not choose allchat, since there are definetly more witnesses than PM in Forum or Teamchat. Friendlist option for Whispered Link sounds like a good idea, but ofc there would still be ppl falling for it. Point is: these ppl will be dumb their whole life and will get scammed over and over no matter what you do on that link thing. Link to comment
0 XelaKebert Posted October 2, 2017 Share Posted October 2, 2017 4 hours ago, BudsBender said: Honestly just say it: you dont want to spend any time on somehow make it workable for all. You simply won´t get hacked just by following a link unless u click something else. Common Internet knowledge that either everyone should have or learn it asap. If ppl dont know they deserve to be hacked in order to learn such things. Definetly not the Task of a Staff. Ofc you are interested in account security, but infact as others already mentioned: you can do it already in Teamchat. Also in PM at Forums. So if I wanted to get somebodys account info i would not choose allchat, since there are definetly more witnesses than PM in Forum or Teamchat. Friendlist option for Whispered Link sounds like a good idea, but ofc there would still be ppl falling for it. Point is: these ppl will be dumb their whole life and will get scammed over and over no matter what you do on that link thing. It's not about getting hacked it's about allowing avenues of attacks for which malicious software could be distributed thus compromising the security of players accounts. Best practice for any online development dictates that you close off as many avenues of attack as possible. Malware is the biggest threat to the average computer user. Please do not talk down to players with regards to risks posed by allowing all hyperlinks to be clickable. Just because you know something that does not mean everyone knows it. Understand that our development team does have a lot of expertise with regards to security. I personally have also done professional level Web Development and understand these details. It has nothing to do with laziness at all. Kite and fredrichnietze 2 Link to comment
0 BudsBender Posted October 2, 2017 Share Posted October 2, 2017 (edited) Well therefor you could check the last post of Friedrich Nitzsche. He already showed a way. Now just improve what he was pointing out. Like: You don´t need constant check, a daily patch for the Links that are from guides. Then if the Users list and Servers List arent same: nope(login). Another thing: If User B sends a Link to user A , User B can´t send another link to A without any response. So every further message would either create an error message for B, or if B tries to work arround with normal text: as long as no response from A, B can´t send another Link. Edited October 2, 2017 by BudsBender Link to comment
0 fredrichnietze Posted October 2, 2017 Share Posted October 2, 2017 9 minutes ago, BudsBender said: Well therefor you could check the last post of Friedrich Nitzsche. He already showed a way. Now just improve what he was pointing out. Like: You don´t need constant check, a daily patch for the Links that are from guides. Then if the Users list and Servers List arent same: nope(login). Another thing: If User B sends a Link to user A , User B can´t send another link to A without any response. So every further message would either create an error message for B, or if B tries to work arround with normal text: as long as no response from A, B can´t send another Link. i am very against this happening. dont take what i say out of context pls. i was pointing out how it could happen to pointing out the difficulty in making it work. pay attention to the part where i say "even if you get the system working their will likely be a exploit to get around the security". also you're anti spam idea would have false positives. "hey can you send me that llink" ~sends link~ end of conversation. now the person who sent the link can not send any more links from the sound of it indefinitely. also my name is fredrichnietze not fredrich nitzsche Link to comment
0 BudsBender Posted October 2, 2017 Share Posted October 2, 2017 (edited) Well and i showed how ur idea could work without a constat rechecking of Forums. Btw u got me wrong: the Person can´t send Links to A, if he sends the same link to User C it would be completly fine. So someone would have to get online userlists first before he could exploit it there anymore. ( that would produce a scenario where User B sends his link ONCE to all online Users, including Mods and GM´s so you would be alerted ) sry on ur namething, thought u were referring to a smart person with that ;) Edited October 2, 2017 by BudsBender Link to comment
0 fredrichnietze Posted October 2, 2017 Share Posted October 2, 2017 ok so spam mitigation. whats to stop someone from creating custom urls that forward to the same url and just spam them one after another? think https://goo.gl/ Link to comment
0 razimove Posted October 4, 2017 Share Posted October 4, 2017 (edited) I can't see this being very viable. Also no Fred, although what you said might be true, the problem wouldn't be that, I could see people using trade chat to link to forum instead and create a complete mess, more than it already is in trade chat, and lets be honest, if you enter a phishing website, you really are not responsable enough to be in the internet, especially considering all the warnings everywhere right now, and the fact that many domains have been shutdown by ISPs to help preventing that. Linking directly to guides would be pointless, just tell newbies, we got a forum and that they can go into guide tavern and have all their questions answered. If they still don't want to go, fk it, you did your job, they have to stop being lazy and search by themselves, are you gonna spoon feed them forever? So, I completely agree with Noad point of view. Edited October 4, 2017 by redspawn Link to comment
0 RealLifeAngel Posted October 4, 2017 Share Posted October 4, 2017 On 8/16/2017 at 11:19 AM, Parke said: He asked for only pokemmo forum links to be the ones that embed Fred you dumb fuck Pretty sure there are ways to trick the filter & thus allow the potential for malicious software to be shared & spread. Sadly I am not tech savvy enough to explain how! s: Link to comment
0 razimove Posted October 4, 2017 Share Posted October 4, 2017 51 minutes ago, RealLifeAngel said: Pretty sure there are ways to trick the filter & thus allow the potential for malicious software to be shared & spread. Sadly I am not tech savvy enough to explain how! s: If the ''censorship'' is just *forums.pokemmo*, ofc it's easy to trick, someone with the slightest php knowledge could make a phishing website good enough to trick kids. But if is something like httpS://forum.pokemmo.eu/* , there is no chance for them to trick you into. The best they could do is lead you to a post with a phishing website in it, but still inside the forum. * symbol means, anything can be behind or after the word. Link to comment
0 Desu Posted October 5, 2017 Share Posted October 5, 2017 7 hours ago, redspawn said: If the ''censorship'' is just *forums.pokemmo*, ofc it's easy to trick, someone with the slightest php knowledge could make a phishing website good enough to trick kids. But if is something like httpS://forum.pokemmo.eu/* , there is no chance for them to trick you into. The best they could do is lead you to a post with a phishing website in it, but still inside the forum. * symbol means, anything can be behind or after the word. https://[email protected] KaynineXL and Gilan 2 Link to comment
0 razimove Posted October 5, 2017 Share Posted October 5, 2017 (edited) 11 hours ago, Desu said: https://[email protected] But that's a redirect domain, and goes against what I just said. httpS://forum.pokemmo.eu/* the slash prevents that from happening, also you can just censor @, not to hard. httpS://forums.pokemmo.eu/@www.smug.moe edit2: just to test out something further https://forums.pokemmo.eu/[email protected], https://forums.pokemmo.eu/index.php?/topic@theuselessweb.com edit3:also, you guys can just make sure the user goes into a subpage in which it tells them, they are being redirected to: blablabla, do you wish to continue? Not a big deal either. Edited October 5, 2017 by redspawn forgot the s, in forums Link to comment
Question
Xatu
It would allow us to link n00bs to tuts on the forums whenever they ask specific questions.
Have the link shorten too to not display it all as to not spam the chat so like " https://forums.pokemmo.eu/index.php?....
Link to comment
37 answers to this question
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now