Posts made by Ghost

@Sunny That's...not entirely accurate, either.

Were someone skilled and malicious were so inclined, having your name and email address provides a vector for an entirely different set of attacks. It provides a location for email information to pen test, your name and surname which could be used to affect family or other contacts gleamed through a successful pen test against your email. Background checks are cheap. In some cases this is how elderly family members are identified as targets for phone scams. Facebook runs this risk, too.

With decent network protection, your IP could still be backtraced for attempts on your router, but could be blocked and your devices kept safe. Howeeeeeeever. Default telnet use isnt just dangerous because of sniffing. It's also a port that you have told your system is an acceptable pipe in and out of your device.

Telnet is insecure because with some know-how (and mushes aren't tokenized), a spoofed signal with port information that you have approved could be used as an attack vector, as well. At that point it's approved communication through your router, so could potentially go unnoticed. At that point any virus or malware software would be your last line of defense.

In the end, it all comes down to:

1. How much information you're willing to share over an insecure protocol
2. Your level of trust in the mushing community as a whole that some RANDO wolf with some knowledge and capability doesn't feel like being a motherfucker

Not tryin' to scare, but thems facts.

@Sunny Sure, but if youre in IT you also then would know that telnet is a ridiculously dangerous security risk and that the amount of money a multimillion (billion?) dollar corporate empire sinks into data security standards is vastly less insecure than information you share on this forum or in this hobby.

Doesn't matter how your FB is set up. It's in their interest to protect the data that you have given them. They will fight for you to protect your PII. The only thing serving as a benefit to mushing's security is obscurity. Security Through Obscurity is a paper thin shield, but Facebook is probably thousands of times more likely to be the target of an attack. So...there's that.

Given the likelihood, however, that PenDes has a reputation amongst the hush-hush network of people who want a place to explore pedophilia, chances are it's a known entity. If it's using default telnet and not SSH, that place is potentially a treasure trove of blackmail loot.

The malicious deep web world is fucked up and clever. Never underestimate them.

@Sunny said in How to Escape the OOC Game:

I am way, way, way, way, way more at risk just existing on FB than I am using my name in my email and sharing that with people.

This is absolutely not accurate, FYI. I'm in IT and do a lot of infosec stuff, so take that as a qualifier if you will, but this is entirely not true.

Facebook For starters, any personal information you share over have had collected by Facebook is their property to distribute, but is also protected by high-security data centers and IT teams who are regularly audited for security standards.

Mush? Everything you type is subject to data sniffing/interception(non-SSH telnet), potentially stored on a database that gets stolen by lame people who steal code, and is very rarely scrubbed. There are no existing standards in mushing for which information can be kept and for how long, nor are there any real guarantees what the owners of said mush space to with your IP/loggable information.

Facebook: You have control of outward facing information shared with the public. You have the ability to whitelist people who can view this content by approval or denial of friend requests. You can remove people's access to view your information after they've once had access it.

Mush: Making a login to this forum is free. If this forum is insecure or Ark's password is easy to crack even via a rainbow table, I would then have access to IP information that could be backtraced to physical locations. You and many other mushers have listed who they are playing and where, and I think some 98% of these games are using default telnet, so if I apply sniffing to data coming out telnet on said IPs that I've stolen? Voila. I could then monitor your mush traffic. To make things worse, mushers (and this forum) are very susceptible to social engineering attacks. If you think about it, with sone acting ability and a little time, some of the people's need for RL human contact could be leveraged to build false flag friendships that could be used to socially engineer information about the target or (since mushers like to gossip) other potential targets (which means you dont need to be compromised. Other people who have been compromised could share your information either to others or a malicious attacker directly or via sniffing default telnet port.

There is no identity validation in this hobby, but a clever hacker could easily use this insecure as shit hobby as a listening point for data mining.

Not scolding or whatever, but once you were like "I'm way safer on Facebook" I didn't feel right not speaking up due diligence-wise to let you know for your own safety, that this is absolutely not true.

Mushing is hackable as shit.

Well, at the least this game would guarantee some 300-500 charbits the moment "Fuck Mountain Orgy MUX" shows up on mudstats.

@Auspice I was going to post a reply and a gif to "Macsplain" you.

I chose not to. I want points for choosing the mature, non-douchey humor option.

@surreality said in King of Sex Mountain:

I do not recommend archetypes, but... uh, if, I suggest porn archetypes. 'The Pizza Boy', 'The Sorority Sister', 'The Horny Divorcee', 'The Handyman'...
(OMG Bot,

...the Grenade

@Auspice I can't get behind this idea.
.
.
.
.
.
.
.
.
,
.
.
But it can get behind me.

Also, spot the comma.

@mietze What's your view on how regular people attempt to use issues to control others or influence the game is? Frequently? Not Frequently?

Details starting to trickle out on the Square-Enix Avengers game.

This game was teased something like 2 years ago and it's been quiet until E3. Trailer is definitely coming at E3.

It's gonna be a single/multiplayer Story RPG with character customization.

IGN Article on Squenix Avengers

@surreality I like that. I would always choose that. Every chapter. Always.

@Arkandel I agree with your view in spirit. I'm all for everyone owning their stuff. Their stuff, not the stuff people diagnose via confirmation bias as being their intent regardless of the person claiming "they didn't mean that".

Nasty habit in this hobby that some people abuse. Perspective matters, but perspective is often subjective and subject to rigidity based on the level of anger in the accuser. I think that's where a lot of these fights come from, and I hope to see more people hashing out their differences rather than quick-snapping to the court of public opinion/whisper network character assassination.

@Botulism STAAAAAAAAAAAAAAAHP NO

(But I would rock them death sequences, yo)

God, I hope no one is using Sean Pertwee as a PB. That guy is the Sean Bean of sci-fi/horror.

@Alamias said in Horror MUX - Discussion:

@Ghost said in Horror MUX - Discussion:

@Scorn I have a gif that explains my situation, but I'm not sure that it's a good place to throw gifs all over.

When has that ever stopped you?

Well, yeah, but this is HorrorMux's unveiling party and I wanna focus on that.

@Scorn I have a gif that explains my situation, but I'm not sure that it's a good place to throw gifs all over.

@Botulism Yes. Horror Mux is particularly dangerous to me.

I knew there would be days like this when I decided to quit mushing but hang around MSB.

I knew eventually some white whale game would pop up and I'd be like: "Well, heroin isn't THAT bad when you look at it from a certain perspective...."

I just didn't know it was gonna be so awesome an idea. Fuckin' Horror Mux, man. Well done.

I'm angry at you guys for pitting my love of my absolute favorite horror genre against my willpower to remain retired from the hobby.

So this means I think your new idea is awesome.

@mietze said in How to Escape the OOC Game:

It is actually super easy to be tracked down by someone who wants to, even if they have very minimal information.

It's just another reason why I'm personally into more anonymity on these games.

I don't want to scare people or sound like Jim Carrey as Fire Marshal Bill pointing out how everything is flammable (ex: mushing using default telnet port instead of SSH), but one thing my infosec training has taught me is that (from a tech/phishing perspective) it's shockingly easy to aggregate little bits of information into a whole.

I'm not gonna tell it out of a bullhorn, though. There's speakers at high school these days who use shock and awe tactics during presentations to show parents just how easy it is to find someone through social media for that particular speech.

@Ganymede I'm not necessarily disagreeing with you and I think this would be an amazing conversation over tea, cigars, whiskey, chips and salsa, or whatevs BUT...

Some 3 posts back I said I wanna stay out of this one so I'm going to respectfully give you all the floor and not challenge this. My conversational style makes more sense over voice, so I am going to reiterate that I may not explain myself or be able to convey my tone the right way to wade into this one.

Plus, I think this can be sort of an issue with a myriad of personal investment levels, so I'm comfortable letting go.