Search found 1036 matches
Author
Message
coRpSE

Replies: 0
Views: 5
 Forum:   Fun Zone   Posted: Thu Sep 02, 2021 2:52 pm   Subject: State of Decay 2 - One Week Review
Expand


After one week of game play, I can honestly say that there is a lot I really like about this game, and of course, there are a few things I don't like about the game. I will try keeping this brief since I know many of you get lost after the first 3 paragraphs. So, to keep this short, I will just list the top 5 pros and cons of the two and then give a final thought where I will talk a little about the pros & cons I mention.

Pros:

  • Multiple map open world system.
  • Ability to control multiple charters.
  • Zombies AI aren't as dumb as H1Z1's.
  • Co-op
  • Decent story line so far.



Cons:

  • Co-op tether.
  • 3rd person view only
  • Vehicles slide a bit too much.
  • No scope ADS, just over the shoulder shooting
  • No permanent servers, would be nice to be able to rent PvP/PvE or host our own and have items respawn, sort of like H1Z1 was.


My Thoughts:
Overall, I have been having a blast playing this. I do wish there was more of an open world hosted server like H1Z1 was and have multiple people be able to join on when ever, and who knows, they could do that for the 3rd one if enough people request it. The current co-op, well, is helpful, but is annoying that all players must stay close at all times. The tether is a feature that is just bad. When going around with others, I would like to break off and go do looting while the other is putzing around. I like to keep moving and get things done, and hate waiting on others to catch up. The vehicles in the game, well, the handling is okay, but some of them drift way too much, as if I am on ice. Great thing is, when I know I may need help, I can pull some of my AI community members to come and give me a hand, just, they can't drive themselves, so you will need to do that with friends, or get a running.

Overall, if you like an open world zombie shooter, you may like this game, I know I do. It does have its shortcomings, but, I can't think of a single game I have ever played that didn't. I can see this game being a great, as long as the developers listen to the community and try to accommodate without loosing its current feel.

Video of the latest patch:


I've been live-streaming this on Twitch, so if your interested or feel like chatting while checking out the game, come join in on the stream.

coRpSE

Replies: 2
Views: 30
 Forum:   WebSite Changes   Posted: Mon Aug 30, 2021 4:16 pm   Subject: Re: New Avatars added
n/p

coRpSE

Replies: 2
Views: 30
 Forum:   WebSite Changes   Posted: Wed Aug 25, 2021 11:36 pm   Subject: New Avatars added
Well, I have been asked by a few if I would ever get off my butt and add some new ones. Well, the butt got up and did it. Granted, I didn't make them, actually, got them from steam from the avatars that they use. What I did is now if you go into the gallery, you will see Steam_Animated-120x120. That's them.

If you want them for your own site, go here and download:
Please login to see this link
Get registered or Log in


I provide 3 different sizes, the full size 184x184, 120x120, and 100x100.

coRpSE

Replies: 10
Views: 804
 Forum:   PC & Codeing Talk   Posted: Tue Aug 24, 2021 1:56 am   Subject: Re: coRpSE's System Info/Cleanup Utility Batch file
Okay, a new update is released with this system with a new feature.
New feature is two ways to uninstall a program. Window 10/11 has a not so good uninstaller IMO, and I liked the old control panel one. Well, It's still there in windows, just buried. Well, that is one way to uninstall a program by using the legacy uninstall method. Sometimes, it won't give you an option to uninstall, and if that happens, you can possibly use method #2 which is using the elevated CMD prompt using wmic to delete the program. I made it as easy as I could, but, human error is a real possibility. Only delete what you really want to, and if you go crazy and delete something your not supposed to, that's all on you. It's hard to mess up, but, come on, I know some of you and what you have done.  lol lol lol

coRpSE

Replies: 2
Views: 56
 Forum:   News   Posted: Mon Aug 23, 2021 5:39 pm   Subject: Re: Quake just got a major update 25 years after its release
— Megaboost wrote
Thanks for the Heads-Up  2 daumen hoch


No Problem.  2 daumen hoch

coRpSE

Replies: 0
Views: 13
 Forum:   PC & Codeing Talk   Posted: Mon Aug 23, 2021 5:37 pm   Subject: What is 2FA, MSA, OTP, TOTP, ECT...? - Why use them?
For the past year or so, I have been talking to a few guys from both in [HSX], and other clans that I am friends with, about the different two-factor authentication, (2FA), and should they use them, why should they use them, and can it be implemented. After having some discussions about it, and hearing peoples concerns about needing to download a separate app on their phone/tablet, and the consensus that they rather just use email verification 2FA instead, I figured I would write this post to explain what it is, and why email 2FA is possibly the one you don't want to really use especially on site/app that has personal data, purchased items, or sensitive data. So let's hop right into this and go over some different types you will find and a little about what they are.

Before I get into this, I know some areas I am going to make it like the system is bad, but think of this, any and all 2FA is better than none, so not using one is always going to be worse than using one.

Now, before we get into 2FA, I want to point out that if you are curious if your password that you use is out there, then you may want to check out this site:
Please login to see this link
Get registered or Log in

Just type in any password you have ever used, and it will check it against a database to see if that password is found in the database.


Email 2FA:

You guys are probably most familiar with this one. You go to a site, try logging in, then it says it "emailed you with a code", then you go to your email and either copy and paste/ type that code, or sometimes, it also provides you with a 1 time use link to click. This is good because it requires you to now go to your email, login, then get the code/click the link.  

Now, why in my first paragraph I said this it probably the one you don't want to use. The reason is, with this system, you really only need to compromise one factor. The problem with email as a 2FA delivery channel is that the most common first factor, a password, can usually be reset via an email. That means that an attacker only has to compromise one factor, your email, to take over your account. This can happen if they know your email account password or if they have access to a live session (e.g. if you leave your email logged into a shared computer).

This kind of threat leaves some people in already vulnerable situations, like those with distrusting roommates or partners with access to your device, at risk. They also attack using with brute force, guessed passwords, credential stuffing, (
Please login to see this link
Get registered or Log in
), and even types of malware like keyloggers. One most common that I know all of you have seen, and probably didn't realize it, is a phishing site, (I will go into more details on that at the end).

Overall, once they have access to your email, any system that you have set up using that email is now vulnerable.


OTP (Hard & Soft) 2FA:

One time passwords, (OTP), are a popular choice for organizations looking to step up their security with two-factor authentication (2FA). These randomly generated passwords are only valid for a single login session and overcome many of the vulnerabilities of traditional passwords.

OTP soft tokens are a single use password that is sent to you either by SMS or email, where OTP hard tokens are exactly what they sound like: hardware tokens, often in the form of a key fob that can be carried on a user’s keyring. The hard token generates a random number—which expires after one use and can only be used during a specific period of time—at fixed intervals. When a user needs to log in, they simply enter the number, along with their username and optionally, a PIN or password.

Behind the scenes, the server that is authenticating the user also has a copy of the hard token’s seed record, the algorithm used to generate the numbers, and the correct time. Once validated to match, the user is permitted to access the website, application, or operating system.

Now, the drawbacks of both these options.

OTP Soft Token:

  • Emails can be compromised, like I talked about in the first section.
  • Phones can be stolen. Of course, any physical device can be stolen—particularly if it’s something people carry around with them all day. And unfortunately, your fingerprint lock is probably less secure than you think, so it won’t necessarily keep the thief from breaking in.
  • Texts can be viewed without authorization. Many smartphone users enable text notifications to be visible, so any SMS codes they receive are able to be read without unlocking the phone. Therefore, an attacker could simply take your phone or even just look over your shoulder to steal your authentication code.
  • SMS codes can be intercepted.
  • SMS verification can be spoofed. A popular phishing technique enables hackers to gain access to people’s email accounts. The attacker only needs to know the victim’s email address and phone number. Then, he or she simply visits the email login page and requests a “reset password” 2FA code be sent to the victim’s phone. Next, the hacker sends the victim an SMS message that says something like, “Suspicious activity has been detected on your account. Respond with the code sent to your phone in order to prevent unauthorized access.” Now, the hacker has the code and can easily gain access to the email account.
  • Phone accounts can be hijacked. You would be surprised how serious of a problem this one is. Years ago, Linus from Linus Tech Tips had his phone hijacked. In an attack called a SIM swap, hackers who know some personal information about their victims, such as the last four digits of their social, call the phone company and have the victim’s phone number moved to an entirely new device. This has happened to all people on all devices, so don't think this can't happen to you because you use X device.


Don't take this list and show why not to use it, because in reality, every security measure will have some extent of a vulnerability.

OTP Hard Token:
  • Like every physical item, can be lost or stolen.
  • Far harder to administer. Really, only good for corporations where they can physically be given to each user.
  • Cost. You would need to buy everyone their own, and if one is lost or stolen, then you need to replace that and remove the lost on from access.
  • Less convenient in the sense now you need to carry yet another thing around with you and hope not to lose it.
  • Susceptible to Man-in-the-Middle attacks. Unsuspecting users can be tricked into entering a valid OTP into a fraudulent, phishing site, which would then forward the OTP on to the official site, allowing an intruder to successfully gain illicit access to a user’s account.


TOTP Soft Token
This is another common one, especially if you use Steam and use their Steamguard 2FA, is the Time based One Time Pass, (TOTP). Using such apps like Google Authenticator, Authy, Steamguard, ect... on your tablet/phone/computer allows the system to provide a time based code that will only stay active for about 30 seconds to 1 min, before it refreshes. Basically, a user must download and install a free 2FA app on their smartphone, tablet, or desktop. They can then use the app with any site that supports this type of authentication. At sign-in, the user first enters a username and password, and then, when prompted, they enter the code shown on the app use. Like hardware tokens, the soft-token is typically valid for less than a minute. And because the code is generated and displayed on the same device, soft-tokens remove the chance of hacker interception. That’s a big concern with SMS or voice delivery methods.

Best of all, since app-based 2FA solutions are available for mobile, wearables, or desktop platforms — and even work offline — user authentication is possible just about everywhere.

Cons:

  • It requires some sort of device. Can't get the code if you don't have that device.
  • Code expires fast. Most of the time, you get between 30 seconds to a minute, but for some people, that is not enough time to get the code and type it. There are some real slow typers out there.
  • TOTP 2FA uses a secret key shared between the authenticator app and the server hosting it. If a bad actor were to clone that secret key, they could generate valid codes at will and gain access to the user’s account.




Overall, my final take on this is, 2FA is something that should be used, since most people don't use a password manager while using different unique passwords on each site they register on. Using something like email 2FA is the worst, (besides no 2FA), since like mentioned above, all they really need to do is get into your email to gain access to all your accounts that aren't secure. I understand that some of you are reluctant to install apps, or quick to blame a piece of software because you don't quite have a full understanding of what it is, but, I hope in this post, I answered some of those questions or at least, gave you a better understanding of what it is.

Here are two videos. First one is basically going over what I said above. The second video is for those that want to activate Steamguard but don't know how to.


coRpSE

Replies: 2
Views: 56
 Forum:   News   Posted: Sun Aug 22, 2021 2:06 pm   Subject: Quake just got a major update 25 years after its release
Expand


After 25 years, 1996’s Quake has received a major update which includes remastered graphics, a brand-new expansion, and more, and it’s completely free for existing PC owners.

Quake Remastered has also been released on PS4, Xbox One, and Nintendo Switch, with next-gen owners being able to play the game on their PS5 or Xbox Series X|S via backwards compatibility.

During Quakecon it was announced that the classic FPS title will be getting the remaster treatment, bringing better light, new models, updated maps, and a dynamic shadow system.

Quake Remastered also comes with many brand-new features including cross-play, dedicated servers for online death matches, free optional add-ons with the first being the Quake 64 soundtrack, as well as split-screen support for local death matches and co-op, with the option to add AI opponents too.

The game will also come with a brand-new expansion, offering plenty of new levels to really give you a reason to take the 25-year-old game out for another spin.

PC players who already own the game on Steam will receive the upgrade for free.

This game is $9.99 on Steam.
Please login to see this link
Get registered or Log in


Quake Remastered, along with Quake 2 and Quake 3 Arena will be coming to Xbox Game Pass too.

Here is everything you need to know.



Release Notes

  • Enhanced Graphics
    Better lighting, new models, updated maps, and a dynamic shadow system headline the graphical features available in Quake. Individual features of the enhanced graphics can be turned on and off to your preference
  • Includes Original Expansion Packs
    The two retail expansion packs, Scourge of Armagon, and Dissolution of Eternity are both now bundled with Quake, and are integrated into the main game. The downloadable expansion pack, Dimension of the Past, has also been upgraded and included
  • Includes Soundtrack
    The iconic original soundtrack by Trent Reznor of Nine Inch Nails is now included on all versions for the first time. The soundtracks for Scourge of Armagon, and Dissolution of Eternity are also included when playing those expansion packs
  • Brand New “Dimension of the Machine” Episode
    Created for Quake’s 25th anniversary, Dimension of the Machine is a brand-new experience created by the MachineGames team. Continue your fight through brand-new dimensions, figure out the secret to restarting the machine, and come face to face with an old foe
  • Free Optional Add-ons
    Similar to our re-releases of DOOM (1993) and DOOM II, we will also be periodically releasing free optional Add-ons available to download in the in-game “Adds-on” menu. Our first Add-on is Quake 64, which includes the original alternate soundtrack by acclaimed composer Aubrey Hodges
  • Split-Screen Multiplayer
    Quake includes 4 player split-screen multiplayer on all platforms, in both deathmatch and co-op modes. Fight against your friends, or with your friends, in all five campaigns. AI bots are also available to play against in deathmatch mode
  • Online Multiplayer
    Play custom matches on player-hosted servers, or hop into matchmaking and play on dedicated servers. Quake also now includes the extra levels Acrophobia, and The Edge available in deathmatch mode. Dimension of the Machine also contains all new deathmatch levels
  • Cross-Play Multiplayer
    Play with friends no matter which platform they prefer. Cross-play is available on all platforms, so you can play Quake with everyone
  • Supported Languages
    English, French, Italian, Spanish, German, Russian


New System Requirements
Minimum Spec (1080p/60 HZ)

  • Windows 10
  • Intel Core i5-3570 @ 3.4 GHz or AMD Ryzen 3 1300x @ 3.5 GHz
  • NVIDIA GeForce GTX 650 TI (2GB) or AMD HD 7750 (1GB)
  • 8GB System RAM
  • Minimum 2GB free space on hard drive (additional space required for optional Add-ons)
  • High speed broadband connection required for online play


Recommended Spec (*4K/120 HZ)

  • Windows 10
  • Intel Core i5-6600k @ 3.5 GHz or AMD Ryzen 5 1600 @ 3.2 GHz
  • NVIDIA GeForce GTX 1070 (8GB) or AMD RX Vega 56 (8GB)
  • 8GB System RAM
  • Minimum 2GB free space on hard drive (additional space required for optional Add-ons)
  • High speed broadband connection required for online play


Known Issues

  • In local multiplayer, the weapon wheel will be partially cut off in vertical split screen. This does not occur in horizontal split screen
  • If the player uses the Attack input to respawn in multiplayer, they will fire a shot as they respawn
  • Users are unable to access downloaded Add-ons without being connected to the internet. This is not intended functionality and will be fixed in a future update
  • While in local multiplayer, if you wish to remove players from the lobby, you need to back out of the local multiplayer menu and re-enter it
  • Some player movement issues may occur in online co-op matches in Scourge of Armagon
  • The Guardian death sounds in may repeat indefinitely in Scourge of Armagon. If this occurs, either save and load your progress or exit the level
  • Players switching away from Quake by using ALT+TAB, may notice that they lose control over the cursor. If this occurs, simply return to Quake, and interact with the game to restore control

coRpSE

Replies: 0
Views: 16
 Forum:   CRSED: F.O.A.D   Posted: Sat Aug 14, 2021 6:59 pm   Subject: Where is the other guy?
Yesterday, I was playing some solos, and it was a slow game. I haven't really seen anyone until near the end of the match, (last 5 min or so). Well, the circle gets pretty small, so I suspect someone in the bunker hiding, and I was guessing the 3rd guy to be either on top of the bunker or in the grass, So I throw my Reaper bag to hope that hides some of my sound as well as draws them out, (it didn't). So I go invisible and run over to the top of the bunker hoping to find the 3rd guy there, well he wasn't. So while I am on top of the bunker, I am looking for that 3rd guy, and that is where this video starts. I will use my invisibility special ability to get into the bunker.


coRpSE

Replies: 0
Views: 32
 Forum:   News   Posted: Wed Aug 11, 2021 6:09 pm   Subject: Discord malware is a growing threat.
Expand


Malware 'can persist indefinitely unless reported' in the chat software's cloud files.

A few weeks back, leading cybersecurity company Sophos issued a
Please login to see this link
Get registered or Log in
that Discord is becoming an increasingly common target for hackers. The vicious few pushing out malware tend to target users of successful online services, and considering Discord's 140 million plus active users—with over 300 million registered to date—that makes the chat software a pretty juicy target.

Sophos notes the number of malware detections over the past couple of months has grown by almost 140 times what it was for the same period last year. And part of that problem comes down to how Discord files are stored in the cloud.

"Once files are uploaded to Discord, they can persist indefinitely unless reported or deleted," the report says.

In its research into the types of malware that litter the Discord cloud storage, Sophos found a bunch of game cheating tools. Some were meant to exploit Discord integration protocols in order to crash an opponent's game, and some were advertised as 'enhancements' meant to unlock paid content, keys and bypasses. The catch is that only a few were found to contain the intended cheating software, most were actually some form of credential theft masquerading as such.

But while we laugh at the idea of cheaters getting their comeuppance, there is darker work permeating our Discord haven.

Among the cheat-bait, other nasties slink by undetected: password-hijacking malware families, spyware, fake android apps meant to nab financial info or intercept transactions. Even chat bot API exploiting malware that vies for control of channels, and some that extract stolen information only to post it into private servers.

The most common focus for Discord malware is the theft of user's personal information, using stealer malware and remote access Trojans (RATs) to do their dirty work.

Sophos explains, "The threat actors behind these operations employed social engineering to spread credential-stealing malware, then use the victims’ harvested Discord credentials to target additional Discord users."

So, while Discord does have a few tricks up its sleeve to combat malware, it cannot protect against human complacency.

Harmful files can go unreported for months, and pose a serious threat to other users. If you don't want to be an accessory to the fact, don't hesitate to pull up something that's out of place to a moderator. And of course, no matter who sends it, think twice before clicking that link that just popped up on your favorite server.



Article By Katie Wickens
Original article:
Please login to see this link
Get registered or Log in




My Take:
Well, I know some of you may think I am positing this to prove an old point that Discord is bad, and if you truly knew me, you would know that is false. I like Discord, just hate some of the crap that is with it, and design/functionality that I think is poor. But this warning, even though it is specifically on Discord right now, this stuff can happen on any platform like Skype, TS3, ect..., just as of now, Discord seems to be the target and the more areas they try making their platform cover, the more they will be targeted.

Just like I always say, just be weary of any file that is presented to you to download, also if they send you a link to a site, ALWAY, look at the URL. I don't care if it's on Discord, TS3, PM, Email, letter strapped to the foot of a pigeon, just be cautious, even if you know them because their profile could have been hijacked, which I have had a friend just last year on Steam, have his account hijacked, (He now uses a separate password and 2FA).

coRpSE

Replies: 7
Views: 407
 Forum:   In-The-Works   Posted: Tue Aug 10, 2021 8:09 pm   Subject: Re: ???? Steam Game New Feed [ITW] ????
— EmeraldDragon wrote
Scroller will be a good option to have.

Suggestion: How about combining the avatar image and online/offline image together?

  • IE: Using profile picture as being online and if offline using a grayed-out profile picture as offline.
  • Limited to displaying one or two [following] member(s)per scroll page. Or condensed all the information to one per line with one profile per each of the scroll pages.


I think you are a little confused by what this thread is about. zwinkern
If you go to the home page of this site, you will see under the twitch block, a Steam News block that covers the latest news from the developer. (latest 1 - 10 articles). The limit is 10 because that is the most they provide. This block is still in the works. I have not released it and there are only 2 sites that have it, which is mine and EIDs site, since they are into a bunch of different games on Steam.

If I do a steam block for the users, all it will do is have links to their profiles and will not show their current live status for if I tried doing that, I can not think of a way of stopping the flooding of request to get the status where Steam won't flag it as a possible DDoS attack. Even my current system with my slow refresh of the caching still happens gets listed and blocked for weeks. Unfortunately, steam has no place to talk to staff about it. Now, to have a live status system in a block can easily be done using the feed from the Steam Group, but, everyone that wants to show up in that block has to be part of that Steam group, and that system is just a single file that has all the information for each person in that group to build on.

Overall, if there was a way to get sites whitelisted from steam easily, so they don't get flagged as false DDoS, that would be a block I can do using my system.

But I do like the idea you had for the status color for the image, but I am thinking more for the steam profile and the border around the image. That part is being rewritten anyway to be responsive, I am just waiting to hear back from Lonestar on what he is thinking.

For anyone that wants more clarity of the issue, I will go into details now. If you don't care, stop reading. zunge zeigen


The issue is this. The way the system works is each person has a separate API file that gets requested from Steam, (well, while in the forums). If you go to their Steam profile on the site, like if you click
Please login to see this link
Get registered or Log in
, you will see mine, that page request 3 different API files. To minimize the impact on Steam, I cache these file into a folder on your site, well, on the site the module is installed.

Now, if you imagine, in the forum, you have 10 peoples replies, and each of those 10 people have their Steam information set up on your site. Well, what happens is, each page refresh, in theory, your site can make 10 different calls to Steam in 1 second. If I didn't have the caching, and just say you had the 10 people/bots on your site at the same time all looking at your Steam profile page, now, that went from 10 request to 30 request, and that was just one one-page refresh. Now, what happens, those same 10 people, opened up 10 different Steam Profiles over the course of 30 seconds, Do the math, you can see how those request can add up if the file wasn't cached and why Steam may think you are trying to DDoS their site, since, in a mild form, that is what a DDoS attack usually is.

So I have a caching system that will on the first request, create a folder in a specific spot for each person, and in that folder it will create a file/files, depending on if the person went to the forums or right to their profile. Now, at any time with in 30 seconds, (I think I have it set to 30 seconds), the system will check to see if a file exist and if it's not more than 30 seconds old. If the file meets its criteria, then it will read the information off that file and not make another call. This way, even if you had 500 people on all going to that page, no matter what, it will only do 1 call, so, we don't flood Steam with request, and they don't flag you as a possible DDoS.

Now, if I went to make it into a live status block, and let's say you have 100 people on your site that has their Steam info in there, and nobody has been on your forums for the past 30 seconds of few min, and someone comes to your site on the home page, that is automatically going to be 100 request sent to steam. That would be really the only way to have it a "Live Status" block. Now, with the Steam Group like I mentioned before, that would be a single API call to the steam groups, and in that JSON/XML file, it would have the name of each person, their steam ID number, their online status, and I think what game they are playing. There might be more, but I have not looked at that API since I was still at ClanThemes, to 10+ years. That, I could build on and have that update as current as a 30-second delay, (of course to stop the possibility of too many requests being sent to Steam). I made one a long time ago, and I believe McGyver made one a few years ago. But with that system, you would have to add everyone to a Steam Group that you create and most aren't big into joining them, as I found out.

Most places, like Steam and Discord, are really not supporting too much into the web side of everything anymore, and focusing more into mobile widgets and applications. What they supply in XML and JSON is enough, but it's tough to get things done to find documentation on what's out there. Most everything I find for Steam is old, outdated information, or, extremely vague. Twitch makes it confusing and though is actively messing it up, I mean, updating it, they seem to make changes that makes things harder and requires more digging. Discord, well, they just don't care, and they made that abundantly clear when they chose to ignore my questions a few times then when they finally decided to answer a few weeks later, I got replied with a generic BS answer that has nothing to do with the question I asked. Hence, one of the reason I dislike Discord.

Sorry for the rant, but was just trying to cover all the bases.

Now, what I can do, I can make a block that will show the Steam users, and I can grab their most recent avatar, but only read from the cached files and will only update once their profile is visited, or a thread where they made a post is. But that will be just a list of people on your site that has the steam section filled out, and not a live status.

All times are UTC - 7 Hours [DST enabled]
Page 1 of 104
Goto page : 1, 2, 3 ... 102, 103, 104  Next
Jump to:  
Forums ©