Valhalla Legends Forums Archive | Battle.net Bot Development | Quit crying about the "stolen" public code

AuthorMessageTime
Deception
I'm sick of reading thread after thread of people crying over the release of the precious NLS.dll.

You keep saying this code was never made public and therefore people should delete it and instead use BNLS.

I don't know about you, but it seems stupid to send your usernames, passwords and CD-Keys to a 3rd party server to be hashed when you can just do it locally with the PUBLIC code that has been released against the will of the author. NLS.dll is no longer private. Get over it.
September 23, 2004, 5:20 AM
Quarantine
The point is it was released withought permission of the author(s) and no matter what you say that IS wrong. BNLS is 100% secure as they get thousands of logons a day and I doubt they even care about one single password. They arn't exactly l33t h4x0rs that r0x Bnet y0. So with that said, you need to get over them being mad and refusing tooffer help with NLS.dll and if you dont like what you see on these forums do us all a favor and find some code to leech somewhere.
September 23, 2004, 5:26 AM
Deception
[quote author=Warrior link=board=17;threadid=8803;start=0#msg81523 date=1095917184]
The point is it was released withought permission of the author(s) and no matter what you say that IS wrong. BNLS is 100% secure as they get thousands of logons a day and I doubt they even care about one single password. They arn't exactly l33t h4x0rs that r0x Bnet y0. So with that said, you need to get over them being mad and refusing tooffer help with NLS.dll and if you dont like what you see on these forums do us all a favor and find some code to leech somewhere.
[/quote]

You fail to see the point. The point is, they need to stop bitching about people using their code. I think they should refuse to help people who ask for help with it, because anyone who can't figure out how to use it shouldn't be programming anyway.

However, the author(s) can't complain about it being public and they can't tell people not to use it when they were stupid enough to let someone "steal" it in the first place.
September 23, 2004, 5:29 AM
Newby
They didn't "let" someone steal it, someone *stupidly* left VNC running and, a retarded flaming newbie bruted his quite simple password, and stole it.

Therefore, although it is no longer private, the way it was released is lame. People who use it are just promoting stolen coding and products.

You know, I hope somebody steals your sources and uploads them, and then asks for help on how to modify it. Maybe you'll feel the same way.

EDIT -- Smart move removing "Mr. Kissass" from your post. ;)

EDIT2 -- Also, without the "leaked" module that utilizes the NLS.dll, you'd have no fucking clue how to use it, because I doubt you could figure out the API declares all by yourself. Therefore, you are supporting leeched coding along with leaked products.
September 23, 2004, 5:35 AM
Quarantine
Actually since the code IS property of the Author(s) I think they have sufficient rights to tell people not to use thier code but its up to the people to listen to them . Would you like something you worked very hard on to be leaked to the public and have about 20 people a day coming here asking for support, not getting it , being an idiot about it , and implementing it into thier bot with no respect torwards the author or even an acknowlegement ? I sure as hell wouldnt. Your the one thats whining over topics in the forums and frankly your looking like an idiot. Like I said before if you dont like what you read dont come to the Forums.

Edit: Spelling and fixed some sentences that didnt make sense.
September 23, 2004, 5:36 AM
Deception
[quote author=Warrior link=board=17;threadid=8803;start=0#msg81527 date=1095917761]
Edit: Spelling and fixed some sentences that didnt make sense.
[/quote]

Your whole post doesn't make sense. You're an idiot to think that when given the option, people would rather continue sending their passwords and CD-Keys to BNLS than use someone's code because it is immoral.

If the authors of NLS.dll didn't want people using it, they shouldn't have written it.
If anything, the authors should be glad that people are using NLS.dll rather than being forced to give up their passwords and CD-Keys, hoping vL won't use them.

I'm sure Skywing and Yoni are glad they have loyal followers such as Warrior and Newby, who continue to give them an abundance of passwords and CD-Keys.
September 23, 2004, 6:32 AM
Skywing
[quote author=Deception link=board=17;threadid=8803;start=0#msg81533 date=1095921134]
[quote author=Warrior link=board=17;threadid=8803;start=0#msg81527 date=1095917761]
Edit: Spelling and fixed some sentences that didnt make sense.
[/quote]
You're whole post doesn't make sense. You're an idiot to think that when given the option, people would rather continue sending their passwords and CD-Keys to BNLS than use someone's code because it is immoral.

If the authors of NLS didn't want people using it, they shouldn't have written it.
If anything, the authors should be glad that people are using NLS.dll rather than being forced to give up their passwords and CD-Keys, hoping vL won't use them.

I'm sure Skywing and Yoni are glad they have loyal followers such as Warrior and Newby, who continue to give them an abundance of passwords and CD-Keys.

Keep using BNLS. If you trust it...
[/quote]
Keep in mind that nobody ever forced anybody to use BNLS.

If we were in this for cd-keys and accounts, there would have been no reason to keep the system publicly available for such a long time.
September 23, 2004, 6:36 AM
Deception
[quote]
Keep in mind that nobody ever forced anybody to use BNLS.

If we were in this for cd-keys and accounts, there would have been no reason to keep the system publicly available for such a long time.
[/quote]

Yes, but if someone wanted to use WarCraft III on a 3rd party client, they would have to either reverse it themselves (which not too many people can do) or use BNLS. Even if BNLS doesn't log passwords, you could have it do so and people who need WarCraft III bots would be forced to give you their information. It was a monopoly.
September 23, 2004, 6:43 AM
Skywing
[quote author=Deception link=board=17;threadid=8803;start=0#msg81535 date=1095921798]
[quote]
Keep in mind that nobody ever forced anybody to use BNLS.

If we were in this for cd-keys and accounts, there would have been no reason to keep the system publicly available for such a long time.
[/quote]

Yes, but if someone wanted to use WarCraft III on a 3rd party client, they would have to either reverse it themselves (which not too many people can do) or use BNLS. Even if BNLS doesn't log passwords, you could have it do so and people who need WarCraft III bots would be forced to give you their information. It was a monopoly.
[/quote]
If people are unwilling to do work to get their client to work with Warcraft III, that's their problem.

I could have also just as easily not put it out at all in which case nobody else would have had third-party clients that worked on Warcraft III at all until somebody else spent the time to reverse it. Would that have made you happier?
September 23, 2004, 6:50 AM
Deception
[quote]
If people are unwilling to do work to get their client to work with Warcraft III, that's their problem.

I could have also just as easily not put it out at all in which case nobody else would have had third-party clients that worked on Warcraft III at all until somebody else spent the time to reverse it. Would that have made you happier?
[/quote]

If BNLS wasn't public, I'm sure someone else would have reversed it and made it public sooner or later. But since BNLS was around, people figured it was pointless to waste time reversing it.
September 23, 2004, 8:09 AM
Quarantine
Your making no sense, your saying not too much people can hash Warcraft III then your saying someone would come along and do it if BNLS didnt support Warcraft III Logons. Thing is people already have reversed it for their private use-only. Does that mean that battle.net should release thier source just because they made it....? Hell no. You also fail to understand if BNLS were not trustworthy they would have done something already. I doubt if their intention was to obtain CDKeys and passwords that they wouldnt have held up so long. If you dont trust BNLS, dont use it but dont expect to flame them for getting mad over THIER CODE that was stolen. Also your saying im an idiot for if people giving the option would use BNLS over Local Hashing...not true. Think of it this way if people wanted to they could just use Local hashing for SC/BW/D2/LOD and forget about BNLS but BNLS still gets thousands of logons a day....are you getting it now? Or you could try this approach, I would rather have my bot be able to handle the new patch withought having to do anything to it except wait for BNLS to update, and I have no clue why your putting BNLS down. Hell, I doubt you could make such a reliable service and keep it running for as long as they have. To end my argument it all comes down to one line
Leeching Code is WRONG
there is no way around it, no loophole, no anything. Authors reserve the right to openly flame / get mad about anyone using stolen code of theirs. If you have a problem with that I suggest you stop using BNLS if you still do, Hash Warcraft III yourself. I still dont get how you think its like if a little boy made a tree house and invited his neighbor but his neighbor decided to steal his other neighbors tree house instead of using one his first neighbor let him use. It shows that people who use the leaked code are stubborn and unwilling to learn. If you have anymore arguments to bring up against me please do as I am sure I have countered all of them.
September 23, 2004, 10:55 AM
-MichaeL-
Umm, Useing iago and userlosers and the rest of the authors stolen code is up to the user but it does show you have no respect for the people who are there to help you.
September 23, 2004, 12:02 PM
iago
Wow, I totally lost all respect for Deception. huh..

Anyway, there's nothing I can do to stop people from using the code, since people like you suck. But don't ask the authors of stolen code you're using for support. Doing that is asinine.
September 23, 2004, 12:23 PM
Newby
[quote author=Deception link=board=17;threadid=8803;start=0#msg81533 date=1095921134]
[quote author=Warrior link=board=17;threadid=8803;start=0#msg81527 date=1095917761]
Edit: Spelling and fixed some sentences that didnt make sense.
[/quote]
I'm sure Skywing and Yoni are glad they have loyal followers such as Warrior and Newby, who continue to give them an abundance of passwords and CD-Keys.
[/quote]
Who ever stated I use BNLS?

Also, you probably used to use BNLS. If they logged any information, I'm sure (if I was them) I'd steal everything of yours.

EDIT --

[quote author=Deception link=board=17;threadid=8803;start=0#msg81533 date=1095921134]
If the authors of NLS.dll didn't want people using it, they shouldn't have written it.
[/quote]
Yeah, I'm sure they knew it was gonna be stolen.

Of all things, I would thank the authors of the code for writing it, because I'm damn sure if it didn't get leaked, you'd be "sending an abundance of passwords and CDKeys" to BNLS. I also highly doubt (100%) you have any knowledge in assembly, and I higly doubt (500%) you could reverse the Warcraft III login sequence / hashing functions yourself.
September 23, 2004, 2:21 PM
BaDDBLooD
i think "wow" sums up this topic!

Deception, your opinion is invalid, bias, basically it's full of !@#$!
September 23, 2004, 2:48 PM
Networks
Besides I'd rather see a dll with everything in it. Sorta of like those dlls and the bnetauth blended together (if possible) and provided that it's public to use.

Speak of "wow". I heard userloser already has the logon down for WoW and because of the immature idiots this is guranteed never to be released. You leechers basically fucked everyone from seeing any open source userloser would've have released ever again (excluding anyone he trusts obviously).

Also regarding this entire this whole issue. What is your attitude towards private use of this? Perhaps the use of it on my own and not a release to anyone.
September 23, 2004, 4:04 PM
kamakazie
[quote author=Networks link=board=17;threadid=8803;start=15#msg81563 date=1095955489]
Besides I'd rather see a dll with everything in it. Sorta of like those dlls and the bnetauth blended together (if possible) and provided that it's public to use.
[/quote]

I'm sure people have already done this but not released anything.
September 23, 2004, 4:18 PM
tA-Kane
[quote author=Deception link=board=17;threadid=8803;start=0#msg81533 date=1095921134]If the authors of NLS.dll didn't want people using it, they shouldn't have written it.[/quote]Maybe the government shouldn't write their software? I'm sure they don't want any other governments to use it...


[quote author=Deception link=board=17;threadid=8803;start=0#msg81533 date=1095921134]If anything, the authors should be glad that people are using NLS.dll rather than being forced to give up their passwords and CD-Keys, hoping vL won't use them.[/quote]What proof do you have that vL uses them at all? BNLS has been around for around 2 years or more, and I've not heard of any legitimate case of vL using stolen passwords or CD keys?



Deception, let's say that you write a document stating some sort of invention that you are creating that is going to revolutionize the gaming industry. Then someone steals that document and revolutionizes the gaming industry themselves, and you get zero credit. Not only that, but you have no proof that you were actually the first one to come up with the idea... so you also have no recourse against the thief. Would you feel very happy?

Besides the fact that I wouldn't trust a single word said by anyone that has "deception" right in their name.

And on top of all else, I really have not seen any "crying" recently. Sure, there was a fair amount of it at first, but not a whole lot anymore. I'm sure everyone's glad that people can use NLS.dll... assuming of course that they're intelligent enough to fix it up to be ABLE to use it. The biggest thing I see now is the authors not supporting it.

So back on that invention thing... if people started asking you questions about the thing which you should have invented, would you answer them? I think you'd have too much resentment toward that item to want to help anyone that uses it.

Would there be a purpose to stealing CD keys and passwords from people who use BNLS? No. Doing that would only make people not use BNLS, and that's not the purpose of a service. A service exists to be used, not to not be used. It would be detrimental to the service to do something to or with it that would make it not be used.


No, the only thing I see here is you, Deception, being mad that you're not smart enough to figure out how to use NLS.dll and then even more mad that the authors aren't willing to let you leech the information off of them. I have no words that may convey my impression of you.
September 23, 2004, 6:18 PM
BaDDBLooD
If that's not a cold hard slap of reality.. i don't want to know what is!

Way (to or too?) lay it on him kane, couldn't have said it better myself!
September 23, 2004, 6:25 PM
tA-Kane
[quote author=BaDDBLooD link=board=17;threadid=8803;start=15#msg81587 date=1095963927]Way (to or too?) lay it on him kane[/quote]To. It's been a LONG time since I've learned the exact rules, but "too" basically is used when you're saying multiple things, such as "This happened, and that too happened" which is kind've a replaceof of "also". Too is more broadly used as an addetive: "That too". Too is also used to help describe something: "many objects" verses "too many objects". As I stated just a moment ago, anywhere that "also" can be used, "too" can be used nearby (if not in the same place): "Also that" and "That also" mean the same as "That too." "Too that" is incorrect.

However, it would not be used when you're going from one object to another object, for example "this got to that", or to help a movement with the object: "way to do that", the movement (verb) being "way".

Hope this helps, and more than just you, too. ;)
September 23, 2004, 6:52 PM
UserLoser.
[quote author=Deception link=board=17;threadid=8803;start=0#msg81522 date=1095916854]
I'm sick of reading thread after thread of people crying over the release of the precious NLS.dll.

You keep saying this code was never made public and therefore people should delete it and instead use BNLS.

I don't know about you, but it seems stupid to send your usernames, passwords and CD-Keys to a 3rd party server to be hashed when you can just do it locally with the PUBLIC code that has been released against the will of the author. NLS.dll is no longer private. Get over it.
[/quote]

You suck at life, everything you do. "Get over it". Find new hobbies, get a job. If you're sick of reading these threads then you obviously need to move on somewhere else. I doubt anyone who uses this dynamic-link library anyways, has knowledge of exactly how it works, why two packets are required, what's the purpose of account upgrading, password proof, server signature, all that so called New Logon System stuff. If you're not contributing anything, then I'd say leave or quit complaining, but ofcourse, I can't force you.

[quote]
Speak of "wow". I heard userloser already has the logon down for WoW and because of the immature idiots this is guranteed never to be released. You leechers basically fucked everyone from seeing any open source userloser would've have released ever again (excluding anyone he trusts obviously).
[/quote]

I have a great amount of information for WoW's logon protocol (WoWBot is still being worked on, slowly), some of which was given by a friend. Nobody gets anything from it, don't expect to see anything either around here or anywhere else either.
September 23, 2004, 6:56 PM
iago
Here's something funny.

Some BNLS rip-off (I forget what it's called, but it's made by a guy named Binary, iirc) is using the stolen Warcraft 3 code.

So here's what you'd be doing to use it: sending your warcraft 3 account and cdkey to somebody who clearly has no qualms with using stolen sourcecode. Does anybody find that funny? I do :)
September 23, 2004, 8:30 PM
Minux
[quote author=iago link=board=17;threadid=8803;start=15#msg81610 date=1095971458]
Here's something funny.

Some BNLS rip-off (I forget what it's called, but it's made by a guy named Binary, iirc) is using the stolen Warcraft 3 code.

So here's what you'd be doing to use it: sending your warcraft 3 account and cdkey to somebody who clearly has no qualms with using stolen sourcecode. Does anybody find that funny? I do :)
[/quote]

The final line is....nobody is crying about the stolen public code Deception.
They are just saying...DONT ASK FOR HELP ON IT. Which people can't seem to understand. Whatever go ahead and use it, but just don't expect any help on it. If you get stuck, too @$&!ing bad!! Don't come here and ask for help, CASE CLOSED!
September 23, 2004, 8:45 PM
Eternal
It's not the first time someone has made the comment that they don't trust BNLS and that Skywing and Yoni are only in it for the accounts and cd keys. Jesus guys. Do you think they really are THAT sad?

Use BNLS or don't. But these constant references to the integrity of the service (which is free by the way) is becoming tiring.
September 23, 2004, 8:48 PM
Minux
[quote author=Eternal link=board=17;threadid=8803;start=15#msg81612 date=1095972522]
It's not the first time someone has made the comment that they don't trust BNLS and that Skywing and Yoni are only in it for the accounts and cd keys. Jesus guys. Do you think they really are THAT sad?

Use BNLS or don't. But these constant references to the integrity of the service (which is free by the way) is becoming tiring.
[/quote]

If they were going to steal stuff, like Skywing said, it would have been done a long time ago. I can't believe people are accusing them, when all they did was provide a free hashing service for free. Anyways, the real issue right now is..Yoni is going to be recruited in the Israeli Army in December.

[me=Minus]prays for Yoni's safety and life.[/me]
September 23, 2004, 8:52 PM
Quarantine
O.O im NEVER joining the army.
September 23, 2004, 8:54 PM
St0rm.iD
This is ridiculous. My post was deleted.

This thread is full of flames and personal attacks, yet my post was the *only one* deleted. Fuck you, moderator.
September 23, 2004, 8:56 PM
Minux
[quote author=Warrior link=board=17;threadid=8803;start=15#msg81616 date=1095972851]
O.O im NEVER joining the army.
[/quote]

He has no choice...the situation over there is hostile, meaning it's required he is enrolled for I think like 2 years.
September 23, 2004, 8:57 PM
iago
I have no doubt about the integrety of the people who run Bnls. However, I do have doubts as to the integrety of an "untrusted network" that you're sending your data across (namely, the Internet). I have brought it up here before, and I posted a list of possible attack vectors on stealthbot.net, which I will repeat here:

[quote] Oh, and as for my thoughts on bnls:

I think Skywing and other vL are great people. They don't know/care about your clan, and they wouldn't abuse your information. They have plenty of cdkeys from another source, and have no use for accounts.

What I DON'T trust is vL's server. I know it's been rooted on several occasions, by Tmp's friend Xar. This was before BNLS existed, but the point stands: the server isn't necessarely safe.

Second, the Internet itself is a dangerous place. You're sending data in plaintext across the Internet:
* If you're on wireless, anybody can see it who's nearby (even with WEP)
* If you're on a network, switched or hub, it's possible to sniff/spy on your data
* If you're directly connected to the Internet, it's possible (but _extremely_ unlikely) that somebody at a router along the way, or at the network where vL's server lives, can sniff the data.
* It's possible to use DNS Cache Poisoning to redirect every request sent to BNLS to their own computer! This isn't impossible, and I was thinking of writing Proof-of-Concept software to do it (incidentally, you'd never know that it happened).
* If there's any flaws in BNLS's code that allows arbitrary memory reading, it's possible to read your information from active memory or buffers. This has happened, but was reported and fixed.

Those are my problem with BNLS. Do what you want with them.[/quote]

These are problems with the Internet, not with BNLS.
September 23, 2004, 9:01 PM
tA-Kane
I didn't know Yoni had to join the Israeli Army? Actually, I might have, but just forgot...

But uhh... good luck, Yoni.

[quote author=$t0rm link=board=17;threadid=8803;start=15#msg81618 date=1095972967]This thread is full of flames and personal attacks, yet my post was the *only one* deleted.[/quote]I don't consider my post three hours or so ago as a flame. Instead, I like to think of it as a notice of stupidity and realization of worthless in regards to Deception's thoughts.

I personally beleive this thread should be locked.
September 23, 2004, 9:08 PM
Deception
[quote author=tA-Kane link=board=17;threadid=8803;start=15#msg81626 date=1095973696]
I didn't know Yoni had to join the Israeli Army? Actually, I might have, but just forgot...

But uhh... good luck, Yoni.

[quote author=$t0rm link=board=17;threadid=8803;start=15#msg81618 date=1095972967]This thread is full of flames and personal attacks, yet my post was the *only one* deleted.[/quote]I don't consider my post three hours or so ago as a flame. Instead, I like to think of it as a notice of stupidity and realization of worthless in regards to Deception's thoughts.

I personally beleive this thread should be locked.
[/quote]

I find that funny, coming from a Mac user.

As I said before, I think the authors SHOULD NOT help people with their creation if they do not want people using it. I am not nor have I ever asked for help with NLS.dll, but I do think the authors should quit bitching about their creation being "stolen". That's all.
September 23, 2004, 9:20 PM
LordNevar
The authors aren't the one's bitching, its the peple that come her loooking for help on it, and the other members of this forum sticking up for the makers by saying to stop bringing it here. Granite this is a botDev forum, and you come here looking for help, but you don't bring something that was never meant to to get out for help on.
September 23, 2004, 9:23 PM
Newby
[quote author=UserLoser. link=board=17;threadid=8803;start=15#msg81591 date=1095965760]
I have a great amount of information for WoW's logon protocol (WoWBot is still being worked on, slowly), some of which was given by a friend. Nobody gets anything from it, don't expect to see anything either around here or anywhere else either.
[/quote]
You do realize you'll have to pay per month for the account the bot logs on, correct?

EDIT -- Deception, you asked Maddox for help with using the DLL, if I'm not mistaken. If you really want, I can dig the thread up. :)

EDIT2 -- I find your comment funny about dissing Kane, because you are even more worthless then his computer. Aren't you the one that scammed newbies out of their Warcraft III CD-Keys with some stupid wincraft.tk bot?
September 23, 2004, 10:22 PM
Deception
I asked Maddox for help with the change password function that Binary wrote in an open source module. The reason being, Binary wrote it wrong and Maddox said he could help.
September 23, 2004, 10:25 PM
Newby
[quote author=Deception link=board=17;threadid=8803;start=30#msg81632 date=1095978325]
I asked Maddox for help with the change password function that Binary wrote in an open source module. The reason being, Binary wrote it wrong and Maddox said he could help.
[/quote]

[quote author=Deception link=board=17;threadid=8803;start=0#msg81524 date=1095917386] because anyone who can't figure out how to use it shouldn't be programming anyway.
[/quote]
You couldn't figure it out from the API Declare? You had to use an open-source module because you couldn't figure out how to use it?
September 23, 2004, 10:27 PM
Adron
[quote author=Deception link=board=17;threadid=8803;start=30#msg81628 date=1095974441]
As I said before, I think the authors SHOULD NOT help people with their creation if they do not want people using it. I am not nor have I ever asked for help with NLS.dll, but I do think the authors should quit bitching about their creation being "stolen". That's all.
[/quote]

They're entitled to bitch about it. It was stolen. They own the copyright in it, and anyone copying is committing a copyright violation. Perhaps a dmca violation too? I hear that latter one hits real hard.
September 23, 2004, 10:49 PM
BaDDBLooD
Not to switch sides on this topic, but how can you copyright the reversing of something that brakes the EULA of a blizzard product?
September 23, 2004, 11:05 PM
Newby
Perhaps we should try out that DMCA Violation thing on Deception ..... after all ... he looks fearless!
September 23, 2004, 11:07 PM
Zakath
[quote author=BaDDBLooD link=board=17;threadid=8803;start=30#msg81643 date=1095980739]
Not to switch sides on this topic, but how can you copyright the reversing of something that brakes the EULA of a blizzard product?
[/quote]

EULAs still have not been tested, and thus cannot be assumed to be legally enforceable. What's more, that doesn't alter the owner of the copyright of the code in question, regardless of the status of the EULA. Virtually everything you write is yours, unless you expressly decline ownership or are using code you didn't write (and even then, unrelated code used with it is still yours).
September 23, 2004, 11:11 PM
BaDDBLooD
It's still code relating to a blizzard product that's *Not* authorized to be reversed, dissasembled, and what not.
September 23, 2004, 11:28 PM
UserLoser.
[quote author=Deception link=board=17;threadid=8803;start=0#msg81533 date=1095921134]
I'm sure Skywing and Yoni are glad they have loyal followers such as Warrior and Newby, who continue to give them an abundance of passwords and CD-Keys.
[/quote]

Have you not even thought of how much work was put into BNLS? If someone was going to make a server that does what the developers said it does (and more, as you insist), then why put so much work into it? Little do you know, my system was being held hostile by Skywing over the last day or so, so he could figure out auto-update stuff with the newer MPQ formats. Do you know anyone else who would goto such extremes to figure something out which isn't public (because we all know you like public sources), using [u]another persons system over VNC[/u], constant downloading/uploading large files, use of debuggers; just to steal CDkeys, account names && passwords? I think a majority of the people here will agree that you need to not jump to conclusions and step over to the logical side of the story
September 23, 2004, 11:32 PM
Adron
[quote author=BaDDBLooD link=board=17;threadid=8803;start=30#msg81652 date=1095982133]
It's still code relating to a blizzard product that's *Not* authorized to be reversed, dissasembled, and what not.
[/quote]

That's not relevant, unless they actually copied code out of the project. In which case Blizzard would also have copyright to the code, as derived work.

You have to separate the ideas (which are protected as trade secrets or as patents) from the expression of the ideas (which is protected by copyright).

Any time you put some ideas into expression, you have copyright to it, automatically and immediately, assuming that what you're doing requires some creativity. It doesn't matter where you got the ideas - if you stole them from a book or a program, it's the way you code it that is copyrighted.
September 23, 2004, 11:39 PM
BaDDBLooD
It says, that you cannot dissasemble warcraft III and all that other warcraft IIi reversing stuff!
September 23, 2004, 11:40 PM
Myndfyr
Good post, User. :)

[quote author=BaDDBLooD link=board=17;threadid=8803;start=30#msg81652 date=1095982133]
It's still code relating to a blizzard product that's *Not* authorized to be reversed, dissasembled, and what not.
[/quote]

Here's the catch.

If they had based their code on code actually written in text form by Blizzard, they would be in violation of Blizzard's copyright.

If they had used binary data (i.e. instructions) straight from the disassembly, and either included the disassembly code (i.e. assembler) inline or otherwise within their code; OR embedded the instructions in binary form as a data block, they would be in violation of Blizzard's copyright.

However, they disassembled it, examined the algorithm, and used their knowledge to create a completely independent work that does the same thing as the original product. This is not a violation of copyright.

With regard to the EULA: I can imagine that Blizzard hypothetically has the right to terminate the license agreements accompanying the games that the authors used to disassemble and reverse-engineer the protocol, because the EULA expressly forbids it. However, Blizzard does not have provisions in their EULA to collect damages, nor has there been legal precedent to do so.

Frankly, I used money donated from my clan to buy another WC3 CD key so that I could run a 24-hour bot and still get on Frozen Throne to game. Blizzard should be thanking me for supporting them. (And they did, I guess, by giving me two WoW accounts ;) )

Anyway, I don't think that it matters much to Blizzard to enforce the EULA with regard to disassembly, particularly since SRP is an open method anyway.
September 23, 2004, 11:50 PM
Stealth
[quote author=tA-Kane link=board=17;threadid=8803;start=15#msg81585 date=1095963485]
[quote author=Deception link=board=17;threadid=8803;start=0#msg81533 date=1095921134]If the authors of NLS.dll didn't want people using it, they shouldn't have written it.[/quote]Maybe the government shouldn't write their software? I'm sure they don't want any other governments to use it...[/quote]

A better analogy might be:

I just built a car from the ground up. It took countless hours of hard work and effort using skills only I possess. If I didn't want other people borrowing it from me, I shouldn't have built it. It doesn't work like that. The car [NLS.DLL] is MY property [sneakcharm/Telos/Maddox/etc]. I choose who gets to use it, or even ride in it.

The key here is the time spent on this work was stolen from an unwitting sneakcharm while he was on vacation.

It really disappoints me that sneakcharm had to be the victim of this theft. I've worked with him before -- he's a great guy! -- why did he have VNC on? In large part, so he could help other people
A. Learn to code, and code well [ he's fantastic ]
B. With their projects, and
C. Get help/input on team programming projects he was working on, including this DLL.

Instead, some script kiddie who quite obviously isn't capable of reverse-engineering Warcraft III's login and hashing sequences [re: nearly everyone using NLS.DLL in their applications] who was probably the recipient of his help at one point or another turned around and stabbed him in the back. Absolutely shameful.

To Deception, anyone who supports him: Your bringing this up on this forum is a disgrace. Give me back my car.
September 23, 2004, 11:55 PM
Lenny
To be honest, I haven't read every single post in this thread, but I believe I have the jist of it....

No matter, I found an interesting chat log that might fit here:

[quote]
[23:56:03] <HoIN]ZeR0[> heh
[23:56:08] <HoIN]ZeR0[> its Deception!
[23:56:12] <*Deception@Lordaeron> Oh, ok C0nFu53d]ZeR0[@USWest.
[23:56:21] <*Deception@Lordaeron> Hello HoIN]ZeR0[@USWest.
[23:56:41] <HoIN]ZeR0[> I thought you and madd0x were good friends ;P
[23:56:47] <*Deception@Lordaeron> HoIN]ZeR0[@USWest: Before we begin, may I have your email address for tracking purposes?
[23:57:02] <HoIN]ZeR0[> support@blizzard.com
[23:57:04] <*Deception@Lordaeron> HoIN]ZeR0[@USWest: We are.
[23:57:05] <HoIN]ZeR0[> ask for Pete
[23:57:13] <*Deception@Lordaeron> HoIN]ZeR0[@USWest: Thank you.
[23:57:21] <*Deception@Lordaeron> HoIN]ZeR0[@USWest: How can I be of service?
[23:57:27] <HoIN]ZeR0[> Eh, and yet he refuses to help you with your password changeing problems
[23:57:46] <*Deception@Lordaeron> HoIN]ZeR0[@USWest: No, he is too busy to help me.
[23:57:56] <*Deception@Lordaeron> HoIN]ZeR0[@USWest: If you do not need any more help, I am going to have to move on.
[23:58:07] <HoIN]ZeR0[> its ironic that he posted the log
[23:58:12] <HoIN]ZeR0[> on the vL forums
[23:58:14] <*Deception@Lordaeron> HoIN]ZeR0[@USWest: What log?
[23:58:40] <HoIN]ZeR0[> (22:20:44) Decep7ion: Madd0x please help me with 0x56
[23:58:46] <HoIN]ZeR0[> (22:20:50) Decep7ion: I'll do ANYTHING
[23:58:51] <*toLL> lol
[23:59:26] <*Deception@Lordaeron> ?
[23:59:30] <*Deception@Lordaeron> I didn't say that..
[23:59:41] *Pr0pHeT]ZeR0[ has joined [31 ms using STAR - (15 wins) ]
[23:59:43] *toLL has left the channel.
[23:59:49] <HoIN]ZeR0[> then why would a "good friend" lie about that
[00:00:07] *Deception@Lordaeron has left the channel.
[00:00:11] <HoIN]ZeR0[> gg
[00:01:06] *toLL has joined [94 ms using SEXP - (16 wins) ]
[00:05:47] *Deception@Lordaeron has joined [0 ms using W3XP - (Orc Peon icon, with 0 Random wins in Clan Clan) ]
[00:05:50] <*Deception@Lordaeron> HoIN
[00:06:01] <*Deception@Lordaeron> That was a joke by Madd0x.. just so you know.
[00:06:20] *toLL has left the channel.
[00:07:25] *Deception@Lordaeron has left the channel.
[/quote]

Maybe Maddox can clear this up :)
[quote]
(22:20:44) Decep7ion: Madd0x please help me with 0x56
(22:20:50) Decep7ion: I'll do ANYTHING
[/quote]
Why are you asking help from an author of the NLS.dll if you believe the only right they have to their code is to refuse support for it?
September 24, 2004, 12:08 AM
iago
[quote author=Stealth link=board=17;threadid=8803;start=30#msg81667 date=1095983714]
Give me back my car.
[/quote]

lmao!!

But seriously, to everybody who posted responses on the side of Justice (anti-deception), they were very well written.
September 24, 2004, 12:25 AM
Newby
Ah, so my dad owns the only BMW 540i in the world? Fuck, he's special.
September 24, 2004, 12:50 AM
Zakath
[quote author=BaDDBLooD link=board=17;threadid=8803;start=30#msg81663 date=1095982858]
It says, that you cannot dissasemble warcraft III and all that other warcraft IIi reversing stuff!
[/quote]

And? Your point is...what?

How about this: I say that you are violating my brand spanking new EULA for post responses if you reply to this topic. Any rebuttals, questions, regurgitations, etc. are all copyrighted by me.

Does my EULA make you afraid to reply to me now? I thought not.
September 24, 2004, 12:52 AM
Stealth
[quote author=Deception link=board=17;threadid=8803;start=45#msg81682 date=1095986950]
That's a terrible analogy. A car can only exist in one place, where as a computer file and be duplicated.
[/quote]

So I built 500 cars, at immense cost to me in time and resources. They're all in a big garage. They're still my cars and I still get to decide who borrows them, who rides in them and even who gets near them. What happened was, effectively, someone broke into my garage [sneakcharm's computer] through an open window [RealVNC] and helped themselves to a whole bunch of my cars [NLS.DLL]. The cars that were taken were still stolen from my garage.
September 24, 2004, 12:58 AM
St0rm.iD
No. By virtue of opening a listening TCP port, you're effectively inviting anyone to access your computer as a public service, and send any arbitrary data to it. I don't see anywhere a terms of use for your machine.
September 24, 2004, 12:59 AM
Newby
Even if the window is open (TCP port is listening), you should ask before you invite yourself in (ask the person if you can connect) :P
September 24, 2004, 1:10 AM
St0rm.iD
The entire point of a *server* is for *public access*. If you didn't want me entering, you should have configured your firewall rules not to let me in.
September 24, 2004, 1:13 AM
Newby
That's why he had a password. Though not a good one, it was still there.
September 24, 2004, 1:48 AM
St0rm.iD
I didn't see a TOS that says I can't send a bunch of random bytes and happen to do something.
September 24, 2004, 1:51 AM
Maddox
Go ahead and use the code, I really don't care. I had always planned to release it, but got lazy. I'm kind of mad the half-ass class I created was released though; I had only meant that as a demonstration. I didn't care so much that the code was leaked, but that the version/quality of it wasn't great.

NLS.dll is UserLoser's creation based on my class, I don't care if anyone uses it as long as he doesn't care.
September 24, 2004, 2:08 AM
Newby
[quote author=Maddox link=board=17;threadid=8803;start=45#msg81700 date=1095991729]
NLS.dll is UserLoser's creation based on my class, I don't care if anyone uses it as long as he doesn't care.
[/quote]
From what I see, he does care. Just not to an extent to tell people to stop using it.
September 24, 2004, 4:23 AM
Forged
[quote author=$t0rm link=board=17;threadid=8803;start=45#msg81688 date=1095987596]
No. By virtue of opening a listening TCP port, you're effectively inviting anyone to access your computer as a public service, and send any arbitrary data to it. I don't see anywhere a terms of use for your machine.
[/quote]

So if I accidentlly left my door unlocked the person who comes in and steals stuff is not really robbing me because I shouldn't have left my door unlocked?
September 24, 2004, 4:32 AM
KrisL
[quote author=Deception link=board=17;threadid=8803;start=0#msg81524 date=1095917386]
However, the author(s) can't complain about it being public and they can't tell people not to use it when they were stupid enough to let someone "steal" it in the first place.
[/quote]

So if I leave my front door unlocked and someone comes into my house and steals my TV, its ok that they stole it and are using it to watch football, because im the one that left my door unlocked? I'd be upset my TV was stolen and upset that someone who stole my TV is using it without my permission, but I guess thats just plain silly.....
September 24, 2004, 6:21 AM
LoRd
Even though I'm completely against the use of stolen material, I do have this to say.

Things have been stolen since the dawn of time, bitching about it isn't going to unsteal them or change anything at all for that matter.

It's not as if the code wasn't planned on being open source from the begining. madd0x himself had told me that he had released bits and pieces of the code all over the internet in various forums as well as TheMinistered who was randomly handing out the code to those who he felt worthy and UserLoser who was publically posting War3 packet information on his BnetDocs knockoff and all of which was long before the idiot that shall remain nameless leaked the stolen code onto this forum. The reason I italicized stolen is because I've talked to the person in question and I doubt someone with his intelligence could brute even a 1 character password, but since this thread isn't about that I'll leave it at that. The originally planned-to-be open source code was just sitting there waiting to be released and all it needed was someone to come along and release it in some form or another. Who cares who/how/when/where/why it happened? Fact is it was going to happen sooner or later.

The only problem I have with the leaking of the code is something that iago mentioned somewhere on the first page about asking for support. Personally I find this as stupid as stealing a car and coming back the next day asking how to set the clock. I think all threads asking for support of such code should be trashed on sight instead of turning into a 5 page argument on coding ethics every time.
September 24, 2004, 11:05 AM
iago
[quote author=$t0rm link=board=17;threadid=8803;start=45#msg81692 date=1095988437]
The entire point of a *server* is for *public access*. If you didn't want me entering, you should have configured your firewall rules not to let me in.
[/quote]

That's a retarded way to think of things, and it's one of the main problems with the Internet and the attitude of people online. We've had big discussions about this attitude at work.

Let's look at it this way. If somebody doesn't lock the door to their house, is it ok for you to walk in and rummage around? If you leave a note to people to "Just come in and get cookies", and you leave cookies and milk on the table, is it ok for somebody to walk in and steal your tv?

It's the same thing on the Internet. Just because your server is configured incorrectly does not give people the right to wander in and rummage around. It's ok if they leave you a note saying "Your door is unlocked" or even if they lock your door for you, but to wander in and look around just because they forgot to lock the door is illegal, immoral, and just plain rude.

It's assholes who think that's ok who piss me off.
September 24, 2004, 12:07 PM
iago
[quote author=LoRd[nK] link=board=17;threadid=8803;start=60#msg81757 date=1096023925]
Even though I'm completely against the use of stolen material, I do have this to say.

Things have been stolen since the dawn of time, bitching about it isn't going to unsteal them or change anything at all for that matter. [/quote]
And people have been killing each other, that doesn't make it right.

[quote]
It's not as if the code wasn't planned on being open source from the begining. madd0x himself had told me that he had released bits and pieces of the code all over the internet in various forums[/quote]
I never heard about this. Links?[quote][/quote]

[quote] as well as TheMinistered who was randomly handing out the code to those who he felt worthy[/quote]
No, that never happened

[quote] and UserLoser who was publically posting War3 packet information on his BnetDocs knockoff[/quote]
He posted public domain information (srp).

[quote]The reason I italicized stolen is because I've talked to the person in question and I doubt someone with his intelligence could brute even a 1 character password[/quote]
It wasn't a 1 character password, it was simply one that many people knew. And i find it quite unlikely that the person who released it is the same person that stole it. Nobody ever said it was.

[quote]The originally planned-to-be open source code was just sitting there waiting to be released and all it needed was someone to come along and release it in some form or another. Who cares who/how/when/where/why it happened? Fact is it was going to happen sooner or later.[/quote]
And you might say that he ruined it for everybody else.

[quote]The only problem I have with the leaking of the code is something that iago mentioned somewhere on the first page about asking for support. Personally I find this as stupid as stealing a car and coming back the next day asking how to set the clock. I think all threads asking for support of such code should be trashed on sight instead of turning into a 5 page argument on coding ethics every time.
[/quote]
I agree with that part.


But overall, you're still posting about stuff that you have no idea about.
September 24, 2004, 12:10 PM
LoRd
[quote]And people have been killing each other, that doesn't make it right.[/quote]
It's not a case of right or wrong because we all already know it was wrong (I believe I mentioned this?). This is a case of people's inability to move on.

[quote]I never heard about this. Links?[/quote]
I would but your original posts concerning it have since vanished from the General Computing & Misc. forum.

Ask madd0x about the information released to forums because I don't know nor do I care about that information - I'm only going on what he said.

[quote]
No, that never happened[/quote]
Ofcourse it did. I got my copy of the code from him months before the leaked release after only talking to him for about 5 minutes. Then once again from madd0x about a month later which was when he told me about his releases of the code to forums and how he wished for the code to go public but he wanted to be the one to release it.

[quote]
He posted public domain information (srp).[/quote]
Nah, he posted the packet structure of every packet required to login on War3.

[quote]It wasn't a 1 character password, it was simply one that many people knew. And i find it quite unlikely that the person who released it is the same person that stole it. Nobody ever said it was.[/quote]
I never said it was a 1 character password, I was merely giving an example.

So now many people knew a password to a server which contained this valuable, top secret code and then that same server was "accidentally" left on for an extended amount of time without being monitored? Not only did a lot of people have the password but those people who did weren't even people who should have been given the password to begin with? I smell conspiracy and since TheMinstered and madd0x were already leaking the files to random people, my claim isn't unjust. Ever wondered why there's little or no posts from TheMinistered or madd0x concerning the leaking of the code and the posts that were made don't show any signs of anger? They were the one's who did the majority of the more complicated work, so it would only be logical that they would be the most upset over it's unsupported release. One also wonders why someone picky about function naming and such would choose a password which granted near root access to his system to be as simple as "1234". These things can't just be coincidences. But like I said, this thread isn't about that.

[quote]And you might say that he ruined it for everybody else.[/quote]I wouldn't say that... it's out there so the idiots who don't know how to use it can and thanks to UserLoser, Google and a few others it's documented so those who wish to understand it have the resources needed to do so.

Edit: Fixed a few spelling and grammar errors I made as well as some things I left out because I was tired and in the middle of doing homework.
September 24, 2004, 2:23 PM
iago
[quote author=LoRd[nK] link=board=17;threadid=8803;start=60#msg81783 date=1096035830]
[quote]And you might say that he ruined it for everybody else.[/quote]I wouldn't say that... it's out there so the idiots who don't know how to use it can and thanks to UserLoser and a few others it's documented so those who wish to understand it have the resources needed to do so.
[/quote]

What I meant was, it was only a small matter of time before it was going to be released anyway, along with documentation and clean code that always works. Unfortunately, after this happened, the people who were working on it gave up and didn't bother.
September 24, 2004, 3:54 PM
St0rm.iD
Well, iago, you're simply wrong. TCP and the Internet, by design, is supposed to be for *public access*. Why do you think there's little/no basic security built into the core protocols? Because it's designed to be for *public* information exchange.

If you wanted it to be secure, you'd not listen on a public port. In addition, you should at a minimum put a message in the banner and use SSH.

In addition, the "locked door" analogy sucks; stop using it. Your property is defined _by law_ as yours, and you can do what you may with trespassers. In this case, you're connecting your computer to a *global information network*, which has a purpose of sending data between two or more nodes on that network. There's no law anywhere that says "You aren't allowed to send data to _this_ machine on the Internet", or "You aren't allowed to send _this_ stream of bytes to a given machine".

Your server is not your property. It's offering services to the public internet. In fact, the connection is likely owned by the ISP. Sending bytes is not a crime. Stop trying to make it one.
September 24, 2004, 7:02 PM
Adron
[quote author=$t0rm link=board=17;threadid=8803;start=60#msg81820 date=1096052561]
Well, iago, you're simply wrong. TCP and the Internet, by design, is supposed to be for *public access*. Why do you think there's little/no basic security built into the core protocols? Because it's designed to be for *public* information exchange.

If you wanted it to be secure, you'd not listen on a public port. In addition, you should at a minimum put a message in the banner and use SSH.

In addition, the "locked door" analogy sucks; stop using it. Your property is defined _by law_ as yours, and you can do what you may with trespassers. In this case, you're connecting your computer to a *global information network*, which has a purpose of sending data between two or more nodes on that network. There's no law anywhere that says "You aren't allowed to send data to _this_ machine on the Internet", or "You aren't allowed to send _this_ stream of bytes to a given machine".

Your server is not your property. It's offering services to the public internet. In fact, the connection is likely owned by the ISP. Sending bytes is not a crime. Stop trying to make it one.
[/quote]

It is a crime actually. I can find it easily in European law since I'm familiar with that. In US law, I googled up the federal law about it. There's a requirement of the information obtained being worth $5000. Any reasonably large application stolen meets that requirement - $5000 would amount to about 100 hours of work.

You said that the indication of something being for private access was having a banner instead of just admitting everyone immediately. This has to be adopted to the protocol used for the private service - in a protocol such as telnet you might use a banner. This site had the equivalent of a banner - a prompt asking for a password. That's enough to indicate that the site is not intended for public consumption.

IIRC, in the recent affair in the congress where people had accessed documents on an open file share, it was said to be unauthorized access. They were supposed to have known better.


September 24, 2004, 8:35 PM
iago
[quote author=$t0rm link=board=17;threadid=8803;start=60#msg81820 date=1096052561]
Sending bytes is not a crime. Stop trying to make it one.
[/quote]

By your logic, is opening a door, walking, and picking something up a crime?
September 24, 2004, 8:42 PM
CrAz3D
[quote author=LoRd[nK] link=board=17;threadid=8803;start=60#msg81783 date=1096035830]
[quote]And people have been killing each other, that doesn't make it right.[/quote]
It's not a case of right or wrong because we all already know it was wrong (I believe I mentioned this?). This is a case of people's inability to move on.
[/quote]
You're not supposed to "move on" when someone has been brutally & unjustly murdered. Society has its punishments for people who infringe on other's natural rights.


iago/$t0rm:
Who votes someone should walk into $t0rm's house this weekend & rummage around?
The server is private property paid for & maintained by its owner...how does that make it open to public attacks?
September 24, 2004, 9:09 PM
LoRd
[quote author=CrAz3D link=board=17;threadid=8803;start=60#msg81838 date=1096060153]
[quote author=LoRd[nK] link=board=17;threadid=8803;start=60#msg81783 date=1096035830]
[quote]And people have been killing each other, that doesn't make it right.[/quote]
It's not a case of right or wrong because we all already know it was wrong (I believe I mentioned this?). This is a case of people's inability to move on.
[/quote]
You're not supposed to "move on" when someone has been brutally & unjustly murdered. Society has its punishments for people who infringe on other's natural rights.


iago/$t0rm:
Who votes someone should walk into $t0rm's house this weekend & rummage around?
The server is private property paid for & maintained by its owner...how does that make it open to public attacks?
[/quote]
You can't dwell on the past no matter what the crime is.
September 24, 2004, 10:28 PM
Adron
[quote author=LoRd[nK] link=board=17;threadid=8803;start=60#msg81845 date=1096064909]
You can't dwell on the past no matter what the crime is.
[/quote]

No, all you can do is punish those who committed the crime and their supporters (including anyone who uses the code) by constantly reminding them how bad they are.
September 24, 2004, 10:33 PM
LoRd
[quote author=Adron link=board=17;threadid=8803;start=60#msg81847 date=1096065207]
[quote author=LoRd[nK] link=board=17;threadid=8803;start=60#msg81845 date=1096064909]
You can't dwell on the past no matter what the crime is.
[/quote]

No, all you can do is punish those who committed the crime and their supporters (including anyone who uses the code) by constantly reminding them how bad they are.
[/quote]
Constant criticism will most likely not affect those people in any way so I hardly see it as a punishment to anyone other than those of us who have to see the same argument brought up a thousand times over.
September 24, 2004, 10:41 PM
Minux
[quote author=LoRd[nK] link=board=17;threadid=8803;start=60#msg81848 date=1096065685]
Constant criticism will most likely not affect those people in any way so I hardly see it as a punishment to anyone other than those of us who have to see the same argument brought up a thousand times over.
[/quote]

Lies, I good ol fashion flogging will do the trick.
September 24, 2004, 10:52 PM
St0rm.iD
[quote author=iago link=board=17;threadid=8803;start=60#msg81834 date=1096058568]
[quote author=$t0rm link=board=17;threadid=8803;start=60#msg81820 date=1096052561]
Sending bytes is not a crime. Stop trying to make it one.
[/quote]

By your logic, is opening a door, walking, and picking something up a crime?
[/quote]

If it's on your *legally defined property*, then yes, it is.
September 25, 2004, 12:00 AM
UserLoser.
[quote author=LoRd[nK] link=board=17;threadid=8803;start=60#msg81783 date=1096035830]
[quote]
He posted public domain information (srp).[/quote]
Nah, he posted the packet structure of every packet required to login on War3.
[/quote]

http://www.ietf.org/rfc/rfc2945.txt
http://srp.stanford.edu/doc.html

Uh oh, they posted information on various methods of using SRP for authentication
September 25, 2004, 12:13 AM
iago
[quote author=$t0rm link=board=17;threadid=8803;start=60#msg81863 date=1096070439]
[quote author=iago link=board=17;threadid=8803;start=60#msg81834 date=1096058568]
[quote author=$t0rm link=board=17;threadid=8803;start=60#msg81820 date=1096052561]
Sending bytes is not a crime. Stop trying to make it one.
[/quote]

By your logic, is opening a door, walking, and picking something up a crime?
[/quote]

If it's on your *legally defined property*, then yes, it is.
[/quote]

You're saying that people don't own their computers?

The thing is, crime is crime. If you're infringing on somebody's rights, no matter how or where, it's crime. Just because you put a computer between you and them doesn't make it more right, it makes it more anonymous. Stealing is stealing, vandalism is vandalism. It's no different.
September 25, 2004, 12:31 AM
LoRd
[quote author=UserLoser. link=board=17;threadid=8803;start=60#msg81865 date=1096071226]
[quote author=LoRd[nK] link=board=17;threadid=8803;start=60#msg81783 date=1096035830]
[quote]
He posted public domain information (srp).[/quote]
Nah, he posted the packet structure of every packet required to login on War3.
[/quote]

http://www.ietf.org/rfc/rfc2945.txt
http://srp.stanford.edu/doc.html

Uh oh, they posted information on various methods of using SRP for authentication
[/quote]
... I didn't mention SRP, iago did. I already know a Google search could bring up all the information needed on SRP (I mentioned this?).
September 25, 2004, 2:49 AM
UserLoser.
[quote author=LoRd[nK] link=board=17;threadid=8803;start=75#msg81875 date=1096080582]
[quote author=UserLoser. link=board=17;threadid=8803;start=60#msg81865 date=1096071226]
[quote author=LoRd[nK] link=board=17;threadid=8803;start=60#msg81783 date=1096035830]
[quote]
He posted public domain information (srp).[/quote]
Nah, he posted the packet structure of every packet required to login on War3.
[/quote]

http://www.ietf.org/rfc/rfc2945.txt
http://srp.stanford.edu/doc.html

Uh oh, they posted information on various methods of using SRP for authentication
[/quote]
... I didn't mention SRP, iago did. I already know a Google search could bring up all the information needed on SRP (I mentioned this?).
[/quote]

You're the one blaming me for posting an article about using SRP for authentication. I'm just saying that you don't need to point fingers at me when there's already examples of using SRP for authentication on other websites across the internet
September 25, 2004, 3:05 AM
LoRd
[quote author=UserLoser. link=board=17;threadid=8803;start=75#msg81876 date=1096081500]
[quote author=LoRd[nK] link=board=17;threadid=8803;start=75#msg81875 date=1096080582]
[quote author=UserLoser. link=board=17;threadid=8803;start=60#msg81865 date=1096071226]
[quote author=LoRd[nK] link=board=17;threadid=8803;start=60#msg81783 date=1096035830]
[quote]
He posted public domain information (srp).[/quote]
Nah, he posted the packet structure of every packet required to login on War3.
[/quote]

http://www.ietf.org/rfc/rfc2945.txt
http://srp.stanford.edu/doc.html

Uh oh, they posted information on various methods of using SRP for authentication
[/quote]
... I didn't mention SRP, iago did. I already know a Google search could bring up all the information needed on SRP (I mentioned this?).
[/quote]

You're the one blaming me for posting an article about using SRP for authentication. I'm just saying that you don't need to point fingers at me when there's already examples of using SRP for authentication on other websites across the internet
[/quote]
... like I said, I didn't say anything about SRP however you did post a small piece of it on your site as well, but I clearly said how you could use Google to find some of the information too. I said you posted the entire packet sequence and the structure of every packet in the sequence for a War3 connection which is something you wouldn't be able to find many, if any, other places at the time.

I'm going beyond proveable fact here, but I just remembered how you had also told me that you hoped to have all of the C decoding/hashing funtions ported to Visual Basic and put on your site soon as well as the already posted packet information.

With the addition of UserLoser (who'm I had forgotten I talked with) that makes 3 out of the 5 authors of the code who wanted to see and were already contributing to the publicity of the code. hrm...
September 25, 2004, 3:16 AM
UserLoser.
[quote author=LoRd[nK] link=board=17;threadid=8803;start=75#msg81878 date=1096082216]
With the addition of UserLoser (who'm I had forgotten I talked with) that makes 3 out of the 5 authors of the code who wanted to see and were already contributing to the publicity of the code. hrm...
[/quote]

I never planned on releasing anything, nor will I ever in the future because of the people out there. I had thoughts about releasing certain functions, but never did
September 25, 2004, 3:29 AM
St0rm.iD
[quote author=iago link=board=17;threadid=8803;start=75#msg81868 date=1096072266]
[quote author=$t0rm link=board=17;threadid=8803;start=60#msg81863 date=1096070439]
[quote author=iago link=board=17;threadid=8803;start=60#msg81834 date=1096058568]
[quote author=$t0rm link=board=17;threadid=8803;start=60#msg81820 date=1096052561]
Sending bytes is not a crime. Stop trying to make it one.
[/quote]

By your logic, is opening a door, walking, and picking something up a crime?
[/quote]

If it's on your *legally defined property*, then yes, it is.
[/quote]

You're saying that people don't own their computers?
[/quote]

I'm saying that sending bytes to someone's computer via a public, global network is not stepping on their private property.

[quote]
The thing is, crime is crime. If you're infringing on somebody's rights, no matter how or where, it's crime. Just because you put a computer between you and them doesn't make it more right, it makes it more anonymous. Stealing is stealing, vandalism is vandalism. It's no different.
[/quote]

I don't see a "breaking and entering" computer law.
September 25, 2004, 3:40 AM
Adron
[quote author=$t0rm link=board=17;threadid=8803;start=75#msg81886 date=1096083620]
I don't see a "breaking and entering" computer law.
[/quote]

It's "18 U.S.C. § 1030. Fraud and Related Activity in Connection with Computers"

It covers cases of stolen information just like this...
September 25, 2004, 10:51 AM
iago
[quote author=$t0rm link=board=17;threadid=8803;start=75#msg81886 date=1096083620]
[quote author=iago link=board=17;threadid=8803;start=75#msg81868 date=1096072266]
[quote author=$t0rm link=board=17;threadid=8803;start=60#msg81863 date=1096070439]
[quote author=iago link=board=17;threadid=8803;start=60#msg81834 date=1096058568]
[quote author=$t0rm link=board=17;threadid=8803;start=60#msg81820 date=1096052561]
Sending bytes is not a crime. Stop trying to make it one.
[/quote]

By your logic, is opening a door, walking, and picking something up a crime?
[/quote]

If it's on your *legally defined property*, then yes, it is.
[/quote]

You're saying that people don't own their computers?
[/quote]

I'm saying that sending bytes to someone's computer via a public, global network is not stepping on their private property.

[quote]
The thing is, crime is crime. If you're infringing on somebody's rights, no matter how or where, it's crime. Just because you put a computer between you and them doesn't make it more right, it makes it more anonymous. Stealing is stealing, vandalism is vandalism. It's no different.
[/quote]

I don't see a "breaking and entering" computer law.

[/quote]

It seems similar to standing on the street with a gun and shooting out somebody's window. "But the bullet smashed the window, I didn't! I wasn't evenon his property!"
September 25, 2004, 2:19 PM
St0rm.iD
Shooting out someone's window is a crime. Sending data to someone's server is not.
September 25, 2004, 3:17 PM
iago
[quote author=$t0rm link=board=17;threadid=8803;start=75#msg81948 date=1096125465]
Shooting out someone's window is a crime. Sending data to someone's server is not.
[/quote]

Sending malicious data to somebody's computer is no different than sending a malicious object at somebody's house.

Sending data in general isnt' illegal, and neither is throwing a rock. Sending data with the intention to harm or do damage is, and so is throwing a rock with intention to harm or do damage.

The only difference that the Internet makes is anonyminity -- you aren't physically there. And just because you don't see what happens, and you don't get blamed for what happens, doesn't make it right.
September 25, 2004, 3:26 PM
St0rm.iD
[quote]
Sending malicious data to somebody's computer is no different than sending a malicious object at somebody's house.
[/quote]

Why, it's quite different. I'm not physically doing anything to anyone. I'm sending a series of bytes to an upstream router. There's no law anywhere that describes "malicious data".
September 25, 2004, 5:01 PM
Skywing
[quote author=$t0rm link=board=17;threadid=8803;start=75#msg81948 date=1096125465]
Shooting out someone's window is a crime. Sending data to someone's server is not.
[/quote]
Adron has quoted federal law several times in this thread now that says it is in fact a crime in certain circumstances, such as, say, this one. What more do you need?
September 25, 2004, 5:57 PM
Adron
[quote author=$t0rm link=board=17;threadid=8803;start=75#msg81967 date=1096131690]
[quote]
Sending malicious data to somebody's computer is no different than sending a malicious object at somebody's house.
[/quote]

Why, it's quite different. I'm not physically doing anything to anyone. I'm sending a series of bytes to an upstream router. There's no law anywhere that describes "malicious data".
[/quote]

Umm, your claim is that you aren't physically doing anything at all? Is this all happening in your mind only? Basic computer knowledge should tell you that you're doing something physical when sending bytes to an upstream router...
September 25, 2004, 7:35 PM
St0rm.iD
Link me to the law.
September 25, 2004, 9:04 PM
UserLoser.
[quote author=$t0rm link=board=17;threadid=8803;start=75#msg82017 date=1096146285]
Link me to the law.
[/quote]

Use Google.
September 25, 2004, 9:06 PM
St0rm.iD
I don't want to sift through it.
September 25, 2004, 9:07 PM
kamakazie
[quote author=$t0rm link=board=17;threadid=8803;start=75#msg82017 date=1096146285]
Link me to the law.
[/quote]

http://www.usdoj.gov/criminal/cybercrime/1030NEW.htm
September 25, 2004, 9:31 PM
Adron
[quote author=$t0rm link=board=17;threadid=8803;start=75#msg82017 date=1096146285]
Link me to the law.
[/quote]

Need to know what law you want... See for example this


Hmm, could also see this example of something similar to what has been done here - someone accessing information he's not supposed to access by logging on as an administrator, then copying some data.
September 25, 2004, 10:24 PM
CrAz3D
[quote author=$t0rm link=board=17;threadid=8803;start=75#msg81967 date=1096131690]
[quote]
Sending malicious data to somebody's computer is no different than sending a malicious object at somebody's house.
[/quote]

Why, it's quite different. I'm not physically doing anything to anyone. I'm sending a series of bytes to an upstream router. There's no law anywhere that describes "malicious data".
[/quote]
You PHYSICALLY used your hands to type didn't you?!...oh burn you got schooled. People have intellectual property that is protected by copyright laws, you need to look @ school books again dood.
September 25, 2004, 10:31 PM
St0rm.iD
[quote author=CrAz3D link=board=17;threadid=8803;start=90#msg82032 date=1096151488]
[quote author=$t0rm link=board=17;threadid=8803;start=75#msg81967 date=1096131690]
[quote]
Sending malicious data to somebody's computer is no different than sending a malicious object at somebody's house.
[/quote]

Why, it's quite different. I'm not physically doing anything to anyone. I'm sending a series of bytes to an upstream router. There's no law anywhere that describes "malicious data".
[/quote]
You PHYSICALLY used your hands to type didn't you?!...oh burn you got schooled. People have intellectual property that is protected by copyright laws, you need to look @ school books again dood.
[/quote]

Yeah, you schooled me well.
September 26, 2004, 4:17 AM
CrAz3D
Of course I did, I went to public school & they learned me well.
September 26, 2004, 4:32 AM
Myndfyr
[quote author=Skywing link=board=17;threadid=8803;start=75#msg81981 date=1096135047]
[quote author=$t0rm link=board=17;threadid=8803;start=75#msg81948 date=1096125465]
Shooting out someone's window is a crime. Sending data to someone's server is not.
[/quote]
Adron has quoted federal law several times in this thread now that says it is in fact a crime in certain circumstances, such as, say, this one. What more do you need?
[/quote]

I don't know how applicable federal law would be with this group. Yoni lives in Israel; iago, in Canada; Adron, Sweden. I don't know who all lives where, but there's a lot of "it depends" going on.

However, generally, most intellectual property laws apply internationally.
September 26, 2004, 1:41 PM
St0rm.iD
Adron is right, iago is still wrong, and Craz3d is a n00b :-P
September 26, 2004, 2:00 PM
CrAz3D
There ARE international laws about intellectual property, I made my last few posts with a lighter heart than the rest of you have been.
September 26, 2004, 2:19 PM
iago
[quote author=MyndFyre link=board=17;threadid=8803;start=90#msg82099 date=1096206117]
[quote author=Skywing link=board=17;threadid=8803;start=75#msg81981 date=1096135047]
[quote author=$t0rm link=board=17;threadid=8803;start=75#msg81948 date=1096125465]
Shooting out someone's window is a crime. Sending data to someone's server is not.
[/quote]
Adron has quoted federal law several times in this thread now that says it is in fact a crime in certain circumstances, such as, say, this one. What more do you need?
[/quote]

I don't know how applicable federal law would be with this group. Yoni lives in Israel; iago, in Canada; Adron, Sweden. I don't know who all lives where, but there's a lot of "it depends" going on.

However, generally, most intellectual property laws apply internationally.
[/quote]

We talked about that, actually. If some guy in Russia is pissed off at me, and pays a guy in Canada to break into my house and vandalize my stuff, can the guy in Russia be held accountable? That's really the problem that the Internet faces right now, a lack of international laws for a service that exists internationally.
September 26, 2004, 3:58 PM
inner.
[quote author=iago link=board=17;threadid=8803;start=15#msg81610 date=1095971458]
Here's something funny.

Some BNLS rip-off (I forget what it's called, but it's made by a guy named Binary, iirc) is using the stolen Warcraft 3 code.

So here's what you'd be doing to use it: sending your warcraft 3 account and cdkey to somebody who clearly has no qualms with using stolen sourcecode. Does anybody find that funny? I do :)
[/quote]

You are very wrong. For one, Binary had the war3 functions before it was released. :)
And to sadly add on, Binary has quit bnet. He has sent me the source, and now i load it. BNRHS has NOTHING to do with BNLS.
Also, it does not log passwords, or CDKeys. But it logs the usernames that log onto the server.
September 26, 2004, 4:37 PM
St0rm.iD
iago has hit the nail on the head.
September 26, 2004, 4:51 PM
Kp
[quote author=inner. link=board=17;threadid=8803;start=90#msg82122 date=1096216653]Also, it does not log passwords, or CDKeys. But it logs the usernames that log onto the server.[/quote]

So we're just supposed to believe you that it doesn't log passwords or CDkeys, after you admit to supporting logging usernames? ;)

With regard to laws & "malicious code" and such: another problem that just muddies things further is the lawmakers tend to be rather clueless in how they word the laws. Consider the following contrived example:

Somebody posts a link here to a "cool page", which I then visit. Unbeknownst to me, that page is served by a really crappily written server that saves the client's User-Agent to a static 32 byte buffer. Not knowing this, I allow my browser to send its full user-agent of "Mozilla/5.00 (OS; NS version <blah blah>)", which massively overflows the server's static buffer, causing it to crash and possibly execute my User-Agent string as code. Am I then responsible for a Denial-of-Service attack, even though I didn't know in advance that just sending my user-agent was going to crash the server? Does the situation change if somebody posts a warning here not to send long user-agents, I see it, and then click the link anyway? I think we'd all agree on whether I was at fault/liable in each case, but does the law agree with the logical conclusions that we reach?

Also, touching on the point about international laws and such: what if the badly written server is in another country, and neither I nor its operators have ever even spoken, much less reached an agreement over whose laws apply. Do we then read their nation's lawbooks or mine to find out if I did something wrong by accidentally crashing their server?
September 26, 2004, 5:19 PM
CrAz3D
There are international laws though...international laws would apply to whomever agreed to them, however that may not be all countries. Most larger countries do though. GoSu****** obviously ATTEMPTED to 'break in' & steal the code, the server HAD a password, from what I've gathered.
September 26, 2004, 5:27 PM
Skywing
[quote author=iago link=board=17;threadid=8803;start=90#msg82116 date=1096214299]
[quote author=MyndFyre link=board=17;threadid=8803;start=90#msg82099 date=1096206117]
[quote author=Skywing link=board=17;threadid=8803;start=75#msg81981 date=1096135047]
[quote author=$t0rm link=board=17;threadid=8803;start=75#msg81948 date=1096125465]
Shooting out someone's window is a crime. Sending data to someone's server is not.
[/quote]
Adron has quoted federal law several times in this thread now that says it is in fact a crime in certain circumstances, such as, say, this one. What more do you need?
[/quote]

I don't know how applicable federal law would be with this group. Yoni lives in Israel; iago, in Canada; Adron, Sweden. I don't know who all lives where, but there's a lot of "it depends" going on.

However, generally, most intellectual property laws apply internationally.
[/quote]

We talked about that, actually. If some guy in Russia is pissed off at me, and pays a guy in Canada to break into my house and vandalize my stuff, can the guy in Russia be held accountable? That's really the problem that the Internet faces right now, a lack of international laws for a service that exists internationally.
[/quote]
I think the laws exist; the problem is in prosecuting those who break them.
September 26, 2004, 5:55 PM
iago
[quote author=inner. link=topic=8803.msg82122#msg82122 date=1096216653]
[quote author=iago link=board=17;threadid=8803;start=15#msg81610 date=1095971458]
Here's something funny.

Some BNLS rip-off (I forget what it's called, but it's made by a guy named Binary, iirc) is using the stolen Warcraft 3 code. 

So here's what you'd be doing to use it: sending your warcraft 3 account and cdkey to somebody who clearly has no qualms with using stolen sourcecode.  Does anybody find that funny? I do :)
[/quote]

You are very wrong. For one, Binary had the war3 functions before it was released. :)
And to sadly add on, Binary has quit bnet. He has sent me the source, and now i load it. BNRHS has NOTHING to do with BNLS.
Also, it does not log passwords, or CDKeys. But it logs the usernames that log onto the server.
[/quote]

I talked to the main authors of the code (Maddox, TheMinistered, and myself; I do talk to myself sometimes when I'm lonely) and none of them authorized him to have the code.  Whether it was leaked or stolen or whatever, he wasn't supposed to have it.  So I'm not going to take the word of anybody who administers that forum.
September 26, 2004, 10:58 PM
-MichaeL-
SDon't feel bad i talk to myself to when i get bored :(
September 28, 2004, 10:59 PM

Search