Jump to content




[1.3+][OS] WolfOS 1.3.3



214 replies to this topic

#41 toxicwolf

  • Members
  • 201 posts
  • LocationUnited Kingdom

Posted 12 June 2012 - 03:48 PM

View Postmax96at, on 12 June 2012 - 03:27 PM, said:

Some Variations using green:
Spoiler
Wow, you've really gone to town! I quite like the green and purple ones, as they happen to be my two favourite colours, but I think the one in your sig is the one I'm going to use :(/> Thank you so much! I've also updated your area in the credits section on the OP.

On topic: I've just managed to add a clock to the top right corner of the OS status bar, using my new-found parallel API knowledge. Now you'll never need a traditional, inaccurate Minecraft clock again!

Also, the login system changes are done and now work perfectly! Also, Client side HyperPaw net code is partially done, and with a pseudo server/mainframe, the actual data transmission stuff is done. Now all that's left is to create a shiny OS wrapper and add database and request handling.

#42 max96at

  • New Members
  • 15 posts
  • LocationAustria

Posted 12 June 2012 - 04:01 PM

Do you need any beta testers?
Can't wait for the new stuff :(/>

#43 toxicwolf

  • Members
  • 201 posts
  • LocationUnited Kingdom

Posted 12 June 2012 - 04:10 PM

View Postmax96at, on 12 June 2012 - 04:01 PM, said:

Do you need any beta testers?
Can't wait for the new stuff -_-/>
Yeah, I do :(/> I do a fair amount of testing myself, but as core stuff changes, it can affect the strangest of things that I don't think to check.
I'm actually coding right now, but if you give me some way to privately contact you, I can throw potentially buggy development versions at you when I reach some kind of milestone :)/>

Also, I'm glad you are looking forward to the new features -_-/>

EDIT: Noticed that your sig used to link to this thread, so thanks -_-/> Don't think it does now though -_-/> -_-/>

Edited by toxicwolf, 12 June 2012 - 04:11 PM.


#44 max96at

  • New Members
  • 15 posts
  • LocationAustria

Posted 12 June 2012 - 04:19 PM

View Posttoxicwolf, on 12 June 2012 - 04:10 PM, said:

EDIT: Noticed that your sig used to link to this thread, so thanks -_-/> Don't think it does now though :)/> :(/>

It sure does!
Btw I pm'd you with some contact stuff

#45 toxicwolf

  • Members
  • 201 posts
  • LocationUnited Kingdom

Posted 12 June 2012 - 04:21 PM

View Postmax96at, on 12 June 2012 - 04:19 PM, said:

View Posttoxicwolf, on 12 June 2012 - 04:10 PM, said:

EDIT: Noticed that your sig used to link to this thread, so thanks -_-/> Don't think it does now though :)/> :(/>

It sure does!
Btw I pm'd you with some contact stuff
You're the man!

#46 PixelToast

  • Signature Abuser
  • 2,265 posts
  • Location3232235883

Posted 12 June 2012 - 08:48 PM

hmm... i got an idea for a new OS
Posted Image
i know i screwed up the blur and the contrast of the "cracks" but whatever it only took 5 min

#47 toxicwolf

  • Members
  • 201 posts
  • LocationUnited Kingdom

Posted 12 June 2012 - 08:55 PM

View Postabc, on 12 June 2012 - 08:48 PM, said:

hmm... i got an idea for a new OS
[snip]
i know i screwed up the blur and the contrast of the "cracks" but whatever it only took 5 min
Uh, don't mean to be rude, but how is that in any way constructive or on topic?

#48 PixelToast

  • Signature Abuser
  • 2,265 posts
  • Location3232235883

Posted 13 June 2012 - 01:26 AM

View Posttoxicwolf, on 12 June 2012 - 08:55 PM, said:

View Postabc, on 12 June 2012 - 08:48 PM, said:

hmm... i got an idea for a new OS
[snip]
i know i screwed up the blur and the contrast of the "cracks" but whatever it only took 5 min
Uh, don't mean to be rude, but how is that in any way constructive or on topic?
sorry, i just wanted to say i could make logos n stuff
mind if i use your password engryptor for my secure rednet api?

#49 toxicwolf

  • Members
  • 201 posts
  • LocationUnited Kingdom

Posted 13 June 2012 - 06:05 AM

View Postabc, on 13 June 2012 - 01:26 AM, said:

View Posttoxicwolf, on 12 June 2012 - 08:55 PM, said:

View Postabc, on 12 June 2012 - 08:48 PM, said:

hmm... i got an idea for a new OS
[snip]
i know i screwed up the blur and the contrast of the "cracks" but whatever it only took 5 min
Uh, don't mean to be rude, but how is that in any way constructive or on topic?
sorry, i just wanted to say i could make logos n stuff
mind if i use your password engryptor for my secure rednet api?
Well, as you can see, max96at has already made me a beautiful logo. Also, there's a copyright notice at the top of my scripts for a reason - I don't like straight up copying. Sure, read through my encryptor and see how it works, but please don't just copy/paste it. Also, I already have made a way to send secure messages through rednet using a similar encryptor. It's part of HyperPaw, but not quite finished yet.

#50 PixelToast

  • Signature Abuser
  • 2,265 posts
  • Location3232235883

Posted 13 June 2012 - 10:12 PM

your WPCI code is a bit cluttered
first of all
tValidSides = {}
tValidSides[1] = "top"
tValidSides[2] = "bottom"
tValidSides[3] = "front"
tValidSides[4] = "back"
tValidSides[5] = "left"
tValidSides[6] = "right"

function isPeripheralPresent(sSide)
if peripheral.isPresent(sSide) then
return true
end

return false
end

function isDrivePresent(sSide)
if peripheral.getType(sSide) == "drive" then
return true
end

return false
end

sould be
local tValidSides = {"top","bottom","front","back","left","right"}


function isPeripheralPresent(sSide)
return peripheral.isPresent(sSide)
end


function isDrivePresent(sSide)
return peripheral.getType(sSide) == "drive"
end
your not using local either, that will interfere with programs that use those variables

#51 toxicwolf

  • Members
  • 201 posts
  • LocationUnited Kingdom

Posted 13 June 2012 - 11:22 PM

View Postabc, on 13 June 2012 - 10:12 PM, said:

your WPCI code is a bit cluttered
first of all
tValidSides = {}
tValidSides[1] = "top"
tValidSides[2] = "bottom"
tValidSides[3] = "front"
tValidSides[4] = "back"
tValidSides[5] = "left"
tValidSides[6] = "right"

function isPeripheralPresent(sSide)
if peripheral.isPresent(sSide) then
return true
end

return false
end

function isDrivePresent(sSide)
if peripheral.getType(sSide) == "drive" then
return true
end

return false
end

sould be
local tValidSides = {"top","bottom","front","back","left","right"}


function isPeripheralPresent(sSide)
return peripheral.isPresent(sSide)
end


function isDrivePresent(sSide)
return peripheral.getType(sSide) == "drive"
end
your not using local either, that will interfere with programs that use those variables
Well thanks for your suggestions on making the code smaller. But the only place where I don't use local (I think) is for tValidSides, which is supposed to allow access from other programs. For example, calling WPCI.tValidSides in another program returns that table.

#52 PixelToast

  • Signature Abuser
  • 2,265 posts
  • Location3232235883

Posted 14 June 2012 - 08:36 PM

you can actually compress it even more
function isPeripheralPresent(sSide)
if peripheral.isPresent(sSide) then
  return true
end

return false
end
can be
isPeripheralPresent = peripheral.isPresent
i forgot how the function works, it loads the function and saves it as a var named by the function
so when you call "WPCI.isPeripheralPresent" it will return the function "peripheral.isPresent"
doing it like this saves memory as it dosent need to be loaded twice

#53 toxicwolf

  • Members
  • 201 posts
  • LocationUnited Kingdom

Posted 15 June 2012 - 10:38 AM

View Postabc, on 14 June 2012 - 08:36 PM, said:

you can actually compress it even more
function isPeripheralPresent(sSide)
if peripheral.isPresent(sSide) then
  return true
end

return false
end
can be
isPeripheralPresent = peripheral.isPresent
i forgot how the function works, it loads the function and saves it as a var named by the function
so when you call "WPCI.isPeripheralPresent" it will return the function "peripheral.isPresent"
doing it like this saves memory as it dosent need to be loaded twice
Yeah, that makes sense, thanks :(/>

#54 kazagistar

  • Members
  • 365 posts

Posted 15 June 2012 - 06:02 PM

View Posttoxicwolf, on 13 June 2012 - 06:05 AM, said:

Well, as you can see, max96at has already made me a beautiful logo. Also, there's a copyright notice at the top of my scripts for a reason - I don't like straight up copying. Sure, read through my encryptor and see how it works, but please don't just copy/paste it. Also, I already have made a way to send secure messages through rednet using a similar encryptor. It's part of HyperPaw, but not quite finished yet.
I can't find your encryptor... from my scanning of the code, it looks like you just grab the password in plaintext and compare it.

#55 toxicwolf

  • Members
  • 201 posts
  • LocationUnited Kingdom

Posted 15 June 2012 - 06:43 PM

View Postkazagistar, on 15 June 2012 - 06:02 PM, said:

View Posttoxicwolf, on 13 June 2012 - 06:05 AM, said:

Well, as you can see, max96at has already made me a beautiful logo. Also, there's a copyright notice at the top of my scripts for a reason - I don't like straight up copying. Sure, read through my encryptor and see how it works, but please don't just copy/paste it. Also, I already have made a way to send secure messages through rednet using a similar encryptor. It's part of HyperPaw, but not quite finished yet.
I can't find your encryptor... from my scanning of the code, it looks like you just grab the password in plaintext and compare it.
Nope :(/> In the login script, look for a line that says something like WAPI.getLoginID(). That function reads the information off the disk, and itself calls WAPI.getPasscode(). Inside the getPasscode() function, it makes a call to another WAPI function, decryptPasscode(). The encrypt and decrypt passcode functions are inside the WAPI. They actually were taken from my HyperPaw network encryption functions.

To sum it up: The login system reads the passcode.dat file on the disk, decodes the passcode and then compares it to the user input.

#56 kazagistar

  • Members
  • 365 posts

Posted 15 June 2012 - 07:16 PM

I saw all that, but I don't see it there. Is this maybe just in your unreleased version or something?

From 1.33 "/1/WOLF/APIS/WAPI" (sorry for copy/pasting):
function getPasscode()
local sPrimaryDrive = getPrimaryDrive()
local sMountPath = getMountPath(sPrimaryDrive)
if disk.isPresent(sPrimaryDrive) and WFCI.exists("/" .. sMountPath .. "/WOLF/data/passcode.dat") then
  sPasscode = WFCI.readAllText("/" .. sMountPath .. "/WOLF/data/passcode.dat")
  return sPasscode
else
  sPasscode = WFCI.readAllText("/WOLF/data/passcode.dat")
  return sPasscode
end
return nil
end

Also, a quick search through all your APIS files reveals no "decrypt" at all. Am I missing something?

#57 toxicwolf

  • Members
  • 201 posts
  • LocationUnited Kingdom

Posted 15 June 2012 - 08:42 PM

View Postkazagistar, on 15 June 2012 - 07:16 PM, said:

I saw all that, but I don't see it there. Is this maybe just in your unreleased version or something?

From 1.33 "/1/WOLF/APIS/WAPI" (sorry for copy/pasting):
snip

Also, a quick search through all your APIS files reveals no "decrypt" at all. Am I missing something?
Haha, that will teach me for not thinking :)/> Yes, all of the encryption code is in my 1.4.0 dev branch, it didn't exist in 1.3.3. Sorry for the confusion guys! :(/>

#58 kazagistar

  • Members
  • 365 posts

Posted 15 June 2012 - 10:01 PM

I know this is just for fun lua stuff, but just a note: Symmetric key cryptography (using some kind of similar cipher at both ends) is basically never used for either purpose you are planning to use it for. For passwords, you use a one directional hash function of some kind(MD5, SHA2, etc), where you essentially cannot get the password back, but if you have the hash of a user's password stored, you can hash the password they just gave you, compare the hashes, and see if it was the same one. For communicating over a shared network, the usual method is Asymmetric key cryptography, in which the encryption key and decryption key are different.

In any case, no hard feelings, but I am going to have to try and create a program to break your encryption. I MIGHT have a network I am designing that revolves around maintaining lists of trusted computers, and then only sending data directly to those computers.

#59 toxicwolf

  • Members
  • 201 posts
  • LocationUnited Kingdom

Posted 15 June 2012 - 10:16 PM

View Postkazagistar, on 15 June 2012 - 10:01 PM, said:

I know this is just for fun lua stuff, but just a note: Symmetric key cryptography (using some kind of similar cipher at both ends) is basically never used for either purpose you are planning to use it for. For passwords, you use a one directional hash function of some kind(MD5, SHA2, etc), where you essentially cannot get the password back, but if you have the hash of a user's password stored, you can hash the password they just gave you, compare the hashes, and see if it was the same one. For communicating over a shared network, the usual method is Asymmetric key cryptography, in which the encryption key and decryption key are different.

In any case, no hard feelings, but I am going to have to try and create a program to break your encryption. I MIGHT have a network I am designing that revolves around maintaining lists of trusted computers, and then only sending data directly to those computers.
Well, to be honest I don't really know how stuff in the real world works, so I just made what I thought would work. If you would like to advise me on how the methods you mentioned work, I would be grateful :(/>

But at the end of the day, like you said, this whole project has just been for fun and started out as a way to learn Lua.

Also, my encryption functions can return a different encryption from the same input, because it randomises the effector value and bit shift upon encryption, then these two values are tagged onto the beginning of the encrypted data. The hash thing sounds almost inferior - it only encrypts data in one way, the same way every time, so if you know that, then you can revert a hash back into the data? But what would I know.

And, I am likely to change up the way I transfer messages to the way I wrote in the spoiler in the OP. I will be using rednet.send() now, since I rethought my methods, Meaning that you could probably only intercept and hack messages at certain points throughout the network, probably by impersonating a Relay (or editing a Relay to log all traffic through it when it passes it on). But, like I said, I don't know much about networking and stuff in real life, so any advice would be great!

#60 kazagistar

  • Members
  • 365 posts

Posted 16 June 2012 - 01:46 AM

1) Hashes are inherently destructive. I mean, yes, you will always get the same hash for the same input. But the only way to reverse a good hash is by trying every single possible input value, or at least enough until you get one that has the same hash. For a well designed hash, this would take all the computers of the world eons to do. Usually, each computer also has a unique salt (a value added to the password before hashing), so you cannot just hash every single 12 character password and then use it for whatever computer.

2) Asymmetric key is very useful because it verifies sender and receiver.

3) Unless we get a serious bitwise API, any kind of encryption won't be truly sound even if people can access the source code let alone if they can. Of course, I doubt we have TOO many expert cryptographers in our midst, so you should be mostly safe.

Basically, what you are doing should be OK, but make sure you use a number of methods, or it will be trivially breakable. If you just only use sends to computers which are "verified", and only accept sends into your network from computers that are secured and have the proper passphrase, then you should be fine. To resync a computer, you just need to provide it with the passphrase and list of valid computers. You can then have the network automatically validated it and store it as a valid computer as well. I recommend adding some way to change the passphrase on all the computers automatically, in case one of your computers gets stolen or hacked.

At least that is what I plan to do. Cant have people hacking into my turtle doom army.





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users