29 replies to this topic

[ilgazzi]

Craft-a-Cloud is an api that helps you store bits of data on the internet. It was originally designed by Creeper9207 as a replacement for rednet but he had to shut it down. When I saw this revolutionary utility got abandoned, I reached out to him and got the backend code to resurrect it. So, here is the pastebin:

http://pastebin.com/cr9fCs16 or pastebin get cr9fCs16 craftacloud


example usage:

os.unloadAPI("craftacloud")
os.loadAPI("craftacloud")
webdata.data_set("cc_test", "random data")
print(webdata.data_get("cc_test"))

anything bigger than 1 kb will be removed. Also,

THIS IS NOT ENCRYPTED IN ANY SHAPE OR FORM. DO NOT STORE PASSWORDS OR ANY OTHER SENSITIVE DATA

Thanks, enjoy.

Edit:could anyone help me with clientside encryption?

Edited by ilgazzi, 25 July 2015 - 09:11 AM.

[クデル]

This is really neat, looks nice, I will definitely be encrypting my data on my end although.

[flaghacker]

Is everybody's data shared? Or is it ip-based?

[ilgazzi]

flaghacker, on 03 July 2015 - 05:32 PM, said:

Is everybody's data shared? Or is it ip-based?

It is not ip-based. Everything is shared but someday I'll add a client side encryption system. Someday.

[biggest yikes]

why not encrypt it serverside, then give a response back after decrypting it? of course, using https if possible

[ilgazzi]

Atenefyr, on 03 July 2015 - 10:32 PM, said:

why not encrypt it serverside, then give a response back after decrypting it? of course, using https if possible

That seems like a very good idea. Could you help me with doing that? I'm barely a novice with php and I have no idea how to encrypt and decrypt stuff serverside. If you or anyone else can help with php, please pm me.

[biggest yikes]

ilgazzi, on 04 July 2015 - 09:28 AM, said:

Atenefyr, on 03 July 2015 - 10:32 PM, said:

why not encrypt it serverside, then give a response back after decrypting it? of course, using https if possible

That seems like a very good idea. Could you help me with doing that? I'm barely a novice with php and I have no idea how to encrypt and decrypt stuff serverside. If you or anyone else can help with php, please pm me.

http://php.net/manua...ypt-encrypt.php and http://php.net/manua...ypt-decrypt.php

Edited by Atenefyr, 04 July 2015 - 06:32 PM.

[クデル]

A bit more complicated, but perhaps you could make the key change every day using something like cronjobs. If you wanted, you could even use my key generator script. You just need to use something such as a HTTP Get call and save the result to a variable, you only need to specify the key length you want to use: http://cdel.me/keygen.php?length=10

[biggest yikes]

Ice Cream, on 06 July 2015 - 06:19 AM, said:

A bit more complicated, but perhaps you could make the key change every day using something like cronjobs

Why would you make the key the same for everyone?

[Creeper9207]

I don't know If I mentioned this when I sent some base php code, but it puts it through a Caesar cipher, but that's all I could do, I'm glad to see you rebuilt the project and gave it a better name.

[クデル]

Atenefyr, on 06 July 2015 - 07:35 PM, said:

Ice Cream, on 06 July 2015 - 06:19 AM, said:

A bit more complicated, but perhaps you could make the key change every day using something like cronjobs

Why would you make the key the same for everyone?

Sorry should have been more clear, key change for everyone each day

[biggest yikes]

Creeper9207, on 06 July 2015 - 09:47 PM, said:

but it puts it through a Caesar cipher

Those things are extremely easy to crack

[HPWebcamAble]

Atenefyr, on 07 July 2015 - 02:59 PM, said:

Creeper9207, on 06 July 2015 - 09:47 PM, said:

but it puts it through a Caesar cipher

Those things are extremely easy to crack

Remember, this is being used in a MOD for MINECRAFT.
It's not like this is going to be used by the CIA or something.

Any encryption will stop most people. Anyone else probably won't want to waste their time.

[jerimo]

HPWebcamAble, on 07 July 2015 - 07:31 PM, said:

Atenefyr, on 07 July 2015 - 02:59 PM, said:

Creeper9207, on 06 July 2015 - 09:47 PM, said:

but it puts it through a Caesar cipher

Those things are extremely easy to crack

Remember, this is being used in a MOD for MINECRAFT.
It's not like this is going to be used by the CIA or something.

Any encryption will stop most people. Anyone else probably won't want to waste their time.

Just because it's not to be used for the most secure of uses does not mean that security is not welcome. Most people use the same password everywhere,and personal information can easily be spread so encryption is always a good thing especially if there is no security surrounding the information

[biggest yikes]

HPWebcamAble, on 07 July 2015 - 07:31 PM, said:

Remember, this is being used in a MOD for MINECRAFT.
It's not like this is going to be used by the CIA or something.

So what? Security is important in all environments. There's no reason to not make it secure. People kind of want their privacy.

HPWebcamAble, on 07 July 2015 - 07:31 PM, said:

Any encryption will stop most people.

Why would you think that? Like I said, caesar ciphers are extremely easy to crack (26 possible keys usually) and wouldn't stop me if I was a black-hat hacker.

HPWebcamAble, on 07 July 2015 - 07:31 PM, said:

Anyone else probably won't want to waste their time.

Granted, they probably don't care to hack people anyway, but that's because they aren't going to even try to hack them. They probably don't care what people are storing online.


To the OP:
If anything above 1 KB is removed, what happens if a person stores a few hundred thousand little files that are less than 1 KB?

Edited by Atenefyr, 11 July 2015 - 03:47 PM.

[HPWebcamAble]

Atenefyr, on 11 July 2015 - 03:41 PM, said:

HPWebcamAble, on 07 July 2015 - 07:31 PM, said:

Remember, this is being used in a MOD for MINECRAFT.
It's not like this is going to be used by the CIA or something.

So what? Security is important in all environments. There's no reason to not make it secure. People kind of want their privacy.

I don't mean 'Mojang don't need to encrypt passwords since its just minecraft' I mean in a CC program, I wouldn't stress over security.
I'd stress over the UI

Atenefyr, on 11 July 2015 - 03:41 PM, said:

HPWebcamAble, on 07 July 2015 - 07:31 PM, said:

Any encryption will stop most people.

Why would you think that? Like I said, caesar ciphers are extremely easy to crack (26 possible keys usually) and wouldn't stop me if I was a black-hat hacker.

Well I wouldn't use a Ceaser Cipher, even in CC, since it can be broken without a computer.
But then again, if you don't know what method was used to encrypt, it becomes much harder to decrypt.

Atenefyr, on 11 July 2015 - 03:41 PM, said:

Granted, they probably don't care to hack people anyway, but that's because they aren't going to even try to hack them. They probably don't care what people are storing online.

My uncle's linux box gets hit every few hours from IPs in china, from scripts just trying to randomly guess his password.
They aren't really HACKING per say, it isn't like they catch traffic going to and from the machine and try to decrypt it.

So to bring this back to ilgazzi's program, I'd say that it would be nice if it were encrypted, but if that's not possible, I just simply wouldn't store sensitive data with it.

Edited by HPWebcamAble, 11 July 2015 - 05:28 PM.

[biggest yikes]

HPWebcamAble, on 11 July 2015 - 05:27 PM, said:

I don't mean 'Mojang don't need to encrypt passwords since its just minecraft' I mean in a CC program, I wouldn't stress over security.
I'd stress over the UI

Yes, but like I said, make sure security is at least a second priority.

HPWebcamAble, on 11 July 2015 - 05:27 PM, said:

Well I wouldn't use a Ceaser Cipher, even in CC, since it can be broken without a computer.
But then again, if you don't know what method was used to encrypt, it becomes much harder to decrypt.

But now we know.
If we didn't know, well, we wouldn't be talking about this.

HPWebcamAble, on 11 July 2015 - 05:27 PM, said:

Atenefyr, on 11 July 2015 - 03:41 PM, said:

Granted, they probably don't care to hack people anyway, but that's because they aren't going to even try to hack them. They probably don't care what people are storing online.

My uncle's linux box gets hit every few hours from IPs in china, from scripts just trying to randomly guess his password.
They aren't really HACKING per say, it isn't like they catch traffic going to and from the machine and try to decrypt it.

I'm referring to ComputerCraft users
In either case, you just disproved yourself, since that means you agree that people will waste their time to "hack" them (in your case, the linux box your uncle has).

Edited by Atenefyr, 14 July 2015 - 03:07 PM.

[ironmountain]

Just curious why the files are stored on Tuscaloosa Bible Methodist Church's servers. Thought that was a bit odd.

[LewisTehMinerz]

ironmountain, on 15 July 2015 - 10:53 AM, said:

Just curious why the files are stored on Tuscaloosa Bible Methodist Church's servers. Thought that was a bit odd.

Apparently, it's Creeper9207's website (Unless someone bought the server he was using). Also, Creeper's CC files are there still on there (which hints that it wasn't just the domain name bought). It also looks like the uploading still works too.

[Yarillo]

Hey ! Thanks a lot !
It's very useful and will completly replace wireless modems for me. Also, more simple than Cloud chest.

Please keep the servers up

EDIT:

I used it for quite a bit and it was kind of buggy and didn't work as I expected it to work. After 20min of scratching my head I figured out two "problems" (or maybe are they just weird choices ?):

• The function "data_set" actually returns before the data has been updated on the cloud, causing problems in some cases
  
• When you call data_get(channel) when the data is being updated on the server (i think), it sometimes returns a blank string

set("test", "value one")
sleep(3)
set("test", "value two")
print(get("test"))
-- this will either print "value one" or a blank string

So, i'm currently using a slower but more reliable version of your clientside code.

Here it is: pastebin get srbURPZk webdata

It's still dope tho !

Edited by Yarillo, 17 July 2015 - 04:34 PM.