33 replies to this topic

[Forgotten_Boy]

Inspired by ilgazzi and Creeper 9207 (see here, previously on this forum), I've created a more feature-filled version of a cloud chest for ComputerCraft.

The "cx4" ComputerCraft program lets you store any data in a "Cloud Chest" at boomtree.com (full disclosure - also created by me). You can edit the data at that site, share it with others, or simply store and access any data up to 64kb (a full stack of kilobytes!) in every chest location (up to 27) from any ComputerCraft computer.

A screenshot:



Instructions!
First, visit boomtree.com/cx4

You should see the "ComputerCraft Cloud Chest" key. This is your unique key to store your CC data on the real internet.

As the instructions on that page describe, now install the cx4 program on your ComputerCraft computer inside Minecraft:

pastebin get grsCHK53 cx4

Access the lua interactive mode and install cx4 as an API:

os.loadAPI("cx4")

Now you need to tell cx4 what cx4 Chest you are accessing. Your value must come from your cx4 page in Boomtree as mentioned above:

cx4.Chest("PSgq1MGwj")

Now you can use your cx4 Chest to store data in the cloud, and edit it using any web browser:

cx4.Set(0, "your data goes here.")
cx4.Get(0)

Please note you'll need to click the "Refresh" button on your boomtree.com/cx4 page to see the changes you've made via ComputerCraft in your browser.
Also, if you resize the screen you should click Refresh or reload your browser as the screen may be wonky.

And presumably someone here would like to add how to make this API more effective by chucking the cx4 program into your API directory!

Give it a shot, and don't hesitate to tell me about the problems you encounter. If you wish to have full security for your data, change the cx4 program to access https; my ComputerCraft install doesn't seem to connect to https, but the boomtree server is capable and ready for that. As long as you keep your cx4 key secret and use https, your data should be safe.

[InDieTasten]

This is one crazy cool thing. Great work dude! +1 for full stack of kilobytes

[biggest yikes]

hmm now I can store files 1728 times the space of the CC hard drive

Edited by Atenefyr, 09 July 2015 - 08:39 PM.

[Lyqyd]

Uh, aren't CC computers about 1MB in drive size? You're off by a factor of 1000.

[Forgotten_Boy]

I don't know the math... but who wouldn't trade 1mb local for 64kb in the cloud.

[biggest yikes]

Lyqyd, on 09 July 2015 - 09:08 PM, said:

Uh, aren't CC computers about 1MB in drive size? You're off by a factor of 1000.

64 MB * 27 slots = 1728 MB
of course 1728 MB is the maximum if you use all slots, so really it'd be better just to use a file for each slot
EDIT: Totally misread the kilobytes and megabytes thing. Silly of me. It's really 1728 KB (1.68 MB)

Edited by Atenefyr, 09 July 2015 - 09:48 PM.

[jerimo]

Atenefyr, on 09 July 2015 - 09:44 PM, said:

Lyqyd, on 09 July 2015 - 09:08 PM, said:

Uh, aren't CC computers about 1MB in drive size? You're off by a factor of 1000.

64 MB * 27 slots = 1728 MB
of course 1728 MB is the maximum if you use all slots, so really it'd be better just to use a file for each slot
EDIT: Totally misread the kilobytes and megabytes thing. Silly of me. It's really 1728 KB (1.68 MB)

As cool as it would be I'm sure managing 1.7gb of data per person for free would grow huge way too quickly

[Creeper9207]

I am very happy to know that a program inspired by me has made it this far, and inspired two spinoffs after mine was taken down, but i'm a bit offended that mine didn't get any attention...

[PokeAcer]

Would there ever be an interest in making read-only keys? It'd mean I could make a base service which no-one could exploit the password checking facilities.
Also, is the data sent in HTTP with the key if one uses HTTP, if so I can see where that'd be a problem (servers being all NSA packet capturing people)

[Forgotten_Boy]

The best you can do with cx4 right now is change it to use HTTPS; the server uses HTTPS to display and edit the page. You could add authentication headers and all that but you'd have to program Boomtree on the server to understand them. It's also possible on the server to re-initialize the key you are using if you fear it's been compromised; your data remains there and the old key - a guid to a responder in Boomtree - becomes inaccessible. If you don't store the key anywhere in a ComputerCraft file it's pretty secure for normal humans; only your Minecraft server admin could find it by inspecting the running server's memory. With ComputerCraft I don't see how you could get any higher level of security than that.

The default cx4 program uses HTTP because I'm assuming people aren't storing plans for spy planes in ComputerCraft. Also, my ComputerCraft install doesn't seem to communicate with HTTPS; your mileage may vary. If you do experience an HTTPS error I believe the error is silent; the Chest simply won't be updated.

[PokeAcer]

OK. Thanks for clarification. ATM I'm working on an SHA1 cloud pass system which uses 2 programs, one is a door one, one is a setup. Door one has api key, chest to check and output to set on, and the setup has api key, chest number, and later has an unencryptedpass and encryptedpass variable.

Setup checks for the APIs I use which, and if not found will auto download from pastebin. If both have been found it'll ask for a password to set, encrypts it in SHA1, and sends to your server into the chest set. Then, door program asks for password, encrypts and gets the one from cloud chest, if both are same (if localpass == cloudpass) then it sets off redstone into the direction you set.

You can only use A-Z, a-z and 0-9 as the SHA1 encrypter would throw an error when 'escape' characters were added.

Edited by PokeAcer, 11 July 2015 - 05:09 PM.

[PokeAcer]

NVM, fixed by adding a line in.

Edited by PokeAcer, 11 July 2015 - 07:23 PM.

[PokeAcer]

Put a post up about my new cloud program:
http://www.computerc...-base-security/

[ilgazzi]

The screenshots look nice, way better than my version which consists of 2 php scripts thrown at a raspberry pi sitting under my desk. But one thing, can you make a non- flash version of it?

Edited by ilgazzi, 13 July 2015 - 11:31 AM.

[Forgotten_Boy]

Yes, eventually! Until then, it's possible to do so yourself however until I get my tutorial vids up (and fix a few more bugs ) it will be tough...
First, visit the Sandbox editor for your cx4 page.

Now paste this into the text edit area and click "Save":

[Tag Class:"html" Name:"HTML"
	"cx4.Chest(\"" {web-id} "\"" ")"
	["TABLE" border:1
		[Cycle Times:27
			["TR"
				["TD"
					#Counter#
					":" {Get @ #Counter#}]]
				 ]]]

Now when you visit your cx4 page it is html only, and probably somewhat unreadable if your stored data is large.

Known bug: it should be possible to delete this new "html" Stamp to go back to the old screen but the Delete button isn't working right now. Should be fixed later; once it is you could just delete your new HTML Stamp you just created and the page would go back to the old Flash version.

To revert back for now, click the "Immediate" link in the Sandbox and paste this in:

{Delete {Find @ Tag "HTML"}}

Then click View and your page should now use the usual Flash client.

Edited by Forgotten_Boy, 13 July 2015 - 04:48 PM.

[biggest yikes]

Forgotten_Boy, on 13 July 2015 - 04:46 PM, said:

First, visit the Sandbox editor for your cx4 page.

*cough*

ilgazzi, on 13 July 2015 - 11:17 AM, said:

make a non- flash version of it?

[Forgotten_Boy]

If you own a computer that can play Minecraft, it's also capable of Flash. Yes, many people have their hate on for that runtime, which is misguided. But still this example shows a web-based editor that changes the behavior of a web application for an individual user who hasn't even signed up/in, let alone needed to access the guts of a webserver. It can serve any client you want to build, whether it's based in Flash, ComputerCraft (or a specific CC OS) or HTML5.

[biggest yikes]

Forgotten_Boy, on 14 July 2015 - 03:54 PM, said:

Yes, many people have their hate on for that runtime, which is misguided.

In my opinion, Flash is an exploit-ridden piece of software that is becoming obsolete with the evolutions of HTML5 and JavaScript.
Some exploits in Flash (that are going to be fixed eventually, but still):
https://blog.malware...flash-zero-day/
https://blog.malware...0day-uncovered/

Edited by Atenefyr, 15 July 2015 - 07:42 PM.

[Forgotten_Boy]

The hatred towards Flash - Steve Jobs excepted - is an example of "survivorship bias". TL;DR is that a statiscian convinced bomber command to put armor on the locations of returning bombers where there were no bullet holes.
In the case of Steve Jobs, it's an example of a smart guy who recognized that he can make a fortune by convincing people to buy expensive hardware to play Flash games from 2001. Genius!
Flash has been extraordinarly secure - but we won't learn that generally until something mediocre like HTML5 becomes popular and everyone realizes it's worse. From a developer perspective, Flash is still better in every respect, and definitely more secure. In mobile dev, If I want access to your phone number, pictures, whatver, I don't even need to hack - I just need to get my app installed on your phone! Then I can access anything. And for that you paid about quadruple the price of the basic hardware. Apple rocks!

Flash is *still* better in every respect, but it probably won't survive ownership by Adobe.

Edited by Forgotten_Boy, 15 July 2015 - 09:03 PM.

[Waitdev_]

its starting to get around me, how much space does your domain server have?