Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - Nightcrawler

Pages: 1 2 3 4 [5] 6 7 8 9 10 ... 76
Site Talk / Re: Long delay in loading certain pages.
« on: February 02, 2016, 07:50:44 pm »
Yes, it sounds like malware on your computer. I don't see anything suspicious on any pages here.

Site Talk / Re: FAQ entry for comctl32.ocx?
« on: January 09, 2016, 01:56:06 pm »
We could add it to the FAQ, but this is something that applies only to programs developed on VB6. VB6 is now about 18 years old I think! I wouldn't even bother using any utilities that old myself. Microsoft ended extended support for that IDE 8 years ago already as well. It doesn't seem like a relative issue for RHDN to care about as a top level site issue at this point.

This is something that is best put into the individual description pages of applicable utilities. If you know of utilities requiring comctl32.ocx, feel free to update their descriptions accordingly.

Site Talk / Re: DataCrystal bad-language policy ?
« on: January 06, 2016, 07:09:23 pm »
I thought this was a topic about datacrystal...

Isn't it pretty obvious that the information on datacrystal should be just that... informational only? There's really no suitable place there for narration, opinion, etc (nor should there be one). Whole documents don't belong there either. There is a whole document section here for that. Certainly relevant information can be extracted from that document and added to Datacrystal where appropriate, but it makes no sense to me to upload that document there.

The issue of vulgarity really should be a moot point. There is no usable ROM hacking information contained in vulgarity, therefore why would you add it to an informational wiki? :P

Site Talk / Re: Downloads problem?
« on: January 05, 2016, 06:35:09 pm »
So here's another couple of ideas. RHDN can use one of those bot screener authentication systems. You know the ones that show you a picture and you have to input the proper info about the picture to access the download?
Something along those lines is a potential for the long term. They were not an option for the short term though. A good deal of infrastructure change is necessary to accommodate, as well as comparison/study of resource usage. There are a number of issues to consider for each individual option too. reCAPTCHA requires javascript to function with no fallback functionality, and would have third party requests going out for every download (has a significant negative impact on resources here). There are local libraries like Securimage, which also have their own issues etc.

I have been thinking about a better long term solution of our own. We don't really need to block all bots. It's far easier to prevent these malware scanning bots than it is to say block spambots (or even worse paid spam workers). Since Google nor several of these others scanning services would ever be bothered to actually implement custom code for our site, they would potentially be defeatable with a page where you just copy and paste a given generated password right next to it. I doubt Google would ever add several lines of code specifically to automate this on RHDN, just to scan our files...

So, I think we can roll our own simple solution with minimal resource usage, and minimal inconvenience. This would need to be done in conjunction with accounts and sessions. So, logged in people would be exempt from the test, and non-logged people would require the test only once per browser session.

Anyway, I will continue to explore this avenue when time allows. :)

There is nothing we can do about Google. Here at RHDN however, there is an equally effective and simpler solution than the one currently in place: http://www.captcha.net/  :thumbsup:
Oh, the irony! The reCAPTCHA project is a Google project, you know. Although they currently claim to respect whether or not you choose to allow googlebots past it, I'm not sure that applies to their safe browsing bots. Regardless, they certainly have the abilities to bypass it when/if they want.

Site Talk / Re: Why?
« on: January 05, 2016, 06:06:03 pm »
This is explained on the login page of any download... We don't need continued duplicate topics.

All downloads currently require being logged in to download. This is not RHDN's desire. We are forced to do this thanks to Google's Safe Browsing Service. Google falsely labeled our site as a malware site, and started blocking many areas of the site in Chrome, Firefox, and Safari browsers. This is entirely due to overly aggressive false positives on our downloads (they even scan inside compressed archive files such as zip). They do not allow any course of action against false positives. The only way to clear the site was making the downloads inaccessible, and requesting a rescan from Google.

Further information can be found in the following forum topics:

Site: Recent Malware Warnings

My browser detects malware in one of the hack's page.

P.S. Nothing can be done about the login redirect to the forum. The forum handles the login. It's supposed to be able to redirect, but it never worked right after getting rid of their ridiculous SSI include, which made the site 40% slower. SMF 2.1 is supposed to come out this decade. Perhaps it can be looked at again then after new templates since they canned support for the new template formats they just made for 2.0... I hate the SMF backend. It's unfortunately a ridiculous amount of work to switch the site to something else.

Site Talk / Re: Downloads problem?
« on: December 30, 2015, 09:49:03 am »
I don't mean to sound rude or anything, but this seems like a rather foolish idea in my honest opinion. I'm just offering my opinion on this matter. Wouldn't it be better to contact the staff at Google and explain that this site is in fact safe, rather than resorting to requiring members to login so that they may download files here? I'm just saying...

You do sound rude, and you apparently have not read any of the topics on the forum about this. What you're suggesting cannot be done. Please go find the appropriate contact for this at Google. You won't find it. Google specifically only allows a request for re-scan, and appealing through http://www.StopBadware.org, which we have done and they declined to help us.

We don't appreciate misinformed accusations of foolishness with no substance. It's not friendly, and it's not respectful. Staff here does not deserve this treatment. Nobody on staff wants this to happen. If you want to discuss informed alternative possibilities to solve the issue, we'd love to do so. Please do not do so in the manner and tone you've presented above. Play on the same team, we have the same goals. :)

Site Talk / Re: Downloads problem?
« on: December 29, 2015, 01:19:06 pm »
Login authentication is not going to stop those warnings. Antivirus/Anti-malware suites are still going to report files scanned and where they came from. All you're doing is annoying your fanbase, especially without any warning. Posting it in big bold letters on the front page "WARNING: LOGIN NOW REQUIRED FOR ALL DOWNLOADS!" is likely a good idea.
Yes it would, and it did stop the warnings. The problem comes from Google's Safe Browsing Service which is the cause of the blocking in Chrome, Firefox, and Safari. This is not a local antivirus software issue. This is a global Google issue. Since there is no recourse for false positives with Google, requiring authentication for the downloads allowed us to request a re-scan from Google, pass their scan, and they are removing the warnings.

Suitable information\warning has since been added to the download login page informing all affected users of the situation.

There's also privacy and legal issues to consider. Logins require logging! Logs can be used in a court...
Not really. There is no logging whatsoever associated with downloads. There's not even any logging associated logins in general beyond a temporary web server session so you can be logged into the site. The forum also stores a session id and the last time you logged in for the forum, but that's about it. SMF is used, and open source, so you can check the extent of sessions there yourself.

It's really quite harmless. There's no information available aside from when you last logged in. Even the general web server IP access logs are tallied for statistics each day, and reset. Relax. :)

Wouldn't it be easier and more effective to simply require authors to enclose their projects in password protected container files such as zip, rar or 7z on the project page?
I don't see how it would be easy to address the existing near 10,000 downloads available on the site.

Site Talk / Re: Scratchpad Problem?
« on: December 28, 2015, 07:02:25 pm »
No... You'd leave yourself open to security holes... From the Apache manual for example:

Files can have more than one extension, and the order of the extensions is normally irrelevant. For example, if the file welcome.html.fr maps onto content type text/html and language French then the file welcome.fr.html will map onto exactly the same information. If more than one extension is given which maps onto the same type of meta-information, then the one to the right will be used, except for languages and content encodings. For example, if .gif maps to the MIME-type image/gif and .html maps to the MIME-type text/html, then the file welcome.gif.html will be associated with the MIME-type text/html.”

So, a file named 'filename.php.abc', will be interpreted as a PHP file and will be executed if the last extension is not specified in the list of mime-types known to the web server.

There are of course other ways to avoid this being a possibility. Nonetheless, I choose to do this because I think non-extension related periods are bad filename form (a number of other groups discourage this also) anyway and don't want them here.

That is the desired behavior, we disagree on poor form, and that code is unlikely to change in the foreseeable future. ;)

Site Talk / Re: Scratchpad Problem?
« on: December 28, 2015, 12:52:07 pm »
All extensions are checked for validity. Extra periods in the filename not denoting extensions are considered bad form for the purposes of this site. We could probably do things a bit differently, but it's not worth the effort.

So, .1).zip is treated as two extensions and the first was invalid.

Front Page News / Re: Site: Recent Malware Warnings
« on: December 28, 2015, 10:34:46 am »
I think it will unfortunately be permanent. It's the only way the site will pass Google's scan. Since they don't provide a complete list, we can't even just deal with the entries they think are problematic.

I thought about blocking Google Safe Browsing from downloads somehow, but I can't find any relevant information on what IP, hostname, user-agent, etc. they use for this service. I also suspect blocking them might result in an automatic flagging even if I could do so.

Robots are normally blocked from the downloads on this site via robots.txt, but Google doesn't respect that for safe browsing apparently.

Using the registration wall, we did finally pass the requested review. Warnings should start to go away now.

Front Page News / Re: Site: Recent Malware Warnings
« on: December 27, 2015, 04:11:12 pm »
Please by all means contact and harass Google if you can even find any way to do so.

Google in their infinite wisdom, offers absolutely no way to do so. You can do nothing but request your site be crawled again ONLY if you use their webmaster tools interface (which subsequently requires modifying domain host records permanently just for them!). You can't do anything about false positives. ALL downloads are now behind a registration wall and Google has been requested to re-scan. Nothing else can be done as far as I'm aware. Google won't even give a list of all offending links. They merely give you a single example link (which does happen to be the aforementioned http://www.romhacking.net/translations/1590/). It's an absolutely pathetic system. I can't believe Google would put out such junk and push for wide adoption.

Site Talk / Re: Isn't today RHDN's 10th anniversary?
« on: December 24, 2015, 02:09:22 pm »
The 23rd was indeed the 10th anniversary. :) I have been very sick for the past month and still struggling, or I would have done something. :(

Before I got sick, I had the idea of making a little collage page containing a few sentences from various people (whomever was interested) reflecting back on RHDN. Maybe a memorable community moment, how the site may have helped them, something cool they found here, someone cool they met because of the site, etc. I thought it would be cool to have a page collecting various small quotes/tidbits like that to memorialize 10 years of the site and community. I suppose we still could do something like that if there is interest. :)

I have still kept a few memorable images on the server from our early days to dust off on a special occasion...

It's been a long while, but doesn't Breath of Fire IV do this as well? At least I recall getting to play as both the antagonist and the protagonist.

I think it's fantastic that he is able to utilize abilities unique to synthesis hardware that is not possible on real instruments. I think it simply re-enforces the fact that he was a master of his craft! He wasn't composing music to be played on real instruments. He was composing music to be played on distinct sound hardware. :)

Actually, he popped in here for one post last year. Apparently, he deleted his account aftewards.

His account got pruned from the pruning script. If I recall, accounts with no contributions, no credits, no activity for a year, and less than 5 posts are pruned.

I kept in contact with DarkForce until 2006. He was doing well up to before we lost touch (no particular reason, just drifted away).

Site Talk / Re: Public Maintenance on the site
« on: November 04, 2015, 06:44:27 pm »
Perhaps you're right on certain points. I even agree with some myself. Nonetheless, if the majority of people agreed with all of these, it would already be that way. Nearly all of the policies here have come directly from community majority or consensus discussion over the past 10 years. Probably the only exceptions are things that were not done due to technical or resource reasons. There are a number of policies in place that I don't agree with, but as they say 'majority rules', or 'the needs of the many outweigh the needs of a few'. The site was founded and flourished on attempting to balance with community majority consensus.

What is so damned 'sacred' about 'preserving the original archive' if it preserves all the worst aspects of the past rather than what the FOCUS should be on (the rom hack itself).  We should not be so hardcore-focused on preserving the obtuse minutae and utility-wank of the past.

Nothing as far as RHDN is concerned. It's simply community majority consensus. That's a question you'd want your peers to answer for you. The majority of people don't want their stuff tampered with, and have been vocal about that throughout the years. This still appears to be the case today. Perhaps others will back your views and say otherwise, but that remains to be seen. Just the same as you're concerned about aliening visitors, also be concerned about aliening content creators. They both go together.

So, see what your peers think. I doubt the staff would have any objection on changing the policy if many in the community called for it with clear consensus. :)

To All Regarding the Readme discussion:

We were very close to requiring readme files for all new hack and translation submissions a few years back. I'd love to see that. I direct you to resurrect this old topic:

I think it was hung up on some of the details mentioned in the thread and dropped after no further activity.

Site Talk / Re: Public Maintenance on the site
« on: November 03, 2015, 09:15:38 pm »
RHDN needs to update their submission rules to permit 'update' hacks to be uploaded that fix issues like requiring a header or special utilities to be patched.
If we can create a version of something like FuSoYa's Super Demo World that don't require jumping through hoops and only a simple BPS patch then that is something that should be permitted rather than immediately rejected.

To be clear, you would be in favor of someone else updating all of your patches to use xdelta because they believe xdelta to be a superior patch format to the format you have chosen? Or better yet, an RHDN specific format that is even easier yet to apply than both? If so, that is interesting. Most patch authors have historically tended to get very upset over this type of action, hence the majority created policy that exists now.

Site Talk / Re: Data Crystal
« on: November 02, 2015, 08:45:53 am »
Datacrystal used to be entirely separate. At some point some years back, AnyoneEB (the owner) approached me about hosting/merging datacrystal with RHDN. I can't really remember the details, but we both thought that would be a good idea and made it happen! Also, all of the previous admins there became inactive and it was in desperate need of upgrades and maintenance. So, myself, Snarfblam, and Danke spent a good deal of time getting everything up to date and working again in it's current state.

We also integrated wiki links into all of our game pages for ROM maps, RAM maps, tables, notes etc.. See Final Fantasy for example:

Snarfblam, and Danke are the current Admins at Datacrystal now.

Site Talk / Re: Increase inbox size?
« on: October 31, 2015, 04:49:07 pm »
This limit was recently raised to 100! :) Still, please consider keeping your inbox tidy if you don't really need the messages.

ROM Hacking Discussion / Re: Developed new IPS patcher, want to test it
« on: October 26, 2015, 06:31:19 pm »
I don't think that will be an issue if you use Lunar IPS. There are no bugs that I'm aware of after many years of use. I've used it to test my own patching code before, and I've also used it to patch probably 100 games at least. IPS is a pretty simple format. There isn't really much to test.

I would suggest designing a patcher for a format that isn't grossly outdated though. I think it would garner more attention, fanfare, and usefulness to the community.

Pages: 1 2 3 4 [5] 6 7 8 9 10 ... 76