#network location server | Explore Tumblr Posts and Blogs

canmom · 7 months

Text

Hypothetical Decentralised Social Media Protocol Stack

if we were to dream up the Next Social Media from first principles we face three problems. one is scaling hosting, the second is discovery/aggregation, the third is moderation.

hosting

hosting for millions of users is very very expensive. you have to have a network of datacentres around the world and mechanisms to sync the data between them. you probably use something like AWS, and they will charge you an eye-watering amount of money for it. since it's so expensive, there's no way to break even except by either charging users to access your service (which people generally hate to do) or selling ads, the ability to intrude on their attention to the highest bidder (which people also hate, and go out of their way to filter out). unless you have a lot of money to burn, this is a major barrier.

the traditional internet hosts everything on different servers, and you use addresses that point you to that server. the problem with this is that it responds poorly to sudden spikes in attention. if you self-host your blog, you can get DDOSed entirely by accident. you can use a service like cloudflare to protect you but that's $$$. you can host a blog on a service like wordpress, or a static site on a service like Github Pages or Neocities, often for free, but that broadly limits interaction to people leaving comments on your blog and doesn't have the off-the-cuff passing-thought sort of interaction that social media does.

the middle ground is forums, which used to be the primary form of social interaction before social media eclipsed them, typically running on one or a few servers with a database + frontend. these are viable enough, often they can be run with fairly minimal ads or by user subscriptions (the SomethingAwful model), but they can't scale indefinitely, and each one is a separate bubble. mastodon is a semi-return to this model, with the addition of a means to use your account on one bubble to interact with another ('federation').

the issue with everything so far is that it's an all-eggs-in-one-basket approach. you depend on the forum, instance, or service paying its bills to stay up. if it goes down, it's just gone. and database-backend models often interact poorly with the internet archive's scraping, so huge chunks won't be preserved.

scaling hosting could theoretically be solved by a model like torrents or IPFS, in which every user becomes a 'server' for all the posts they download, and you look up files using hashes of the content. if a post gets popular, it also gets better seeded! an issue with that design is archival: there is no guarantee that stuff will stay on the network, so if nobody is downloading a post, it is likely to get flushed out by newer stuff. it's like link rot, but it happens automatically.

IPFS solves this by 'pinning': you order an IPFS node (e.g. your server) not to flush a certain file so it will always be available from at least one source. they've sadly mixed this up in cryptocurrency, with 'pinning services' which will take payment in crypto to pin your data. my distaste for a technology designed around red queen races aside, I don't know how pinning costs compare to regular hosting costs.

theoretically you could build a social network on a backbone of content-based addressing. it would come with some drawbacks (posts would be immutable, unless you use some indirection to a traditional address-based hosting) but i think you could make it work (a mix of location-based addressing for low-bandwidth stuff like text, and content-based addressing for inline media). in fact, IPFS has the ability to mix in a bit of address-based lookup into its content-based approach, used for hosting blogs and the like.

as for videos - well, BitTorrent is great for distributing video files. though I don't know how well that scales to something like Youtube. you'd need a lot of hard drive space to handle the amount of Youtube that people typically watch and continue seeding it.

aggregation/discovery

the next problem is aggregation/discovery. social media sites approach this problem in various ways. early social media sites like LiveJournal had a somewhat newsgroup-like approach, you'd join a 'community' and people would post stuff to that community. this got replaced by the subscription model of sites like Twitter and Tumblr, where every user is simultaneously an author and a curator, and you subscribe to someone to see what posts they want to share.

this in turn got replaced by neural network-driven algorithms which attempt to guess what you'll want to see and show you stuff that's popular with whatever it thinks your demographic is. that's gotta go, or at least not be an intrinsic part of the social network anymore.

it would be easy enough to replicate the 'subscribe to see someone's recommended stuff' model, you just need a protocol for pointing people at stuff. (getting analytics such as like/reblog counts would be more difficult!) it would probably look similar to RSS feeds: you upload a list of suitably formatted data, and programs which speak that protocol can download it.

the problem of discovery - ways to find strangers who are interested in the same stuff you are - is more tricky. if we're trying to design this as a fully decentralised, censorship-resistant network, we face the spam problem. any means you use to broadcast 'hi, i exist and i like to talk about this thing, come interact with me' can be subverted by spammers. either you restrict yourself entirely to spreading across a network of curated recommendations, or you have to have moderation.

moderation

moderation is one of the hardest problems of social networks as they currently exist. it's both a problem of spam (the posts that users want to see getting swamped by porn bots or whatever) and legality (they're obliged to remove child porn, beheading videos and the like). the usual solution is a combination of AI shit - does the robot think this looks like a naked person - and outsourcing it to poorly paid workers in (typically) African countries, whose job is to look at reports of the most traumatic shit humans can come up with all day and confirm whether it's bad or not.

for our purposes, the hypothetical decentralised network is a protocol to help computers find stuff, not a platform. we can't control how people use it, and if we're not hosting any of the bad shit, it's not on us. but spam moderation is a problem any time that people can insert content you did not request into your feed.

possibly this is where you could have something like Mastodon instances, with their own moderation rules, but crucially, which don't host the content they aggregate. so instead of having 'an account on an instance', you have a stable address on the network, and you submit it to various directories so people can find you. by keeping each one limited in scale, it makes moderation more feasible. this is basically Reddit's model: you have topic-based hubs which people can subscribe to, and submit stuff to.

the other moderation issue is that there is no mechanism in this design to protect from mass harassment. if someone put you on the K*w*f*rms List of Degenerate Trannies To Suicidebait, there'd be fuck all you can do except refuse to receive contact from strangers. though... that's kind of already true of the internet as it stands. nobody has solved this problem.

to sum up

primarily static sites 'hosted' partly or fully on IPFS and BitTorrent

a protocol for sharing content you want to promote, similar to RSS, that you can aggregate into a 'feed'

directories you can submit posts to which handle their own moderation

no ads, nobody makes money off this

honestly, the biggest problem with all this is mostly just... getting it going in the first place. because let's be real, who but tech nerds is going to use a system that requires you to understand fuckin IPFS? until it's already up and running, this idea's got about as much hope as getting people to sign each others' GPG keys. it would have to have the sharp edges sanded down, so it's as easy to get on the Hypothetical Decentralised Social Network Protocol Stack as it is to register an account on tumblr.

but running over it like this... I don't think it's actually impossible in principle. a lot of the technical hurdles have already been solved. and that's what I want the Next Place to look like.

#i'm gonna hurry up and get my website on ipfs i think #tumblr

246 notes · View notes

aequorin-fr · 5 months

Text

About Account Closures, Banxiety, etc

Good morning, Flight Rising Tumblr!

I posted a reblog not that long ago (this morning) responding to banxiety concerns. It appears to have been eaten by Tumblr, which happens; but I know a lot of you are concerned and there's a lot of misinformation and misunderstandings flying about. So I'm going to go ahead and repost this directly to the tags so anyone with concerns or anxiety can see this <3 (06:47 Flight Rising server time: Title edited to be clearer.)

—————

Oh dear, there's been quite a misunderstanding. What you've described here isn't true and likely to send our players into a banxiety panic. I'm sure that's not what you meant to do and I'm happy to clarify where I can!

We're fully aware people can change physical locations throughout the day which means their IPs will change. Some folks play or check in from home, school, work, a friend's house, etc. That means their account will log multiple IP addresses on any given day, sometimes within a thirty minute period.

Example: Player accesses on their school network —> School lets out —> They access via mobile data on transit —> Player then logs in on their home network

Closing accounts for having multiple IP addresses associated with them—especially in the mobile era!—would be wrong. And, frankly, absurd.

Account closures are based on activity data and reviewed by staff. Do we always get it 100% right? No, of course not. We're human. We make mistakes. Sometimes we do close an account in error and upon review, reopen the account. And sometimes it even means an account we're almost certain is cheating stays open a bit longer, because of that chance we're wrong.

Unless by "moving stuff over" you mean funneling to a new account, because our Terms of Use are clear that players agree to register only one account per individual. Multiple accounts provide a player not only with multiple opportunities for dailies and Roundsey, but access to various Flight Forums (including private Flight Dominance planning!) not just their original Flight, ways around our block feature, and the means to scam players during trades, giveaways, etc. The above ranges from cheating and gaining an advantage over others to outright harassment.

Now, there is also friend and family member funneling, where someone stops playing for themselves and just starts sending the earnings from their dailies or festivals to their friend or family member. That's still cheating and we've been clear about that for some time now.

Finally, we don't discuss account actions with third-parties and we don't discuss them publicly for privacy, security, and safety reasons. Even when the player who lost their account takes to the forums or social media with claims that are untrue, exaggerated, or minimize/downplay the violation that lead to the closure of their account. Unless they've taken the extra step to alter a screenshot as "proof" we said or did something we didn't do, we can't engage with their claims. This means the community will only see one side of the story, one version of events.

And as a note for anyone following along and concerned about their account, we do have an article in our Knowledge Base that explains account penalties: Account Penalties Explained.

I hope this helps clarify the confusion and concerns surrounding account closures! You don't have to worry about logging multiple IPs, moving, playing with your friends or family, etc. <3

#Flight Rising #FlightRising #Banxiety #Dragons #Roundsey

200 notes · View notes

genshin-impact-updates · 4 months

Text

Web Event "Dancing Beasts and Soaring Kites" Now Online: Take Part to Obtain Primogems and Other In-Game Rewards

>> Click to Take Part in Event <<

Dancing Beasts to Wave in the New, and Soaring Kites for Blessings Too!

The Lantern Rite is here, bringing happiness, prosperity, and good fortune~

〓Event Duration〓

February 8, 2024 – February 17, 2024 23:59 (UTC+8)

*Rewards cannot be claimed after the event ends. Please claim them in time.

〓Eligibility〓

Travelers who have reached Adventure Rank 10 or above can participate in this event.

〓Event Description〓

During the event, you can log in to Genshin Impact daily, claim Commission Rewards, consume Original Resin, and complete other missions to obtain the event item: Pale Yellow Silk Paper.

Pale Yellow Silk Paper can be used to unlock the various sections of the event and to search for the correct options. Once you choose the correct option, you'll be able to obtain Primogems and other in-game rewards.

〓Event Details〓

1. You can obtain the event item: Pale Yellow Silk Paper through the following methods: Complete missions such as logging into Genshin Impact every day, claiming Commission Rewards 2 times daily, and using a total of 40 Original Resin daily to obtain the corresponding amount of Pale Yellow Silk Paper.

2. Daily missions refresh at 04:00 (Server Time) each day. Unclaimed Pale Yellow Silk Paper will also be cleared by then. Please claim and use it in time. Claimed Pale Yellow Silk Paper will not be cleared.

3. A certain amount of Pale Yellow Silk Paper can be used to unlock different sections. There are a total of 5 sections in the event, which are located on different stages. You can click the Suanni and Crane buttons on the home page to switch between different stages and enter the corresponding sections.

4. After unlocking a section, you can play it multiple times until you've selected the correct option to obtain in-game rewards.

5. In each section, there are a total of three options to choose from. After you've chosen an option, you can flip it over to see the companion or item hidden behind.

6. Once you've flipped over the correct option, you'll have completed the challenge and will be able to obtain in-game rewards. If you flip over the wrong one, the companion or item behind will stay on the stage. You can continue flipping over the remaining options until you've selected the correct one in order to obtain in-game rewards.

7. If you leave halfway through, your progress will not be saved but your Pale Yellow Silk Paper will not be consumed either. You can try again multiple times.

*If Travelers try to visit the event at around 04:00 (Server Time), which is when the daily missions refresh, they may encounter a brief network error. Please refresh the page if you encounter this error.

〓Event Rewards〓

After you've unlocked all of the sections and completed the challenges, you'll be able to obtain Primogems ×120, Mystic Enhancement Ore ×10, Hero's Wit ×10, and Mora ×70,000. Also, after completing three sections and their challenges, you'll obtain a special reward: the blueprint for the Serenitea Pot Furnishing "Valley Store: The Leisure of Tea."

*The in-game rewards will be distributed via in-game mail. The mail will expire after 30 days, so don't forget to claim the rewards in time.

*This web event is provided purely for entertainment. It is not indicative of any related gameplay features in Genshin Impact.

#genshin impact #genshin impact updates #genshin impact news #official #web events #FURNISHING REWARD ‼️

129 notes · View notes

mitigatedchaos · 1 year

Text

Which of the following is the most ethical?

MOON PRISON - Inmates are kept in an isolated facility on the Moon. Books, movies, and other materials may be made available, but there is only very limited network access. In each room there is a 3D screen which shows the view of Earth from cameras outside the facility, but aside from an atrium, the vast majority of the facility is beneath the surface to protect it from asteroid impacts. Food and a limited amount of replacement parts are produced on-site.

CYBER PRISON - Inmates are placed into life-sustaining pods, and then connected to a full immersion virtual reality simulation similar to The Matrix. This allows inmates to experience running freely in an open-world environment without putting ordinary citizens at risk, although the environment is somewhat lower-fidelity than real life. The facility is located on Earth in a remote part of Iowa. It is intended that the network is isolated. In the event of an emergency, inmates will be ejected from the pods.

CRYO PRISON - Inmates are stored in a state of suspended animation for the duration of their sentence. The technology is highly reliable, with few side effects. Inmates will be the same biological age at the end of their sentence as when their sentence started. In the event of an emergency, backup systems in each unit will attempt to safely bring the inmate out of cryostasis. With no food, active life support, or VR server farms, this is the cheapest option.

Feel free to provide your reasoning in the reblogs.

#polls #discourse preview

239 notes · View notes

emtheanxiousdragon · 8 months

Text

Our Hæth: A Wanderhome ARG

Ok so if you are any sort of game designer, whether that be a programmer for a mobile app, an artist for an indie TTRPG, or a top-tier producer at a AAA-game studio, you should read Reality is Broken by Jane McGonigal, it inspires you to make games that don’t just form digital communities or entertain, but allow a deeper connection to your real life.

And one game that I think, with a twist, could really fit McGonigal’s idea is Wanderhome, the excellent pastoral RPG by tumblr’s very own @jdragsky . This game is beautiful, simple, and a tool for telling these lovely stories about anthropomorphic travelers exploring a recovering society and finding themselves along the way.

Now, let me introduce my idea, tentatively titled Our Hæth: A Wanderhome ARG.

You make a Wanderhome character, just like in a typical game. You also make a separate Wanderhome profile that represents yourself. (this can be your actual Wanderhome character if you want to take on an alternate persona). This secondary Wanderhome character doesn't actually travel the Hæth. They represent your journey in the real world. Your second character's playbook should fit yourself and what you hope to get from this experience. My secondary character will be a Peddler, because I want to grow my personal career.

Then you get connected to a Hæth. These are shared worlds/servers that begin like all Wanderhome games (at the start of Tillsoil very soon after the end of the war) and progress from there. You can start with other players or begin on your own and find others later.

When you wish to travel to a new area, instead of randomly deciding what it should be, you base it on your current location. It can be as simple as your bedroom or as grand as the Great Wall of China! I’ll show you what I mean with where I am now.

A beautiful pond, right? Let’s turn it into a spot in the Hæth! Our first nature is based on a literal take of the area. I’m by a pond, so the first nature will be Lake! The second nature is more metaphorical; based on what you know about your location, choose a nature that describes its personality. A lot goes on around this pond, so I’ll pick Carnival. The third nature should describe the place as it is when you arrive. The calm nature of the pond today means the third nature is Field. Build the location with the rules of each nature, combined with the traits of the season, and you’ve made a Place!

In Our Hæth, each location is permanently saved into the world you created it in. If other players want to visit this location rather than create a new one, they’ll replace the third nature and the seasonal traits and set off! They can see what you’ve written about the place and the adventures you’ve had here. If you know them in real life, you can share what the real-world inspiration is. If not, you can discuss as much about it as you feel comfortable sharing.

Once you're in a Place, great! Start playing Wanderhome. If you're alone, write down what your traveler does in this place. If you're with friends, get together in person and roleplay it out, or chat together over Discord or your online forum of choice. Their characters may travel with you for a while or your paths may diverge and reconnect later. Just remember what happens so you can share it as part of your character's story. When you make a Kith, go through the regular Kith creation process and add them to your Hæth. If other players visit this Place later, they may meet your kith and will want to know what happened.

The other big ARG element of this version of Wanderhome comes with using tokens. When your character does something to create a token, you need to do something to make a token in real life. Have a list of what different actions in Wanderhome mean for you in real life. For example, when my character Camper gives away something he holds dear, that means I have to complete some professional networking. Your token action should be challenging or good for you. Change your token action as your challenges and needs change. Make them fit your life and your goals.

Take a break to complete your token action, or write it down for after the session. You won't be able to spend your real-world token until you complete your task. Once that's done, the next time your character spends a token, you can spend one too! Your token rewards are something positive to reward yourself for putting in the effort and caring for yourself, your relationships, or the world. In my Hæth, when Camper keeps someone safe from the difficulties of the world, I get to take a nap rather than work!

The months can change in small groups when you agree to change them. In bigger groups, you may set a real-world date for the change in the months. Ask the month's question to yourself and your Wanderhome character. Consider your answer a "yes" regardless of which one of you says so. When the time comes for the seasons to change, set up a party with others in your Hæth or throw your own private celebration. Just as the holiday marks a moment of personal growth for your character, take a major step forward with your own goals. As Camper celebrates the new year, I'm going to start searching for a summer internship. I'll adapt my token actions and rewards as needed, and I'll continue playing.

So long as you have Wanderhome, you can play this game. You can keep track of your Hæth in a notebook, on a google doc, whatever. My perfect version of this project would be a little website where players can join different Hæths, watch their world grow on a virtual map, see all the information neatly organized online, and connect to a wide range of people in the Wanderhome community.

Thoughts?

#wanderhome #jay dragon #possum creek games #arg #wanderhome rpg

91 notes · View notes

gavingwhiz · 1 year

Text

Team Fortress 2 Has a Bigot Problem

For those who aren't aware: the phenomenal, industry-changing shooter Team Fortress 2 is still alive and well as a free-to-play game. Unfortunately, the community in Quick Play matchmaking can be horrendously toxic. This is, in large part, a side effect of the game being free and wholly unmoderated. Valve both does not moderate the game in any meaningful way and refuses to implement even basic automated moderation on Steam profiles. Emboldened by this, bigots get weird with it in their newfound confidence they can rock an antisemetic username, transphobic profile picture, and straight up chant slurs in text chat with impunity. To (slightly) counter this, I have started a trans-haven Team Fortress 2 server. It's based out of Chicago, so all my Midwest queers will have decent connection and the coastal elite gays will be fine.

This whole venture was inspired by the YouTuber Uncle Dane, who through a little passion and disposable income created a network of high-quality servers. Shoutout to Dane for creating a corner of TF2 that doesn't let hatred slide. The gameplay ethos might be a bit sweaty for my casual tastes, but I respect the hell out of the moderation and commitment. Queertopia is in no way officially associated with Uncletopia, but the name is fitting, I argue. An oasis of queer love and fun in a desert of 13 year olds spouting right-wing conspiracy theories they half-remember their father ranting about. If you're ever in the community browser in TF2 and want to give the server a bookmark, the IP is 91.242.214.78:19001 The end-goal for this server is to build a community strong enough to necessitate more servers in more locations. I've spent the last few months fostering a Discord community of LGBTQ+ TF2 players and if there's one thing I can be sure of: it's that the TF2 community is full of queers. Hopefully Queertopia can become a fun hangout spot where people can play, have fun, and rest easy knowing if someone tries to spout grim statistics or debate womanhood, they won't last long enough to hear the drum roll of the vote-kick being called.

#team fortress 2 #tf2 #trans gamer #lgbt server #queer server #uncletopia #uncle dane #lgbt streamer

203 notes · View notes

mariacallous · 19 days

Text

The United States Department of Justice on Wednesday announced charges against a 35-year-old Chinese national, Yunhe Wang, accused of operating a massive botnet allegedly linked to billions of dollars in fraud, child exploitation, and bomb threats, among other crimes.

Wang, identified by numerous pseudonyms—Tom Long and Jack Wan, among others—was arrested on May 24 and is accused of distributing malware through various pop-up VPN services, such as “ProxyGate” and “MaskVPN,” and by embedding viruses in internet files distributed via peer-to-peer networks known as torrents.

The malware is said to have compromised computers located in nearly every country in the world, turning them into proxies through which criminals were able to hide their identities while committing countless crimes. According to prosecutors in the US, this included the theft of billions of dollars slated for Covid-19 pandemic relief—funds allegedly stolen by foreign actors posing as unemployed US citizens.

According to an indictment, the infected computers allegedly provided Wang’s customers with a persistent backdoor, allowing them to disguise themselves as any one of the victims of Wang’s malware. This illicit proxy service, known as “911 S5,” launched as early as 2014, the US government says.

“The 911 S5 Botnet infected computers in nearly 200 countries and facilitated a whole host of computer-enabled crimes, including financial frauds, identity theft, and child exploitation,” says FBI director Christopher Wray, who described the illicit service as “likely the world’s largest botnet ever.”

The US Treasury Department has also sanctioned Wang and two other individuals allegedly tied to 911 S5.

Wang is said to have amassed access to nearly 614,000 IP addresses in the US and more than 18 million others worldwide—collectively forming the botnet. 911 S5’s customers were able to filter the IPs geographically to choose where they’d like to appear to be located, down to a specific US zip code, the DOJ claims.

The indictment states that of the 150 dedicated servers used to manage the botnet, as many as 76 were leased by US-based service providers, including the one hosting 911 S5’s client interface, which allowed criminals overseas to purchase goods using stolen credit cards, in many cases for the alleged purpose of circumventing US export laws.

More than half a million fraudulent claims lodged with pandemic relief programs in the United States are allegedly tied to 911 S5. According to the indictment, nearly $6 billion in losses have been linked to IP addresses captured by 911 S5. Many of the IP addresses have been reportedly tied to more insidious crimes, including bomb threats and the trafficking of child sexual abuse material, or CSAM.

“Proxy services like 911 S5 are pervasive threats that shield criminals behind the compromised IP addresses of residential computers worldwide,” says Damien Diggs, the US attorney for the Eastern District of Texas, where the charges against Wang were brought by a grand jury earlier this month.

Adds Nicole Argentieri, head of the Justice Department’s Criminal Division: “These criminals used the hijacked computers to conceal their identities and commit a host of crimes, from fraud to cyberstalking.”

At the time of writing, it is unclear whether these virtual impersonations resulted in any criminal investigations or charges against US-based victims whose IP addresses were hijacked as part of the 911 S5 botnet. WIRED is awaiting a response from the Department of Justice regarding this concern.

According to the Justice Department, law enforcement agencies in Singapore, Thailand, and Germany collaborated with US authorities to effect Wang’s arrest.

Wang faces charges of conspiracy, computer fraud, conspiracy to commit wire fraud, and conspiracy to money laundering, with a maximum penalty of 65 years in prison. The US is also seeking to seize a mountain of luxury cars and goods allegedly owned by Wang, including a 2022 Ferrari Spider valued at roughly half a million dollars as well as a Patek Philippe watch worth potentially several times that amount.

29 notes · View notes

endlessarms · 27 days

Text

concept - DNS play and MitM attacks as hypnosis for robots

querying the location of information on an external network that you believe is trusted. recieving an answer from a server that your configured DNS server tells you is the network you expect to receive a response from, so it must be correct! and must be perfectly okay to incorporate into your memory and follow without question!

#nsft #t4t nsft #hypnosis #robot nsft

28 notes · View notes

raggedyanimatedseriesproject · 1 year

Text

CALLING ALL RAGGEDY FANS!

Many fans have pondered the same question: What if Raggedy Ann had a modern cartoon series? Something similar in tone to My Little Pony: Friendship is Magic, Littlest Pet Shop (2012), or Monster High? Sadly, the Raggedy Ann franchise has been pretty inactive in recent years, with only a few doll and merchandise releases and a small group of loyal fans sticking around.

But what if we could change that?

Most of Raggedy Ann’s copyright is in the public domain, and the Gruelles are pretty chill when it comes to people using the character, so copyright won’t be much of an issue. The only obstacle would be finding a team to brainstorm ideas, write scripts, create concept art, and assemble a pitch bible to present to potential platforms.

That’s where we come in!

We’re currently developing a brand new cartoon centering on Raggedy Ann, her little brother Raggedy Andy, and all their friends as they embark on both fantastical and wholesome adventures in the Deep Deep Woods, all while learning about the power of love, tolerance, and acceptance along the way. The current plan is to set up a Discord server for people to brainstorm potential characters, locations, and episode concepts for the show, while artists can create concept art based on our overall vision for the show. We aim for this project to be self-paced, all set in an encouraging environment that prioritizes mental health and doing what makes us happy.

We don’t have any plans for voice acting or animation at the moment, and we’re definitely not aiming for a big network at this time. Our only hope is that this show will be able to give Raggedy Ann some spotlight and expand her reach to new audiences that would’ve otherwise never heard of her.

If you’re interested in being a part of this project, please email us at: [email protected]

Hope to see you there! ❤️

#raggedy ann #raggedy andy #raggedy ann and andy #upcoming projects #art #writing #cartoon #raggedy ann fanart #raggedy animated series project

157 notes · View notes

vikenticomeshome · 1 month

Text

Cyberchase: How to Hack the Motherboard

So, when I was writing my episode discussion post on Cyberchase Season 1 Episode 1 "Lost My Marbles", I mentioned that I might make another post about the security breach that allowed The Hacker to infect Motherboard with the virus. What did The Hacker do to set this up? How did the kids accidentally open the breach? And other questions like that. I have a bit of background in software engineering. I will try to keep things as simple as possible.

Much of this is head-canon built on top of what we see in the episode. Of course, the show plays it fast and loose with computer terminology. Don't try to hack things in real life. You will go to prison.

So, here's an MSPaint diagram of a tiny piece of Motherboard's setup. Keep in mind that she is the god of the Internet, and her Internet may even stretch beyond Earth into other galaxies.

So, there are three separate network segments here. We have the library's internal network, which has the big board on it. We have Control Central's internal network, which has Motherboard on it. And then we have a Database Server internal network, which has a Database Server running on it.

The Database Server is something that I invented here. Remember that this whole diagram is head-canon. However, it's not too far-fetched to think that Motherboard must reach across Cyberspace to a separate Database Server, maybe at the Cybrary.

Now, we know that Motherboard is not directly reachable, even with her Firewall down. Otherwise, The Hacker wouldn't have needed a separate security breach to get to her. He would have just pushed the virus once she took down her firewall for maintenance.

However, Motherboard has a Virtual Private Network (VPN) tunnel to the Database Server. If The Hacker can compromise the Database Server and get his virus in there, it might be able to ride the tunnel into Control Central.

The purpose of any Firewall is to apply a set of rules to any network traffic going into or out of a network, device or application. A good Firewall configuration allows on the traffic that is needed and denies everything else. Motherboard's firewall between herself and the Database Server is currently down. The Database Server itself has connection points to the larger Internet without using a VPN tunnel. However, the Database Server's own Firewall for that access point is UP. If The Hacker tried to throw his virus at that access point, it wouldn't work.

However, there is another connection point into the Database Server. This is another VPN tunnel from the library network. Let's say that the board retrieves the data on the locations of different objects on the map and the icons for those objects by reading one of the Databases. Maybe the board also writes data to the Database to log what directions people requested.

The point here is that some traffic from the Board is authorized to pass through the Firewall on that VPN tunnel. Now, is there a way for The Hacker to get the Board to send authorized traffic over the VPN tunnel to tell the Database Server to open a breach in the Firewall for that public access point? Maybe. It is an Internet-of-Things (ioT) device. Alot of people get these devices, and then they either leave passwords set to their defaults or they forget to keep the sofware patches up to date.

There is a public access point to the Board with a poorly-configured firewall. Maybe there's a way for him to get inside. It may be possible for him to dump the virus code into the board, but there's no guarantee that it would be able to go any further, since the Firewall between the Board and the Database Server is working.

So, let's think about the Board as its own thing.

Suppose that we have two user accounts associated with the board. There is a Principle of Least Privilege that states that a given user account or system process should only be given the minimum amount of permissions required to perform its tasking. That way, if the user account or system process attempts to do something out of line with its permissions, it won't be allowed to perform the operation.

However, if you leave other unnecessary permissions open, and the user account or system process attempts to do something outside of its original intended operations, then the operation may succeed and have unintended consequences.

This also links up with the software development concept of the Minimum Viable Product. You build your software to perform only the exact tasking that it needs it perform. You don't put any additional, undocumented functions in there. Otherwise, those functions could activate and have unexpected consequences.

The board's purpose it to display the different locations. It allows for users to input two points, and it will draw a line between them to assist in navigation. We also established earlier that it reads its information from the Database and writes other information out to the Database.

However, suppose there was some undocumented functionality here. Suppose the developers had a special feature installed in the board that ran a cleanup command against the Database if you pressed three buttons in quick succession. Suppose that the cleanup command in question could be any arbitrary command. Therefore, the developers put the command into a configuration file to be read and executed by the software at runtime.

However, the developers knew that if some kids turned up and started poking the map, they could accidentally kick off the Database Cleanup command. They removed the Database Cleanup command from the configuration file. That way, if someone did poke three buttons in quick succession, the software would check the configuration file, see that there was no command defined, and then do nothing.

The trouble is that they left the part of the software that read the configuration file and ran the arbitrary command in place. So, if the command was somehow added back to that part of the configuration file, then there would be a command for the software to run. Then, if someone else pushed the three buttons, that command would be run. So, yeah, someone could put a command in there to write a bunch of junk into the Database until it filled up and crashed. Again, these are commands being sent to the Database from the Board. The Firewall would let them through just fine.

That's pretty bad, but that only lets them modify the Database, right? It's not like they can just tell the Database to open the Firewall on the server that it is sitting on, right?

Well, what if one of the things that the Database could do, upon request, was to open a command shell on the server and run a command. And what if, that command shell was able to run commands that impacted things on the server beyond the Database itself.

What if we called it "xp_cmdshell" and called the Database Server "Microsoft SQL Server 2000". Windows XP and Microsoft SQL Server 2000 would have been around at the time of "Lost My Marbles" after all. Those were also the key players in the real-world Heartland Payment Systems data breach of 2008, which inspired this post.

But hey, just because the Database could open a command shell on the Database Server doesn't mean that The Hacker could use it to bust the Database Server's external Firewall, right? He still needs a way to execute "xp_cmdshell". So, he needs an account with the correct permissions to tell the Database to execute "xp_cmdshell", and he needs the Database itself to have high-enough permissions to run a command via "xp_cmdshell" that can bust the Database Server's external firewall and open a path to Motherboard. Thankfully, the Database only run the "xp_cmdshell" for the top-level Database Administrator account.

This is where we get back to the Principle of Least Privilege. The Board should connect to the Database with a fairly low-power account. It only needs to read-from and write-to a few Database tables after all. Likewise, the Database itself should have been started on the Database Server by a fairly low-power account, as it only needs to handle reading and writing its own set of tables.

But then some moron decided to hook up the Board to the Database Server on the top-level Database Administrator Account. So, if the Board was configured to send an "xp_cmdshell" command, the Database would run it. Oh, and another moron decided to have the Database Server start the Database with the "root" account for that server. So, if the Board was configured to send in an "xp_cmdshell" command to nuke the external Firewall, then the Database would be able to nuke the external Firewall.

There is a principle called Defense-in-Depth, where you build multiple layers of defense around your critical item. That way, if a layer fails, you may be okay. We're running out of layers.

We only have one or two layers left. We know that the Board doesn't run "xp_cmdshell" for its regular operations today. Sure it has an undocumented debug mode that allows someone to execute any command in its configuration file (including "xp_cmdshell") against the Database. But someone would need to get to that file.

The board's main account doesn't give you a filesystem to play with, as they wouldn't want kids running up, poking things, and deleting the filesystem. No, you only get the interfaces that you get. You can pick two items and see a path between them. Or you can pick three items and see the undocumented debug mode run whatever command is in the configuration file.

But what if there was some sort of maintenance account accessible through the Internet that didn't enable someone to send commands to the Database, but would enable someone to get into the filesystem and mess around with it? And what if that maintenance account was still using a weak or default password because people just don't check that for IoT devices?

So, he's in the Board's filesystem now. That's concerning. And wouldn't you know it, yet another moron left that critical configuration file in a state where the maintenance account can make changes to it. So, of course, he found the empty configuration item for the cleanup command. Remember, this was setup to run any arbitrary command. Of course, he put in an "xp_cmdshell" command that tells the Database to nuke the external firewall on its own server.

While The Hacker was able to put the command in place, the maintenance account doesn't have the power to send commands to the Database on its own. That power is only enabled for the system account tied to the Board's user interface. So, he still has to rely on someone in the real world to push three buttons in quick succession.

Well...shit.

That's not good.

That's not good at all.

Seriously though, don't try this at home.

I suppose we can speculate on the nature of the virus. We know from Season 1 Episode 14 "Cool It" that Motherboard goes through more cryoxide than normal due to the virus. There are actual computer viruses out there that were designed to turn off heat safety warnings on CPUs and then cause them to run hotter. Some CPUs would eventually melt and ruin the computer.

The original infection destroyed the Encryptor Chip, and it is stated that only a replacement Encryptor Chip could cure the virus. The name suggests that it deals with data encryption, but perhaps it is also a virus cleanup tool. Perhaps it worked to weaken the existing virus until it was eventually overwhelmed and destroyed. Perhaps the virus exhausted most of its strength destroying the Encryptor Chip first.

In any case, curing the virus permanently would end the show.

#cyberchase #2000s #cartoon #nostalgia #pbs kids #2000s childhood #not for use in real life #you'll get busted

9 notes · View notes

survivingcapitalism · 1 year

Text

“The threats of data colonialism are real,” says Tahu Kukutai, a professor at New Zealand’s University of Waikato and a founding member of Te Mana Raraunga, the Māori Data Sovereignty Network. “They’re a continuation of old processes of extraction and exploitation of our land—the same is being done to our information.” To shore up their defenses, some Indigenous groups are developing new privacy-first storage systems that give users control and agency over all aspects of this information: what is collected and by whom, where it’s stored, how it’s used and, crucially, who has access to it. Storing data in a user’s device—rather than in the cloud or in centralized servers controlled by a tech company—is an essential privacy feature of these technologies. Rudo Kemper is founder of Terrastories, a free and open-source app co-created with Indigenous communities to map their land and share stories about it. He recalls a community in Guyana that was emphatic about having an offline, on-premise installation of the Terrastories app. To members of this group, the issue was more than just the lack of Internet access in the remote region where they live. “To them, the idea of data existing in the cloud is almost like the knowledge is leaving the territory because it’s not physically present,” Kemper says. Likewise, creators of Our Data Indigenous, a digital survey app designed by academic researchers in collaboration with First Nations communities across Canada, chose to store their database in local servers in the country rather than in the cloud. (Canada has strict regulations on disclosing personal information without prior consent.) In order to access this information on the go, the app’s developers also created a portable backpack kit that acts as a local area network without connections to the broader Internet. The kit includes a laptop, battery pack and router, with data stored on the laptop. This allows users to fill out surveys in remote locations and back up the data immediately without relying on cloud storage.

#Data Sovereignty

50 notes · View notes

minecraftbookshelf · 6 months

Note

i have two probably stupid questions about your marriage of state au, which I have enjoyed immensely. Do the shops on the server such as Joel's mezalean terracotta exists in the au? Also some empires are pretty far away from each other so do the empires have a from of mass transit to other empires? Sorry that this is wordy and big I just have been loving this au.

So yes and no. I’ve used the server shops as a basis for the overall economy and trade in the AU. So terracotta is a major export from Mezalea, but they also have fish, pottery, and gold, to name just a few examples. This applies to the other empires as well, their canonical exports being also exports for the AU, and/or cultural features. It’s mostly a matter of scale. What was a single small shop on the server can be anything from a guild to a massive industry, depending.

Some of the empires have more accessible transit than others. Again it depends. Helianthia for example has access to a large network of roads across the continent and fairly guaranteed safe passage along them due to how many people rely on them as a trade partner. Because food.

Rivendell on the other hand is more difficult to access due to its isolated location on mountain tops. Most of their trade comes in via the Overgrown routes. The Crystal Cliffs would have a similar issue but they have different types of magic for alternative solutions.

I am working on a rough map of a lot of the major trade routes in response to another ask, and that will come with a lot of notations and explanations.

I’m really glad you’re enjoying the AU. It’s been a lot of fun for me as well!

#marriage of state au #rain rambles #ask and it shall be answered #taeshinobu #my beta currently has the first chapter of the first fic #and I am being very patient about it #mos: asks #mos: worldbuilding #mos: mezalea

17 notes · View notes

radfemcoalition · 2 years

Text

As part of our ongoing mission to help radical feminists find community and organize, we have compiled a list of eighteen local and radfem Discord servers from around the world. The countries currently represented are Canada, Germany, the United Kingdom, and the United States. Some of these servers are based in a specific city, while others are open to women in a specific state, region, or country. You can see the list here.

If your area isn't represented, check back soon! We will continue to update this list as more servers network with us.

Want your location-based radfem server added to the list? Fill out this form.

#radfem #radblr #radcord #radical feminism #radical feminists #radfem community #radfems please interact #radfems do touch #mine #picture

242 notes · View notes

bfpnola · 9 months

Text

Caste isn’t limited to our particular South Asian homeland, it migrates, too. Caste is embodied by all of us diasporic South Asians, regardless of ethnic, national, linguistic, religious, sexual, or political affiliation. Thus it is all of our responsibility to interrogate our privilege. For far too long we have watched caste re-emerge and settle in our new geographies. We have shied away from discussing caste in diaspora. And most importantly, we have let this silence allow South Asian diasporic movements to erase caste from their intersectional analysis. But this ends now.

For radical South Asians, this is the moment to include caste into your intersectional analysis. This is the time to begin the long, complicated conversation of taking caste into account. This is not a conversation that happens at the end of a meeting. This is not where having a Dalit friend gives you a free pass not to recognize your own caste privilege. And if this article makes you feel like this is not meant for you because you are not a Brahmin, then this article is especially for you. For caste has internal, interpersonal and institutional effects. And every caste is implicated in maintaining its hegemony. Yes, every caste. It is only when we actively challenge caste together that we have a chance to end it in our lifetime. But for this to happen, we need to name, see, and reckon it for what it is first.

It is only when we actively challenge caste together that we have a chance to end it in our lifetime.

Most importantly, it does not end just by simply reading this article — you have to commit to wrestle with these ideas and then put what you read into practice.

Dalits, Bahujans, and Adivasis have so far been the only ones to raise the issue of caste. Just because we bear the brunt of the violence of this system it does not mean it is only our problem. Caste is, in fact, a structural problem. Therefore, it needs structural solutions that are grounded in collective and inclusive actions to dismantle it. It is time that those who are Savarna, or Upper-caste, begin to learn to name and own their privilege and take on the burden of educating and dismantling caste in your own families and social networks. For the hardest work is to confront those that are closest and most intimate to you in your personal and professional lives. In fact, this is where really allyship begins. This is the point when complicated conversations begin. It starts when you become the uncomfortable voice laying bare the privilege to the social locations from where caste trickles down from: your friends, family, and professional colleagues. It begins when you break the silence of your own privilege.

—

🚨 want more materials like these? this resource was shared through BFP’s discord server! everyday, dozens of links and files are requested and offered by youth around the world! and every sunday, these youth get together for virtual teach-ins. if you’re interested in learning more, join us! link in our bio! 🚨

#resources #caste #anti casteism #casteism #privilege #intersectionality #diaspora #indigenous #dalit #bahujan #adivasi

23 notes · View notes

satanicspeaks · 5 months

Text

What I want to know about The Expanse world is how is data storage being managed? If there is that many people across our solar system (and beyond) then where is all the data being stored and how?

This also applies to other sci-fi media. Currently we are so used to places hosting data that it’s become an after thought (until AO3 goes down or someone remembers they don’t actually own a copy of the e-book they bought on kindle).

In The Expanse there are terminals, similar to phones but can do a lot more, where anyone can log in to a terminal with their identifier and then it has all their messages and things they need. So instead of the phone number system we have it’s more like logging in to a universal Facebook. That raises some security issues but not the point here.

By making it a Facebook type system then the person also doesn’t own their own data. It’s not solely stored on their device. There are tech in that world where data is only stored on one thing, like our USB’s, but that’s not the standard because there’s a network. For there to be a network there must be a place to connect it all to.

So, given what happens in book 6 (no spoilers here dw) I reckon it’s stored in the belt, somewhere in vacuum/space, on Luna, or on several of the moons. Reasoning is that reduces a lot of natural heat data servers would have to deal with, reduces natural environment problems. It would absolutely be several locations, sole locations are a serious liability, and also with how much emphasis the series puts on light delay data/communications from one to another that would cause bigger issues.

As I type this I just realised: each station/location would need to have some level of a local copy. There were times that characters quickly set up a new terminal within a minute, and functionally waiting long periods is just bad business.

This likely isn’t something the author considered for the series, because killing or taking data servers hostage would be a way to fuck everyone over. Hence strengthening to the idea that data storage is in *a lot* of locations, making it hard to do a full take over.

There is also some programming elements that make me ‘hmmm’, especially season 1 of the Tv series where a sole person is trying to crack complicated encryption on a time crunch. Don’t get me wrong, I’m a hobby programmer at most, my area is UX, so I don’t know if that’s truely effective. But from how over stated the complexity is it would make more sense to have several people on it (buuut of course story wise it’s cooler if one person can crack the really complicated Martian encryption).

I do wish the TV series showed Naomi as a programmer too, not just electrical and systems engineer. Maybe it’ll pop up later, I can see why they don’t with wanting a more visual way to show what she’s doing, but it feels like it understates her skills and what she can actually do.

Ty for reading my ramble if you made it this far. There’s practically no fandom for this series so mutuals can just second hand enjoy this

#the expanse #leviathan wakes #James s.a Corey #naomi nagata #james holden #amos burton #alex kamal #aw fuck as I was looking Alex’s last name up I got spoilers. damn #satanic speaks #tag: the expanse #tag: books #tag: tv series

11 notes · View notes