Welcome!

By registering with us, you'll be able to discuss, share and private message with other members of our community.

Sign up now!

Implemented Restrict SDK Runtime for End Users

Status
Not open for further replies.
Joined
Sep 30, 2015
Messages
15
I give people a .zip file with both a jar and the source code. Wasn't aware I HAD to use the botstore and wait ~12 hours for them to receive the product when they could just as easily compile it themselves and run it.
 
Mod Automation
Joined
Jul 26, 2013
Messages
3,046
I give people a .zip file with both a jar and the source code. Wasn't aware I HAD to use the botstore and wait ~12 hours for them to receive the product when they could just as easily compile it themselves and run it.
The reasons why that is not a good idea are outlined in the OP and following posts.
 
Joined
Aug 10, 2015
Messages
142
I give people a .zip file with both a jar and the source code. Wasn't aware I HAD to use the botstore and wait ~12 hours for them to receive the product when they could just as easily compile it themselves and run it.
No to mention waiting half a day is better than waking up and realizing your entire bot farm plus all your passwords to your email, paypal, etc are jacked because some kid put a generic rat in there and paid a kid a couple bucks to make it undetectable.
 
Joined
Sep 23, 2015
Messages
22
By putting a private bot on SDN.. does that mean the staff here review them before actual use of each update or does a system automatically check for viruses, rats, etc?
 
Joined
Dec 10, 2014
Messages
3,255
Well this thread was entertaining. To be honest, I'm all for this change, safety is something that shouldn't be neglected xD
 
Joined
Sep 30, 2015
Messages
86
Took nearly 4 hours after I submitted my script to SVN to only receive a notification that the manifest tag is wrong. Guess it's time to wait another 5 hours just to allow a friend to use the script.

This is a pretty disheartening change, add a warning or something they have to agree to. If they end up being hacked, then you have no responsibility for it, they took the risk.

I hate how these Bot Client Platforms force you to do it their way, at this point i'm only using this client because I have no other choice. It's either EpicBot, TriBot which forces you to pay 5$ to simply load local scripts, or RuneMate. I wanted to eventually attempt a database setup with the scripts I create, like getting account info from a MySQL database and logging into the game using my own Login Handler and then sending info to the database as well, but I highly doubt that's going to be allowed on SVN, not to mention they're going to see my db logins, etc..

This is a stupid change IMHO, I get you want to protect your users, but some users don't want to be protected. Tired of being called this "anarchist" for saying so, create a warning, shit I don't care if you have a popup or some form you have to agree to, you shouldn't be held responsible if someone ignores the guideline or warning.

Revert this change, and find another way, please.
 

vag

Joined
Apr 21, 2015
Messages
142
Took nearly 4 hours after I submitted my script to SVN to only receive a notification that the manifest tag is wrong. Guess it's time to wait another 5 hours just to allow a friend to use the script.

This is a pretty disheartening change, add a warning or something they have to agree to. If they end up being hacked, then you have no responsibility for it, they took the risk.

I hate how these Bot Client Platforms force you to do it their way, at this point i'm only using this client because I have no other choice. It's either EpicBot, TriBot which forces you to pay 5$ to simply load local scripts, or RuneMate. I wanted to eventually attempt a database setup with the scripts I create, like getting account info from a MySQL database and logging into the game using my own Login Handler and then sending info to the database as well, but I highly doubt that's going to be allowed on SVN, not to mention they're going to see my db logins, etc..

This is a stupid change IMHO, I get you want to protect your users, but some users don't want to be protected. Tired of being called this "anarchist" for saying so, create a warning, shit I don't care if you have a popup or some form you have to agree to, you shouldn't be held responsible if someone ignores the guideline or warning.

Revert this change, and find another way, please.

Uhh, Did I get this right? You want to save RuneScape account names in your own database? That's just insecure, stupid and fishy. First off all, the client saves login details locally, because the simple fact is that the passwords need to be saved in plain textformat, because the JVM Keyboard can not handle encrypting and decrypting passwords without being unsecure (yes, you can write a keyboard that uses your custom encrypting, but if you do so, once again you are easily able to decrypt, because your script has to know the pattern.)

0/10 Hope you get banned for saying shit like this.
 
Joined
Sep 30, 2015
Messages
86
Uhh, Did I get this right? You want to save RuneScape account names in your own database? That's just insecure, stupid and fishy. First off all, the client saves login details locally, because the simple fact is that the passwords need to be saved in plain textformat, because the JVM Keyboard can not handle encrypting and decrypting passwords without being unsecure (yes, you can write a keyboard that uses your custom encrypting, but if you do so, once again you are easily able to decrypt, because your script has to know the pattern.)

0/10 Hope you get banned for saying shit like this.

What an amazingly friendly community.
 
Author of MaxiBots
Joined
Dec 3, 2013
Messages
6,774
Uhh, Did I get this right? You want to save RuneScape account names in your own database? That's just insecure, stupid and fishy. First off all, the client saves login details locally, because the simple fact is that the passwords need to be saved in plain textformat, because the JVM Keyboard can not handle encrypting and decrypting passwords without being unsecure (yes, you can write a keyboard that uses your custom encrypting, but if you do so, once again you are easily able to decrypt, because your script has to know the pattern.)

0/10 Hope you get banned for saying shit like this.
The client doesn't store the login details locally, what are you even talking about.
 
Java Warlord
Joined
Nov 17, 2014
Messages
4,906
Took nearly 4 hours after I submitted my script to SVN to only receive a notification that the manifest tag is wrong. Guess it's time to wait another 5 hours just to allow a friend to use the script.

This is a pretty disheartening change, add a warning or something they have to agree to. If they end up being hacked, then you have no responsibility for it, they took the risk.

I hate how these Bot Client Platforms force you to do it their way, at this point i'm only using this client because I have no other choice. It's either EpicBot, TriBot which forces you to pay 5$ to simply load local scripts, or RuneMate. I wanted to eventually attempt a database setup with the scripts I create, like getting account info from a MySQL database and logging into the game using my own Login Handler and then sending info to the database as well, but I highly doubt that's going to be allowed on SVN, not to mention they're going to see my db logins, etc..

This is a stupid change IMHO, I get you want to protect your users, but some users don't want to be protected. Tired of being called this "anarchist" for saying so, create a warning, shit I don't care if you have a popup or some form you have to agree to, you shouldn't be held responsible if someone ignores the guideline or warning.

Revert this change, and find another way, please.
I think you can do this, as long as this system is for your own, private use, and not for any customer.
 

vag

Joined
Apr 21, 2015
Messages
142
The client doesn't store the login details locally, what are you even talking about.
Atleast this is what @Arbiter told me on Skype a few days ago, when we were talking about the security checks performed to scripts. Arbiter can feel free to correct me?
 
Mod Automation
Joined
Jul 26, 2013
Messages
3,046
Will scripts uploaded as private undergo the same quality checks or just safety checks.

Free and private bots are mostly checked for safety. While we may provide pointers to improve, we won't reject for quality unless there's something really wrong with it.

Took nearly 4 hours after I submitted my script to SVN to only receive a notification that the manifest tag is wrong. Guess it's time to wait another 5 hours just to allow a friend to use the script.

This is a pretty disheartening change, add a warning or something they have to agree to. If they end up being hacked, then you have no responsibility for it, they took the risk.

I hate how these Bot Client Platforms force you to do it their way, at this point i'm only using this client because I have no other choice. It's either EpicBot, TriBot which forces you to pay 5$ to simply load local scripts, or RuneMate. I wanted to eventually attempt a database setup with the scripts I create, like getting account info from a MySQL database and logging into the game using my own Login Handler and then sending info to the database as well, but I highly doubt that's going to be allowed on SVN, not to mention they're going to see my db logins, etc..

This is a stupid change IMHO, I get you want to protect your users, but some users don't want to be protected. Tired of being called this "anarchist" for saying so, create a warning, shit I don't care if you have a popup or some form you have to agree to, you shouldn't be held responsible if someone ignores the guideline or warning.

Revert this change, and find another way, please.
You can still do all that as a Bot Author with no time limits. Remember, this is for end users only.
 
  • Like
Reactions: WYD
Author of MaxiBots
Joined
Dec 3, 2013
Messages
6,774
Free and private bots are mostly checked for safety. While we may provide pointers to improve, we won't reject for quality unless there's something really wrong with it.


You can still do all that as a Bot Author with no time limits. Remember, this is for end users only.
Shouldn't he have received a message instantly about the incorrect manifest tag?
And to clarify for VAG and I, are account details stored on the local pc? I was under the impression they're not.
 
Status
Not open for further replies.
Top