Month: August 2019

Good Morning from my Robotics Lab! This is Shadow_8472, and today, I’m inching back into actual programming with the skills I’ve built up with SSH over the past month paving the way with a bit smoother workflow. Let’s get started!

A few weeks back, I was made an admin on a Discord server after an unsavory character I shall only refer to as Z nuked it majorly. He took advantage of the owner’s weakened state after constant raids, unbanned pretty much everyone, and kicked about two thirds of the total population. Z’s rampage went on for around 10 minutes, but he caused massive damage.

As an admin, I’m helping rebuild the server. One of the tasks is rebanning everyone Z unbanned. Oops. Discord only gives you the option to ban someone if they have some sort of presence on the server by way of being a member or having a message.

When Discord bans someone, it offers to permanently delete a few days of messages from them. Troll tactics often involve getting a bunch of alt accounts on at a time for wide-spread harassment. When the server staff is doing a good job, alt accounts get banned quickly, and all traces of them are incidentally removed from the server. Bad news for me when trying to reban.

The good news is that Discord have a little more access to Discord’s full feature set, and one of those tools is banning accounts without needing a membership or a post. However, with a new goal in a slightly unfamiliar field, that implies new learning to be had.

The first step was defining what exactly I want it to do: Reban the unreachable. Next, I settled on hard coding each name that still needed banning. I’ve had issues with bot stability when running someone else’s dice bot myself, but I don’t need to worry since the finished bot need only run once and it’s done, ready to archive.

The hardest part would have been getting Python3 on. Lucky me, I have the earliest version of Python supported by Discord’s Python wrapper already installed on Blinkie from my naughty kitty project. I just had to install a few dependencies.

I met someone on Discord by the handle of Damaged who I got the majority of my assistance from. They actually pointed me in the direction of programming my own bot instead of just trusting someone else’s. “What I can say is that you need to be very careful of any bot you want to get to [ban people]. You’re effectively going to give them the keys to the castle.” Security is of concern. I once hacked a new bot (with permission from an admin) into pinging everyone when a normal account doesn’t let you do that. The last thing I want to do is let possible trolls have devastating tools I left laying around.

Banning doesn’t sound like anything too fancy to program, and the skills and tools I develop for this project should be useful later. I learned how Discord bots log into bot accounts with some kind of token. I learned how to tell the bot to print its account ID to the command line and use that to add its account to a server. As of the writing of this post, I have gotten a sample bot debugged and running and responding to a simple command.

The next step was a little revision in plans. I have about 50 names to reban or so in total, and bots can theoretically easily do the deed quickly and more thoroughly than I can. I figured it was likely somewhere around a wash, so I’m going to program a bot to look for all Z’s unbans and reban them.

Other possible bot features I might like are the ability to nuke someone’s entire history with the server. Another person who left now has a crude name I wouldn’t mind if it were gone.

Final Question: Not all bots need potentially dangerous permissions to run. What are some niche moderation bots you’ve seen/used?

Good Morning from my Robotics Lab! This is Shadow_8472, and today, I’m off on another tangent away from my main goal of Kitty-Cam security. Let’s get started!

Last week, I went over the basics of logging in securely without a password. This week, I tried practicing my skills and setting up a SSH key pair. Somewhere, I messed up royally, and I messed up the connection for the laptop as well.

It feels like my knowledge in computers is growing like a pile of sand, with the goal being to reach some arbitrary height. Each grain of sand higher means another shell of grains around the outside, and if one falls in just the wrong place, I have to learn how to fix it. For monolithic goals, this is bad news, but in a wider scope, it’s not so bad. If I set a new goal in a similar field, a lot of my grains of knowledge will still be applicable to this new task. I suppose that’s why they call it a learning curve, though right now, it feels like a learning slope.

I went into the workshop and spent a while banging into a learning wall. My progress from last week had seemingly broken, and I could not recognize how for the longest time, even until closing time. Apparently, in addition to SSH public and private keys, there’s this thing called a host key. From a little more research, it looks like a host key is a number you trade over a separate communication line to make sure you don’t have a man-in-the-middle attack where someone is passing all the traffic between you and the server and taking notes on your otherwise private conversation.

I still haven’t gotten my side project working, but now, I think I know the correct direction. I’d like to get this working, because an interesting robot platform I’ve been following for a number of years, Sweetie Bot Project, finally made their code open source. With any luck, I’ll have my skills refined to where I can build one when they release the hardware as well.

Final Question: What projects have you looked forward to working on?

Good Morning from my Robotics Lab! This is Shadow_8472, and today, I’m exploring SSH a little farther. Let’s get started!

Just as there’s more than one way to tie a knot, there’s more than one way to secure communications between two computers. Last week, I talked about how to use SSH to log in remotely. This week, I learned how to use a pair of cryptographic keys to log in without a pesky password preventing punctual passage.

I’d like to take a break here and just say that when you have multiple implementations for the same task, it can be difficult to choose which one to go with if there isn’t already some sort of standard in place. For example, if you are just starting to look at getting a new computer and you know precious little about them, it would probably not be a good idea to go with a completely unknown operating system like PurpleDragon (Fictional example). There isn’t likely much support for it, you likely won’t find much software for it outside what comes with it, and you just might have issues trying to connect with other computers if it isn’t programmed with standardized network protocols. This isn’t to say you will never want to run something like PurpleDragon, especially if you are in charge of a secret super genius’s lair and you need to prevent outside hackers and can afford a whole IT staff to maintain it.

Whatever the case, I’m now working with PuTTY, a fancier SSH client that’s supposed to work a little better than the Windows extension I’ve been working with. The cryptographic keys I mentioned earlier are generated in pairs. Oversimplified, both parties each have a public key and a private key, and each party’s public key can unlock the matching private key. The two parties swap public keys, and then the two can lock their chatter up in a way that it just looks like noise to anyone trying to listen in.

Final Question: It feels a little awkward learning about modern cryptography with Quantum computing coming any day now (relatively speaking). Once Quantum computers are easily accessible to the public, cryptography will be obsolete, but they will give us unbreakable quantum cryptography. How long do you think it will take to affect this change?