| --- Log opened Mon Dec 17 00:00:00 2012 |
| 01:26 | | AbuDhabi [annodomini@Nightstar-a1e3cdeb.89.getinternet.no] has quit [Ping timeout: 121 seconds] |
| 01:30 | | himi-cat [fow035@Nightstar-5d05bada.internode.on.net] has quit [Client closed the connection] |
| 01:36 | | himi [fow035@Nightstar-5d05bada.internode.on.net] has joined #code |
| 01:36 | | mode/#code [+o himi] by ChanServ |
| 01:47 | | Thalass|slep is now known as Thalass |
| 02:07 | | Kindamoody[zZz] is now known as Kindamoody |
| 02:21 | | VirusJTG [VirusJTG@Nightstar-09c31e7a.sta.comporium.net] has quit [[NS] Quit: night all] |
| 02:28 | | himi [fow035@Nightstar-5d05bada.internode.on.net] has quit [Connection closed] |
| 02:30 | | himi [fow035@Nightstar-5d05bada.internode.on.net] has joined #code |
| 02:30 | | mode/#code [+o himi] by ChanServ |
| 04:31 | | Kindamoody is now known as Kindamoody[zZz] |
| 04:33 | | ToxicFrog [ToxicFrog@ServerAdministrator.Nightstar.Net] has quit [[NS] Quit: ZNC - http://znc.in] |
| 04:43 | | mac [mac@Nightstar-fe8a1f12.il.comcast.net] has quit [[NS] Quit: Leaving] |
| 05:32 | | syksleep is now known as Syk |
| 06:02 | | ErikMesoy|sleep is now known as ErikMesoy |
| 06:55 | | celticminstrel [celticminst@Nightstar-e83b3651.cable.rogers.com] has quit [[NS] Quit: And lo! The computer falls into a deep sleep, to awake again some other day!] |
| 07:10 | | You're now known as TheWatcher |
| 08:07 | | Thalass is now known as Thalass|KSP |
| 08:08 | | You're now known as TheWatcher[afk] |
| 08:14 | | ReivDriod [Reiver@Nightstar-2aaa792a.vf.net.nz] has joined #code |
| 09:46 | | You're now known as TheWatcher |
| 09:56 | | auREAX [mark@42F7BC.C2C1CC.B64DF6.88F7A5] has quit [Operation timed out] |
| 09:59 | | auREAX [mark@42F7BC.C2C1CC.B64DF6.88F7A5] has joined #code |
| 10:06 | | auREAX [mark@42F7BC.C2C1CC.B64DF6.88F7A5] has quit [Operation timed out] |
| 10:19 | | RichyB [richardb@Nightstar-3b2c2db2.bethere.co.uk] has joined #code |
| 10:39 | | auREAX [mark@42F7BC.C2C1CC.B64DF6.88F7A5] has joined #code |
| 10:47 | | AbuDhabi [annodomini@Nightstar-a1e3cdeb.89.getinternet.no] has joined #code |
| 13:30 | | Kindamoody[zZz] is now known as Kindamoody |
| 13:44 | | Thalass|KSP is now known as Thalass|t2 |
| 13:48 | | Thalass|t2 [thalass@Nightstar-724ec5eb.bigpond.net.au] has quit [[NS] Quit: hobby king is a dangerous website] |
| 14:37 | | You're now known as TheWatcher[afk] |
| 15:30 | <@Tarinaky> | Hey. |
| 15:30 | <@Tamber> | Heyhey. |
| 15:31 | <@Tarinaky> | Would anyone be interested in cooperatively making an open source game? |
| 15:33 | < RichyB> | Man, that sounds like commitment and shit. |
| 15:33 | < RichyB> | What are you wanting to make? |
| 15:33 | <@gnolam> | Oh right, it's Monday. ;) |
| 15:34 | <@Tarinaky> | RichyB: I don't know. I have a few ideas that could be fleshed out... |
| 15:34 | <@gnolam> | (An old programming forum in-joke: every couple of weeks, someone would come looking for partners for a game. 9 times out of 10, it was on a Monday.) |
| 15:35 | <@Tarinaky> | I'll go away then :p |
| 15:35 | < RichyB> | No, stay! |
| 15:37 | <@Tarinaky> | Okay. |
| 15:37 | < Syk> | ok so, implemented my password hashes |
| 15:37 | < Syk> | it's salted with the user's name and a global salt |
| 15:38 | < Syk> | that is Best Practice isn't it? |
| 15:38 | <@Tarinaky> | I don't think salting with the user's name is important/anything other than obscurity. |
| 15:38 | | * Tamber sprinkles salt over Syk. |
| 15:38 | < Syk> | Tarinaky: prevents dictionary attacks |
| 15:39 | <@Tarinaky> | The global salt prevents dictionary attacks. |
| 15:39 | < Syk> | it double prevents them |
| 15:39 | <@Tarinaky> | If you know the user's name is also a salt then you already have the user name. |
| 15:39 | <@Tarinaky> | So it's not cryptography. |
| 15:39 | < ErikMesoy> | "double prevents" sounds ominous |
| 15:39 | < Syk> | well if the global salt is known, you can preprocess rainbow tables |
| 15:40 | < Syk> | if it's salted with the user too, they would have to do that for every single user |
| 15:41 | < RichyB> | Simplest system is to salt with 4 random bytes, and store those along with the password. |
| 15:41 | < RichyB> | More if you're paranoid. |
| 15:41 | <@Namegduf> | Syk: At which point you're sharing no work between users and the rainbow table isn't improving everything. |
| 15:41 | <@Namegduf> | *anything |
| 15:41 | < Syk> | Namegduf: so therefore worth it, right? |
| 15:41 | < RichyB> | Syk: best thing to do w.r.t password hashing is use scrypt |
| 15:42 | <@Namegduf> | RichyB: I wonder how many users you need to have at least one collision, on average, for a randomly generated 0 to 4 billion number. |
| 15:42 | < RichyB> | 65536, roughly. |
| 15:43 | < RichyB> | Namegduf: birthday paradox, you get roughly 45% chance of one collision occurring at sqrt(N). |
| 15:43 | <@Namegduf> | I knew the concept, which is why I asked, but not the actual number. |
| 15:43 | < RichyB> | So if N=2**32, you have a just-under-50% chance of one collision at 2**16. |
| 15:44 | < RichyB> | Syk: Your own password hashing algorithm may be immune to rainbow table attacks, but I'd be willing to put money on it being vulnerable to brute-forcing with GPUs. You want to use scrypt instead. :) |
| 15:44 | < Syk> | and what does scrypt do |
| 15:44 | <@Tamber> | Be slow, and resource hungry. |
| 15:45 | <@gnolam> | Rule #1 of cryptography solutions: Do Not Roll Your Own. |
| 15:45 | < RichyB> | It's a password hashing algorithm that's immune to rainbow table attacks, contains a work factor so that it can be made arbitrarily expensive, and requires multiple kilobytes of memory so that GPUs and FPGAs can't run it efficiently. |
| 15:45 | <@Namegduf> | Note that immunity to rainbow table attacks just means "incorporates a salt" |
| 15:45 | <@Namegduf> | Not that you shouldn't pick something which does that well as a built-in thing |
| 15:45 | <@Azash> | And "immunity" just means infeasibility |
| 15:45 | < Syk> | so it makes things slow |
| 15:46 | < RichyB> | Yes. Infeasible to crack. |
| 15:46 | <@Namegduf> | Nothing will make truly shit passwords impossible to crack. |
| 15:46 | <@Namegduf> | Basic dictionary attacks can be run on a CPU very easily. |
| 15:46 | <@Tamber> | Not impossible, but hard enough to make it perhaps not worth bothering. |
| 15:46 | <@Namegduf> | Nor even with MD5 will a really strong password (20 character random, say) be vulnerable, I believe. |
| 15:46 | < RichyB> | Short answer: it's a password hashing algorithm that's better designed than anything that anyone is going to come up with in the time between now and the time that it takes you to incorporate scrypt. |
| 15:47 | < Syk> | is this 'worth it' making things slow, or a 'because lol' |
| 15:47 | <@Namegduf> | There's just too much exponential increase from the added random characters. |
| 15:47 | <@Tamber> | Syk, ...eh? |
| 15:47 | <@Namegduf> | What these do is push up the boundary of reasonably bruteforceable stuff. |
| 15:47 | <@Tamber> | "not worth bothering" == "Don't have to outrun the *bear*, just have to outrun *you*." |
| 15:48 | < Syk> | Tamber: i mean, does it have a tangible benefit, or is it flung off the cliff of diminishing returns |
| 15:48 | <@Namegduf> | Making a lot of mediocre passwords at least harder to get. |
| 15:48 | <@Tamber> | Syk, ...I am confused as to what you're actually asking. |
| 15:48 | <@Namegduf> | It's good practice, but it isn't magic. Keeping your DB secure is still really important. |
| 15:48 | <@Azash> | RichyB: Speaking of arbitrarily expensive, I like what I'm using on my server right now |
| 15:49 | <@Namegduf> | And using strong passwords is really important as a user, regardless of who hashes what as what. |
| 15:49 | < Syk> | Tamber: nm |
| 15:49 | <@Azash> | Chaining 2^20 rounds of PBKDF |
| 15:49 | <@Azash> | It's funny when even legitimate logins take seconds |
| 15:50 | <@gnolam> | Hello DoS? |
| 15:50 | < Syk> | so is this going to make Twisted go HANRSHDSDBF |
| 15:50 | < Syk> | and block to fuck |
| 15:50 | <@Namegduf> | That is the big issue; a strong hashing algorithm which protects passwords is a really easy brute force button. |
| 15:50 | <@Azash> | gnolam: The delay when you fail is even longer |
| 15:50 | <@Namegduf> | But just saying that people with eight character passwords are stupid |
| 15:50 | < Syk> | ...actually no, I'm intending on making this work on a raspberry pi |
| 15:50 | <@Namegduf> | Doesn't really work |
| 15:51 | < Syk> | ...I don't think scrypt and a 700mhz ARM CPU will be happy friends |
| 15:51 | <@Namegduf> | Azash: How do you enforce this? By IP? |
| 15:51 | <@Namegduf> | Azash: Because with big NATs common, that would be prone to random suckage |
| 15:51 | <@Azash> | I don't know how sshd does it |
| 15:52 | <@Namegduf> | By IP |
| 15:52 | <@Namegduf> | But generally SSHD has more technically literate users who can tune things if they are coming from places behind a NAT which also contains other users causing password failures |
| 15:53 | <@Azash> | My server has like four legitimate users, all in different countries |
| 15:53 | <@Namegduf> | Whereas a website login page does not let users tune things to suit their own local network installation. |
| 15:53 | <@Azash> | It's an unlikely scenario so I haven't really thought about it |
| 15:58 | | RichyB [richardb@Nightstar-3b2c2db2.bethere.co.uk] has quit [[NS] Quit: Leaving] |
| 16:06 | | celticminstrel [celticminst@Nightstar-e83b3651.cable.rogers.com] has joined #code |
| 16:06 | | mode/#code [+o celticminstrel] by ChanServ |
| 16:29 | | ToxicFrog [ToxicFrog@2D9871.281A35.18024E.E37E4A] has joined #code |
| 16:54 | <@Tarinaky> | At the risk of being stereotypical, where would be a good place to ask? |
| 16:55 | <@Tarinaky> | (15:31 <@Tarinaky> Would anyone be interested in cooperatively making an open source game? |
| 16:55 | <@Tarinaky> | If there's no interest here >.< |
| 17:25 | | * Pandemic does not possess the coding skill needed |
| 17:25 | <@Pandemic> | last game i wrote was a card game, text only, 11 years ago |
| 17:28 | <@Pandemic> | http://gizmodo.com/5969038/is-this-the-most-over-the-top-christmas-tree-ever-may be |
| 17:55 | <@Tarinaky> | Yeah. Looks like I'm on my own then :( |
| 17:56 | <@Pandemic> | have you poked around freenode? there may be some interst there |
| 17:56 | <@Tarinaky> | I don't really want to work with someone I don't already know. |
| 17:56 | <@Tarinaky> | Which is a bit of an issue. |
| 18:00 | <@Tarinaky> | I'm having a massive mental block with the, well... game part of making a game. |
| 18:00 | <@Tarinaky> | I can learn a wrapper and throw together some boiler plate that makes it interactive. |
| 18:00 | <@Tarinaky> | But I've no idea what to actually do with it. |
| 18:00 | <@Tarinaky> | Which is a bit of a problem. |
| 18:01 | < ErikMesoy> | Write the text segments of a Planescape Torment. |
| 18:01 | < ErikMesoy> | The game is a long series of conversation choices. |
| 18:01 | <@Tarinaky> | I don't want to write dialogue, I want to make a game? |
| 18:02 | <@Pandemic> | you could always do someting like a quake or doom mod your first time out |
| 18:02 | <@Pandemic> | that way the game is already there and you can perfect your skill by moding it before branching out to build an entire system fromscratch |
| 18:03 | <@Tarinaky> | Yeah, but I don't have anything I want to do with it. |
| 18:03 | <@Tarinaky> | The issue isn't writing the engine. It's the game part. |
| 18:04 | <@Tarinaky> | Which I know sounds weird, but it is. |
| 18:04 | <@Pandemic> | ahh |
| 18:08 | <@rms> | Tarinaky: I might be interested |
| 18:08 | <@Tarinaky> | Of course. I've only come up with this cunning plan just before I have to start panicking about exams. |
| 18:08 | <@Tarinaky> | Which more or less says everything >.< |
| 18:11 | <@rms> | I've a few game ideas that I've yet to complete, ill go over them when I'm not on a mobile |
| 18:12 | <@Tarinaky> | Cool. |
| 18:16 | <@Tarinaky> | As long as it isn't "Facebook with vegetables" |
| 18:16 | <@Tarinaky> | :p |
| 18:16 | | * Pandemic blocks facebook apps..... |
| 18:16 | <@rms> | ha, no |
| 18:16 | <@Tarinaky> | Pandemic: No, I don't mean a Facebook app. |
| 18:16 | <@gnolam> | I have a ton of game ideas, but I don't currently have any spare time. :P |
| 18:16 | <@Tarinaky> | I mean a Facebook, but with vegetables. |
| 18:16 | | * Tarinaky waves hands. |
| 18:17 | <@rms> | one is an RTS RPG crossover |
| 18:17 | <@Tarinaky> | Cool. |
| 18:17 | <@rms> | Another is a TCG |
| 18:17 | <@Pandemic> | so, like facebook for idiots then |
| 18:17 | <@Pandemic> | no wait, that already exsists |
| 18:18 | < ErikMesoy> | rms: just for that, I will have to offer to balance the TCG so that you don't end up with yet another godsdamn clone of Time Walk |
| 18:19 | <@rms> | Time Walk? |
| 18:19 | < ErikMesoy> | I've played like five different TCGs online that all make the noob mistakes from Magic over again. "Let's make it really cheap for the player to go again." |
| 18:19 | <@rms> | Heh |
| 18:19 | < ErikMesoy> | Time Walk: 2-mana card from Magic:The Gathering that reads "Take another turn after this one". |
| 18:19 | <@Tarinaky> | Alpha had no balance. |
| 18:19 | < ErikMesoy> | "Let's make creatures really expensive and removal really cheap." |
| 18:20 | < ErikMesoy> | "Let's put in effects that are immune to everything, and only die on a timer." |
| 18:20 | < ErikMesoy> | "Let's balance around the abovementioned description of removal, so that some creatures can win the game if they hang around for 3 turns." |
| 18:43 | | Syk is now known as syksleep |
| 18:54 | | mac [mac@Nightstar-fe8a1f12.il.comcast.net] has joined #code |
| 19:30 | <@Azash> | "2012! No JavaScript? Cool bro. Come back when you have a proper browser. KTHX" |
| 19:30 | <@Azash> | narf-archive web devs leave me less than impressed |
| 19:54 | | AbuDhabi [annodomini@Nightstar-a1e3cdeb.89.getinternet.no] has quit [[NS] Quit: leaving] |
| 20:23 | <@rms> | Barf archive? |
| 20:24 | <@rms> | ... |
| 20:24 | <@rms> | narf* |
| 20:26 | <@rms> | Wow, shitty mobile interface |
| 20:27 | <@Azash> | Some random image host |
| 20:48 | | celticminstrel [celticminst@Nightstar-e83b3651.cable.rogers.com] has quit [[NS] Quit: KABOOM! It seems that I have exploded. Please wait while I reinstall the universe.] |
| 20:48 | | celticminstrel [celticminst@Nightstar-e83b3651.cable.rogers.com] has joined #code |
| 20:48 | | mode/#code [+o celticminstrel] by ChanServ |
| 20:58 | | Attilla [Obsolete@Nightstar-5c0fce37.range109-151.btcentralplus.com] has quit [[NS] Quit: ] |
| 21:00 | | Kindamoody is now known as Kindamoody[zZz] |
| 21:04 | | Attilla [Obsolete@Nightstar-5c0fce37.range109-151.btcentralplus.com] has joined #code |
| 21:08 | | ErikMesoy is now known as ErikMesoy|sleep |
| 21:24 | <@celticminstrel> | What's the criteria for choosing refresh rates in display settings... |
| 21:24 | <@celticminstrel> | I have choices of 60Hz and 75Hz. |
| 21:25 | <@celticminstrel> | And oddly my two monitors don't have the same setting. |
| 21:25 | <@froztbyte> | yar, usually it depends on your monitor |
| 21:25 | <@celticminstrel> | Oh, the secondary monitor also allows 70Hz. |
| 21:26 | <@celticminstrel> | I dunno, should they both be the same? |
| 21:26 | <@celticminstrel> | Is one setting better than the other? |
| 21:34 | <@froztbyte> | not sure |
| 21:34 | <@froztbyte> | iirc there's some stuff to do with your eyes and so |
| 21:34 | <@froztbyte> | but I guess it could just boil down to comfort |
| 21:35 | <@froztbyte> | in summary, I'd go read up :) |
| 21:35 | <@froztbyte> | http://www.math.umbc.edu/~rouben/misc/vax.html |
| 21:41 | | You're now known as TheWatcher |
| 21:48 | | celticminstrel [celticminst@Nightstar-e83b3651.cable.rogers.com] has quit [[NS] Quit: KABOOM! It seems that I have exploded. Please wait while I reinstall the universe.] |
| 21:48 | | celticminstrel [celticminst@Nightstar-e83b3651.cable.rogers.com] has joined #code |
| 21:48 | | mode/#code [+o celticminstrel] by ChanServ |
| 22:03 | < ToxicFrog> | celticminstrel: in general you want the highest refresh rate your monitor can handle. |
| 22:04 | <@celticminstrel> | Mkay. |
| 22:04 | < ToxicFrog> | It's less critical now than it used to be; 60Hz or below on CRT monitors results in headaches and visible flickering for a lot of people (including me) |
| 22:04 | < ToxicFrog> | LCDs generally don't go below 60Hz at all and look fine even at that rate. |
| 22:04 | <@celticminstrel> | I have an LCD though. |
| 22:04 | <@celticminstrel> | Well, two LCDs. |
| 22:05 | < ToxicFrog> | In that case it is likely taht the only times it will be relevant are when gaming. |
| 22:05 | | mac [mac@Nightstar-fe8a1f12.il.comcast.net] has quit [[NS] Quit: Leaving] |
| 22:06 | <@celticminstrel> | I wonder if putting it to 75Hz would make Bastion lag less... probably not? |
| 22:13 | <&McMartin> | Are you forcing to VSYNC? |
| 22:13 | <&McMartin> | If so, going above 60Hz may make it lag *more* as it "misses its cue", resulting in a 37.5 FPS |
| 22:17 | <@celticminstrel> | I had vsync off in Bastion. |
| 22:17 | <@celticminstrel> | Because it seemed to help a little. |
| 22:17 | <&McMartin> | If VSYNC is off, then refresh rate will not affect lag. |
| 22:17 | <@celticminstrel> | Okay. |
| 22:18 | <&McMartin> | If VSYNC is on but you'd normally be lagging slightly, it will halve your framerate instead of merely denting it |
| 22:20 | < ToxicFrog> | Vsync is "I am willing to accept the possibility of a severe framerate hit in order to eliminate tearing" |
| 22:21 | < ToxicFrog> | With vsync on, higher refresh rate means higher maximum framerate, but also a greater chance that it won't be able to hit that framerate. |
| 22:22 | <&McMartin> | Vsync is also "please stop setting my video card on fire, you twatmonkeys." |
| 22:23 | < ToxicFrog> | Quite. |
| 22:27 | <&McMartin> | Some graphics drivers have a special option that turns on VSYNC exactly when some arse tries to ignite your card. |
| 22:27 | <&McMartin> | nVidia calls it "Adaptive VSYNC" |
| 22:46 | | Orthia [orthianz@Nightstar-6ca59a6f.callplus.net.nz] has quit [Ping timeout: 121 seconds] |
| 22:58 | | VirusJTG [VirusJTG@Nightstar-09c31e7a.sta.comporium.net] has joined #code |
| 22:59 | <@celticminstrel> | Heh, on fire... |
| 23:15 | <&McMartin> | Dragon Age Origins kicked my video card up to like 90 C because it wanted to run at 900+FPS |
| --- Log closed Mon Dec 17 23:45:09 2012 |