|
Post Reply 
|
Page <1 456 |
| Author | ||
Larry 
Wordsmith 
Joined: 10 Mar 2010 Status: Offline Points: 114 |
 Posted: 21 Sep 2010 at 16:05 |
|
|
Confirming that you shouldn't be in the least bit worried about it sniffing login info as it does include the relavent exclusions for login.asp. Furthermore I haven't found anything suspicious with regards to grabbing other data either.
And realistically, I find it highly doubtful that HM would have included such code in this release as, when inevitable discovered, the PR catastrophe couldn't possibly be worth it.
|
||
 |
||
|
HonoredMule
Postmaster General 
Joined: 05 Mar 2010 Location: Canada Status: Offline Points: 1650 |
Posted: 21 Sep 2010 at 14:11 |
|
|
Regarding this:
I have published some auxiliary material addressing this concern. It is rather sparse, but I will add more as I come up with it. In particular, you can at least know whether the script is capable of sniffing your login password on this or other sites. http://illyriad.honoredsoft.com/wiki/How_to_Spot_Unsafe_Scripts |
||
|
||
|
Larry
Wordsmith
Joined: 10 Mar 2010 Status: Offline Points: 114 |
Posted: 21 Sep 2010 at 14:00 |
|
Ah good point. And to clarify on code review: Its a greasemonkey script, meaning the file involved is a simple javascript file. Doing a right click -> save as on the wiki page HM linked to will download the code for review.
|
||
|
||
|
HonoredMule
Postmaster General
Joined: 05 Mar 2010 Location: Canada Status: Offline Points: 1650 |
Posted: 21 Sep 2010 at 13:51 |
|
A local copy of the datafile_towns.xml is stored in your browser as json tables for data lookup. This is how the script is able to provide more detailed information about various towns, players, etc. with which you are interacting. Otherwise every event would be linked to nothing but coordinates and you wouldn't even be able to tell if there's a town there let alone what player, alliance, race... If people wish to tinker with it, I can at some point provide some architectural overview and general documentation. It is somewhat divided into single-purpose subsystems, but in a way that's not made clear by their respective contents. Edited by HonoredMule - 21 Sep 2010 at 14:07 |
||
|
||
|
GM Stormcrow
Moderator Group 
GM Joined: 23 Feb 2010 Location: Illyria Status: Online Points: 3820 |
Posted: 21 Sep 2010 at 10:32 |
|
|
Hi all,
I've received a number of private messages and Petitions regarding HarmlessButler in the last few hours, and thought it best to answer the Frequently Asked Questions here. The Questions mostly seem to revolve around: a) Whether HarmlessButler has been examined and approved by the GMs for use as an extension to the game b) the Security of your personal data within the tool We (the Illyriad team) haven't looked at the tool in any detail. However, many months ago HM did supply us with a copy of the tool for examination (if we wished to examine it) as well as a detailed description of what functionality it offers. As you can see from HM's wiki page there are a couple of features that - as they were described to us by HM - we asked him to disable on the tool for their own internal use (as well as public use). Our primary concern was (and is) that the tool complies with the rules as laid out here, and we are assured that it does. Certainly the public release of HarmlessButler provides a fairly weighty assurance that it's not in breach of these rules. Also - as far as I understand it, and as seems to be the case from Larry's comments in this thread - the underlying code of the tool is available for examination so (after suitable review by any players technical enough to understand it) I would surmise that this should help address people's security concerns. The long and short of it is that HarmlessButler has NOT been 'vetted' or 'approved' by any of the Illyriad team - and whilst we believe it to be offered out transparently by H? to the public "as-is" and in good faith - we make absolutely no guarantees of any kind about HarmlessButler, because it is not our place to do so, and we have chosen not to do a technical review of this (or any other) third party tool. As HM himself says, "I would be remiss not to explicitly note that using 3rd-party userscripts is always dangerous, and you should never use them unless you trust the author and also the server that hosts his work." and we strongly agree with this statement - regarding this particular tool, as well as any and every tool that any and every third party developer might produce now or in the future. Best wishes, SC |
||
|
||
|
Jerec Cross
New Poster 
Joined: 31 Aug 2010 Status: Offline Points: 34 |
Posted: 21 Sep 2010 at 07:02 |
|
|
This has already proved useful in the first 5 minutes of use! Very nice!
 |
||
|
||
|
Larry
Wordsmith
Joined: 10 Mar 2010 Status: Offline Points: 114 |
Posted: 21 Sep 2010 at 04:40 |
|
|
Your operating system should have 0 affect dude, its a greasemonkey plugin. I'll update in a few sec if its working.
Confirming it works fine on a mac. Its a rather nicely written addition. Still pouring over the code. EDIT: What's the xml parser for the datafile_towns.xml stuff in there for?
Edited by Larry - 21 Sep 2010 at 04:51 |
||
|
||
|
HonoredMule
Postmaster General
Joined: 05 Mar 2010 Location: Canada Status: Offline Points: 1650 |
Posted: 21 Sep 2010 at 04:37 |
|
|
If you're using Firefox with Greasemonky installed, it should. It's past my bedtime right now, but if you can provide more information about how it fails, I'll look into it tomorrow and see if I can help you.
|
||
|
||
|
some random guy
Forum Warrior
Joined: 26 Aug 2010 Location: saturn Status: Offline Points: 378 |
Posted: 21 Sep 2010 at 04:08 |
|
|
damm! it doesn't work on mac!
|
||
|
Soon, very soon, my name will become synonymous with chicken alfredo.... mmm.... chicken alfredo....
|
||
|
||
|
HonoredMule
Postmaster General
Joined: 05 Mar 2010 Location: Canada Status: Offline Points: 1650 |
Posted: 21 Sep 2010 at 02:45 |
|
|
Many of you may have heard whispers of HarmlessButler, the game-UI-enhancing tool I developed several months ago to improve many of the annoyances found in the current UI and aid coordinated operations. We at Harmless kept it "secret" because A) it did help us operate more efficiently and effectively, which we felt we needed as a competitive edge over the initially-expected talents of our enemies, and B) more importantly, it served as bait for a spy-catching honeypot.
Well, we no longer feel so threatened as an alliance in the current climate, where people instead seem to think we're untouchable...which I'll presume is the over-cautious voice of inexperience. And while HB could still serve its role in enticing spies to spring our canary traps, my vanity and desire to see greater in-game activity prevails. I can honestly say that using HarmlessButler is a substantial improvement in convenience and reduction in the workload of account maintenance, making it a valuable modification for any player. It is very likely that I'd not have stayed had I had to use the stock interface. HarmlessButler's attack-planning guide would also aid those who would oppose Harmless, and I considered removing them for the public release. However, I prefer to be able to say that I'm releasing the full product and offering to you every benefit that I sought for my own alliance members (with the exception of bits that tattled on spies). And, as I said, I'm really quite vain and want to see many people enjoy my work...particularly before the devs release a whole new interface that breaks HB and possibly renders it mostly obsolete. I would be remiss not to explicitly note that using 3rd-party userscripts is always dangerous, and you should never use them unless you trust the author and also the server that hosts his work. The security risks associated with userscripts are by no means trivial. I have sought to keep my work secure and safe, and operating within the game's rules, but offer no guaranties and disclaim myself of any liability for the results of using this script. If this doesn't scare you away, visit HarmlessButler's new home on Arcanum Illyria to see a full feature listing and try it out for yourself. Please note that unlike many other userscripts, this one only works with Greasemonkey on Firefox. Chrome and Opera are sadly not supported due to a lack of essential features--particularly E4X (ECMAScript for XML, needed by my templating subsystem). *edited for grammar* Edited by HonoredMule - 21 Sep 2010 at 04:44 |
||
|
||
|
Post Reply
|
Page <1 456 |
Tweet
|
| Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |
Public release of tool (HarmlessButler)
Topic Options
GM Stormcrow wrote: