Gregtech deliberately crashing client if TC installed..

[Saice]

If he added a virus? Well, it'd likely be in his coding. If I ever suspected him of something, I could decompile GT and check it out.

But a clever man would break up such code to make it harder to spot. Or even better only have code that would alter the code of someting else to make it malware.

Some of the best viruses out there use this sort of thing lucky vary few people have the time or dedication to make something like that. But imposable to track to source viruses can be made.

Hopefuly if Greg ever goes down that path (and he might be crazy but I dont hink hes that crazy) it will be like his redstone logic and end up poorly excuted.

 

[EternalDensity]

Read this post http://forum.industrial-craft.net/index.php?page=Thread&postID=120612#post120612 and tell me what planet this guy lives on?
(Greg's, I guess)

 

[Bellaabzug21]

Read this post http://forum.industrial-craft.net/index.php?page=Thread&postID=120612#post120612 and tell me what planet this guy lives on?
(Greg's, I guess)

Well... someone's a dumbass.

 

[SpitefulFox]

Read this post http://forum.industrial-craft.net/index.php?page=Thread&postID=120612#post120612 and tell me what planet this guy lives on?
(Greg's, I guess)

I _LOVE_ the recent changes that came with 3.10. It's awesome. Stone tools were far to powerful for how easy they were to craft.

Stone tools were far to powerful for how easy they were to craft.

Stone tools were far to powerful for how easy they were to craft.

I... huuuh? Whaaaaaaaaaaaa? O_O

 

[egor66]

From a code perspective, the difference between "throw EverythingStopsWorkingException;" and "FileOutputStream.getChannel.transferFrom();" is pretty much trivial, and there's no way to lock the latter down without disabling multiplayer (and causing a lot of other problems). The tricky part to applying malicious code is saving it to disk (which can be blocked at the SecurityManager or the user level) and then getting the OS to run it.

Thats true only an idiot would run unknown apps, but if its deep inside a program you should trust then not so easy but then again any event should be captured & a real time request sent to the user, we all have maleware/virus/trojan protection running at all time dont we ?, to monitor all activity even mem requests.

Much like key loggers work if you like.

 

[ShneekeyTheLost]

It is about to get smaller if FTB pulls him.

To be honest, part of that isn't the FTB Team's decision. Mindcrack is ran by third parties which were officially supported by the FTB Launcher. The decision to include or not include Gtech in Mindcrack is their decision. Ultimate is simply a hodgepodge of everything. I'm not aware of any other FTB supported mod packs which contain Gtech.

Also, I think the userbase shrink will happen regardless of FTB pulling Gtech from their official packs or not. He has alienated most of the neutral users, so the only ones that will use it now are his core of dieheard fans, regardless of the inclusion into a mod pack or not. People will simply click on 'edit' then 'remove' on Gtech.

I think that is really the most telling point of all here... it takes quite a bit for users to change their behavior patterns. That he has managed to do so is... a monumental feat. It's just a shame for him that it was in the opposite direction from where he wished.

 

[Saice]

thats true only an idiot would run unknow app, but if its deep a program you should trust then not so easy but then again any event should be captured & a real time request sent to the user, we all have maleware/virus/trojan protection running at all time dont we ?

And you do know that maleware/vitus/trojan protection is only really good on known code or code using known expolites. Thats why you have to update them all the time and the only get updated when the makes of these find new code in the wild. So unless he used something out of the box and did not roll his own avoiding know java expolites these would not spot it. We would become basicly subject zero for this virus attack.

 

[KirinDave]

I... huuuh? Whaaaaaaaaaaaa? O_O

What he wants is a total conversion mod. And that'd be fine. Greg should do that. What he doesn't want is mixed modpack play.

 

[gattsuru]

But a clever man would break up such code to make it harder to spot. Or even better only have code that would alter the code of someting else to make it malware.

It's possible to write relatively obtuse code, but breaking it up into several locations is less helpful than using relatively obscure attacks. The last opportunity is the concerning one : automatic updates make it very, very hard to reliably verify code.

thats true only an idiot would run unknow app, but if its deep a program you should trust then not so easy but then again any event should be captured & a real time request sent to the user, we all have maleware/virus/trojan protection running at all time dont we ?

Heurestic techniques to detect malicious code are notoriously unreliable, and file or network access detection isn't a great concept when you could just sandbox the app to start with.

 

[Greevir]

According to Greg, the code is completely removed. "Only the Code with the detected ItemID-Conflicts is remaining, but that has nothing to do with that. (ItemID-Conflicts can break Worlds, so better detect that before the User accidently breaks his World)"

 

[PoisonWolf]

Let me give you a thought that could keep you up at night: How would you know if he did?

Easy. Get friends at the NSA. Badum ch.

 

[Malkara]

I was thinking of another approach on this matter. When modding first started, a lot of mods just did not play well together, mods crashed all the time when used alongside each other. Indeed, only upon the arrival of the first modpack were mods put together to work nicely, and ever since modpacks have been the rage (and rightly so in my opinion). Taking all this into account though, would it not be sufficient for Greg to state on his official thread/forum/whatever that his mod is an addition to IC2 and thats that. Would this solve problems ? Or would it not be sufficient, are mods required to be able to fit in a modpack now, I do wonder.

Note that my earlier post in this thread shows my opinion of this action quite accurately, I am merely wondering & pondering.

 

[Velotican]

Well.

This makes my main contribution to the FTB community a bit pointless now doesn't it?

I can't support GregTech in good conscience now. I'll have to wait and see what the FTB team do in 1.6.X before resuming work on U-FTB. Sorry to everyone using my configs! :/

 

[ShneekeyTheLost]

That's less a definition, and more an ipse dixit. At the very least, it's not worth being talked up as a novel superweapon from the code writing perspective.

Did I ever claim it was a novel superweapon? I have also very carefully stated that I'm not quite prepared to call it malicious code at this time.

It's pathetically easy to crash a program, on purpose or accidentally. There would be nothing novel about that, things like that have been going on since computers existed.

However, it IS a code bomb. It WILL crash your instance. Not all code bombs are bad. Exceptions tend to be code bombs because it is less dangerous to crash the program than to permit it to continue running. In this instance, however, he's just crashing the program out of pure spite.

 

[egor66]

And you do know that maleware/vitus/trojan protection is only really good on known code or code using known expolites. Thats why you have to update them all the time and the only get updated when the makes of these find new code in the wild. So unless he used something out of the box and did not roll his own avoiding know java expolites these would not spot it. We would become basicly subject zero for this virus attack.

true one reason I monitor mem requests as well, for suspicious activity.

 

[SpitefulFox]

Taking all this into account though, would it not be sufficient for Greg to state on his official thread/forum/whatever that his mod is an addition to IC2 and thats that. Would this solve problems ?

Can you even really call GregTech an "addon" for IC2? It all but flat-out replaces the original IC2 mod at this point. Furthermore, his mod wrangles all the other mods into playing his way. If it were TRULY meant to be played with just IC2, he wouldn't be programming his mod to nerf Forestry bronze, at one point require Railcraft rolling machines, and CRASH THE GAME if mods he doesn't approve of are present.

 

[gattsuru]

Did I ever claim it was a novel superweapon? I have also very carefully stated that I'm not quite prepared to call it malicious code at this time.

Sorry. Was getting a different reading from the "nuclear deterrent" phrase, and especially given some concerns about operating system security by other posters, felt that it was worth clarifying.

 

[egor66]

some of his fans are calling for greg to be placed as the lead dev of ic2/3

 

[lolpierandom]

I still don't think people realize what kind of code bomb Greg made. This same code bomb can be used to attack other IC2 addon mods like (just to use an example) CompactSolars if they were to try to permit both Gtech and non-Gtech recipes while Gtech was installed. All he would need to do was re-enable the trigger.

This isn't simply attacking TiC, this is Nuclear Deterrent, and a stick he can use to threaten other mod authors with later on.

At least the IC2 mod authors aren't infatuated with Greg. I'm sure that if it came down to it RG could and would shut GT down.

 

[SpitefulFox]

some of his fans are calling for greg to be placed as the lead dev of ic2/3

So, IC2 gets removed from FTB?