The State of the Recode

Got an idea on how things should be done? A problem with something on the site? Voice your opinion!

The State of the Recode

Post by Bren2010 on Wed Jul 04, 2012 1:21 pm
([msg=67713]see The State of the Recode[/msg])

In short: We're wrapping up.
The entire project is publicly available at https://github.com/HackThisSite/HackThisSite, except for a few things that are kept in a private repository because of their general nature. You can also clone the repository and documentation with:
Code: Select all
git clone git://github.com/HackThisSite/HackThisSite.git


And here are some of the big changes:
  1. HackThisSite will now be open sourced and actively maintained. This means we will have multiple branches of development, all of which are publicly contributable via GitHub, and the current branch on stable will be frequently pushed live.
  2. We're a hacking site. Why do we have subpar security pracitices? It's just silly. We have a PKI now, that allows you to secure your account to statistically unbreakable levels, or give yourself a security and convenience bonus, similar to using SSH. You can read more about that here: http://goo.gl/NhGRU (Also, check out the LDAP bullet below.)
  3. All user accounts are now managed in LDAP. Some stock reasons: It makes it easy to branch out auth to things like shells, or mail servers. LDAP also secures authentication information better than keeping accounts in the database.
  4. Hopefully staff will use things like the Short News section more frequently to keep all of you updated.
  5. User accounts aren't going to be imported automatically. In order to get your old account moved into the new format, you'll have to use the Account Reclaimation page. (Will be linked on the login page.)

Less important things:
  1. Instead of the old 1-10 rating system, articles and news now have Like/Dislike buttons.
  2. "Indefinite" sessions. JavaScript sends heart beats back to the server, keeping your session alive as long as you're on the site. Hopefully it's a bit less scary to draft forum posts and articles on the site now.
  3. Users can choose in their settings page if they want their session locked to the original IP or not. Note: There is no significant loss in security by doing this. However, it should still only be disabled in situations where it's the only way for you to get a stable connection.
  4. The activity that occurs on your account, including logins is logged and visible to you in your account settings.

Technologies used:

However, we're missing a couple important things: missions and user feedback.

We're putting the majority of the old missions into a Legacy section to make room for a new style of missions. New missions are going to demonstrate one specific mistake in a field, and afterwards, explain the technical details of what the user did in case they didn't fully understand (or coding missions that just present a problem). However, we can't write a whole new batch of missions ourselves. We need everybody's help. There are so many people at HackThisSite and they're all interested in different things.

As for the latter, how are we doing? :)
Last edited by Bren2010 on Fri Jul 13, 2012 11:48 am, edited 2 times in total.
User avatar
Bren2010
Poster
Poster
 
Posts: 340
Joined: Fri Sep 19, 2008 3:23 pm
Blog: View Blog (0)


Re: The State of the Recode

Post by anarchy420x on Thu Jul 05, 2012 2:31 am
([msg=67726]see Re: The State of the Recode[/msg])

Awesome, I am excited to see all the new changes. Can you give more info on missions? I remember there being some rumors about how missions were going to be implemented, and I'm curious if they have changed any. Also, what languages will be supported as far as missions goes? One last silly question, if I click something in the new version, will it redirect my current tab or open a new tab? (yes, I know how to right click) I just think it would be more user friendly. I also think that might be a good way to open up forum posts. You might also think about some sort of safety lock for forum posts. I know we have fairly active mods to do this, but I would hate for some kid browsing the forums to click on something he shouldn't have because a mod wasn't there yet. If you were to do that, I would implement a seniority lock on it also, so you don't get a bunch of new posters locking up all the threads. IDK, some ideas.
A broken clock is right twice a day, however, I am neither up that early nor up that late...
anarchy420x
Poster
Poster
 
Posts: 279
Joined: Thu Oct 16, 2008 12:43 am
Blog: View Blog (0)


Re: The State of the Recode

Post by edone automaton on Thu Jul 05, 2012 4:07 am
([msg=67730]see Re: The State of the Recode[/msg])

anarchy420x wrote: if I click something in the new version, will it redirect my current tab or open a new tab? (yes, I know how to right click) I just think it would be more user friendly.


I also find it mildly annoying when a link redirects.

anarchy wrote: You might also think about some sort of safety lock for forum posts. I know we have fairly active mods to do this, but I would hate for some kid browsing the forums to click on something he shouldn't have because a mod wasn't there yet. If you were to do that, I would implement a seniority lock on it also, so you don't get a bunch of new posters locking up all the threads. IDK, some ideas.


I personally think this is a bad idea, a lot of people here are too trigger happy wit ToS as it is, and a lot of potentially interesting conversations get shot down because someone does not know the answer to a query but wants to say something anyway (I'm not talking about the facebook hax threads here). Leave it to the mods, its their job. The forums would be a total mess with threads getting locked and unlocked all over the place.

Bren2010 wrote:However, we're missing a couple important things: missions and user feedback.<br><br>We're putting the majority of the old missions into a Legacy section to make room for a new style of missions. New missions are going to demonstrate one specific mistake in a field, and afterwards, explain the technical details of what the user did in case they didn't fully understand (or coding missions that just present a problem). However, we can't write a whole new batch of missions ourselves. We need everybody's help. There are so many people at HackThisSite and they're all interested in different things.<br><br>As for the latter, how are we doing? :)


Are some missions already written then? what areas do we still need missions for? indeed, what are the new categories? what sort of time frame are we working to? Do we just write the mission and then you implement it into the site (im thinking mainly of looks, theme, layout etc) or is there a template?
Thanks.
Last edited by edone automaton on Thu Jul 05, 2012 4:39 am, edited 1 time in total.
A wise man can learn more from a foolish question than a fool can learn from a wise answer.
-Bruce Lee
User avatar
edone automaton
Poster
Poster
 
Posts: 190
Joined: Sat May 21, 2011 7:09 am
Blog: View Blog (0)


Re: The State of the Recode

Post by anarchy420x on Thu Jul 05, 2012 4:34 am
([msg=67733]see Re: The State of the Recode[/msg])

edone automaton wrote:
I personally think this is a bad idea, a lot of people here are too trigger happy wit ToS as it is, and a lot of potentially interesting conversations get shot down because someone does not know the answer to a query but wants to say something anyway, (I'm not talking about the facebook hax threads here). Leave it to the mods, its their job. The forums would be a total mess with threads getting locked and unlocked all over the place.


I think you might be right, but on the same note. Those threads wouldn't get locked down if people knew how to ask questions. You don't walk into a head shop asking for a bong. You don't jump onto a hacking site asking how to hack a bank either. I think you are right though and this would lead to a huge mess. On top of that, if something is amiss, then someone will say so when they see it.
A broken clock is right twice a day, however, I am neither up that early nor up that late...
anarchy420x
Poster
Poster
 
Posts: 279
Joined: Thu Oct 16, 2008 12:43 am
Blog: View Blog (0)


Re: The State of the Recode

Post by edone automaton on Thu Jul 05, 2012 4:51 am
([msg=67735]see Re: The State of the Recode[/msg])

Agreed, but you often have a situation where some guy has obviously spent a while thinking up a nice back story with supporting characters and a cameo appearance by chandler from friends, and the first reply is, "this is obvious BS".
We should have a little sticky somewhere entitled 'how to get your question answered' (Nzone maybe)

Anyway, we are in danger of leading this thread totally astray so we should stfu now :lol:
A wise man can learn more from a foolish question than a fool can learn from a wise answer.
-Bruce Lee
User avatar
edone automaton
Poster
Poster
 
Posts: 190
Joined: Sat May 21, 2011 7:09 am
Blog: View Blog (0)


Re: The State of the Recode

Post by limdis on Thu Jul 05, 2012 10:28 am
([msg=67742]see Re: The State of the Recode[/msg])

edone automaton wrote:I personally think this is a bad idea, a lot of people here are too trigger happy wit ToS as it is, and a lot of potentially interesting conversations get shot down because someone does not know the answer to a query but wants to say something anyway (I'm not talking about the facebook hax threads here). Leave it to the mods, its their job. The forums would be a total mess with threads getting locked and unlocked all over the place.

This has recently been discussed among the mods, and we realize that there are some interesting conversations getting locked down before their prime. We are now taking additional steps to allow a little bit more wiggle room while also maintaining the integrity of the forums. There have actually already been 2 threads off the top of my head that have recently been modified to fit the ToS that have gotten a lot of feedback to the OP that normally would have landed in the graveyard in a heartbeat.


Bren2010 wrote:"Indefinite" sessions. JavaScript sends heart beats back to the server, keeping your session alive as long as you're on the site. Hopefully it's a bit less scary to draft forum posts and articles on the site now.

+1


Bren2010 wrote:However, we're missing a couple important things: missions and user feedback.

If you haven't already seen or know how and want to submit missions or leave your ideas for missions, read this.
"The quieter you become, the more you are able to hear..."
"Drink all the booze, hack all the things."
User avatar
limdis
Moderator
Moderator
 
Posts: 1166
Joined: Mon Jun 28, 2010 5:45 pm
Blog: View Blog (0)


Re: The State of the Recode

Post by Bren2010 on Thu Jul 05, 2012 11:46 am
([msg=67748]see Re: The State of the Recode[/msg])

anarchy420x wrote:Can you give more info on missions? I remember there being some rumors about how missions were going to be implemented, and I'm curious if they have changed any. Also, what languages will be supported as far as missions goes?

I don't think missions are going to change much, structurally. You'll still have categories and missions in each category. I'm planning on making the categories more meaningful, though. Things like: Cryptography, Reverse Engineering, Steganography, etc. As for languages, any language we can setup an environment for.

anarchy420x wrote:One last silly question, if I click something in the new version, will it redirect my current tab or open a new tab?

It will redirect in your current tab. :? If you prefer it the other way, most browsers will open a new tab if you click with the middle mouse button?

edone automaton wrote:what areas do we still need missions for? indeed, what are the new categories?

No real official categories. Just choose a subject you think is cool (sticking to computer science), and demonstrate something subtle about it that will make people think. Like the fact that using sha512 doesn't actually help make session IDs more secure if you're just hashing the time (it makes them insecure!). Or the fact that you can inject you're own SQL into somebody else's if it's not sanitized properly.

edone automaton wrote:Are some missions already written then?

Yes, I have no problem with writing the basic missions. I'm also working on some Cryptography missions (a subject I find interesting).

edone automaton wrote: what sort of time frame are we working to? Do we just write the mission and then you implement it into the site (im thinking mainly of looks, theme, layout etc) or is there a template?

No time frame, just soon. And yes, don't worry about the template. What I need is: a.) the mission or a way to dynamically create the mission b.) an explanation of what happened c.) The mission solution, or another script that will solve the mission.
User avatar
Bren2010
Poster
Poster
 
Posts: 340
Joined: Fri Sep 19, 2008 3:23 pm
Blog: View Blog (0)


Re: The State of the Recode

Post by anarchy420x on Thu Jul 05, 2012 4:23 pm
([msg=67753]see Re: The State of the Recode[/msg])

Good info, are there going to be any changes to the forums, news feed, irc feed, internet radio, etcetera?
A broken clock is right twice a day, however, I am neither up that early nor up that late...
anarchy420x
Poster
Poster
 
Posts: 279
Joined: Thu Oct 16, 2008 12:43 am
Blog: View Blog (0)


Re: The State of the Recode

Post by centip3de on Thu Jul 05, 2012 8:52 pm
([msg=67759]see Re: The State of the Recode[/msg])

YAY FOR REVERSE ENGINEERING!!!!!!!!!!!!111111111111111! <3

I'm definitely down with some reverse engineering challenges, and wouldn't even mind helping create them. I can pretty fluently program in C/C++/Python (though I haven't used Python in a year or so), and can fluently fumble around NASM/Java.

Side note: The way to go about it is confusing as GCC will use it's own optimizing algorithms to turn any ASM output into shit, and I'm sure any other compiler will do the same. While I could write the first few in NASM, my knowledge in ASM stops about there. And besides, if the goal is to replicate a possible situation in said field, realistically we should compile it with a compiler that destroys optimizes it. Thus, why not just use the Lena Crackme's?
Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -Rick Cook
User avatar
centip3de
Moderator
Moderator
 
Posts: 1410
Joined: Fri Aug 20, 2010 5:46 pm
Blog: View Blog (0)


Re: The State of the Recode

Post by Bren2010 on Fri Jul 06, 2012 11:16 am
([msg=67777]see Re: The State of the Recode[/msg])

anarchy420x wrote:Good info, are there going to be any changes to the forums, news feed, irc feed, internet radio, etcetera?

Not many changes. We're porting over as much data onto new code as possible.
User avatar
Bren2010
Poster
Poster
 
Posts: 340
Joined: Fri Sep 19, 2008 3:23 pm
Blog: View Blog (0)



Return to Comments & Suggestions

Who is online

Users browsing this forum: No registered users and 0 guests