Jump to content

  • Log In with Google      Sign In   
  • Create Account


Member Since 25 Sep 2004
Offline Last Active Jan 16 2016 07:02 PM

Topics I've Started

**Passwords are sent over clear-text on GameDev.net**

08 October 2014 - 11:12 AM

I generally prefer HTTPS browsing. When I tried to go to https://www.gamedev.net many resources on the website failed to load. This made me question GameDev's HTTPS support.

So then I decided to test the login form. To my surprise, it doesn't use HTTPS!

The login form does a POST to "http://www.gamedev.net/index.php?app=core&module=global&section=login&do=process" (not that it's NOT https). I wanted to see if I could capture my password using WireShark, and to my dismay it was incredibly easy:

Attached File  Screen Shot 2014-10-08 at 10.59.17 AM.png   439.65KB   1 downloads

This shows my username and password as part of the POST in clear text. I have redacted with black my password, the hex dump, and portions of the POST data that aren't immediately relevant.

Guys, this is a huge security vulnerability.

So, what have I missed?

26 April 2014 - 03:17 PM

I'm back from my hiatus. It's been months since I was active here, which I kinda feel bad about because I was supposed to help a lot with the new Indie Resources thing (I'm not sure what' it's status is).


For me, I'm just about to finish my undergraduate degree within the next week. I'm dating someone. I moved out of my parents' place into SLC. I'm working for IBM (Aspera) now. Besides those bigger things, the smaller things are mostly the same.


Have I missed anything here in GDnet land?

for (score and seven; years_ago; ...

24 September 2013 - 05:28 PM

My coworker just showed me this piece of beauty he wrote in a project for a client. It's gloriously horrible. And hilarious.
#define years_ago (score < 4)
#define and =
#define our_forefathers (score++)
#define seven 0
int score;
- (void)setImage:(UIImage *)image
    for (score and seven; years_ago; our_forefathers) {
        GPUImagePicture * stupidlyNamedClassFromALibraryWithNoRegardForDevelopers = [[GPUImagePicture alloc] initWithImage:image];

You meet a cute girl, but then you meet her cuter sister. What do you do?

08 September 2013 - 03:36 PM

Here's a hypothetical(?) situation for you:


You meet this girl you think is pretty good looking and so you start talking to her. You find out she's pretty fun to talk to, seems like a good and fun person, and she's about your age. You don't get her number, as you know you'll probably see her again soon and you want to see if the second time you see her goes well before you ask her out. You do run into her again, but briefly, and you decide to get her number and ask her out the next time you see her.


But the next time you see her she's with her younger sister who is gorgeous. This younger sister you find out is just a couple years younger than you, and though you don't talk to her a lot, you've talked enough to know that there aren't any immediate red flags; she seems cool and fun like her sister.


Now you have a decision to make. Do you ask out the older sister, who is cute and fun and you think things could go quite well with, or do you ask out the younger sister, who is ridiculously pretty and also seems to be fun, though you've talked to her less and aren't sure if she's potentially interested in you like you suspect the older sister probably is.


What do you do?


> _

Logo feedback?

31 August 2013 - 08:44 PM

Hi. I'm completely remaking my website and decided to come up with a little "logo" of sorts. This is just a personal website that's mostly for my portfolio. My website isn't done, but it does have a light (nearly white) background. I asked for some feedback on reddit and am getting some decent input. I'm going for a clean, simple, professional look with my whole website/portfolio. With that being said, how does this logo look? What do you or don't you like about it?














Link to imgur album. Thanks for your feedback! And if you have any tips on any other communities I should be asking for feedback I'd appreciate that. I'm trying to improve my artistic side.


FYI, my initials are "MB" and my name is my domain (more or less), so that's what the logo is trying to get at.