• An ENiGMA 1/2 Echo!

    From NuSkooler@21:1/121 to All on Sat Mar 2 10:03:10 2019
    First off, thanks Paul for setting this up! ENiGMA 1/2 now has an official echo
    on fsxNet!

    I will be attempting to post more regular updates here as to the development & happenings with ENiGMA as well as discussions related to how people would like to see things implemented.

    Currently, work is being done to add some new security features to the system that will also serve as the groundwork for the Waiting For Caller (WFC) feature. At a high level, this is:
    - SSH Public Key Authentication
    - Two-Factor Authentication (2FA) using TOTP or HOTP standard, or Google Auth
    - New ACS and related work for the above.

    Both of these are in functional states, but the surrounding work such as the registration process / UI needs put in.

    Next will come the WFC with most of all the things you'd expect. The one thing that I do not intend to implement is a node spy. While it wouldn't be that hard
    to do, I don't feel it is something that should be added to modern software.

    Please post your thoughts!





    --- ENiGMA 1/2 v0.0.10-alpha (linux; x64; 10.13.0)
    * Origin: Xibalba -+- xibalba.l33t.codes:44510 (21:1/121)
  • From NuSkooler@21:1/121 to nathanael on Sat Mar 2 19:17:16 2019
    Twas Saturday, March 2nd when nathanael said...
    I don't feel it is something that should be added to
    modern software.
    You've piqued my curiosity. Could you elaborate on this?

    While back in the day it seemed a little more acceptable to watch a user, it doesn't feel right anymore. As the SysOp (and any user, if you enable it on the
    who's online et. al.) you can see what menu/activity a user is up to, but actively watching them is a bit much. I don't want to see your private mail for
    example.



    --- ENiGMA 1/2 v0.0.10-alpha (linux; x64; 10.13.0)
    * Origin: Xibalba -+- xibalba.l33t.codes:44510 (21:1/121)
  • From Avon@21:1/101 to NuSkooler on Sun Mar 3 15:21:14 2019
    On 02 Mar 2019 at 10:03a, NuSkooler pondered and said...

    2FA) using TOTP or HOTP standard, or Google Auth
    - New ACS and related work for the above.

    I'd suggest a different topic header and separate posts for each thought... just to make it easier to track threads etc..

    Best, Paul

    --- E:avon@bbs.nz ------ W:bbs.nz ---
    --- K:keybase.io/avon --------------

    --- Mystic BBS v1.12 A43 2019/02/28 (Windows/32)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)
  • From NuSkooler@21:1/121 to nathanael on Sun Mar 3 09:30:52 2019
    nathanael around Saturday, March 2nd...
    Gotcha. However, at least with Mystic's nodespy, snooping is just one feature. How about user chat and kicking? (And I don't even know what "Kill Ghost" does).

    Break into chat, kicking, and other "traditional" WFC features are are on the list. I'll create a new post in a moment to show what the current feature set is there. Ghost users (ie: stuck users) haven't been a real issue with ENiG so far (I consider any of that a bug and would set about fixing _that_ instead), but "kick" would take care of them as well.

    Twas Saturday, March 2nd when nathanael said...
    I actually used the chat function once to initiate a brief chat. I'd never used the snoop feature, though, so I just tried it (snooping on myself). I guess I can understand why it might seem a bit creepy. But then back in the day we did a lot of stuff that might seem on the intrusive side now -- like asking for real names, phone numbers, birthdates, etc.

    Yup exactly. I think times have changed. Especially with some of the other security related work, it would seem odd to then turn around and let you look over the shoulder of a user.



    --- ENiGMA 1/2 v0.0.10-alpha (linux; x64; 10.13.0)
    * Origin: Xibalba -+- xibalba.l33t.codes:44510 (21:1/121)
  • From Tiny@21:1/130.4 to nathanael on Tue Mar 5 14:24:28 2019
    I used to have a Pi 3, but danged if I can figure out where I put the thing :*(

    I can almost top you.... So the BBS I'm writing this from is a pi3. It
    runs at a friends house since last year when I seperated from my wife...
    We've since got back together but I can't get ahold of my friend... he
    moved, but still plugged it in. LOL It's seriously over due for a new
    SDCard so it's all a matter of time before I lose it. LOL

    Shawn

    --- MagickaBBS v0.12alpha (Linux/armv7l)
    * Origin: A Tiny slice o pi (21:1/130.4)
  • From Tiny@21:1/130.4 to nathanael on Sat Mar 9 06:00:42 2019
    Almost? Nah, I concede. Losing a Pi is easy. Losing an entire BBS takes real talent :-)

    Laugh, it's running (as I'm writing this on it) but still have no idea
    what city it is in, or if he's going to leave it plugged in. LOL

    Shawn

    --- MagickaBBS v0.12alpha (Linux/armv7l)
    * Origin: A Tiny slice o pi (21:1/130.4)
  • From Tiny@21:1/130 to Blue White on Sat Mar 9 17:22:50 2019
    Hello Blue!

    09 Mar 19 14:09, you wrote to me:

    What if it is in <gasp> the US!?! :O
    <GRIN>

    I don't think he would move there... He does go there for work a few
    times a year... Shit it may be in the US. LOL

    Shawn


    ... Hell hath no fury like a bureaucrat scorned.
    --- GoldED+/W32-MINGW 1.1.5-b20160201
    * Origin: Tiny's BBS - tinysbbs.com (21:1/130)