Jump to content

  • Curse Sites
Become a Premium Member! Help
Latest News Article

FTB Launcher

ftb

  • Please log in to reply
22 replies to this topic

#1

Ujimar
    Ujimar

    Tree Puncher

  • Members
  • 11 posts

Posted 01 November 2012 - 01:58 PM

Ok First off i'm not going to sit here and bash the people that made the FTB launcher what your doing is good work and i respect each and every one of you fully however... i feel i must bring this to your attention  and i'm sorry i know i will catch some hell for this and again i'm not in anyway disrespecting FTB its dev's or modder's or any such silly thing that is poping in your heads  
1. third party software  asking for account info in any way sends up a nasty red flag to some  players never mind the the *pureness* in your hearts or whatever its the very first and basic rule of internet gaming you never ever give out your account info to third party software unless that software has the full express premission of that software company and can legally back up that claim and i'm pretty sure its breaking Mojang's EULA but again i'm not sure i'm not a full legal expert on the subject i can contact Mojang's staff directly if this will help the matter but again please reconsider removing that account login because even if it goe's to mojang it still pass's through your servers and database's first unless you can prove otherwise in the code that it does not do such but bottom line is this
1. please remove that from your program to help ease others minds and to follow the golden rule of internet gaming or.
2. please provide proof that mojang's has given consent that you may have user's log in using your application before hand or.
3. please provide proof that our account info goe's directly to mojang's server and in no way shape or form pass's through another gateway database login server databank or anything of such that follows .

Again I Repeat I'm Not Disrespecting Anyone At All Here I'm Just Trying  Settle Some Things For Not Only Me But For Other's Out There That May See Handing Over Our Account Info To A Third Party Software Abit Off Putting To Say The Least  And If You Do Happen To Send Me Hate And Nasty Comments Then You Did Not Read Fully Or You Read But Lack The Ability To Understand The Content

Thank You For Reading

Register or log in to remove.

#2

iananderson

Posted 01 November 2012 - 02:15 PM

Here is the github page, you can look at the code yourself. The info is used to download Minecraft and it doesn't go anywhere other than to Mojang's servers.

#3

alexanderpas

Posted 01 November 2012 - 02:15 PM

View PostUjimar, on 01 November 2012 - 01:58 PM, said:

you can prove otherwise in the code that it does not do such

The launcher is open source, feel free to verify the code.

https://github.com/S...ke101/FTBLaunch
SMP didn't work in Alpha? THAT'S WHAT YOU PAID FOR! (still, no excuse for 1.6 Beta)

#4

toddc76
    toddc76

    Carpenter

  • Curse Premium
  • Curse Premium
  • 58 posts

Posted 01 November 2012 - 02:16 PM

My opinion on this is that it IS disrespectful.

If you don't want to use the launcher because YOU feel its unsafe, THEN DON'T.  Other launchers do it and LOTS of people use them. The FTB launcher is being assisted by the dev of the most popular launcher out there.

View Postalexanderpas, on 01 November 2012 - 02:15 PM, said:

The launcher is open source, feel free to verify the code.

https://github.com/S...ke101/FTBLaunch

This too!  Posts like the OP here makes me angry..  grrrr..

#5

Ujimar
    Ujimar

    Tree Puncher

  • Members
  • 11 posts

Posted 01 November 2012 - 02:19 PM

View Posttoddc76, on 01 November 2012 - 02:16 PM, said:

My opinion on this is that it IS disrespectful.

If you don't want to use the launcher because YOU feel its unsafe, THEN DON'T.  Other launchers do it and LOTS of people use them. The FTB launcher is being assisted by the dev of the most popular launcher out there.



This too!  Posts like the OP here makes me angry..  grrrr..
I really don't feel i was being disrespectful to anyone like i say you may not be able to understand the content of what i was talking about which is ok and i will look at the code i know its open source but i also no that if it went to directly to mojang's server they would have to have some type of agreement or something in place that states that FTB is a working third party software group that has full legal consent to do such and i do know that much or are you going to make me bust out my bar lin number.... for proof on that matter at least

#6

toddc76
    toddc76

    Carpenter

  • Curse Premium
  • Curse Premium
  • 58 posts

Posted 01 November 2012 - 02:21 PM

View PostUjimar, on 01 November 2012 - 02:19 PM, said:

I really don't feel i was being disrespectful to anyone like i say you may not be able to understand the content of what i was talking about which is ok and i will look at the code i know its open source but i also no that if it went to directly to mojang's server they would have to have some type of agreement or something in place that states that FTB is a working third party software group that has full legal consent to do such and i do know that much or are you going to make me bust out my bar lin number.... for proof on that matter at least

I understand exactly what you are saying, I just disagree. I know that might be difficult for you to understand that someone might disagree with you, but there it is.

#7

slowpoke
    slowpoke

    Zombie Killer

  • Members
  • 177 posts

Posted 01 November 2012 - 02:25 PM

Hey there, you will get absolutely no flak from me with regards to this point.  I consider this to be a perfectly legitimate question.  So to answer it, can I say that in the design of the code I had very specific guidelines laid down to the team with regards to this.  We have actually gone several steps beyond what you are asking for.  

So as to what you ask for, we are looking at number 3 being our answer.  Our launcher connects directly to the mojang servers.
(the relevent information for those that understand it is here.)
https://github.com/S...oginWorker.java
and this is called by
https://github.com/S...aunchFrame.java
(on line 347, to show that the information is only stored locally)

However we know that 99% of people will not understand what they are looking at.  So in between the beta and going live, the entire code will be checked and analysed By Lex Manos from Forge.  He has been asked to verify that the code is safe and free from anything nasty.  He will then provide the launcher with a digital signature, verifying this.

Furthermore whilst the launcher is custom built, it is an entirely open source piece of software.  It is free for anyone to download and check that there is nothing malicious contained within.  Extending on from this, The Launcher does not just cater to FTB packs and maps but also to third party packs, maps and texture packs.  Every single one of these will be verified in house and checked for potential problems.  Does this mean we will guarantee the integrity of the pack, this is a different manner as I am not sure if that is even possible.  However I can promise you that every effort has been and will continue to be made to ensure the security of your accounts and your PC's.

Hopefully this will help to answer some of the questions you may have.

#8

Ujimar
    Ujimar

    Tree Puncher

  • Members
  • 11 posts

Posted 01 November 2012 - 02:26 PM

View Posttoddc76, on 01 November 2012 - 02:21 PM, said:

I understand exactly what you are saying, I just disagree. I know that might be difficult for you to understand that someone might disagree with you, but there it is.
no no you have a right to disagree fully i support that much at least but i don't think you can take my right by saying i cannot disagree or have a different point of view without being branded disrespectful or any such none sense as i'm sure i'll hear from many of fanboys which is ok with me if they can fully understand where i am coming from and people like me and can talk in a mature manner towards the subject

#9

Ujimar
    Ujimar

    Tree Puncher

  • Members
  • 11 posts

Posted 01 November 2012 - 02:33 PM

View Postslowpoke, on 01 November 2012 - 02:25 PM, said:

Hey there, you will get absolutely no flak from me with regards to this point.  I consider this to be a perfectly legitimate question.  So to answer it, can I say that in the design of the code I had very specific guidelines laid down to the team with regards to this.  We have actually gone several steps beyond what you are asking for.  

So as to what you ask for, we are looking at number 3 being our answer.  Our launcher connects directly to the mojang servers.
(the relevent information for those that understand it is here.)
https://github.com/S...oginWorker.java
and this is called by
https://github.com/S...aunchFrame.java
(on line 347, to show that the information is only stored locally)

However we know that 99% of people will not understand what they are looking at.  So in between the beta and going live, the entire code will be checked and analysed By Lex Manos from Forge.  He has been asked to verify that the code is safe and free from anything nasty.  He will then provide the launcher with a digital signature, verifying this.

Furthermore whilst the launcher is custom built, it is an entirely open source piece of software.  It is free for anyone to download and check that there is nothing malicious contained within.  Extending on from this, The Launcher does not just cater to FTB packs and maps but also to third party packs, maps and texture packs.  Every single one of these will be verified in house and checked for potential problems.  Does this mean we will guarantee the integrity of the pack, this is a different manner as I am not sure if that is even possible.  However I can promise you that every effort has been and will continue to be made to ensure the security of your accounts and your PC's.

Hopefully this will help to answer some of the questions you may have.
I Understand What Your Saying And I Have Checked The Code Personally And No I Have Found No Such Issue's With It This Date And Time However As I'm Sure Your Aware Java Code Can How To Say This Bluntly But Without To Much Of Me Sounding Rude As Far As Security Measure's Go Java Is Lacking A Good Bit You Could Agree On This Much I'm Sure  But Again I Will Consider The Pack Even If I'm Abit *Cautious* About Third Party Software Thank You For Your Time And Your Mature View Point On This Topic Also

#10

slowpoke
    slowpoke

    Zombie Killer

  • Members
  • 177 posts

Posted 01 November 2012 - 02:39 PM

You are more than welcome.  Please feel free to make whatever choice you feel comfortable with.

#11

RyanTheAllmighty
  • Location: Adelaide, Australia
  • Minecraft: RyanTheAllmighty

Posted 01 November 2012 - 02:55 PM

What is the legality in regards to downloading the minecraft.jar files and the lwjgl.jar etc files from minecraft servers. I've emailed Mojang about it and they have personally told me not to do it and that they don't like it.

#12

unv_annihilator

Posted 01 November 2012 - 03:25 PM

View PostRyanTheAllmighty, on 01 November 2012 - 02:55 PM, said:

What is the legality in regards to downloading the minecraft.jar files and the lwjgl.jar etc files from minecraft servers. I've emailed Mojang about it and they have personally told me not to do it and that they don't like it.

It only downloads the files if the account is verified by Mojang. So they have to have a premium account to be able to download the minecraft files. Other launchers do this as well, MultiMC included. (If I recall correctly)
FTB Launcher Developer

#13

Lawbroken

Posted 01 November 2012 - 03:36 PM

View PostRyanTheAllmighty, on 01 November 2012 - 02:55 PM, said:

What is the legality in regards to downloading the minecraft.jar files and the lwjgl.jar etc files from minecraft servers. I've emailed Mojang about it and they have personally told me not to do it and that they don't like it.

View Postunv_annihilator, on 01 November 2012 - 03:25 PM, said:

It only downloads the files if the account is verified by Mojang. So they have to have a premium account to be able to download the minecraft files. Other launchers do this as well, MultiMC included. (If I recall correctly)

It's just the same as if you went into minecraft and force updated it to re-download your minecraft.jar

#14

RyanTheAllmighty
  • Location: Adelaide, Australia
  • Minecraft: RyanTheAllmighty

Posted 01 November 2012 - 03:45 PM

View Postunv_annihilator, on 01 November 2012 - 03:25 PM, said:



It only downloads the files if the account is verified by Mojang. So they have to have a premium account to be able to download the minecraft files. Other launchers do this as well, MultiMC included. (If I recall correctly)

Okay yeah I understand that much :) Is that not breaking Mojang's TOS as I have been told by Mojang that it shouldn't be done, unless they are refering to downloading them from unverified accounts. I've been through there TOS and Brand Guidelines before and while it makes no mention of it, I've always been a bit iffy about the legality of it. Thats why I thought I might ask and someone can actually answer it but can never get a straight direct answer :\

#15

phenox124
  • Location: Colorado, USA
  • Minecraft: phenox124

Posted 01 November 2012 - 04:04 PM

Wrong section buddy try posting here http://www.minecraft...m/2-discussion/
[url="http://www.minecraft...rs/page__st__0"][img]http://www.minemapy.wz.cz/forum/yinfdev.png[/img][/url]

#16

Crawford42

Posted 01 November 2012 - 04:43 PM

Quote

As I'm Sure Your Aware Java Code Can How To Say This Bluntly But Without To Much Of Me Sounding Rude As Far As Security Measure's Go Java Is Lacking A Good Bit You Could Agree On This Much I'm Sure


You have no idea what you're talking about; Java is no less secure than any other programming language, and has more support for it than most others.

I have 15 years experience writing Java professionally; I've examined the code and verified it does nothing with the account information that would be surprising or malicious.

#17

Zexks
    Zexks

    Zombie Killer

  • Members
  • 151 posts

Posted 01 November 2012 - 05:05 PM

View PostCrawford42, on 01 November 2012 - 04:43 PM, said:

You have no idea what you're talking about; Java is no less secure than any other programming language, and has more support for it than most others.

I have 15 years experience writing Java professionally; I've examined the code and verified it does nothing with the account information that would be surprising or malicious.

I guess the people at forbes don't know what they're talking about either huh:
http://www.forbes.co...itical-bug-fix/

Or these people:
http://www.informati...n-plu/240007985

Or these:
http://appleinsider....urity_flaw.html

#18

Ujimar
    Ujimar

    Tree Puncher

  • Members
  • 11 posts

Posted 02 November 2012 - 12:45 AM

View PostCrawford42, on 01 November 2012 - 04:43 PM, said:

You have no idea what you're talking about; Java is no less secure than any other programming language, and has more support for it than most others.

I have 15 years experience writing Java professionally; I've examined the code and verified it does nothing with the account information that would be surprising or malicious.

View PostCrawford42, on 01 November 2012 - 04:43 PM, said:

You have no idea what you're talking about; Java is no less secure than any other programming language, and has more support for it than most others.

I have 15 years experience writing Java professionally; I've examined the code and verified it does nothing with the account information that would be surprising or malicious.
15 years huh? and your saying nothing can be done to that code to get the info?.. honestly i do think your full of it when you make such a blunt statement unless you can prove otherwise i'm going to call you a liar sir because java is very much less secure then other programming language's only  a half wit would state otherwise or someone that has no idea about programming in general

#19

patzh
    patzh

    Tree Puncher

  • Members
  • 14 posts

Posted 02 November 2012 - 02:12 AM

I was wondering, how many mods are in the current beta version and when is the finished product expected to go live?

#20

acanady
    acanady

    Coal Miner

  • Members
  • 100 posts

Posted 02 November 2012 - 06:39 PM

View Postpatzh, on 02 November 2012 - 02:12 AM, said:

I was wondering, how many mods are in the current beta version and when is the finished product expected to go live?
'0
I know that without a doubt, that the finished product comes out sometime after 1.4.2 :)  However, if you want to check out the 1.4.2 beta you can watch a video, courtesy of Direwolf20, with him playing with many of the same mods ( such as Thaumcraft 3) that are still in beta and will appear in the modpack itself'.
http://www.youtube.com/watch?v=Ppb6Ibvq5IQ&list=PLaiPn4ewcbkHRg6mhjHQnxZ22cEoAMPZ8&index=28&feature=plpp_video