(09-13-2016, 07:58 AM)xoft Wrote: [ -> ]I think my bank is retarded. Seriously.
They used to send the monthly account statements (the list of transactions) via email, unencrypted. After I have bugged them over and over again, that sending financial details over a public channel in the cleartext is probably the stupidest thing a bank could ever do, they finally implemented sending the statements "encrypted". So now I get a passworded PDF file, that has an attachment (wtf? did you know PDFs could have attachments in them? I didn't) which is an HTML file containing the transaction list. Why do it simple, when you can jump through hoops? I suppose I should be glad that it isn't "one attachment file per transaction"
Banks here also send by post, which is also cleartext and not perfectly secure. I wouldn't say you're at risk of losing money, maybe just identity theft at most?
Can you elect to use online (website) statements?
(09-15-2016, 04:58 AM)bearbin Wrote: [ -> ]New GitHub changes: https://github.com/blog/2256-a-whole-new...d-features
Would any of these apply to our org? I think we should enforce 2FA at least, do any of the other changes sound good?
I like the project things, am confused about the reviews thing, and look forward to 10 out of 15 members being removed on account of authentication enforcement
I can choose not to have the statements sent to me, but then they are only stored at the bank's website and deleted after a year, with no archive available. Not good either.
I'm against 2fa enforcement, it doesn't work globally.
My plugin simulator is now "advanced enough" to actually execute the Gallery plugin's Initialize() function in its entirety. I think the API simulation is now pretty good and it's time to move to the big testing tasks - adding more callbacks, test scenarios and specific API implementations.
Now the question is, are you willing to maintain it to keep up with changes over at the C++ side? :)
That's the beauty of it - all of the API is auto-generated from the GenerateBindings script (automatically-exported stuff) and the APIDump plugin (manually exported API). So there's almost zero maintenance regarding the API.
So is the simulator just calling callbacks with random values? How are you emulating the server?
Woo, the simulator has just found its first real error in a plugin:
https://github.com/cuberite/gallery/comm...42a0bfaL94
(A copypasta in Gallery's API function)
More or less yes, right now the simulator just calls the Initialize() function and I'm writing support for fuzzing the command handlers - basically exactly what you said, sending random commands to the registered command handlers just to see how they cope.
The assumption is that later on scenario support will be added - you will be able to define high-level steps that the simulator should simulate (such as "connect player A, connect player B, move A to pos XYZ, execute command C") and at the same time the plugin will react to this.
A plugin fuzzer you say? Pretty impressive. Are you going to have to mock up stuff like cPlayer when you execute hooks?