NationStates

NSlash will be Community-Led effort as we will need testers and programmers to build a more reliable and safer successor to NS++. You can find us on our IRC #NSProgrammers, or on the #NSMentors IRC from Esper or Message Me, The Republic of Lanos, Soldati Senza Confini, or Alduinium

Being that NSlash will be a community project means that we rely on you, the users, input on how to further make this tool more reliable and more satisfactory to your everyday needs while browsing and using NationStates. In light of this, feel free to telegram us or get on IRC to let us know of your ideas or whether you'd like to help. No idea will be denied, and we'll make sure to keep a list for ease.

IRC Help
Mibbit
Go here: http://client01.chat.mibbit.com/
In connect, pick the Esper server
Choose a nickname
Enter either #NSProgrammers or #NSMentors
Profit

Esper
Go here: https://www.esper.net/publicirc.php
Set your nickname
Enter either #NSProgrammers or #NSMentors
Profit

---

Programmers are:

Soldati Senza Confini
Geanna
Tiltjuice
New Mushroom Kingdom

Testers are:

Alduinium
The Republic of Lanos
District XIV

---

Current Note: Due to the fact that Afforess was deated recently, and as well as having some shoddy code used before, we will be nitpicking code to ensure nothing malicious is present. First testing will be implemented by those listed as testers to act as isolated controls and as such the tool will not be released for some time. Please be patient as this process is not easy. We are open to ideas and will take any help we can get, this new tool will NOT be run/programmed by one man alone, this is meant to be a community project for a reason.

---

Ideas


• -Providing an Aesthetically Pleasing puppet switcher menu for ease of access

---

STAGE


• Pulling apart code for malicious strings, and scanning for exploits or security breaches

Geanna wrote:It's become quite clear to a lot of us that the popular plug in NS++ isn't exactly a trusted web-plugin application by Moderation, due in part to a shoddy track record by Afforess/Shadow Afforess.

No third-party application is ever going to get a badge of trust from NS admins. It has little to do with who writes the app.

Glen-Rhodes wrote:

Geanna wrote:It's become quite clear to a lot of us that the popular plug in NS++ isn't exactly a trusted web-plugin application by Moderation, due in part to a shoddy track record by Afforess/Shadow Afforess.

No third-party application is ever going to get a badge of trust from NS admins. It has little to do with who writes the app.

Yes, however, this application will be open for them to scan through; I will keep an updated incremental version with the latest fixes on a personal server or on my own dropbox to make it as openly shareable as possible, plus the git will be strictly monitored to find any changes, thus, the administrators can always pull my copy or someone else's if they request it and match against the git.

Also, how the code increment will happen is that every time someone proposes an update or a patch/fix it has to run through the community before it is implemented, and then we're having testers to confirm the code being pushed into an update doesn't contain any suspicious bugs/exploits. We're trying to make it more community driven and counting this will make it more secure as a result given the community will have a say on what goes into the project.

It won't gain full trust, but it's an improvement from having only the git code and only one person having total control of the release code.

That's a common meme with NS++, that people can't know exactly what is in the extension. We can already see NS++'s source code. Not just on GitHub, either. Browser extensions can be unpackaged and read. Chrome extensions, for example, are just archives of HTML, CSS, and JavaScript files.

NS++ is more than just local/clientside page manipulations. Afforess pays for a server to host all the data that NS++ collects and relies upon. It's quite a lot of data, so you'll need to pay for a VPS with decent bandwidth.

Glen-Rhodes wrote:That's a common meme with NS++, that people can't know exactly what is in the extension. We can already see NS++'s source code. Not just on GitHub, either. Browser extensions can be unpackaged and read. Chrome extensions, for example, are just archives of HTML, CSS, and JavaScript files.

However, not many people know how to modify the files, and not many people know that they can be unpackaged and read. I unpackaged and read it because I have Linux and I can open almost everything with it. It doesn't mean the casual user knows or is going to bother.

Glen-Rhodes wrote:That's a common meme with NS++, that people can't know exactly what is in the extension. We can already see NS++'s source code. Not just on GitHub, either. Browser extensions can be unpackaged and read. Chrome extensions, for example, are just archives of HTML, CSS, and JavaScript files.

NS++ is more than just local/clientside page manipulations. Afforess pays for a server to host all the data that NS++ collects and relies upon. It's quite a lot of data, so you'll need to pay for a VPS with decent bandwidth.

This is an issue that is already being discussed, I already own webspace and rent servers, however my bandwidth could not handle large traffic at the current time. Currently, we are waiting on Hobbes to contact Afforess on getting what of the program we can not access already without having to break into files, if we can get him to hand over the rest of the code and give us complete access, then the tool will take a lot less time to reproduce, if not we'll have to build a tool with what we have and can already obtain. Administration may not completely trust it, but our main concern is safety for the users of this program. That means shutting any possible back-doors and wiping any major flaws within the codex that could potentially put users in harms way, such as inserting code to promote your dispatch. Hell, if this means giving Administration access to help code side by side us, than we'll welcome the opportunity.

Geanna wrote:

Glen-Rhodes wrote:That's a common meme with NS++, that people can't know exactly what is in the extension. We can already see NS++'s source code. Not just on GitHub, either. Browser extensions can be unpackaged and read. Chrome extensions, for example, are just archives of HTML, CSS, and JavaScript files.

NS++ is more than just local/clientside page manipulations. Afforess pays for a server to host all the data that NS++ collects and relies upon. It's quite a lot of data, so you'll need to pay for a VPS with decent bandwidth.

This is an issue that is already being discussed, I already own webspace and rent servers, however my bandwidth could not handle large traffic at the current time. Currently, we are waiting on Hobbes to contact Afforess on getting what of the program we can not access already without having to break into files, if we can get him to hand over the rest of the code and give us complete access, then the tool will take a lot less time to reproduce, if not we'll have to build a tool with what we have and can already obtain. Administration may not completely trust it, but our main concern is safety for the users of this program. That means shutting any possible back-doors and wiping any major flaws within the codex that could potentially put users in harms way, such as inserting code to promote your dispatch. Hell, if this means giving Administration access to help code side by side us, than we'll welcome the opportunity.

These exploits and major flaws people are talking about, are they viruses or holes in the code that allow malicious worms and the such infect the user? I might be interested in helping you out with this.

Torisakia wrote:These exploits and major flaws people are talking about, are they viruses or holes in the code that allow malicious worms and the such infect the user? I might be interested in helping you out with this.

Well, when it comes to NS++ there has been a couple of incidents where Afforess has had "remote code" - putting it in some sort of specific way - and then running it. One of the examples is the botnet incident where he made several nations upvote a dispatch.

It's not so much a virus, but we think there might be security issues which need to be fixed before proceeding to actually adding features and whatnot.

Soldati senza confini wrote:

Torisakia wrote:These exploits and major flaws people are talking about, are they viruses or holes in the code that allow malicious worms and the such infect the user? I might be interested in helping you out with this.

Well, when it comes to NS++ there has been a couple of incidents where Afforess has had "remote code" - putting it in some sort of specific way - and then running it. One of the examples is the botnet incident where he made several nations upvote a dispatch.

It's not so much a virus, but we think there might be security issues which need to be fixed before proceeding to actually adding features and whatnot.

Ah, I see. Just a problem with specific data being leaked and lost?

Torisakia wrote:

Soldati senza confini wrote:
Well, when it comes to NS++ there has been a couple of incidents where Afforess has had "remote code" - putting it in some sort of specific way - and then running it. One of the examples is the botnet incident where he made several nations upvote a dispatch.

It's not so much a virus, but we think there might be security issues which need to be fixed before proceeding to actually adding features and whatnot.

Ah, I see. Just a problem with specific data being leaked and lost?

I would be tempted to say yes, but at the moment we're checking the files for inconsistencies only. Might be secure to work on, or we may find something interesting like a hole or an exploit that we need to take out or fix; some vulnerability that makes people's data unsecure.

Soldati senza confini wrote:

Torisakia wrote:Ah, I see. Just a problem with specific data being leaked and lost?

I would be tempted to say yes, but at the moment we're checking the files for inconsistencies only. Might be secure to work on, or we may find something interesting like a hole or an exploit that we need to take out or fix; some vulnerability that makes people's data unsecure.

Ah, I understand now. Good luck with the project!

If you can eventually give it a nice, sortable, catagorizable, other-not-really-words-that-mean-its-not-one-big-two-page-long-mess-able, puppet list, I'm in, hands down. I'd say that, the influence estimate, and the floating sidebar are what I use most. I'd also probably be willing to do some testing for you.

-Ever-Wandering Souls

Hi, Afforess speaking.

I love that new open source projects are being spun up. That is why open source is so great. My code is licensed MIT, so that means you can do whatever with it, as long as you: give me credit for the bits I wrote, and don't sue me if it blows up your computer.

That is all, good luck and carry on!

I'd like to know what the features will be.

I expressed my interest before, but here it is again.

EDIT - In a programmer's role.

I also express my interests - I am TabletCube / CompanionCube on IRC

I am the Lanos they mentioned. Here to be tester.

The best of luck to both these projects. Being mainly forum-side myself I've not felt much need for more than the stock site gives, but each to their own.

What are the requirements for me to be a tester?

Grenartia wrote:What are the requirements for me to be a tester?

Mostly, you need to be able to document every bug you find: what was the bug, where did you find it, how did you find it, and when did you find it. That will give us a point where to start and check if other testers can reproduce the bug (the more details you give the better), and if it can be reproduced it's something that needs to be fixed by the developers (for now me and Geanna).

If you can take screenshots or can record your screen with a screen capture program and upload the process in a place like youtube that's also appreciated but not necessary. You just have to be able to report issues to us that you may find as a user tester.

To be added to the list as a tester and you are sure you are able to commit just contact Geanna.

You really don't want to know what sort of image the title 'NSlash' evoked in my mind...

Geanna wrote:

Glen-Rhodes wrote:That's a common meme with NS++, that people can't know exactly what is in the extension. We can already see NS++'s source code. Not just on GitHub, either. Browser extensions can be unpackaged and read. Chrome extensions, for example, are just archives of HTML, CSS, and JavaScript files.

NS++ is more than just local/clientside page manipulations. Afforess pays for a server to host all the data that NS++ collects and relies upon. It's quite a lot of data, so you'll need to pay for a VPS with decent bandwidth.

This is an issue that is already being discussed, I already own webspace and rent servers, however my bandwidth could not handle large traffic at the current time. Currently, we are waiting on Hobbes to contact Afforess on getting what of the program we can not access already without having to break into files, if we can get him to hand over the rest of the code and give us complete access, then the tool will take a lot less time to reproduce, if not we'll have to build a tool with what we have and can already obtain. Administration may not completely trust it, but our main concern is safety for the users of this program. That means shutting any possible back-doors and wiping any major flaws within the codex that could potentially put users in harms way, such as inserting code to promote your dispatch. Hell, if this means giving Administration access to help code side by side us, than we'll welcome the opportunity.

NS++ itself is far from dead, and I have no interest in asking Afforess to give me the backend to release.

Geanna wrote:This is an issue that is already being discussed, I already own webspace and rent servers, however my bandwidth could not handle large traffic at the current time. Currently, we are waiting on Hobbes to contact Afforess on getting what of the program we can not access already without having to break into files, if we can get him to hand over the rest of the code and give us complete access, then the tool will take a lot less time to reproduce, if not we'll have to build a tool with what we have and can already obtain. Administration may not completely trust it, but our main concern is safety for the users of this program. That means shutting any possible back-doors and wiping any major flaws within the codex that could potentially put users in harms way, such as inserting code to promote your dispatch. Hell, if this means giving Administration access to help code side by side us, than we'll welcome the opportunity.

The backend code is open source too!

https://github.com/Afforess/NationState ... r/Assembly

It's a java based, Play! Framework 2 application.

Def interested in this.

While some of the heavy features might require a server... is it possible that some of the easier problems can be solved first and tackle the ones that require a server later?