Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Joshex

Pages: [1] 2 3 ... 8
1
Off-topic / Re: my method of personal internet security
« on: March 07, 2024, 12:21:50 pm »
resmon.exe is resource monitor, not perfmon.exe, perfmon is a tab in task manager.

2
Off-topic / my method of personal internet security
« on: February 24, 2024, 04:25:44 am »
So I'll start this by saying in my experience so far, it's not possible to make an internet enabled device truely safe while you are doing anything online. Obviously some sites (like this one) are trustworthy-ish.

But today I want to teach you how to know if your device is safe. (this advice is not fool-proof mindyou). but it's good to at least know who is spying on you and on what sites and what sort of information they are gathering. it may leave a bad taste in your mouth and make you move away from certain sites and banks etc. but. meh I'll leave that call upto how much you can stand of the spies.

Why should you care? well if you trust employees at google, facebook and microsoft with your bank login info and password reset questions, and info about all your finances in your account then you don't need to read any further, you are as safe as you want to be, but all it takes is one bad employee and LEAK. your personal info was sold to someone in another country and now your bank account has mysterious charges or the password has been changed. now this doesn't happen very often. but when it does happen, it happens Enmass you will not be the only one effected. but it's a huge oops that can be avoided.

OR EVEN MORE IMPORTANT YOUR DEVICE MAY BE SLOW BECAUSE TOO MANY SPYWARE COMPANIES ARE ALL FIGHTING OVER YOUR DATA AND DESTROYING YOUR HARDWARE IN THE PROCESS.

that deserved capslocks. you onboard mi hearty? cool lets sail this vessel off into the high seas and figure out how to stop it.

the following contains advice to use windows. Linux is also cool but haven't used it in years, it's also high maintenance and with the rate software advances you'll need to pull off your files once a year and install a new kernel before you can install any other dependencies to install the software you actually want to run.
I would never mac'ncrash though. if you need to know what a macn'crash or iCrash is you obviously didn't know crapple in the 90s. "mr librarian sir I need to use a computer for my school assignment but there are no computers available" librarian "what are you talking about there are plenty of macs avaialble right in front of the counter here, no one is using them" me "yeah but everytime I write a paragraph I get the spinning wheel of death and have to unplug it and start over".

remember kids in the beginning real people used IBMs, they were expensive and ran windows, and then a guy started a company called Macintosh and used old thirdrate hardware and only 1 option and made an os catered to that exact cheap hardware and called it macintosh (no drivers for other hardware so if you wanted a better CPU or grraphics card or memory sticks, tough apples.). be we called it crashintosh, because the operating system wasn't written well either.

if you are on a chromebook, you are already infested with malware. I suggest pulling your files off, transferring all your logins and such to a new non google machine, deleting all passwords and such on your google book, and selling it to some schlup, or selling it for scrap. if you are advanced enough you could try formatting the hardisk and installing another OS, but I've heard many google BIOS actually are spyware ridden and may prevent other OSes from being installed (which is actually illegal, as Dell was found guilty of that with windows in the 90s, bricking machines so you couldn't install anything else, but google gets treated special.)

If you are using windows, some tools that come with windows are very helpful.

Task Manager, we all know this, or at least you should, you can open it by holding ctrl+alt+delete and selecting task manager. you could also open a run dialogue with the "windows key and r" and type taskmgr.exe and hit enter, or search for and use cmd.exe and type taskmgr.exe and enter.

task manager is useful for seeing what programs and services are running. if you don't want Microsoft spying on everything you do (what you type, and using your camera and mic to record you without your knowledge (*cough*windows 8 and 10 *cough* no idea what I'm coming down with I hope it's not microsoftie) you should immediately go to the Services tab of task manager and disable BITS (Background Intelligent Transefer Service) the internet works fine without it, it's just for ONLINE BACKUPS (that you usually can't access, for microsoftie's eyes only). You may need to run taskmanager as administrator to disable this, in the Services tab you'll want to click BITS and then the Services button with the admin symbol on it, then use the dropdown menu to set it to "Disabled" and click the Stop button and you can watch it enjoy it's ban. If your copy of windows does not allow you to disable this, I truely am sorry. there's not much you can do, but I'll tell you anyways later in the post (it has to do with blocking ranges of IP addresses belonging to microsoft in your router). Naturally if you disable BITS or block microsoft you will not be able to update (if successful, if not successful everything you do is not secure, you are essentially spied on by microsoft and at their mercy hoping a bad employee with access doesn't sell private info) and will not be able to use microsft online backups! (seriously, get a usb thumb drive and back things up manually there). You can always reenable it if you really want to.

BITS may try to start itself back up (in example on login, at which point you may have to remove it from starup in msconfig.exe), if you notice this you may need admin priviledges by openning task manager as an admin to truely disable it. If you want to update you can always reenable it temporarily.

Resource Monitor: this is a critical tool to know whats going on over the web. You can find it Inside Task Manager in the Performance tab, merely click the button and it'll open. alternatively you can run it with a run dialogue as resmon.exe or in a cmd.exe prompt.

The network tab in resource monitor is great to see whats really going on when you do things(when you are connected to the internet, or open your browser, or load a certain website etc, or run software). (though you cannot see what the data actually is, but it's probably encrypted anyways, you probably already saw it and google wants their copy secret so you don't know what they re taking, you'd need to be a higher level keyjocky to even listen what the bytes say)

just because something shows up in the network list doesn't mean theres a problem. it depends on WHAT is showing up and WHEN. if you are just openning your browser with no site, just a blank page and google pops up or psychz.net etc., then yeah thats a problem and you'll want to block that. If you visit a website that's not google and you get lots of 1e100.net addresses showing up or googleusercontent.com or edgestarmini facebook.com addresses, than yeah your ISP or DNS server has sold you out to their monitoring, and you will want to block those.

in my experience actually blocking things like 1e100.net is practically impossible because they do not publish their entire IP ranges and do not resolve to all their IPs when requested by a user (they have outgoing-only IP addresses, which they ensure are sent to you as a URL so you cannot see the IP address) but you want to try to block them anyways, because google is one of the nastiest of all spies. facebook, cloudflare, cloudfront and amazon, even akamai are pretty bad too. you will want to keep toggleable firewall rules for them so you can block them when you want to. we'll get in to that soon.

First you'll want to know how to Check what something is in resource monitor. if it's a url a "something.someplace.com" kinda thing then you'll need to find it's Ip address to fully block it. if it's an IP address such as "0.0.0.0" to "255.255.255.255"  then you'll want to find out who it belongs to before considering banning it (you'll also want to make sure it isn't an alternate IP address for the site you are visiting in your browser).

heres some tools:

cmd.exe in windows windowskey + r and run cmd.exe
type:
ping website.com

inexample: ping google.com
it will then send 4 pings to the site and tell you the Ip address it recieved from and the speed of the data and packet size. this can be used to determine if you are not correctly online. if every website fails ping, you are doing something wrong in your net settings, or somethign got corrupted and you should probably do a malware scan with malwarebytes. but we just want the IP address from here. some websites have multiple IP addresses, so you can keep pinging them and get different IPs. but some URLs don;t have an IP and if you ping them you'll get a "general failure" these are really bad spy servers. for example best-offers-usa.space I caught them snooping once. as robotnik would say "Snoopingas Usual I see?!" Ping As. Keep in mind "General Failure" could mean you are blocking that IP in your firewall or hosts file too!

domaintoipconverter.com/
(This is a place where you can put in a .com address and get it's IP address (sometimes it resolves names to IPs that ping wont. it's a service hosted on cloudflare, lets be fair it's either them or google, and google lies about IPs and said "not found" a lot more than cloudflare does in my experience). so if you have a cloudflare blocking firewall rule you'll disable it to use this site then reenable it after. and make sure you are not doing anything private nor sensitive when doing this.)
To use it plop in the URLs on one line each in the box and hit the button, the page will reload and tell you the Ip addresses for what you entered.
Keep in mind many places have more than 1 IP address, google admits to having 25 million IP addresses, but in reality they have a lot more.

db-ip.com
(This is a Database of Ip Addresses and who owns them.  it's a service hosted on cloudflare as well. using this service you can type db-ip.com/all/the.ip.address (in example like this: db-ip.com/all/34.0.0 ) and hit enter. this nasty IP range 34.0.0.0 belongs to google llc they use it primarily for spying on people, but sadly some sites are hosted on it
(click to show/hide)
.

on that site you'll see they give you the entire range of addresses in that range. you'll also see that you can click on in example "google llc" under "Search the IP Address Locator for All Details" and it'll take you to a page and show you all their other registered google services' IP addresses in that category, and under the other ASN numbers it lists out as links (again this is not all of them, but it's a good start for your google blocker firewall rule).
(click to show/hide)
.

ok so now you know how to identify things you see in resource monitor. and from the information given to you, you can guess whether or not you requested a connection to them. if not, then they are spying.

Data Flow Consideration:

you also want to look at the data flow here, 1 letter is 8 bits(1byte), if every time you type something it's sending 1 byte somewhere that means theres spyware we call a "keylogger" being used, probably in the scripts of the website you are on or even worse embedded in the softare you are using. if it's sending 300,000 kb/sec thats a screenrecording or video, 4,000 might be audio, you get the idea. now data coming IN might be warranted! do not block your video hosts for watching your stuff, done that way too many times, easily rectified by unblocking them at least. but I don't watch things on Youtube, that's google
(click to show/hide)

but outgoing data to somewhere, especially google analytics or any analytics is going to destroy your hardware and overclock your CPU. all it takes is 2 of them fighting for whose spyware should get the video screengrab first, and your fan turns on and your CPU struggles, and things like webpages and browsers freeze and stop responding (sound familiar) until they are satisfied they got the uptodate info on you. they also monitor mousepointer locations and clicks. and you're sitting there going "gee it's really taking my computer awhile to struggle to load one shimmering table on this webpage". (it's time to check resource monitor when you hear the fan)



So now you know What they are trying to get by the data flow and the fact they are unrequested connections. and you may get the basic idea of why they want it and why it's valuable.
(click to show/hide)



How do they sort through it? they have massive massive spy servers the size of entire multi floor football stadium sized buildings, and these machines sift through collected data based on set rules input by the masters, these rules tell it to look for interesting or senisitive information and categorize it as "hey human this needs looking at", or for junk info like gamers talking about enhancements "categorize as 'unvaluable information', save in folder 'delete me' for the human janitors to go through with additional search queries before dumping the lot of it."


What can you do about it?

there are 3 key tools you'll need to use, 4 if you count your internet router. (don't use your phone for internet stuff, it's not safe there are no user security controls and the operating system comes preinstalled with unremovable spyware that bypasses the firewall for vendor requests. so kind of them to include that, just what I wanted. not..)

the Hosts file,
found in C:/Windows/System32/drivers/etc/
open it with notepad or wordpad openned as an administrator (because only an admin can modify this file) it has no extension (no .something, it's just "Hosts") so you may need to tell the folder to show extensions(in windows file explorer, you go to tools>folder options>view tab>hidden files and folders>show hidden files, and unclick "hide extensions for known file types" , windows usually comes with this disabled to stop you from messing with things. the hosts document is just a simple .txt file with no extension(do not rename it to .txt, leave it as Hosts).
this is essentially a document of IP addresses and websites filled out by you manually, it has the same function as a DNS server, it can be used for more than blocking URLs, such as cleverly to avoid your internet service provider throttling (slowing) your connection to videos and other things by supplying the website and video hosts IP address and their url you can guarantee your connection without having to go through the internet to find the IP address.

normally thats what happens, you go to website.com, but that means nothing, so your computer contacts the DNS server you set (and if you didn't set one, it contacts your internet service provider's server) and Asks "what does website.com mean, where is it?" and during that DNS request even if it's to your specified DNS server, your ISP can hijack the request and say "I'm cloudflare 1.1.1.1 and 1.0.0.1 and I don't feel like telling you what website.com's IP address is, you know what, I don't feel like giving you an IP address either" = "the connection is limited - no internet access". you cannot get online without an IP address because sites need to know where to send data back to. sometimes your internet service provider will Proxy the video and site to you, meaning they impersonate the website and forward it to you, this slows things waaaay down. if it gets really bad you can go to a search engine like duckduckgo.com and search for somethign simple like "blue" in images and it will say "no results" this is a fast way to know if you are beign proxied to fake sites. if this happens it can be extremely dangerous, log-in to NOWHERE and close your browser disconnect from the internet and restart your router and reconnect manually.

so in hosts you do:
ipaddress url.com

in example
3.218.0.127 www.nintendo.com # this is one of nintendo's IP addresses. they have awful routing, they fluctuate between 2 Ip addresses while you are loading causing the site to not load some times, but meh they'll lose what business they want to lose and I can't stop them.

# is used to comment so if you have an old Ip address for a site that isn;t current you can #comment it. or just leave 2 of them active it doesn't matter your computer will try them all.



Lets learn basic blocking: Hey look real spyservers pa!!
#block spyservers
127.0.0.1 508282028.hou.cdn77.com
127.0.0.1 cdn77.com
127.0.0.1 atl.cdn77.com
127.0.0.1 851154692.atl.cdn77.com
127.0.0.1 hou.cdn77.com
127.0.0.1 hwcdn.net
127.0.0.1 unassigned.psychz.net
127.0.0.1 psychz.net
127.0.0.1 ddos-guard.net
127.0.0.1 best-offers-usa.space
127.0.0.1 disuanqi.dadongeng.cn
127.0.0.1 dadongeng.cn
127.0.0.1 wordpress.com
127.0.0.1 mia.cdn77.com
127.0.0.1 1e100.net
127.0.0.1 *.1e100.net
127.0.0.1 .1e100.net
127.0.0.1 yb-in-f95.1e100.net
127.0.0.1 yq-in-f95.1e100.net
127.0.0.1 ec2-50-16-33-120.compute-1.amazonaws.com
127.0.0.1 *.amazonaws.com
127.0.0.1 .amazonaws.com
127.0.0.1 amazonaws.com
127.0.0.1 ya-in-f127.1e100.net
127.0.0.1 ym-in-f127.1e100.net
127.0.0.1 ec2-44-218-88-39.compute-1.amazonaws.com
127.0.0.1 yq-in-f127.1e100.net
127.0.0.1 ec2-52-24-144-241.us-west-2.compute.amazonaws.com
127.0.0.1 81.33.190.35.bc.googleusercontent.com

this is just a selection of really nasty ones that as I said earlier do not say what their real IP address is when coming to your computer and tell you a different Ip address when you ask them what it is. for nasty sites like that, you set them to 127.0.0.1 which is the local host and will not leave your computer "enjoy your ban google". they snoop in the background and you'll never know they are there unless you are watching resource monitor periodically.

but banning them all one by one is never going to work. spy servers can get around the hosts file by supplying their IP address hidden in your software or in a hidden .js script on a website (probably/usually hosted on google, and made by google) or making an agreement with your ISP or DNS server.

lets talk about stopping scripts, it can be done realitively easily, it is annoying to have to figure out what scripts are needed to make a website run by toggling them on and off, but the alternative is computer grape and stolen information, don't let computer-chan get graped, it's not a pleasant flavour she doesn't like it, consent was not given..

you can install the addon NoScript into your browser. it's a legitimate and official addon supported by all trustworthy browsers. it's simple to use, with a single click on it's icon on the browser or a rightclick on any page, you can access it's menu and see what URLs scripts are trying to run from.

hmm bank.com/login.html yep I'm on bank.com and I'm trying to login sounds like a script I want to run.
cdn.bank.com hmm whats cdn mean? oh "content developer network" and it's hosted on that actual site, should be safe.

analytics.google.com

googleanalytics.com

googletagmanager.com

... um, yeah... no.

it takes a bit of trial and error but you'll get it. it beats the alternative "man this page is really workin my machine hard and it's so slow.." computerchan: "help..... me! .... please helpme!"

but things like ajax.googleapis.com yeah sadly too many sites use google video players and such. you'll start to learn just how many tentacles this hydra has. sadly some parts of it are necessary if only because everyone killed the old .js players and flash based video players, at googles advice because "they were unsecure". that bit abotu google advising people to kill their competition based on fake "security" reasons probably sounds worse than it actually is... I hope..



Next lets get to the Firewall. it's actually simple to use. you go to the start menu, you type in the search field Firewall, and "Windows Firewall with Advanced Security" shows up. thats the one we want. it's one of the second things I open when I start my computer. resource monitor is one of the first.

you'll see Inbound and Outbound rules, google blocking requires both, blocking the outgoing stuff just isn't enough. but for most spyware outgoing blocks are enough. "hmm I don't hear anything from frank... frank must be offline.. yeah definitely offline, that's frank for you.... frank hasn't been online for months... I think franks dead... but I'm a machine and have no sympathy." frank unblocks them outgoing with a new Ip address and different browsing habbits and user names, server "huh new user, I'll name you dave, hi dave, you don't know it but I'm watching you"

ok so outbound is where to start, this prevents software which comes with spyware in it from phoning home. you'll collect the IP addresses and ranges like we saw above in db-ip and do "new rule> Custom> all programs> leave protocols and ports at default>

under scope this is where the action happens, under "which Remote Ip Addresses does this rule apply to?" > These Ip Addresses> Add> this IP address range.

to know what to enter in here takes a bit of half-assed experience, google may own the entire 34.0.0.0 to 35.255.255.255 range, but.. you never know for sure, there might be one legitimate Ip in there somewhere that google sold to some legitimate site. so lets not ban the whole range. maybe lets say 34.0.0.0 to 34.190.33.80, but this is a rough example, you'll determine this based on what you see showing up in resource monitor, for example I know 34.190.33.81 and a good portion of the rest of the way to 35.255.255.255 IS still in fact a google spy server address, but it also happens to host other websites. so, figure it out as you go and block what you know is bad.
New Site? New Firewall rule. make it easy on yourself! especailly if a site you want to go to shares the same IP as a spyserver, best separate that out as it's own rule so you can turn it off independently.
you can add many Ip ranges to a rule and you can easily right click the rule in Outgoing once you've made it and edit more IPs in under "Scope" later, so don't worry about getting them all right now.

next Action > Block the connection

"Enjoy your Ban google"

don't modify profile not really necessary

finally lets name this character and add a description

"Goorble outgoing BAN-HAMMA"
description: "The Name Of The Evil One is so corrupt it shall not be mentioned. Gorble. like a garbled website that they made with a single javascript under the html header, in disarray and broken."


Remember you can always turn rules off if in example you want to watch some youtube or need to load those awful recaptchas, or upload an image to discord. some websites are entirely hosted on google, like nearly ALL the comic book viewing sites. "but joshex those images are hosted on some sort of blogspot page, thats not google." me "check the Ip range, take the IP of such a site, put it in yourbrowser's URL field and hit enter. huh google.com.. howd that happen." at least cloudflare tries to hide theirs by saying "this Ip address cannot be visited directly, only by url name, this Ip address is part of the cloudflare network". wait, so you're saying google is responsible for hosting pirated scans of new comicbooks? yes, and they are unashamed. perhaps it's the one good thing they do those surley old dogs. if you can call it good.

Congrats, you are a level 1 keyjocky. google hates you even more. they've gone mad bro.

time for level 2~!

lets talk about that internet router, the wifi thing that supplies your net, did you know you can log-in to it via wifi or wire so long as you use the admin password printed on it's side and visit it's IP address in your browser? usually it's a 168. something IP address, check online abotu the unique login method for your router.

most have an "Advanced" tab or page, and here somewhere there will be an option to block access to certain IP addresses and ranges just like in firewall, because it is a firewall. this is necessary if like on windows 10+ blocking microsoft's IPs means nothing because that rule will get ignored by microsoft's software. well, now you have an exterior option to block them with.

Welcome to Level 2 Keyjockeydom j0053 73# 31337 #4x0r! (not really you probably just feel like it, this is only level 2)


these are the basics, I'm thinking of teaching a class on this and getting more people familiar with monitoring and blocking offending spyservers.

sorry no pictures, I'm lazy.

3
This one is simple

1: Proc: Chance for Anti-detoggle: Mez Protection Mag 6 (to prevent effects from detoggling this power), this applies to Hold, Immobilize, Sleep, Stun, Fear, Choke, Mez etc. and Incarnate enemy/AV auto-detoggling powers. Having insfficient Endurance at the time of the toggle's next tick will still disable this power. UNIQUE.

2: Universal Toggle, Enhance Primary Effect
3: Universal Toggle, Enhance Primary effect, Secondary effects
4: Universal Toggle, Enhance Primary effect, Secondary effects, Accuracy
5: Universal Toggle, Enhance Primary effect, Secondary effects, Accuracy, Endurance
6: Universal Toggle, Enhance Primary effect, Secondary effects, Endurance, Recharge

here primary effect is the main thing the power does, it might be PBAoE damage, it might be Status protection, or resistance, or defense, or confuse, or repel, or regeneration etc. and may be scaled based on the number of enemies in a given range. Secondary effects might be +special, a debuff of some sort, -end, self heal, +end, +hp etc. whatever they are on that power, this enhances them, but enhances the primary effect the most.

suggested bonuses(up for revision):
12% regen, Mez Protection
3% defense (something, energy, negative?), AoE, Mez Protection
3% damage bonus, Mez Protection
6% Resistance Psionic, Mez Protection
15% accuracy bonus, Mez Protection


4
Irreparable Damage (Global Damage Set, Very Rare, UNIQUE):
A:enh( Chance for Mag4 -HP, -Regen, -Res to target, Self +Damage)
B:enh( Chance for Mag2 -HP to target)/ Damage
C:enh( Chance for Mag2 -Regen to target)/ Accuracy
D:enh( Chance for Mag2 -Res to target)/ Recharge
E:Damage/ Accuracy/ Recharge
F:Damage/ Accuracy/ Endurance/ Recharge

Set Bonuses:
2: 4% Damage Bonus
3: 15% enhancement Accuracy
4: Defense Smashing/lethal, Res Mez
5: Defense Energy Negative, Res Cold, res Mez
6: Defense Psionic, res Toxic, res Mez

Recipes:
A: Corrosive gas, Titanium Shard, Enriched plutonium, Empowered sigil, mutating genome
B: chemical formula, rune, plague spores, silver, Alien Blood Sample, Reactive Gas
C: Rune, unquenchable flame, heavy water, complex chemical formula, Psionic Manifestation
D: Iron, Corrosive gas, ensorcelled weapon, enchanted impervium, Psionically Charged Brass
E: chemical formula, Iron, symbol, Rikti Alloy
F: stabilized mutant genome, spiritual essence, Psionic Ectoplasm, Psionically charged brass


"Careful combinations of biological agents with harmful chemicals, radioactive materials, magical commands, and psionic connections embued into tough and jagged shrapnel can be built into any weapon or impacted during any attack causing irreparable damage to your target, they may heal but the parts of their body damaged this way will have to be replaced at a genetic and cellular level before they can function like they used to again. When combined in a single attack; The combination of agents grants all your attacks a huge damage bonus, the magic and psionic enchantments make targets hit by all your powers Very easy to hit again, the shrapnel causes many enemies to pull their punches causing them to miss, the energies create a field which can repel energy and negative damage types, the radiation and corrosive chemicals can melt ice and creates a heat aura around you and can react to and kill or distintegrate harmful substances, and the magic and psionic artifacts and scripts deflect attempts at getting into your head".

this damage set is meant to add a debuff to the slotted attack, Stackable (on each hit that connects) upto Mag 6 total in one hit (for the duration of the magnitude on the target) adding an additional debuff per hit(if it rolls in the debuff's chance range), the reason being is in example I noticed in my tank builds if there are no debuffs in the actual attacks there are very few cases where you can add say a regen, HP or res debuff, most of those procs are in sets for enhancing specific types of attacks or effects which your powers may not have (so you can't slot them), Like for melee and PBAoE I think theres close to nothing where you can slot a debuff proc. this makes it difficult for melee types to deal with armored regenerating foes, however this set can also aide ranged and control users as well.

it has 4 Effect adding enhancements (Procs), one with a chance to add a Mag 4 -HP -regen and -res effect to the slotted power, and then one other enhancement for each debuff (hp, regen and res) at Mag 2 mixed with some form of power enhancement, making an additional 3 Chance For procs.

given the nature of this set I felt it wouldn't really add any regeneration nor recovery to the user as it is rather degenerating in nature, it also doesn;t really interface with the character nor create any speed so I didn't include any recharge bonuses.

I felt that this entire set needed to be UNIQUE because allowing everyone to slot debuffs in every power might be a bit too much.

5
Looking for Group / Tina Macintyre contact run
« on: November 27, 2023, 08:42:40 pm »
So, for those who don't know, Tina Macintyre is a contact who will give you missions with some praetorian ArchVillains in them and also a few badges all of which are important for getting accolades such as portal jockey.

now also, there's a difference between Tina Macintyre and Ouro Tina Macintyre. they will set you out against different AVs, so to get the AVs from the non-ouro Tina's arc you need to run it with someone who has her as a contact in the level 40 to 44 range. if you have not been a completionist and missed her and are in this range, you may be able to get a detective to introduce her to you.

You do not need to have her as a contact to run the arc with someone else.

https://wiki.cityofheroesrebirth.com/wiki/Tina_Macintyre

So as of the 23rd of November 2023 my character captain shock only has Tina Macintyre and Unai Kemen's first mission (warwolf world) as my only level sensitive contacts left. To be nice, for those who need the AV defeats and badges I will be offerring 7 spots to the first to claim them in this thread. I honestly wish I could offer more.

We will be handling AVs some of which are rather tough so bring your A-Game. We can probably get away with half the team being in their 20's or 30's and still get by. Any AT is fine.


This is LONG story Arc, not the longest, but we may need to negotiate several days when we can all do it.

I would like to get this done in the next 2 weeks so I can level to L45 before we do the LGTFs and rikti drop ship takedowns during the winter event (see other thread)


this is started, we missed antimatter because he spawned as an EB. so I'll have to do that part again. sigh.

other than that , I'm just doing it based on who wants to join when I'm active.

Finished for now, no more characters in this level range with this contact.

6
Again the solution is to allow players to earn progress towards the patron badge before 35, but the badge grants when their untrained level hits 35. so in example someone who ticks over Lv35 with mission complete of the last mission in the arc, should be immediately granted the badge.

this is so they don't need to respec at 35. they can just get the badge then level to 35 and select from patron pools.

7
General Suggestions and Feedback / Re: Inventive Inf Dumps
« on: November 21, 2023, 08:10:11 pm »
My concern is that this could become punitive for new and casual players as well as players who play a lot of alts and therefore don't spend a lot of time at level 50.

What if there was a system to exchange Inf for merits directly, perhaps at an inflated rate, to accomplish something similar without hurting those who aren't looking to dump Inf?

It's a valid concern. perhaps the prices of these things should reflect level of the toon as well.

8
Off-topic / Project Bane
« on: November 12, 2023, 02:32:14 am »
so, in 2011 I began working casually on a project called "Project Bane" in blender. I knew what I wanted to do, and what I had to do. Then in 2012 when CoH was sunset I kinda went full-in for a bit and started making what I hoped would one-day be a spiritual successor to City of Heroes.

however all I could get out was on offline demo for my master's degree project. It was hard work to essentially cram the menus and overlay and characters items and scenery into 1 year. in the end I ended up cutting the scene short and setting very small map bounds. and the character animations were awful, I didn't even auto-inverse-kinetics (Auto IK) them, they were all manual bone rotations so they looked stiff.

this thread is for discussing this project.

so, what did I actually showcase during my masters degree if not a full game?

It centered on game tutorial philosophy, specifically training the character with minimal text. essentially we're talking Super Metroid style tips, but rather than placing them over the screen, I decided to make multiple billboards in game whose image would change based on conditions being met. such things as running out of stamina, getting low on HP, getting defeated, and tasks pointing you to click your contact to get a mission, and hand-in completed missions, even teaching you how to target enemies by clicking them. It was all helpful tips as graphical billboards.

you might see where this is going. recently there was a competition for billboard design, so, I'd like to share my idea with City of Heroes: have the billboards actually help communicate tips to players. I'll try to post them tomorrow. Looking back at them now is well kinda like looking back at childhood drawings, they are a bit humiliating in their current state so bear that in mind. also the graphics and symbols are my own custom designs intended for Project Bane so they may not match city's items exactly. I might change that if I get time between now and december 30th.



lastly, what became of project bane?

well, it's really on-hold. blender has some limitations I did not know well enough to get around at the time. the major problems are:
1: dynamic text that doesn't abuse memory is kinda unstable. in blender 2.5 to 2.79 you can use a text object, but that renders the text from a vector curve, and seems to suck up processor and memory power. In 2.49b you use a .tga image font, the problem there being that when you transfer the game to a different machine all the text turns into '@'s , the fix is to go in and re-unwrap every single text field and lay it out on the @ in the image, which is not something most casual players will easily be able to do. theres another method which requires a bit more programming expertise and essentially costs 1 polygon per letter in some cases, it also requires an in game dictionary of words and phrases so as to cut down on polygons. it would be a ton of work. also word wrap is something I need to program myself, as well as text window bounds, scrolling and such, it's likely it'll have to be some crazy videotexturemodule trick to make a chat box actually scroll and hide out of box text.
2: Dynamic shadows, blender only allows buffered shadows with a spot lamp. it also gets pretty pixelated over large distances. there's a gamelogic bricks function to make an object into a 2D n64 style shadow that follows the player around at ground level and hangs over edges floating in the air, and then theres theoretical raytraced shadows using a shadow scene and the render to texture module but it's not confirmed to work.
3: Encryption. this was a real kicker. I think python has some form of data encryption module, but there doesn't seem to be a controlled method for key negotiation and exchange. I did make my own data encryption method the problem is building it lol.
4: motion textures, blender can only do motion textures with the videotexture module, it uses essentially double the graphics memory and processor power as rendering the gamescreen then converts it to the desired image resolution. there's other methods I've stumbled upon more recently that should help essentially mesh swapping.
5: updates, patches etc. while there are methods to do this automatically, you essentially need to build the updater into the game, and as far as I know it has some critical limits. real-time mesh and image creation are essentially a pipe-dream in-game. they are meant to be done out of game.

the pros of blender were:
open source; so players could literally custom model their character model and animate their own attacks with custom graphics effects. the downside is these would only show up to other players once officially added to the server by mods and after the client is updated.

the downsides were mainly:
a lot of dev work, and no one wanted to help.



This project may be picked up again in the future. it's not abandoned. But right now I think I need to start smaller and put out something to generate interest in my game dev abilities (which I am doing, nearly done with my first game). If this project does go live again, training will be available.

what can I tell you about the game? not much, it kind needs some secrecy till it's ready to launch. I'm actually glad I didn't rush it out. building a superhero universe storywise is a big job that requires alot of careful assessment as you go forwards to prevent plotholes and limits which write you into a corner.

the game premise and setting are largely known, gameplay elements are in their infancy but are already 90% planned out. numbers are the real work there, I have a spreadsheet somewhere that needs a major reworking. @_@ math.. it is not city of heroes, there are a long list of monumental changes, some of which may need more testing to determine better methods of application. I currently have no funding.

Character models will need reworking: last I checked the character model I made had working rigging, but could be a lot better with my knowledge now. the polycount with clothes was about 10,000 polygons. which is crazy for a single character. so that will need toning down. I currently only have a male base model, I'm nearly done with a basic female base model, just need to finish rigging the hands and make eyelid shapekeys, but that's in anime style, so while we could include that, I still want to make a comic book style and realistic style, most of which is just the face.

but yeah, this is on hold. if you are interested let me know.

9
Looking for Group / Rikti Dropship Takedown
« on: October 06, 2023, 04:43:43 pm »
Saturday the 23rd of december is the date!
9PM GMT-5 (NewYork) time is the time!


In order to make this work we will plan a LGTF ahead of this event and the invasion it spawns will be our target. we will try to finish the LGTF at a specified time. we will be doing this the week starting 12/18 because LGTF is the weekly strike target!

On the day this will happen This will be scheduled as 2 events

#lgtf
and
#gm

We will add 5 events to the !e next list in EventHerald
1: some prior good day we'll hold some atlas park safeguard missions to get people the flight power
2: on yet another prior day we'll hold some VILLAIN side Atlas Park Mayhem missions, just in case that's where you want to get your flight power(though the drop ships will be blueside)
3: during the first week of the winter event we'll schedule events to get candycanes to get the golden rings temp power (likely tons of winter lord runs)
4: the pre-invasion LGTFs AS MANY AS WE CAN GET GOING SIMULTANEOUSLY
5: the post LGTF Dropship assault

it is my opinion we should have at least 2 teams do the LGTFs simultaneously and watch the clock to complete at the same time, so we have 2 invasions drop to maximize the chances of getting a an invasion in a good long zone.

What you'll need; either, hover, fly or a jetpack that can be used in combat, ///WARNING///Hoverboards and magic carpets will not work!///.

We will need a league of at least 2 full teams.

We will need SLOWS, HOLDS, and IMMOBILIZE, it has a slow resist that stops it from going to a full stop, the slowest we can drop it to is roughly 14mph

We will need damage.

ALL levels welcome.

We're looking for Invasions in LONG zones, such as Peregrine Island, Steel Canyon, Skyway City, Talos Island, Crey's Folley, Independence Port.

We need to Assemble and Wait at the War Wall where the ships will  be coming in! NO FIGHTING RIKTI ON THE GROUND AND NO BOMBS everyone focuses on 1 Ship as a league!.

Bring INSPS for yourself. Suggested; Reds Yellows and Blues. for squishies Purples, Oranges and Greens.

Temp Powers Welcomed.

///WARNING
Remember, Ground based powers such as summon:fields will not work as theres no where to cast them in the air. Summons will not be able to reach them, so unless you have groupfly your pets wont be able to help (so provide whatever attacks you've got). Some Self TP powers don't work while flying, such as Electric Melee: Lightning Rod.

Watch your Endurance!

from what I remember anti-fly doesn't work on them so we cannot ground them. or maybe we just need a ton of antifly like mag 10000

Squishies keep distance and use ranged, Solids (Joke) use taunt or provoke to hold the ships fire only as you are able!.
///

When one ship goes down we hit another!




What do you/we need to do ahead of time:

Before the LGTF you will need to obtain a combat type flight power, there are several ways to do this:
1: you can buy one if you are L20 in Siren's Call, or L40and go to the shadow shard
2: you can get one as a reward for completing the Atlas Park Safeguard mission, or if you were a villain or rouge recently you could do the Atlas Park mayhem mission.
3: you can get the Holiday Jetpack during the winter event.
4: you can make a second build with Hover or Fly
5: you can follow someone who has Group Fly (by getting Aerobatics and Fly) MMs and pets users will NEED to have a build like this for dropships. please make this build ahead of time it can be with normal enhancement or IOs you don't have to kill yourself on sets.
6: you can be a peacebringer or warshade
7: there is a Jet Pack Temp Power that can be crafted you can get the recipe from other players, from drops or buy it on AH if available.
8: if you are a villain or rogue there are several missions you can do through flashbacks to get a jetpack.
 8.1: Lt Chalmer's in Sharkhead Isle will give you a mission  "Help the Skyraiders fight off longbow", there is nothing in the wiki saying this mission cannot be Ouroed.
 8.2: Marshal Brass offers the mission "Steal a Goldbrickers Rocket pack" which grants you a rocket pack. this is not available via Ouro!.

every attending player should have a hold, even if it's just the dayjob power
you can get HOLD type powers by:
1: you can get the Ranged TAoE Hold: Tear Gas dayjob power by logging off in a police station and a vault till you get the dayjob badges, then log off again to earn charges.
2: during the winter holiday event you can get the Golden Rings Temp Power from the candy keeper, Ranged Foe Hold.
3: you can get a hold if you are a controller or dominator, some other ATs may have holds as well, like blaster.


sadly there are no craftable Hold type powers
sadly there are no hold type powers in power pools
sadly the hold type powers in other temp powers are limited use and no refill.

update: this event is in planning tentatively for december, because we'll do better with the golden rings temp power. no date has been set because I'll likely need to lead or take part in an LGTF which is min level 45, I still have 3 contacts in the L40 to L44 range. getting there slowly.

It WILL NOT be in the first week of christmas content! this is to avoid interfering with people getting the winter event out of their system. we'll aim for the second or third weekend of the winter event but NOT christmas week, just in case!

10
General Suggestions and Feedback / New Pool Suggestions
« on: September 24, 2023, 08:08:52 pm »
I know we just got new pools, such as utility belt and experimentation. it's time then to think about whats next, because making it will likely be a long job.

each pool has a theme, usually a combination of different things that other pools don't have ( so as not to make another pool's power redundant)

My suggestion is a "ninja arts" pool (your basic ninja arts) it's really hard to limit it to 5 powers.
starting level 4 selections are:
lv4 : Throw Shuriken Ranged, Minor Damage Lethal
lv4 : Substitution Jutsu, Targeted Aoe: Foe Placate, Summon Destructible Object, self +stealth(15seconds)
--must have chosen one of the above to select below--
lv14 : Taijutsu (toggle) +Run Speed, +Jump height, +Def(AoE, Melee, Ranged)
lv14 : Genjutsu, Targeted AoE, Foe blind, Foe Placate, foe Confuse, Moderate DoT Psionic
--must have 2 powers in pool to select below--
lv20 : Clone [summon clone] Endcost: 50, recharge moderate (can cast multiple times for multiple clones), clones: 10%% Your HP, 50 End, access to copies of 2 unenhanced versions of random powers from your primary and/or secondary, plus Throw Shuriken.

most of this pool is designed for squishies to cast when they need to run away.

Alternative powers I was going to include were, Throw Kunai (but we might not have the graphic), Caltrops, and Smokebomb(PbAoE minor dot Fire/Smashing, foe choke, foe blind (-perception))

Taijutsu was pulled from blaster secondary ninjitsu: Shinobi
An Alternate for Substitution jutsu, is to blind all enemies, placate, then TP the targeted enemy to you, hold them, and confuse the rest. thus they'll attack the held enemy and wonder where you've gone. naturally +stealth for the player so they can run away while the enemies defeat one of their own. I actually rather like this alternate, because it could be used to force arachnos to attack their Mu guardians and fortunatas, make malta attack the sappers, make tsoo attack healers, and make CoT earth mages cast quicksand on their own. but thinking about it technically this can be achieved with Substitution followed by Genjutsu.

Add other suggestions below.

11
General Suggestions and Feedback / Re: Fix recall back to what it was
« on: September 23, 2023, 11:00:20 am »
The decision was made in Ri5 to make recall a single click power, instead of a targeting reticle.  As a result of this change, teleport powers can sometimes fail.  There is a lot of logic to try to find a safe location, but sometimes it just can't.  The difference between processing on the client vs server side and human input means that we can't make the power single click and keep recall friend's former behavior.

However, repeated failures are surprising.  Are you moving after a failed recall or are you just repeatedly using recall in the same location (which should result in repeated failures).  If you can provide the map you're on and the location (/loc) where your teleports are failing we can look into why you might be having particular issues on that map.

To decrease the chance of a failed teleport choose a flat location free of other objects.

Might I suggest, from a game developer's standpoint, that if you do not allow the player to set the location the target is teleported to, you should increase the range from the caster that the target could be teleported to with a closer is better policy. Or a safe place could be calculated from the caster's location using a Z axis rotating ray to detect obstructions and retun the vector or location at the ray's closest distance with no obstruction.

12
General Suggestions and Feedback / Re: Alien Invasion MM summoning power set
« on: September 19, 2023, 01:55:06 pm »
I've had time to think about this. Some changes will be necessary on at least 2 points which may change the entire makeup of my proposal for this set.

1: invasion portal in game at current summons conscripts, monkies, and drones. Originally I had it so that it summond random minion aliens you have access to. And specified you could upgrade those aliens, and specified I think 5 minutes of uptime for the portal. First I think we should cut the time down to 2.5 or 3 minutes, Second you can't upgrade aliens summoned this way, but they will follow, and get desummoned when leaving maps, third We'll keep some max number of summons through the portal, 5 is good, naturally if defeated the portal will summon more.

2: I've been thinking about how to get all the aliens in game into this set. I think invasion portal should summon random aliens from the entire game not just ones you have summons for. so you could get a: nictus, kheldian, whatever Dillo is, shivans, rikti, or shadow shard critters.

This really would open up the summons, now we wouldn't have to have 1 Summon Power for each alien type.

3: dealing with EB summons, instead of being at level, they could be Lv - 2 Elite Bosses, thus having all the abilities and survival of an EB, but 2 levels lower than the player to make it a bit more fair.

these ae some thoughts I will modify in to the main post later today, not sure what alien summons will be replaced. might do all the rikti in 1 summon like I thought of before.

Updates made to leading post, it is now Template-fitting to other MM primary sets!!!

13
I've had this issue with some other content from missions or story arcs too.

I refer to it as the Vanguard Badge Situation, as that's one of the easiest examples, you cannot be granted the vanguard recruit dayjob badge until you are Lv35, but you may earn progress towards it before then. For my character captain shock in example under badges>dayjobs the badge's logoff time meter was full (504) before I was 35, but it was granted as soon as I ticked over 35. I don't remember if it was at levelup or at train, I'd be tempted to say it was at levelup that the badge was earned. even if not, that would be a better solution than changing the level you need to train to to get a badge. instead have the badge be granted when you level to the given level rather than after you train.

If you want to confirm what's necessary for the badge, you'll need to fast track a villain to 35 and complete the first mission in any patron arc then check your Collect window and look for badges>category, then see what it says or what the meter shows, you can also add it to the badge monitor to see if it does change per mission. if so, then yes people need to stay along for the whole arc. Again even if they do the whole arc the badge will not be granted till Lv35.

and again changing that from "grant after Train to Lv35" to "Grant after untrained level passes 35" would solve said issue.

the content I had issues with were temp powers, they are only granted to the leader. this could be how it's set for the patron badges as well.

Patron pool badges NEED to be at Lv35+ or it will likely cause a conflict in the game's code!it's simple logic:
1: the badge unlocks patron pools during level up
2: the first patron power unlocks at 35
3: cannot have a new pool set as available with no available powers and no claimed powers in it!!!

I honestly have no idea how the game would react to that. I'd suspect one of the following:
1: the level 35 power is selectable at a lower level the badge was earned at, but on select and confirm nothing happens (you train up but don't get a power) because you don't meet the level requirements.
2: the level 35 power is selectable at a lower level you earned the badge at, but on select and confirm you get a nameless (#01$&@#^%*435901add more special characters) glitched power which is something else entirely and probably does nothing.
3: the level 35 power is available at a lower level the badge was earned at, but on select and confirm it crashes the game client.
or the worst case scenario for the player:
4: the epic pools selection is visible though none of it's powers are available causing the a glitch which wont let you train up no matter what you select, if it even lets you select anything! it may just display "error".
or the worst case for the server:
5: the epic pools selection is visible though none of the powers are available, causing a "corrupted" data log which crashes the server.

so, these are just guesses, I just know CoH is really temperamental when it comes to things that don't add up or don't fit in some preset code bend, causing an exception.

thinking about my suggested fix now after the fact, it'll need a third condition:

"Character Trained to Lv34, and Character's untrained level is 35+, and has completed a patron arc" = grant patron badge

Might also need a fourth condition: "Player Alignment is Villain or Rogue before badge will grant." this is necessary if we are allowing progress for the badge ahead of time, because a player could easily complete the arc with a lv35 lead at Lv20 turn off XP, then do rogue then hero tips and become a hero at level 20 and stay hero till 35. but then a hero is being granted a Villain Badge While actually a Hero, that could cause errors. Otherwise it might cause conflicts with other hero and villain specific badges. So they'll have to do vigilante tips and then villain tips till they are a villain at 35+ so it grants the badge then rouge and hero tips to get back to hero.

(click to show/hide)
(click to show/hide)

but back to reality, yeah the game will likely have issues with this change if all the right things are not done. So to recap to allow the player to earn progress ahead of time, the badge should not grant until (all the following are true):
1: the character has trained to Lv34
2: the character achieves/has an untrained level of 35+
3: the character is Villain or Rogue.

from there you can take it where you want it.

14
General Suggestions and Feedback / Re: Day Job Badge Needed
« on: August 31, 2023, 12:06:31 pm »
[Monkeyin' Around] adds a minor damage and accuracy bonus as well as an effect boost on all effects Magnitudes for a short time after logging in.

after 504 x 15 minutes logged out as a monkey, you get the Badge.

"Your time spent as a rikti monkey has earned you the Monkeyin' Around Badge. Logging out as a rikti monkey will earn you an effect, damage and accuracy bonus for a short time when you log back in."

combine it with Professor badge? to get an accolade dayjob badge [Doctor of Shenanigans]

"Your time spent as a rikti monkey and working in the universities (sometimes congruently) has given you time to perfect the art of your unique science of shenanigans. While logged out as a rikti monkey or in a university, you will earn charges of your [Rikti Monkey Fart] dayjob power."

"So is it a PhD in Art or Science?"

"One might say it's a PhD in Social Sciences, others might postulate it's a PhD of Arts in theater. But it is purely a PhDS, 'PhD of Shenanigans' ."

on this note there's other places which could use dayjob badges, for example logging out on the brickstown Zig could earn the [Corrections Officer] day job badge. combine it with (city official, Police officer)? to ger a [Warden] accolade maybe earning you a "Ball and Chain" power; ranged, single target, foe -speed, -fly, - jump. not sure on that one.

There should also be one for terra volta.

15
New Problems Discovered with Attract such as quicksand.

I've confirmed there is a preferred direction in the CoH engine, that is to say a directional axis on which force is applied to first on each frame, giving that axis a tiny tiny bit more force per frame; which builds up to a differential of large amounts of force over time causing motion in that direction to work and motion against it to fail. this means escaping from attract is as easy as trial and error and picking a direction and trying to ninjarun or superspeed out, then when you find the 2 horizontal preferred directions pull hard towards that corner.

oh, but that's not necessarily a problem. what is a problem is that in such cases, only your graphic moves, your physics object stays put. meaning you can literally walk like 30 meters away and it still thinks you are standing there in a pile of enemies, you can cast melee powers on them and they can hit you at your former position. this is telling me the default un-enhanced power of Attract is WAAAAY too voracious, it's overboard LOCKDOWN kinda force..

On that note, Self-TP to the opposite side of the attract field causes your character graphic to be disconnected from your physics object and sent sailing to the farthest reaches of the map until the attract ends, oh, by the way your physics object wont move not even for SelfTP. now that's really hard coded immobilize.

Double attract at different locations will also cause this "character graphic sailing off into the sunset effect."

Oh did I mention the camera follows your graphic? so.. you'll be so far away you wont be able to see whats hitting you.

KB can also cause this effect.

We need to tone down attract. things like TP, KB and running away from the center NEED to work because they work for the graphic but not the physics object.

Yes, the graphic will reseat itself back onto the physics object when the sailing effect wears off because the attract ends.


Also the range of the attract is waaaaaaaaaaay tooooo biiiiiiiiig. I was on a CoT map with a very tall central rock pillar in the room. I jumped off with ninja run and combat jumping just as an earth caster cast quicksand and I fell maybe 50 meters down and almost to the wall so >= 50 meters away from the center of the attract, and IT WAS STILL DESPERATELY TRYING TO PULL ME TO THE ATTRACT, it actually stopped me mid-air >= 50 meters away as I pressed forwards to fight it, I did actually escape it. but sheesh that field is huge!

Pages: [1] 2 3 ... 8