Click "Reload" to fetch new posts without leaving the page.
Automatic thread refreshing has been stopped because you appear to be idle. Un-Idle
- Reload
The short version: We need an extra $25/month to make cost, $43/month if we add Sucuri.
After looking into this hack, it was unfortunately preventable. It might not have happened if I had kept up on updating and vulnerabilities. The short answer is that WordPress is profoundly vulnerable, and I had let it sit there for ages with no updates. I am sorry, everyone.
I have gotten rid of the vulnerability that allowed them access and the password system has been made more secure.
Unfortunately that is not enough to protect us forever, since the world is ever changing, and people invent new ways to hack things every day. Even if we were on top of all relevant patches, we would still be vulnerable.
I asked around, and a fellow dev has recommended that we get Sucuri, a website protection service, for our site. Sucuri would protect us from hacking, malware, and so on. It would also help to keep us off of blacklists that block our emails stop people from accessing our site.
Adding it would cost an additional $199/year, or $17/month.
I have not been paying attention, but we are currently $25/month below cost on the Patreon (We need $180/mo for the current server and domain). We would need to get at least $43/month in additional subscriptions to meet our costs with this change.
Should we get it? Can you help pay the difference?
[12:09 pm] Cory Curren: remember that we are marking down all of your reads to hold for our personal amusement
[12:09 pm] Cory Curren: anything you say can and will be used against you in a court of lol
70 Alternative Accounts: You have... way to many accounts. Sadbi, Workbi, Madbi, Sleepbi... probably a dozen more, honestly. Somehow, you have snuck one into this game, in the form of a second role! All investigative actions on you will return as your second rolecard. You will also be able to use all of the abilities on your second rolecard each night. You also start the game with a single bulletproof vest.
Disclaimer: You can only win and leave the game with your 'Sabi' win condition.
Simping for Brad: Simp. If you guess the player with the 'BlueKang' flavor during the day, or ever target them at night, you will be able to use 'The puzzle of friendship' four times per cycle, instead of three. You may only guess for 'BlueKang' once per day, and you may guess players who are dead.
Not Actually An EMer: You're sick and tired of being called an EMer. Just because you hang out with them doesn't mean you are one! You must enact revenge... Each night, you may use one of the following abilities:
Target a player. If they are executed tomorrow, or die the following night, you will gain one . This ability is immune to being roleblocked or redirected.
Target a player. At the start of the next day, it will be announced that there is a bounty on that player, and a player that votes them at EoD will get a reward if your target is executed. If your target is executed, and you are voting them, you will gain one .
You win and leave the game when you have gained two s.
And thank you again for all the work you're doing to make the site as secure as possible.
Have you considered running ads on the site? I know Thingyman has been against that in the past. Or maybe creating an exclusive merchandise run? Maybe that's not worth the cost, I don't know. Does the WordPress site need to exist if it's a key source of vulnerability? I don't know how responsible it is for drawing traffic any more, and I haven't updated it in any way in years.
I'm sure you've all kicked around a bunch of ideas, though. Continue to let us know how we can help, thank you again.
leaping up into the air getting juiced up beyond belief
"oh crap we got hacked" into "btw we need more money" is a pretty based chain of posts
btw btw
UPDATE: $197 would cover it, we are now at $180 up from $154. Already covering costs now. Extra would just be for Securi, if we want it. Love you guys.
[12:09 pm] Cory Curren: remember that we are marking down all of your reads to hold for our personal amusement
[12:09 pm] Cory Curren: anything you say can and will be used against you in a court of lol
And thank you again for all the work you're doing to make the site as secure as possible.
Have you considered running ads on the site? I know Thingyman has been against that in the past. Or maybe creating an exclusive merchandise run? Maybe that's not worth the cost, I don't know. Does the WordPress site need to exist if it's a key source of vulnerability? I don't know how responsible it is for drawing traffic any more, and I haven't updated it in any way in years.
I'm sure you've all kicked around a bunch of ideas, though. Continue to let us know how we can help, thank you again.
WordPress has been punted into the sun.
Adding ads wouldn't make a real dent IMO. Better not to have them if it we would still need the help.
[12:09 pm] Cory Curren: remember that we are marking down all of your reads to hold for our personal amusement
[12:09 pm] Cory Curren: anything you say can and will be used against you in a court of lol
I welcome ads being implemented, if it helps. I love the idea of keeping it ad-free, but I don't think it would take away from the site if they were added.
Edit: even if this looked like a month-trial with ads to determine a) whether it's financially even helpful (eg people may use ad blockers) and b) what it would look like (eg: if it's just too much of a nuisance).
Last edited by JohnCarter; March 27th, 2023 at 08:31 PM.
Reason: another comment
I welcome ads being implemented, if it helps. I love the idea of keeping it ad-free, but I don't think it would take away from the site if they were added.
discord also started the whole subscriber thing a la patron if you wanted to try that out as well
You are Sabi, an independant Third Party
you have the following role(s):
70 Alternative Accounts: You have... way to many accounts. Sadbi, Workbi, Madbi, Sleepbi... probably a dozen more, honestly. Somehow, you have snuck one into this game, in the form of a second role! All investigative actions on you will return as your second rolecard. You will also be able to use all of the abilities on your second rolecard each night. You also start the game with a single bulletproof vest.
Disclaimer: You can only win and leave the game with your 'Sabi' win condition.
Simping for Brad: Simp. If you guess the player with the 'BlueKang' flavor during the day, or ever target them at night, you will be able to use 'The puzzle of friendship' four times per cycle, instead of three. You may only guess for 'BlueKang' once per day, and you may guess players who are dead.
Not Actually An EMer: You're sick and tired of being called an EMer. Just because you hang out with them doesn't mean you are one! You must enact revenge... Each night, you may use one of the following abilities:
Target a player. If they are executed tomorrow, or die the following night, you will gain one . This ability is immune to being roleblocked or redirected.
Target a player. At the start of the next day, it will be announced that there is a bounty on that player, and a player that votes them at EoD will get a reward if your target is executed. If your target is executed, and you are voting them, you will gain one .
You win and leave the game when you have gained two s.
I welcome ads being implemented, if it helps. I love the idea of keeping it ad-free, but I don't think it would take away from the site if they were added.
Edit: even if this looked like a month-trial with ads to determine a) whether it's financially even helpful (eg people may use ad blockers) and b) what it would look like (eg: if it's just too much of a nuisance).
[12:09 pm] Cory Curren: remember that we are marking down all of your reads to hold for our personal amusement
[12:09 pm] Cory Curren: anything you say can and will be used against you in a court of lol
As far as paying for a service to protect the site
I'm going to be ruthlessly pragmatic & cynical here...what are we protecting?
Other than our (probably) low security gamer website passwords. And our email addresses which are almost certainly publicly available elsewhere...
We dont (that i know of?) have piles of sensitive personal info, we dont collect banking info, medical records, etc.
I mean hell, not a single one of you even knows my first name.
I think regular patching would suffice to avoid the occasional inconvenience? Maybe I'm the crazy one
I do
Its
peepee poopoo
Get doxxed scrub, your move
(Also I'm pretty sure there should be some kind of security thingie but one that's reliable and if this is true about this one probably should be looked into alternatives)
As far as paying for a service to protect the site
I'm going to be ruthlessly pragmatic & cynical here...what are we protecting?
Other than our (probably) low security gamer website passwords. And our email addresses which are almost certainly publicly available elsewhere...
We dont (that i know of?) have piles of sensitive personal info, we dont collect banking info, medical records, etc.
I mean hell, not a single one of you even knows my first name.
I think regular patching would suffice to avoid the occasional inconvenience? Maybe I'm the crazy one
Full agree with this, I would rather stockpile extra money to cover future costs than protect people's passwords and e-mails, which are very much not sensitive personal information
Re:ads - I doubt they would move the needle very much, but they might dissuade people from joining the site, and that's going to do more harm than good in the long run.
Last edited by orangeandblack5; March 28th, 2023 at 10:40 AM.
I think we should then when we are short send some post and post announcements kinda like Wikipedia does. We should be good. I have some ideas for fundraiser games too. Let me know if y’all interested. I want to run a game and find ways to raise so,e money for site and players would get some non monetary accolades.
Things like special flair in site, awards, special color, title etc. But also maybe some other things like material things someone donated etc.
I understand not everyone adult or in a place to donate money but there’s artist here per example that can donate a piece of some thing they made. The sky is not the limit, the universe is 😉
As far as paying for a service to protect the site
I'm going to be ruthlessly pragmatic & cynical here...what are we protecting?
Other than our (probably) low security gamer website passwords. And our email addresses which are almost certainly publicly available elsewhere...
We dont (that i know of?) have piles of sensitive personal info, we dont collect banking info, medical records, etc.
I mean hell, not a single one of you even knows my first name.
I think regular patching would suffice to avoid the occasional inconvenience? Maybe I'm the crazy one
Good try John… of course I know ur name. Bro how many awards u have wow lol.
I agree with you. Maybe we don’t need a crazy security just enough not to be $%#!ed with or deleted. I wouldn’t want to lose the logins or other files like the game history and the work others did cataloging all the old games and stats etc.
That would suck
RE: The Apoc and other questions of "Why protect it?"
It is very frustrating when the site gets hacked. Sure, it isn't that important of a site... Sure, I have backups in place. But it gives me a lot of peace of mind to know that it's not all on me.
Good news. We already got a very generous donation (thank you to them!) that at least covers 1 year of the protection. We can always cancel it when the bill comes due again.
[12:09 pm] Cory Curren: remember that we are marking down all of your reads to hold for our personal amusement
[12:09 pm] Cory Curren: anything you say can and will be used against you in a court of lol
As far as paying for a service to protect the site
I'm going to be ruthlessly pragmatic & cynical here...what are we protecting?
Other than our (probably) low security gamer website passwords. And our email addresses which are almost certainly publicly available elsewhere...
We dont (that i know of?) have piles of sensitive personal info, we dont collect banking info, medical records, etc.
I mean hell, not a single one of you even knows my first name.
I think regular patching would suffice to avoid the occasional inconvenience? Maybe I'm the crazy one
Full agree with this, I would rather stockpile extra money to cover future costs than protect people's passwords and e-mails, which are very much not sensitive personal information
Re:ads - I doubt they would move the needle very much, but they might dissuade people from joining the site, and that's going to do more harm than good in the long run.
This last part is a great point and a very strong argument against ads.
[12:09 pm] Cory Curren: remember that we are marking down all of your reads to hold for our personal amusement
[12:09 pm] Cory Curren: anything you say can and will be used against you in a court of lol
[12:09 pm] Cory Curren: remember that we are marking down all of your reads to hold for our personal amusement
[12:09 pm] Cory Curren: anything you say can and will be used against you in a court of lol
So far since reviewing the site, talking to their staff, and verifying for myself, the bogus reviews do not seem to hold weight.
I have cancelled the next renewal of the subscription service, which was very easy to do through the Billing page without opening a ticket.
They have a 30-hour window to handle tickets, which we will see how that works for the blacklists. The live chat agent I spoke to assured me that blacklists were easy to fix as soon as they didn't detect any malware. We will see.
I can tell you we were already on McAfee's list for ages, and our emails have been blocked since well before the first attempt on the site. The problem there is McAfee sucks. Their policies are horrible. Sucuri is not doing anything unethical by reporting what McAfee considers real threats to them. If we assume that the sites are actually dangerous, refusing to report vulnerabilities you found would actually be unethical, at least to me.
It is very likely that people just hate having to pay for things, lol. Seems fair, honestly, but I'm going to use the service I've already paid for as well as I can.
Consider that they are offering a lot of work I won't have to do for just $17/mo. If I could pay an actual site security consultant with that wage, I'd do that in a heartbeat.
Last edited by Makaze; March 28th, 2023 at 04:22 PM.
[12:09 pm] Cory Curren: remember that we are marking down all of your reads to hold for our personal amusement
[12:09 pm] Cory Curren: anything you say can and will be used against you in a court of lol
I mean hell, not a single one of you even knows my first name.
thought it was gob
♫ Let it all burn down around us ♫
♫ Let the cruel consume the just ♫
♫ Let the sin we swim in drown us ♫
♫ Let the world shatter ♫
♫ Into dust ♫
♫ Nothing else matters ♫
♫ Only us ♫
Regarding ads: my thoughts are that I'm strongly against having ads that are on each page, as I imagine that would just get annoying/frustrating for players - especially in all EoDs/mashes/turbos!!! That being said, if we wanted to isolate it to one page, where people could visit only if they want to give us ad money... that would be more workable, being not detrimental to the overall functioning of the site!!
That being said, I always very much appreciate everyone who comes out to support MU whenever Makaze has posted about the site needing money, special shoutout to that generous donor!!! Personally I think it's probably fine if we stick with the Patreon/keep ads as a very last-resort option, though it would probably be helpful if we brought it up more often; maybe once every few months or so, rather than whenever there's an emergency!
Also I do like the site being protected overall!! While we don't have financial info or whatever, it's still important to be able to guarantee security to users; I can confirm for a fact that some people in other communities instantly had a more negative view of MU, upon learning we were hacked!!!
Not a great look when trying to host a cross-community championship/invite people to the site, in short!!
Message a ghost at Arapocalypse#0834!
[9:07 AM] boq, bbt's boss: Be Boq
[9:07 AM] boq, bbt's boss: Wait for the principal in the cafeteria
[9:07 AM] boq, bbt's boss: Be offered coffee by the peeps there
[9:08 AM] boq, bbt's boss: "Nice"
[9:08 AM] boq, bbt's boss: Grab a random mug. Enjoy your coffee. Notice that it says "principal's mug" on it
Also I do like the site being protected overall!! While we don't have financial info or whatever, it's still important to be able to guarantee security to users; I can confirm for a fact that some people in other communities instantly had a more negative view of MU, upon learning we were hacked!!!
good for them?
Champs costing money to run just gives me another reason to hate it
i’m sorta confused about the “ads only on one page” idea
would having ads only on a specific page that people have to navigate to actually make a dent in site costs? realistically i do wonder if people would click on it enough for it to be worth it but i guess it couldn’t hurt
Originally Posted by staypositivefriend1602730070
(#19)
tfw i cant mindmeld with hally this game
Originally Posted by ran
How To Tell If Your Hally Is An Alien Shapeshifter:
- Apply moderate but steady pressure d1 and observe their reaction.
- If your Hally is genuine, you will notice a distinct morphing of their facial features into an "anime" or "chibi" style resembling the kaomoji (〃>_<;〃), their arms will turn into fingerless drumsticks and begin rapidly vibrating up and down, and they will emit various phrases such as "no bulli!" and "give me space!" and "but why!"
- On the other hand, if your Hally remains in a photorealistic human form and responds calmly with phrases like "That's unfortunate, but I hope we can work together!" and changes the subject, you have an alien shapeshifter on your hands and should quickly excuse yourself and break the glass on the nearest eod flamethrower.
Bellossom, Bubbles, and @Hally. doing a little flower dance. travel agent who doesn't work on commission. knows she's pretty but loves being reminded. tries to maintain a vegetable garden but isn't very good at it.
I'm going to apologize for this one in advance but I hope you'll all humor me for a little while. This is a champs level game after all and I can't help but try and post in a way to properly honor the occasion. Who knows when I'll be back in this situation again.
I don't think it's a secret for most of you that my track record in reading Hally has been rather … well … awful thus far in our games. I did have one specific game where I recognized Hally was a villager and confidently (and happily!) let the world know. They flipped wolf. After our Syndicate game together and then Anni (both of which saw me find Hally's eod wolfy and press there) I wanted to make a concentrated effort to finally read that slot correctly.
I spent some time today combing through recent-ish games this year of Hally's. The wolf game on the Org website, the Vig game over on the Syndicate one, and all sorts of mashes/smaller games through MU as well. Rocks fall, Anni, Homestuck, CoV, etc. You get the picture. All in all there were 16 different games I pulled isos from. I then went and ran through the isos extracting all the day one posts from the first half of the day, labeled them as W or V, and ran them through a bit of a homemade database that would do a few different things for me. One of the things was to make a word cloud which would count the number of times each word was used in these isos and make the word larger the more frequently it was used. For example:
Anyways, I separated the wolf isos from the villa isos and then removed things like articles (a, the, in, an, etc) as well as player names as those aren't really super relevant to our investigation and cross referenced them to see if anything word usage stood out as alignment indicative in the top 10 most common words. While there were small word choices favored it didn't seem super significant. What WAS significant were two other things:
One: While specific word choices weren't very telling I did notice a definitely trend of elegance in the wolf isos. The words may change but the idea remained the same. In wolf ISOs Hally had a habit of using larger, more elegant words whereas in the villa ISOs Hally just talked more casually. I'll call these Posts Exceedingly Elegant as we continue.
Two: Villager isos were much more full of observational posts rather than inquisitive ones. The wolf iso was full of open ended questions requesting elaboration. Not just directly to a specific player but also towards the thread at large asking if it saw what Hally was seeing. Meanwhile the villager iso was full of more pointed statement. It was telling the thread what Hally was seeing and making sure everyone understood. The village iso had a higher frequency – by a significant margin – of Posts Of Observation.
Again, I really want to get this right so I didn't stop there. Science isn't science until you write it down after all. I went ahead and charted the percentage of posts as a villager and as a wolf for both posts containing an elegant word and posts making observations. It's a bit crude but here's the quick jot down I made to visualize it:
So I wanted to see how this one was shaping up. Remember, these were all taken from the first half of day one isos which we've made it past here. I went ahead and ran through Hally's iso from this game, plotted the elegance and observational percentages on the chart, and ran the following equation to try and determine the exact percentage chance Hally has at being a wolf:
(Posts Exceedingly Elegant as a wolf)(Posts Exceedingly Elegant here) + (Posts of Observation as a villager)(Posts of Observation here) = the mathematical chance of Hally being a villager here (do 1-this for wolf obv).
Which looks something like this:
(Posts Exceedingly Elegant as a wolf)(Posts Exceedingly Elegant here) + (Posts of Observation as a villager)(Posts of Observation here)
i’m sorta confused about the “ads only on one page” idea
would having ads only on a specific page that people have to navigate to actually make a dent in site costs? realistically i do wonder if people would click on it enough for it to be worth it but i guess it couldn’t hurt
i mean at least its an option if someone wants to invest free time instead of money
Originally Posted by Twice Shrunk1660572534
(#2684)
as noted by dvc getting modkilled was optimal play at some point and I am just ahead of my times
i’m sorta confused about the “ads only on one page” idea
would having ads only on a specific page that people have to navigate to actually make a dent in site costs? realistically i do wonder if people would click on it enough for it to be worth it but i guess it couldn’t hurt
i mean at least its an option if someone wants to invest free time instead of money
that being said I don’t actually know how much we would get for a single ad view and it might be p negligible so I’m curious about that
Originally Posted by Twice Shrunk1660572534
(#2684)
as noted by dvc getting modkilled was optimal play at some point and I am just ahead of my times
AFAIK, having a designated "ad page" would be against ad provider TOS. They are fairly particular on how ads are delivered to avoid gaming the system (and even the implication of having a place to "go click an ad to help the site" is grounds for banning).
AFAIK, having a designated "ad page" would be against ad provider TOS. They are fairly particular on how ads are delivered to avoid gaming the system (and even the implication of having a place to "go click an ad to help the site" is grounds for banning).
[12:09 pm] Cory Curren: remember that we are marking down all of your reads to hold for our personal amusement
[12:09 pm] Cory Curren: anything you say can and will be used against you in a court of lol
Click "Reload" to fetch new posts without leaving the page.
Automatic thread refreshing has been stopped because you appear to be idle. Un-Idle
- Reload
Originally Posted by Ampharos
Quote
. This ability is immune to being roleblocked or redirected.
