Forum Posts

1 - 20 of 20

PMC/Discussion Time to end it which is better Dark mode or LIght mode
purejosh
• 04/09/2024 12:42 am
• Level 3 : Apprentice Modder

What are you, 14? There's better things to do than ask stupid questions like this. Go do something productive.
3
Discussions/Gaming Who else plays at 69 FOV?
purejosh
• 03/28/2024 11:39 pm
• Level 3 : Apprentice Modder

Either you play at 90, or you're wrong.
1
PMC/Discussion I am a genie, you get one wish, and I will try to ruin it for you. How do you word your wish so that I can't ruin it?
purejosh
• 08/20/2023 9:35 am
• Level 3 : Apprentice Modder

threads like these aren’t funny they’re just annoying, and i don’t get how the posters think they’re doing anything meaningful by posting it
3
Bedrock/Discussion Should I leave pmc
purejosh
• 07/05/2023 1:33 pm
• Level 3 : Apprentice Modder

yes
2
Minecraft/Discussion Vote: JAVA -or- BEDROCK
purejosh
• 05/04/2023 12:11 am
• Level 3 : Apprentice Modder

Bedrock is an inferior platform. There are too many things that the bedrock engine cannot do, when compared to Java. Java can have worse performance, but when you're talking quality of life, bedrock doesn't stand an ice cube's chance in hell.
1
Discussions/General Do you like or dislike preppys
purejosh
• 01/14/2023 6:35 pm
• Level 3 : Apprentice Modder

Why does this matter? Who cares if someone does, or does not like, a personality type?

Be yourself, and fuck anyone who thinks less of you for it. And if someone isn't your "type", leave 'em the hell alone. It costs you nothing to ignore them.

“What other people think of you is not your business. If you start to make that business your business, you will be offended for the rest of your life.”
— Deepak Chopra
2
PMC/Discussion Do you know me?
purejosh
• 11/05/2022 11:26 pm
• Level 3 : Apprentice Modder

No offense, but why would anyone be concerned with answering this, or even knowing this info?
1
Discussions/Gaming STOP.
purejosh
• 08/28/2022 7:19 pm
• Level 3 : Apprentice Modder

This is why meth is bad for you.
5
PMC/Discussion I'm Curious. What are peoples key binds for sneak, sprint, etc.
purejosh
• 08/22/2022 6:05 pm
• Level 3 : Apprentice Modder

Sneak and sprint are reversed. Shift for running, control for sneaking. Everything else is normal except for drop. I moved the drop key over to [ where it belongs.
3
Bedrock/Discussion Do NOT just "connect to a Java server"
purejosh
• 05/30/2022 5:57 pm
• Level 3 : Apprentice Modder

Read other comments, too. OP doesn't have enough experience to be coaching people about their account safety.
2
Bedrock/Discussion Do NOT just "connect to a Java server"
purejosh
• 05/22/2022 9:37 am
• Level 3 : Apprentice Modder

Okay, I'm going to explain this one more time. Clearly you're on drugs or something, because it's pretty easy to understand.

You log in to the bedrock client, per normal "safe" logins.
You navigate to the local IP of your machine, where the geyser client is listening for login requests.
You type in your Mojang user and pass, which the LOCAL GEYSER client sends to Mojang's auth server, and gets an auth token reply from there.
The geyser client then forwards ONLY THE AUTH TOKEN to the java server that you're wanting to play on.

Literally I don't know how to explain to you that this isn't a site, this isn't some pirate's land that's going to rob you of your precious $25 account. This is a local client that auths with Mojang, THE SAME as the vanilla client and 3rd party launchers, and your login info IS NOT SENT TO THE SERVER THAT YOU'RE LOGGING IN TO.

If you don't trust geyser, don't use it. But don't sit here and tell everyone it's unsafe to use something that's clearly been developed with more brains than you have. I'd trust them with my account info 1000x over again before I would trust you with a basic shopping list for the store.

If you have any questions, ask in the geyserMC discord. I would literally love to see them flame you into a pile of ashes.
3
Bedrock/Discussion Do NOT just "connect to a Java server"
purejosh
• 05/22/2022 9:31 am
• Level 3 : Apprentice Modder

So now you're just blatantly talking shit about security risks with Geyser.

Also, again, you're not entering your info on a site. You're typing it into a local client, THROUGH bedrock.

You're a fool. Stop typing.
2
Bedrock/Discussion Do NOT just "connect to a Java server"
purejosh
• 05/22/2022 9:28 am
• Level 3 : Apprentice Modder

THE PROXY SERVER DOES NOT STORE YOUR INFO. For crying out loud.

It sends the info you type to Mojang's auth, and gets the auth token back. The auth token is then used to auth into servers to play on.

ffs, kid.
2
Bedrock/Discussion Do NOT just "connect to a Java server"
purejosh
• 05/22/2022 9:26 am
• Level 3 : Apprentice Modder

The local geyser client isn't a "site". It's a local client that translates your packets from bedrock to java. The only services it talks to are the Mojang auth servers, and the java server you log in to.

You claim that we're "ignorant", but dude, you need to look inside. You're clearly in over your head. There's no shame in admitting that you had no idea what you were talking about, and moving on.
3
Bedrock/Discussion Do NOT just "connect to a Java server"
purejosh
• 05/21/2022 10:47 pm
• Level 3 : Apprentice Modder

A proxy server authenticates your login the same way a normal one does. that's literally the entire point of it.

The ONLY WAY to log in to a Java server is to auth with mojang. Whether you auth with the mojang client, the geyser client, or some other 3rd party mod manager, it all goes to mojang, and the auth token comes back from mojang. The auth token is ONLY GOOD for logging into a server.

If your terribly drawn point is that you're typing a password into a geyser client, and not mojang's, you really should communicate that better. That risk comes with the platform, and there's legal repercussions that can be drawn over shared or leaked info. Plus, these products don't want to screw you over, they want you to support them. Leaking your $25 account creds would screw them more than it would screw you.
8
Bedrock/Discussion Do NOT just "connect to a Java server"
purejosh
• 05/21/2022 10:23 pm
• Level 3 : Apprentice Modder

If someone "pretends" to be geyser and steals your credentials, you screwed up. It's pretty clear that you're using the geyser client or the geyser plugin, when setting things up.

If you screw up bad enough to send your creds to some 3rd party phishing app, you should just not use the internet at all. Let's be honest.
5
Bedrock/Discussion Do NOT just "connect to a Java server"
purejosh
• 05/21/2022 10:19 pm
• Level 3 : Apprentice Modder

You're wrong, though. Which is fine. It's just a lack of understanding.

Email names and passwords are not sent to a server when you log in. That, in and of itself, would be a vulnerability to every multiplayer server ever. They're sent to Mojang's auth server, which then gives you an auth key/token, and THAT is sent to the server for the login.

The email and password that you enter is being translated and handled by the app, which sends these packets to Mojang, not to the server. Only the response from authserver.mojang.com (or modern day equivalent) is being sent to the server.

"Maybe not knowingly, but their own video makes it quite clear that they have no issues with promoting a potential risk."
There are no risks in transmitting the auth key/token. You don't understand how it works. I doubt AntVenom does either, but as described in his video, there are no security risks that exceed a simple java client to java server login.

Read this, and read the wiki on Yggdrasil, and maybe consider removing this post to avoid spreading misinformation.

www.reddit.com/r/admincraft/comments/2ajrm2/how_joining_a_server_works/
8

1 - 20 of 20