Lots of Changes to the Forums and Website

Announcements
1

Since we migrated Domains due to my Game, I had to change a lot of things in the Forums. This has resulted in the following:

  1. The Terms of Service technically changed, but I only edited the URLs and the “Date of last Edit”.

  2. There was minor edits in the Forum Guidelines. Nothing substantial.

  3. I edited a ton of Posts to adjust the Links in them to go to the new Domain, this resulted in a little bit of Chaos in the “Unread Posts” Section as it turns out. XD

  4. The only old Links left that still go to gregtech,overminddl1,com are on the GT6 Main Thread. They all changed to gregtech.mechaenetia.com since that is my own Domain and not borrowed from @OvermindDL1, though old Links will continue to work. ^^

  5. I have removed all my personal Patreon and PayPal Links, if you can still find a Link to one that is not on the GT6 Main Thread, please tell me.

  6. Edit oh I forgot to mention, Discord (just broken) and Patreon (campaign soon to be closed) wont be accepted Login Methods anymore, you can log in via letting the Forums send you an Email if needed.

  7. I have marked that whole EU Copyright Drama as unlisted and locked, but in order to not delete history, I will provide direct Links to it here: Thread 6, Thread 5, Thread 4, Thread 3, Thread 2, Thread 1.

  8. There could be Issues with the Forums, so please report everything you can find.

This should be all for now, and I hope I did not miss anything while rebranding the Forums. Except Logos, I seriously need to get Mechaenetia to “barely work” in order to Design the Logo with real ingame Graphics. ^^

4 Likes
2

Okay apparently it was a very good Idea to remove the Discord Login entirely. Discord just added a QR Code scan Feature that enables people to bypass 2FA to log into someones Account without the victim noticing that the QR Code they scanned did exactly that. This has caused major Security Issues on all Sites that have Discord Login as a Feature.

Here is how it works, and yes it is THAT stupid:

  1. Hacker creates QR Code on his Computer using Discords new Feature.
  2. Hacker sends the QR Code (which expires after 10 minutes) to other Discord Users.
  3. Naive Users scan the QR Code to see “this goes to the real Discord Website”.
  4. User logs into Discord thinking “well it is the actual real site and there is no Warnings or anything”.
  5. Hackers Computer is now logged into Discord thanks to you logging in for their Computer without you even knowing that you have let them log in!
  6. Hacker can lock you out of your Account and also use it to log into other Websites thanks to this!

This completely bypasses 2 Factor Auth and is absolutely easy to do to someone.

I knew Discord was bad, but I did not think it was THAT bad.

Edit: Do note that I originally removed that Login Method because Discords Website was broken at the time I wanted to set it up again, after we migrated Domains. Also I already never liked Discord because of how broken and proprietary it is, so I am biased too.

6 Likes