|
Moola posted:I read about the ds3 vulnerabilty, but I'm still confused how it can "brick" your pc? It's an arbitrary code execution vulnerability. Which is to say, they can make your pc execute arbitrary code (whatever they want it to). Deleting system 32 is like, the low tier of worst case scenario.
|
#
?
Jan 26, 2022 04:58
|
|
|
|
| # ? Jun 8, 2024 17:55 |
|
|
what could they do that would actually cause damage to hardware???
|
|
#
?
Jan 26, 2022 06:49
|
|
|
Moola posted:what could they do that would actually cause damage to hardware??? It's not going to set fire to your PC and burn down your house. But it can make the machine unusable until you reinstall Windows (there is malware that can hide in your uefi, but these are still rare). Though any serious malware isn't going to bother with that and will instead do poo poo like make your machine part of a botnet for DDOS attacks, have your machine run cryptomining, and steal passwords, credit card information, etc. Raygereio fucked around with this message at 10:02 on Jan 26, 2022 |
|
#
?
Jan 26, 2022 09:59
|
|
|
The one time it was used "maliciously" the attacker crashed a streamer's DS3 application and used Windows Powershell Text to Speech to read off a thanos copypasta.
|
|
#
?
Jan 26, 2022 10:29
|
|
|
It's a tweet quoting a discord message so take it with a grain of salt but the way the story goes is that apparently the guy who discovered the vulnerability tried to report it, got nowhere, and engineered the stream snipe to grab attention and get fromsoft to fix it. https://twitter.com/kamekache/status/1484929777404420096
|
|
#
?
Jan 26, 2022 11:11
|
|
|
RCE means the attacker can do anything to your PC that you could do. I'm not sure if that can damage hardware since CPUs have emergency shutdowns when they overheat and stuff like that, but it's definitely Very Bad
|
|
#
?
Jan 26, 2022 11:34
|
|
|
Yeah the problem there isn't your 1000? 2000? 3000? dollar rig dying, it's people getting access to bank accounts, passwords and stuff like that.
|
|
#
?
Jan 26, 2022 11:44
|
|
|
It’s good to make your everyday Windows account normal and keep an admin account separate if you need to install things. This way if you do get compromised there’s another layer and a hacker can’t really run anything malicious without admin. Granted if they are that far you got other issues but it’s just a nice layer of protection. No harm in having it that way.
|
|
#
?
Jan 26, 2022 13:53
|
|
|
How silly an idea is Demon's Scar mainhand + parting flame offhand for R1 into black flame? I don't even need to pump any strength since the weapon works just fine without it. Edit: I guess it does kind of gimp my castspeed. Doh.
|
|
#
?
Jan 26, 2022 16:58
|
|
|
Moola posted:what could they do that would actually cause damage to hardware??? Here's another discussion of this on the internet, but to summarize, in addition to aforementioned heat damage, one could also theoretically create a virus that constantly reads and writes to the secondary storage, decreasing the lifetime of an HDD or SSD dramatically. e: in addition to the more standard fears of "turns your computer into a bitcoin miner" or "steals your banking info"
|
|
#
?
Jan 26, 2022 17:53
|
|
|
that all sounds very bad
|
|
#
?
Jan 26, 2022 19:27
|
|
|
Phobophilia posted:The one time it was used "maliciously" the attacker crashed a streamer's DS3 application and used Windows Powershell Text to Speech to read off a thanos copypasta. This is a years-old vulnerability that was only recently discovered, so you have no way of knowing if that was the only time it was exploited. Raygereio posted:I don't know if this exploit can get elevated privileges on the victims machine, but even without that there's poo poo a RCE exploit can do that fucks up the OS. Arrhythmia posted:Here's another discussion of this on the internet, but to summarize, in addition to aforementioned heat damage, one could also theoretically create a virus that constantly reads and writes to the secondary storage, decreasing the lifetime of an HDD or SSD dramatically. Adding my 2c, you could also corrupt the motherboard BIOS such that it can't be re-flashed, effectively bricking it. But yeah, more likely you get your personal info slurped up or get added to a botnet, something that can be used to make money.
|
|
#
?
Jan 26, 2022 21:39
|
|
|
Could have swore I remember someone poking around in DS3's netcode saying that it was a mess and might even have an RCE, a while back. Other games (non-Fromsoft) might even have RCEs as well, it just doesn't seem to be a big avenue of research.
|
|
#
?
Jan 27, 2022 03:15
|
|
|
The Dark Project posted:Crow talons multi-hit build Thanks! Your post caught my attention and I'm now in the middle of the journey (just opened up carthus). I started with the brigand twindaggers and a dex build (my first ever actually) and eagerly switched to crow talons. Much more fun moveset, innate bleed, and an L2 barrage attack that almost always breaks poise/guards. I also went through the investment to get hidden body ready, but then never used it anywhere since I just ran through the painted world. Big change from my first ever DS3 (or soulsborne) experience where I abused hidden body constantly to set up ultra greatsword charged R2s. Waiting to see how a hollow gem will change things.
|
|
#
?
Jan 27, 2022 10:56
|
|
|
Glad you like it! Getting a Hollow Gem is easy, and getting the Profaned Coal from Irythyll Dungeon isn't too hectic. The biggest problem is the Jailers sapping your health down, which sucks, but there are places along the way you can rest at, wait for it to return, and heal back up. Once you pick it up, it's easy to bone out of there back to Firekeep to give the coal to Andre and have him install it. That's if you're wanting to do a luck build. If you're staying Dex, just use a sharp infusion on it, which you can get really early.
|
|
#
?
Jan 29, 2022 15:38
|
|
|
people misuse the word "bricking" as just "make your device crash or corrupt your OS" while it really means "turning your device into an expensive brick with no way to recover" you can certainly do the latter on a PC with OS level access but I don't think there are readily available code to do it so griefers would probably just do the old "delete system32" thing
|
|
#
?
Jan 29, 2022 21:24
|
|
|
kinda curious - the blue sentinel mod was updated a few days ago already, but the official update is probably still going to be a while. makes me wonder why, is the blue sentinel update not as secure as hoped?
|
|
#
?
Jan 29, 2022 22:57
|
|
|
double nine posted:kinda curious - the blue sentinel mod was updated a few days ago already, but the official update is probably still going to be a while.  Blue sentinel is closed source, so who knows what it does. But if it works, then it only protects against the discovered exploits. It's possible that there are other vulnerabilities elsewhere in the code that haven't been discovered yet. And a thorough audit of From's codebase will take a while. Depending on how pessimistic you want to be, the other possibilities include no-one working on a fix because everyone is busy with Elden Ring's day 1 patch. And From abandoning multiplayer on the PC completely.
|
|
#
?
Jan 29, 2022 23:32
|
|
|
Also Blue Sentinel is a mod, you have to know it exists to use it, I guess a large percentage of Souls players run without it
|
|
#
?
Jan 30, 2022 02:46
|
|
|
The reason Blue Sentinel is closed source is because they don't want anyone figuring out a way of getting around what it does, or seeing the full breadth of what it detects. Back when original DS1's PvP Watchdog was a thing, somebody modified it despite being closed source to let them kick anyone, which I told the author about (as well as telling them that I was crashing it on accident by having a long name, which was not intended by me). The Blue Sentinel modmakers don't want a repeat of that kind of thing, which would be made easier with open source.
|
|
#
?
Jan 30, 2022 03:23
|
|
|
ymgve posted:Also Blue Sentinel is a mod, you have to know it exists to use it, I guess a large percentage of Souls players run without it BS/BA also flag other players using the same mod, and the vast majority of other players I invade don't use it.
|
|
#
?
Jan 30, 2022 04:36
|
|
|
After repeatedly bouncing off Dark Souls 3 due to the higher speed and harder timing of the combat I finally managed to clear the High Wall of Lothric and beat Vordt! I felt like I'd never get out of that first area but now I'm all excited to see more! Not a huge accomplishment or whatever but I've racked up 19 hours in game on several attempts to get into it and to finally actually clear the first boss is just very exciting.
|
|
#
?
Jan 30, 2022 11:00
|
|
|
Pope Guilty posted:After repeatedly bouncing off Dark Souls 3 due to the higher speed and harder timing of the combat I finally managed to clear the High Wall of Lothric and beat Vordt! I felt like I'd never get out of that first area but now I'm all excited to see more! Pretend DS3 is diet-Bloodborne, it's much faster paced than the previous souls games but you also aren't having a supersonic anime fight against werewolves.
|
|
#
?
Jan 30, 2022 16:16
|
|
|
Yeah, enemies are maybe kinda faster but also their poise sucks a surprising amount of the time so even with a raw weapon you can get away with mashing R1 even if your evasive options aren’t as fluid compared to BB.
|
|
#
?
Jan 30, 2022 16:31
|
|
|
Pope Guilty posted:After repeatedly bouncing off Dark Souls 3 due to the higher speed and harder timing of the combat I finally managed to clear the High Wall of Lothric and beat Vordt! I felt like I'd never get out of that first area but now I'm all excited to see more! Shields are basically only viable now if built for (have personally not run a single shield run in either Souls game, but seen friends who prefer that style have trouble). DS3 definitely rewards a bit of aggression more, particularly against mobs. Some mass mobs have so little poise that rolling into them will stagger them (every single worker in Undead Settlement for instance). Several bosses can even be staggered on hit, and many more go into a vulnerable state for viscerals if they sustain enough damage in a short enough time. Depending on how your build is looking, consider consulting YT for small pointers. There are infinitely many viable builds for PvE, and more or less anything you do works, but miracles/magic/pyromancies have in my limited experiences been more uneven playthroughs. Also, the boss in the next area is optional, but worth doing. You may want to read a few spoilers though because the gimmick is not that exciting to figure out. Edit: The whole first third of DS3 is well-crafted but a little scattered, with few huge boss fights to look forward to, but tons of great little events and lore. But definitely stick it out, they ramp up fantastically in intensity and design. Abyss Watchers, Pontiff, Twin Princes, Friede, Nameless King, Gael and Midir are all top tier fights (and of those I didn't mention, only 2 are really not up to snuff - luckily, those are also easy). Idiot Doom Spiral fucked around with this message at 17:36 on Jan 30, 2022 |
|
#
?
Jan 30, 2022 17:30
|
|
|
I used a shield and found it viable, like obviously not as amazing as in DS1 where they’re kinda disgustingly OP but they’re a nice utility option for scouting enemy attacks and avoiding chip damage from weak fast enemies.
|
|
#
?
Jan 30, 2022 18:20
|
|
|
Shields are fine in 3, but a lot of the late game bosses are built to blow through small and medium shields with their long attack chains. You either need to be ready to drop it and get into super roll mode or be able to carry a tower shield and be carefully managing your stamina.
|
|
#
?
Jan 30, 2022 18:31
|
|
|
shields are fine but deflection is a lot less reliable and you have to be much more careful about stamina. holding up your shield too much and not letting it regen up can get you killed.
|
|
#
?
Jan 30, 2022 19:52
|
|
|
https://imgur.com/zoEYE1I (Don't even ask about the build, trying to see what is FP-efficient to get him all the way down) I think the picture tells most of the story, but in case it's not obvious: He was low and starting doing the charge up, I figured I could slice him down before he explodes. I was wrong.
|
|
#
?
Jan 30, 2022 19:55
|
|
|
I've done a greatsshield facetanking run before and it's legit af. Dragonslayer Greatshield will let you clown all over Nameless King. If you're willing the grind the Elder Ghrus in the swamp, they drop a Stone Greatshield which is a solid jack of all trades GS with decent absorption in every category.
|
|
#
?
Jan 30, 2022 22:25
|
|
|
this came up in my recommendeds, seems like fun! https://www.youtube.com/watch?v=dRrfuIj1bg8
|
|
#
?
Jan 30, 2022 22:58
|
|
|
Last Celebration posted:I used a shield and found it viable, like obviously not as amazing as in DS1 where they’re kinda disgustingly OP but they’re a nice utility option for scouting enemy attacks and avoiding chip damage from weak fast enemies. Yeah, this is exactly how I used shields in DS3. I would generally have a utility-flavored shield on my back (Grass Crest shield or Shield of Want) and pull it out when fighting a new boss or those spazzy undead dogs. My goal was still to dodge all the attacks but I kept the shield raised whenever my stam was capped as insurance. It meant that typically it was impossible to dodge “too late”, at worst it does some stamina damage instead.
|
|
#
?
Jan 30, 2022 23:53
|
|
|
Magitek posted:Yeah, this is exactly how I used shields in DS3. I would generally have a utility-flavored shield on my back (Grass Crest shield or Shield of Want) and pull it out when fighting a new boss or those spazzy undead dogs. My goal was still to dodge all the attacks but I kept the shield raised whenever my stam was capped as insurance. It meant that typically it was impossible to dodge “too late”, at worst it does some stamina damage instead. Picking up shields again might be a good habit for Elden Ring, given its counter system
|
|
#
?
Jan 31, 2022 11:59
|
|
|
Yeah, either 2-handing weapons or sword and board is going to be the way to go. Powerstancing was flashy but overrated in DS2. Powerstancing is going to be flashy and again overrated in Elden Ring, because spamming out paired light attacks using L1 is not going to take advantage of the new posture mechanic and deny access to a powerful defensive mechanic. Phobophilia fucked around with this message at 14:25 on Jan 31, 2022 |
|
#
?
Jan 31, 2022 14:19
|
|
|
Phobophilia posted:Yeah, either 2-handing weapons or sword and board is going to be the way to go. The posture breaking didn't seem to be that common but obviously I'm just speculating here. Powerstancing just means that the sellsword winblades now do twice as much damage as a normal attack 
|
|
#
?
Jan 31, 2022 16:04
|
|
|
What are the most useful pyromancies for PvE? I'm reaching Irithyll and only used the standard fireball, flash sweat and Floating chaos (it sucks).
|
|
#
?
Jan 31, 2022 18:39
|
|
|
Chaos Bed Vestiges is my bread and butter on my pyro. I run half/half orange/blue estus just so I can cast big balls all day everyday. Great for PVP too, I've one-shot a couple of invaders with it
|
|
#
?
Jan 31, 2022 18:42
|
|
|
Guillermus posted:What are the most useful pyromancies for PvE? I'm reaching Irithyll and only used the standard fireball, flash sweat and Floating chaos (it sucks). Great chaos fireball, chaos bed vestiges, black fire orb are your heavy hitters. Black flame is good if you’re right up something’s rear end. Profane flame is also decent though slightly less straightforward to use (it’s the delayed explosion spell from DS2). Boulder heave is kind of a comedy option but does do physical damage where otherwise you’d be limited to fire & dark. Also rapport. It’s free teammate
|
|
#
?
Jan 31, 2022 18:50
|
|
|
Cool thanks, what would be a nice ring setup? (just at the fun city as I said) Using Chloranthy, Witch's Ring, Estus Ring and Silver Ring for souls. Oh, and boss souls? Anything special to get from them? I see people favoring Pyro's Parting Flame over the normal one but I see its benefit is the extra damage when being really close while having worse AMP. Is the Demon's Scar worth using from the DLC? Guillermus fucked around with this message at 19:06 on Jan 31, 2022 |
|
#
?
Jan 31, 2022 19:00
|
|
|
|
| # ? Jun 8, 2024 17:55 |
|
|
Boulder heave is great for the swamp and catacombs stretch since it'll send darkwraiths and the like flat on their asses
|
|
#
?
Jan 31, 2022 19:17
|
|