Let's say I want to upload to J2O a program that scans for the valid passwords of a J2L file. Is someone among the admins going to get angry?

I know there are much easier ways to force the opening of a passworded level file, but apart from how useful it would be, it's a sort of personal challenge.

But I don't want to have/cause problems with the license or anyway that kind of BAD legal stuff, so I prefer to ask the administrators before doing something perhaps stupid.

So?

Go ahead.

Yeah! }>

J2O has never historically supported or endorsed hacking into other people's levels without their consent, and I don't see why we would start now.

J2O has never historically supported or endorsed hacking into other people's levels without their consent, and I don't see why we would start now.Because passwording levels is a pointless hurdle for users, and it doesn't make sense to "hide" any JCS tricks?

Think of it as an analogy to open/closed source. <span style="font-size: 1px;">(Personally I despise the GPL view of "everything must be open source and if you disagree you're a corporate fascist" but there you go)</span>

Reworder can re-open levels that were previously broken by the designer, surely that's "worse" than WhiteBlaster's idea?

One of the main purposes of my program is to allow a level creator to open his level even if he has forgotten the password, without having to smash the Security Envelope of his level.
If someone really wants to open someone else's passworded level then he doesn't really have to use this program, a hex editor is all you need...

Reworder is respectful and will not open a passworded level unless you know and can type in the password. I spent some time learning from Overlord how passwords worked so that I'd be sure I had that right. The mode you're probably speaking of is explained explicitly as being there not to prevent people from looking at how your level works, but rather to ensure they don't accidentally press Ctrl+R. It's <em>not</em> that kind of security feature.

The thing is, there's no way to give someone a program to bypass passwords and ensure that they only use it on their own levels. Historically (there's that word again), if someone accidentally locks themselves out of their level, they get someone with password-removing tools to help them and demonstrate that it is their own work (usually through the level never having been seen before).

Anyone who doesn't believe in passwords is completely free to release their <em>own</em> levels without passwords. But if a level <em>does</em> have a password, that's because its creator wanted it to. We all have the right to want something made by someone else to be "open-source," but not to make it that way if the creator didn't intend it. Would we have to put another message on the J2O upload page warning users that any security they try to install in their levels may be compromised by folks who don't care about the preferences of the people who put the creative work into their files? And that several years down the line, this may happen to them?

Now, the original post listed not a program that removes passwords (we're already happy enough not to host TECJCS for that), but one that reads the password hash and comes up with a list of possible matches. This was cited as a personal challenge. That sounds fine -- people might well get a kick out of seeing the random strings that they could conceivably use to edit their own levels -- but they should prove they have the right to see that list by first proving that they do indeed know at least <em>one</em> valid password, presumably the one they input in JCS in the first place.

You're no fun =(

You're no fun =(

/me agrees

Meh it hardly matters. Editing out the password using a HEX editor takes about 5 seconds so I don't think this would be that big of a deal

You could just say that since there's no point tracking down JJ2 (or any other old game, for that matter) you should just download it. But last time I checked, piracy was illegal. On this specific subject, though, I don't really think it should be uploaded. UR's semi nf example was a good one. You can't say that people would open the level to see the JCS tricks, because there are hardly any new JCS tricks anyway, if you ask me.

I also would imagine that finding out the password someone uses could be more of an issue than just allowing you to open their levels. I know many people use the same password for most things that need passwords, such as their level, their J2O account, etc, so it's easier to remember. And while I may not care much if someone tries to take credit for my levels, I would really not like having my identity stolen.

Whoa. It looks like everyone used this thread to take down my reputation. Thank you. But that doesn't matter. It's not my fault if the person uses the same password all over again. His/her fault. And remember,the older versions of JCS for the older versions of JJ2 didn't even have the ability to lock the level. There are still other ways to break the password,the admins allow WhiteBlaster to upload this program,so what's the problem?

Well, he did ask.

Given the fact that there are instructions on how to remove passwords from JJ2 levels on this very forum, in addition to links to versions of JCS that allow you to open levels regardless of the password (or at least mentions of it clear enough for anyone wanting to find a way to download them), I don't think allowing a utility like this is a huge stretch.

People may be using the password they use for J2L files for other purposes as well but this utility would not reveal that very password (because it is not stored in the level file), only its <a href="http://en.wikipedia.org/wiki/Cyclic_redundancy_check">CRC32 hash</a>, if I recall correctly, and other text strings with the same hash. This hash is stored plainly in the level file anyway and is easy to look up for anyone in the posession of a hex editor reading the file format documentation on J2O. The only thing this utility would do is making this whole process easier.

If J2O has "never historically supported or endorsed hacking into other people's levels" it seems strange that at the same time we provide all information needed for, well, hacking into other people's levels. I personally think the J2L password protection is so trivial and rudimental it is not worth holding off easier ways to bypass it. At the same time providing an instruction manual is obviously not the same thing as providing a tool to do it with one or two mouseclicks. I don't think the difference is big enough to hold off hosting such a tool at J2O though, for reasons stated.

There are still other ways to break the password,the admins allow WhiteBlaster to upload this program,so what's the problem?
Not unanimously.

The JCF is not, nor never has been, J2O. On neither site have links to TECJCS ever been allowed, and on both sites there are mentions, but that's all. The instructions on the JCF, with Neobeo, Grytolle, and Overlord, and whatnot, and are not the clearest in the world. Accuse me of elitism, but I feel that currently, anyone who wants to bypass a password must already have a reason to do so, in order for them to seek out the means, and many people don't really understand hex editors anyway (let alone enough to derive the base text of three characters of a four-character hash on their own). Putting a program on J2O would just open up the whole thing for those who hadn't even thought about it but now find the idea of breaking into other people's work without permission quite appealing.

Given the fact that there are instructions on how to remove passwords from JJ2 levels on this very forum, in addition to links to versions of JCS that allow you to open levels regardless of the password (or at least mentions of it clear enough for anyone wanting to find a way to download them), I don't think allowing a utility like this is a huge stretch.

People may be using the password they use for J2L files for other purposes as well but this utility would not reveal that very password (because it is not stored in the level file), only its CRC32 hash (http://en.wikipedia.org/wiki/Cyclic_redundancy_check), if I recall correctly, and other text strings with the same hash. This hash is stored plainly in the level file anyway and is easy to look up for anyone in the posession of a hex editor reading the file format documentation on J2O. The only thing this utility would do is making this whole process easier.

Exactly! In fact I didn't even thought that it would have been a problem, since I personally found the instructions to bypass the passwording system on this very forum some time ago.

I also would imagine that finding out the password someone uses could be more of an issue than just allowing you to open their levels.

Don't worry too much about that... for 2 reasons:


You put your levels online to be downloaded by anyone, and the password hashes (that means information uniquely connected with the password) with them. So, theoretically you share the passwords themselves with the others. Theoretically.
Pratically, if you consider the number of possible passwords that can match a determinate hash, you obtain a number around 33765. ONLY CONSIDERING THE PASSWORDS SMALLER THAN 6 CHARACTERS! Yahoo...

But if a level does have a password, that's because its creator wanted it to. We all have the right to want something made by someone else to be "open-source," but not to make it that way if the creator didn't intend it.

I respect your way of thinking, Unknown Rabbit, really. But it's too late for this, and since a lot of time now. See above in this post. I wouldn't be going to upload the program otherwise!

I wouldn't even get interested in this program at all, as it (if I understand its description correctly) only provides me with a seemingly random string of letters and numbers (something I myself don't find very attractive). Something it (luckily) doesn't do, is to find a word that matches the hash. The probability of finding the exact password the creator used would be much larger then, which could lead to breaking into J2O/JCF or other accounts sharing the same password.

But I think we all agree that the J2L passwording mechanism is a failure, now that we know exactly how it works. So I don't think it's such a big deal to upload this program, as we have found other easy ways to break into passworded levels. The only thing it adds is a bunch of uninteresting codes.


Though still, there is a reason people decide to lock up their levels. And if we ever get to actually release a 'JCS+' addon/replacement for JCS, I think it would be worth to investigate the possibilities of encrypting J2L files altogether (or at least password them more securely). Level creators opting for this 'secure saving format' will pay for the fact that an unpatched Jazz2 can't play those levels, though. But at least it would provide level creators with a way to protect their babies.

You can't upload something to the internet and expect people to not want to crack it. Plain and simple. And even if you don't allow this program up on J2O, it's still going to get around. I know that's a pretty lame excuse.

However, it's not private once it hits the internet. Otherwise, I wouldn't have a copy of 3D Studio Max 2011, now would I? And why does Jazz2Online endorse JJ2+? Obviously it's a violation of many laws including that of decompiling somebody's code or tearing apart a copyright program to figure out mechanisms (I wish I had a citation here). And don't even get me started on program's in the past such as Death Controller...

Also, even Project Controller 4 can easily crash any coop server. Also, Forest can be used to open up any trigger as a client. But rather than list off a name of borderline potentially dangerous programs, my point is that of Stijn's. J2O would not be moving that far backwards by allowing such programs. We've already got JJ2 turned into something Epic, compared to what it was before. So why wouldn't we work towards the advancement of j2l and JCS? Obviously, such effort would have to start somewhere with some type of program...

^_^ I'm done ranting, sorry.

So why wouldn't we work towards the advancement of j2l and JCS?
Cough.
How does it "advance" JCS/.j2l files to work further towards removing (the functionality of) a feature?

I already told it, the purpose is to remove the problems connected with the feature, not its functionality (which has already been overridden).

And, another thing, related to what Troglobite said. Today a very basic version of the program became operative. Using this version, anyone trying to hack a password that is longer than 4 characters would probably kill himself before getting to know your original password. :D
Of course I've got to radically renew the interface (at the moment it's only using Message Boxes, try to imagine...)

One last thing: remember that if you change the password and fill in "nEobEo GRYToLLE ANd OVerLOrD" the level becomes unpassworded? (If not, see this (http://www.jazz2online.com/jcf/showthread.php?t=16776))
I just found out that using "RO= ", "Tsd&", "8RKi" or "-k{s" will work too. They're just shorter.

One last thing: remember that if you change the password and fill in "nEobEo GRYToLLE ANd OVerLOrD" the level becomes unpassworded? (If not, see this)
I just found out that using "RO= ", "Tsd&", "8RKi" or "-k{s" will work too. They're just shorter.<a href="http://www.jazz2online.com/jcf/showpost.php?p=376663&postcount=92">o</a> <a href="http://www.jazz2online.com/jcf/showthread.php?p=432247&highlight=oesmonk#post432247">rly</a>

If someone wants to edit a level maliciously for whatever bizarre reason, the lack of a utility on J2O is unlikely to stop them.

However, I do think that if it was made available it would attract newbies that just edit the level and upload it. If somebody can be bothered searching through the jcf, then chances are they'll realise the utter pointlessness of uploading it. Probably not the best example, but I'm tired.

Edits of existing levels (especially without author's permission) aren't really allowed on J2O anyway.

J2O has never historically supported or endorsed hacking into other people's levels without their consent, and I don't see why we would start now.

Agreed.

You're no fun =(
/me agrees
Meh it hardly matters. Editing out the password using a HEX editor takes about 5 seconds so I don't think this would be that big of a deal

I agree with sonicnathan, it hardly matters because anyone motivated enough can just find another way, anyone less motivated can just ask for an explaination/assist on the forums

Edits of existing levels (especially without author's permission) aren't really allowed on J2O anyway.

Agreed, if they wanted it passworded, imo it shold b left passworded, chances are you can ask someone on j2o whod know how to help you without password removing

The JCF is not, nor never has been, J2O.Excuse me, what?

They're hosted on the same hosting service, they're run by mostly the same people for over nine years now, the rules are identical (common sense), quality control levels are the same. Everything on J2O that warrants discussion is discussed here, in threads such as this, the recent layout discussion thread, and in the two J2O admin subforums as you know.

Seeing J2O and JCF as split, separate entities makes no sense, because even if they don't necessarily attract the same people, they still stand <strong>united</strong> the main hub of the Jazz Jackrabbit community.

If the guidelines to removing a level's password haven't been removed from the JCF for four years now, and it's unlikely that they will be removed in the future, it makes little sense to prohibit WhiteBlaster from uploading his program to J2O once it's ready.

Your analogy may as well say that "Firefox is not, nor never has been, Netscape".

Cough.
How does it "advance" JCS/.j2l files to work further towards removing (the functionality of) a feature?

The same way Blur removed the functionality of IPX/SPX Direct Play on jj2.

We're opening up one door at a time. And yes, reworded is a decent program. However it's just one brick. Or would you like to just create a monopoly? Not let any other programmers in. Blur did that too when he implemented music downloading, ruined the whole purpose of JJM. idgaf about my reputation because my point stands clear that we need to encourage these types of coders and this form of pro-creating or we're not going to go ANYWHERE, clear? In fact, it would just piss off members and cause us to LOSE people.

If he does a decent job on this, perhaps he could play a part in the next version of reworder, or whichever other program you have in mind. If you keep his program off J2O anyways, is there any assurance whatsoever that community members won't get a hold of it? Or why not just upload it to JCF since it's a separate entity and keep it off J2O?

Look, the main question is wether the admins will allow the program on j2o. Now, I don't quite understand what their opinion is (mixed, it seems). For that matter, I haven't really noticed who is an admin on j2o and who isn't. There hasn't been an agreed answer to the question yet, as far as I'm concerned. I agree with dermo that they'll just get a hold of the program anyway, but in the end it's up to the admins.

hey're hosted on the same hosting service
http://www.jazz2online.com/j3f
http://www.jazz2online.com/jcsref
http://www.jazz2online.com/tilesets
http://www.jazz2online.com/jdc
Much like nagcentral once did, the Jazz 2 Online webserver hosts a number of other sites, presumably in part to lessen the chances of their going down without warning when their maintainers abandon them.
they're run by mostly the same people for over nine years now
http://www.jazz2online.com/jcf/showgroups.php
http://www.jazz2online.com/user/index.php?accessLevel=5&lastVisit=30000000000&contains=
There are a lot of different names in those lists. And you know, the ones that are the same? Not very active anymore.
the rules are identical (common sense)
http://www.jazz2online.com/jcf/forumdisplay.php?f=37
http://www.jazz2online.com/node.php?title=j2oRules
Granted, there's a lot of similarity. But note also that many of these rules are direct extensions of the policies of the hosting company, and that the same would apply to JCSref, JDC, Haze's Hideout, and many other sites that allow user interactivity in some form.
quality control levels are the same.
J2O has a strict (last I tried to remove it) no-betas-or-demos rule. The JCF absolutely does not.
Everything on J2O that warrants discussion is discussed here, in threads such as this, the recent layout discussion thread, and in the two J2O admin subforums as you know.
Once upon a time, until we noticed that it didn't play a role in the community anymore, everything on Lori Central that warranted discussion was discussed here (and previously the JMMB). Are they the same site? No. If any sort of news ever comes out of a site other than J2O, one assumes that that will be discussed on the JCF as well.

Seeing J2O and JCF as split, separate entities makes no sense, because even if they don't necessarily attract the same people, they still stand <strong>united</strong> the main hub of the Jazz Jackrabbit community.
Indeed they do not attract the same people. For one, there are different users. If they were the same site, wouldn't they have the same memberlist, with the same names, the same administrators, and so on and so forth? Shouldn't our fancy new reputation scores be connected to our reviewing ranks?

Your analogy may as well say that "Firefox is not, nor never has been, Netscape".
I don't remember the connection between the two very well anymore, but I seem to recall I wouldn't say that Firefox "never has been" Netscape. I don't think the JCF grew out of the code of J2O, either -- it's a standard forum script, added quickly to a domain that people already associated with JJ2 to make sure the community survived when the JMMB stopped running. The list of forums was, at the time, completely or almost completely identical. That's what it grew out of if anything.

If the guidelines to removing a level's password haven't been removed from the JCF for four years now, and it's unlikely that they will be removed in the future, it makes little sense to prohibit WhiteBlaster from uploading his program to J2O once it's ready.
Finding stuff on the JCF is a lot more obscure than downloading a utility from the J2O list, I should think, and I will say again, lots of people shy away from the thought of even using a hex editor. I have no evidence to support this, but I would not be surprised if there are various people who download from J2O quite happily while having no JCF account whatsoever and little participation in the part of the Jazz Jackrabbit community housed on either of these two websites. I personally would be more content to trust a JCF user than an anonymous J2O downloader.

The same way Blur removed the functionality of IPX/SPX Direct Play on jj2.
Off-topic, but I have always been a skeptic of the JJ2+ project, particularly its narrow focus and lack of community basing or mistake control. Removing functionality like that is <em>not</em> a good thing and I don't understand how anyone could support it. Making something better should not involve removing things that are perfectly functional and/or some people may rely on.

We're opening up one door at a time. And yes, reworder is a decent program. However it's just one brick. Or would you like to just create a monopoly? Not let any other programmers in. Blur did that too when he implemented music downloading, ruined the whole purpose of JJM. idgaf about my reputation because my point stands clear that we need to encourage these types of coders and this form of pro-creating or we're not going to go ANYWHERE, clear? In fact, it would just piss off members and cause us to LOSE people.
I have no interest in creating a monopoly. Reworder is and was advertised as a stepping stone while we wait for someone to add it and other features to a full-bodied level editor. If AtomicFeline wanted to improve JCS94 so that it could compete with J1E (most importantly, didn't lose information when saving), I'd be fine with that, but right now there's no reason to use it. Jerrythabest is doing incredible work with BCCS and that's a <em>good</em> thing. These are all different directions I'm citing, of course, and there's no way any of them could interfere with each other, but that's because there's only so much you could do to improve JCS (even assuming you had its source code like blur magically seems to with JJ2), since ultimately any information you find a way to encode into a .j2l file still needs to be read by JJ2. The list of things that JJ2 can read that JCS won't let you save, as far as we know, just isn't very long... alternate word pairings, longer (and more numerous, sort of) text strings, higher-than-100 Start and Min ambient lighting settings, speeds for layer 4, and that's about it. We don't have tools for the latter two simply because they're not very useful. There are a few useful things to be done in .j2t files that someone should get to eventually, though.

To the point that discouraging this program will discourage people in general from wanting to make tools: nonsense. Earlier in this thread I suggested a modification to the proposed program, one which would even make it (very slightly) more personally challenging to code: have it only display alternate passwords for the level if you can first prove that you know <em>one</em> of them. That's still just as much of a challenge for WhiteBlaster to code, has the same basic purpose, and it completely gets rid of the possibility of breaking into other people's levels without their consent. <a href="http://www.jazz2online.com/downloads/6280/jj2-tileset-viewer/#review-31774">Here's</a> a review I wrote recently in which I again encourage someone to add more functionality in order to make a more useful program. More programmers is good, but their programs should be useful ones that give us new powers, rather than taking away old ones. I would much rather support someone who edited the Home Cooked Levels episode to include more than 256 files than someone who just removed it entirely.

If he does a decent job on this, perhaps he could play a part in the next version of reworder, or whichever other program you have in mind. If you keep his program off J2O anyways, is there any assurance whatsoever that community members won't get a hold of it? Or why not just upload it to JCF since it's a separate entity and keep it off J2O?
Again, see alternate suggestion for program. No, there is no assurance that community members couldn't get a program that's on neither J2O nor JCF, both of whose rulebases, in writing and traditional implementation/interpretation, based on my personal understanding of them, are against such a thing. It would presumably end up on digiex or jazzjackrabbit.net or craccoclan or some other place entirely. However, I'm also of the opinion that the proposed program is a Bad Thing generally. As for Reworder or other programs, I would fully support WhiteBlaster in any other <strong>non-destructive</strong> projects he(?) might want to pursue, and could even offer some ideas for stuff that should get done, even though I'm guessing we don't share a coding language for actual collaboration.

Look, here's what I don't get about this discussion. Everyone who's supporting the program seems basically to be making one point (and if someone's made a different point and I missed it, I apologize): it wouldn't be too much of a bad thing, because it's already possible to get around passwords. First, it seems to me that this argument <em>admits</em> that getting around passwords is inherently a bad thing, but argues that it's a war that's already been lost. Second, no one has pointed out any actual good (rather than limited bad) that would come out of this program. Third, just because it's already possible, doesn't mean it's the easiest thing in the world, either to do or to find. And the very fact that it's somewhat difficult suggests that some people probably won't end up doing it. If it's made easier, then not improbably, <em>more</em> people would do it than would otherwise. And for the JCS user who wants to use a password to protect their level, a possible world hosting a smaller number of people who may potentially ignore their wishes is preferable to a world hosting a larger such number. And since there are still other programming challenges available for WhiteBlaster and the rest of the community, it seems to me that making the world better -- or at least, not making it <em>worse</em> -- for that poor JCS user is the right thing to do.

Look, the main question is wether the admins will allow the program on j2o. Now, I don't quite understand what their opinion is (mixed, it seems). For that matter, I haven't really noticed who is an admin on j2o and who isn't. There hasn't been an agreed answer to the question yet, as far as I'm concerned. I agree with dermo that they'll just get a hold of the program anyway, but in the end it's up to the admins.
There is indeed disagreement, but <a href="http://www.jazz2online.com/user/index.php?accessLevel=5&lastVisit=30000000000&contains=">here's the link to the admin list again</a>. I might add that I don't think that J2O <em>should</em> be the main question.

Did you know??
JCF is J2O's central message board (...)<!>

I think that for all intents and purposes the JCF is a part of J2O, not a separate site hosted on the same domain. It's linked to like any other site section on J2O, it shares most of its staff (in the sense that apart from Torkell, active JCF staff is also J2O staff), it is the primary place to discuss J2O itself (in this forum) and even the default layout is largely similar. I suppose the fact that they have distinct userbases and aren't integrated is more for historical and technical reasons than because the sites are not connected.

Oh, and the JCF admin list really doesn't say much. When the JMMB closed, pretty much all admins there were also made admins at the JCF, but part of those people have never even used their admin powers (or even visited the JCF much), and all of those have not been active in a very long time.

In practice, the JCF staff now consists of Torkell, FQuist and me, and the active J2O staff is BlurredD, EvilMike, Violet, cooba, FQuist and me. Bobby is occasionally active on both. So apart from Torkell the JCF staff is a subset of the J2O team. Besides, if the JCF is a regarded as a subsection of J2O, it wouldn't necessarily be strange for both to be run by different people; after all, even on J2O there are certain people running certain parts of the site (we've had Download Moderators, for example, and I originally started as a maintainer of the wiki; not to mention those who keep track of the featured downloads). So I don't think comparing the staff listings says all that much; they're outdated, and even if they were different that wouldn't necessarily mean anything.

What does, in my opinion, mean something is that J2O and JCF share most of their active users, that the JCF serves as a forum to discuss stuff happening on J2O, and that J2O references the JCF as a section of the site.

I wouldn't be in favor of it. These levels are password protected because their author didn't want them to be edited. I would choose to respect that wish. But I'm pretty conservative to sticking to the game's original spirit.

You'd be better off asking other admins, I don't do to much administrative work on J2O. I recall removing a virus infected download a couple of months ago, and some small jobs people asked me to do. Oh yes, I always end up being the one who turns off the Christmas background for some reason. Why's that? ;)

I'm somewhat undecided on this program - on one hand, it's a neat programming exercise and a potentially very useful utility (everyone who's forgotten a password raise their hand now), while on the other hand it breaks the password protection feature which people may want to use to hide secrets or protect their own levels from casual editing.

If I had to decide I would say no to providing it on J2O/JCF, as the potential for abuse is too great. If it displayed alternate passwords for a known password (as Unknown Rabbit suggested) then I would have no objections, as it couldn't be used to break the password protection.

As an alternate idea, what about posting details of the algorithm used for passwording levels? I've no objections to that, as you'd already need some programming skill to turn that information into a password breaker (and would likely be able to work out the passwording yourself).

Second, no one has pointed out any actual good (rather than limited bad) that would come out of this program.
One of the main purposes of my program is to allow a level creator to open his level even if he has forgotten the password, without having to smash the Security Envelope of his level.

anyway, waste of time

Hey, guys, calm down! Let's stop the civil war for just a minute, ok?

Earlier in this thread I suggested a modification to the proposed program, one which would even make it (very slightly) more personally challenging to code: have it only display alternate passwords for the level if you can first prove that you know one of them. That's still just as much of a challenge for WhiteBlaster to code, has the same basic purpose, and it completely gets rid of the possibility of breaking into other people's levels without their consent.

Well, UR, you must know that there's only one person that can offer me a challenge, and that's me. But even besides that, I dislike this solution simply because then if you've lost the password of your level you can't open it again (removing a feature...)

he(?)
Yes, he.


Finding stuff on the JCF is a lot more obscure than downloading a utility from the J2O list, I should think, and I will say again, lots of people shy away from the thought of even using a hex editor.
Third, just because it's already possible, doesn't mean it's the easiest thing in the world, either to do or to find. And the very fact that it's somewhat difficult suggests that some people probably won't end up doing it. If it's made easier, then not improbably, more people would do it than would otherwise.

Who said that using my program is easier than using a HEX editor? Not at all. First, if you don't read the README file thoroughly the first thing you'll see will most probably be an error message. Not much encouraging for a beginning, huh? Second, anyone not very motivated would probably give up at the sight of the bunch of settings to give the program before running it (in the kind of interface I have in mind). Of course someone more motivated would probably make it in the end, but then it makes no difference: using a HEX editor is (trust me) easier and quicker.
Not mentioning the fact that I decide what to write in the download description, and this may have a considerable influence.
Anyway, if it isn't enough lamer-discouraging for you, you may suggest something else... The UI has to be (re)programmed from scratch, after all.

EDIT: Replying to the last point of what Torkell said, the source code will be released together with the program, and a half-decent documentation with it. There may be a problem anyway: very few understand Assembly... If it's a problem for you, I may post a more user-friendly description of the algorithm here, or I may include it in the source code. Anyway it's not a problem for me, just ask.

Whew! Took a while to read through this...

There is indeed disagreement, but <a href="http://www.jazz2online.com/user/index.php?accessLevel=5&lastVisit=30000000000&contains=">here's the link to the admin list again</a>. I might add that I don't think that J2O <em>should</em> be the main question.
What I meant was that this was WhiteBlaster's main question when he started the thread. Anyway, I might quiet down now, too much arguing...

I don't mind the arguing one bit. It shows different mindsets for this thing.

UR, you bring up some interesting points. Now debating who runs J2O compared to whom runs JCF really is not conducive to this program's legality.

What? [...] It's <em>their</em> level/tileset.

Let him decide. And I'm serious. If he f*<!>cks up the community, that's on him, then everybody can come back at him. But in all honesty, at least here in the US, commerce went a HE<!>LL of a lot better with free market.

I concede that discussion about J2O vs. the JCF is only marginally related; my point was only that different ethoses obtain in each. I don't think I have any further arguments to make and as such rest my case; there is no present functional difference between a program that lets you recover your own password and a program that lets you discover someone else's password against their will and without their knowledge. Password recovery systems only work on websites and such because they require you to input some other identification, usually your email address, to verify your identity. However, there is no place that email addresses are stored in .j2l files, and I doubt we could instantiate any tradition of putting one in the Bonus Level field or anything in case one ever forgets one's password, so that's not an option. Page claim.

And so the discussion comes to an end. (http://www.jazz2online.com/jcf/showthread.php?t=18824)

http://img384.imageshack.us/img384/1957/facepalm.jpg

That could already be done... (-> changes nothing in this thread's context)

By the way, several months ago I read this thread again and decided that the advantages that would come from my program just aren't worth the risks (even with a sort of "protection" system). Therefore, no upload. I'm sorry for everyone that may have needed it.
Anyway, I'll upload some details about the algorithm as requested by Torkell, someday. Hopefully.

P.S.: Sorry for thread revival. His fault. :D