Skip to content
View in the app

A better way to browse. Learn more.

Tip.It Forum

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Sir_Squab

Members
  • Joined

  • Last visited

Everything posted by Sir_Squab

  1. I should just spam this for a NPS.
  2. Altho I haven't seen this suggested in a long time, barrows can still be a pretty good money maker. Black Salamanders are an effective way to kill the melee brothers and you can just melee the other two. I'm not sure how effective a way to make money this is, but you can easily find a method that will break even or make a s wmall profit every run. The reason I suggest this is because, due to the nature of barrows, you don't have to worry about overcrowding. It is (in my opinion) fairly fun. Other then that, still do the herb farming, mtk, whatever other dailies you want; and your next big skill goal should probably be summon. Once you get semi-decent armour and weapons, you should start up slayer for getting charms. There are better ways then slayer for charms, but at your level slayer works fine and most (if not all) of the other methods require higher summoning or a lot of money.
  3. 92 - 95 herb. Easy ovls ftw. Oh, and some other skills that aren't very exciting. Played, uh, 3 hours? Idk. Probably more like 5.
  4. I'm tired. Somebody make me a sammich. And coffe.
  5. When I actually DG, I use full screen with lowest graphical settings lol. I need lowest graphics so my load times aren't too slow but I can't stand the size of fixed screen. Low detail for me usually puts me in resizeable, except if I'm in full screen it stays full screen. It's weird; I can't go low detail then full screen, I have to choose full screen THEN go lowest detail.
  6. Oooo. I'll pay you good money for good services ltk ;)
  7. What level is reccomended to start there? I'm working on getting 78 atm.
  8. Really? I never knew you could get pouches back. Anyways, at least these days you can buy them back rather then grind for an hour + in the abyss. Anyways, unless the guy TBs you then entangles you, you can just tele away. Personally, if you want to blame anything, blame the mechanic. For the record, this is coming from a guy who's last experience with abyss pk'ing would have been pre-GE RC'ing. I don't think I have ever PK'ed an abyss RC'er. Altho I found them annoying, that was how the game worked.
  9. Q POSTED HERE! QUICKLY, CONVERT HER TO A HARPIE@@@
  10. Nice nice. I think last weekend I managed to get like 82-91 herblore. Gratz on 76 - 92 :)
  11. You're the first guy to mention God. Just saying. This topic is enough of a [cabbage]storm that we really don't need religion to enter it. We could start an entirely new discussion based on that second paragraph. As for the first paragraph... people judging other people and making an opinion of said person while knowing very little is simply a part of human nature. And stuff involving sexual behavior is always taboo on some level in virtually every society in the history of civilization. Really, you're complaining about people acting according to human nature. (Which isn't as pretty as humans would like to believe.)
  12. Passwords are easily decrypted unless the hash is encrypted based on your hardware or something. And if you search around, you'd see some people actually have their hands on several databases. I was just pointing out that with the information they have PLUS the information the OP had revealed himself is what helped the hackers for the whole recovery process. Sigh: good luck with decrypting them. It will take you what, a thousand years to decrypt a mysql table? Really don't just believe anything you read, be critical, LEARN before posting statements. IPB uses a randomized salt, so it is impossible to decrypt. Unless you know the salt (impossible) - or use brute force methods. Salted hashes are far from impossible to break. If someone were to compromise the server they would be able to dump the sql tables as well as view the salt. Examples: Only hashed - md5($Password) - Easily cracked, a publicly available 380 gb rainbow table will break any password that uses numbers, letters (capital and lower), and spaces; extremely vulnerable to sql injection Hashed and salted using a global salt - md5($Password.$SiteSalt) - Just as easily cracked as a password that has only been hashed (if the hash is obtained from the webserver); however, this would require generating a custom rainbow table which takes a bit amount of time (giving the site time to inform users) Hashed and salted using a user salt - md5($Password.$UserSalt) - Requires a new rainbow table for every user (See next paragraph); this is extremely vulnerable to sql injection if the default hashing algorithm has not been changed, IPB uses md5(md5($salt).md5($password)) by default, I hope tip.it changed it Hashed and salted twice - md5($UserSalt.$Password.$SiteSalt) - Requires a new rainbow table for every user, which is very impractical unless targeting specific users, usually in this case the hacker will run a list of common passwords through the hashing algorithm for each user, hoping to crack a percentage (interesting note: I recently redid the security on a site I maintain that has 25,000 users; of those users 6% used one of the 5000 most common passwords [based on this] and 4% used their username as their password, extrapolating that to the worst case scenario where tip.it is breached, at least 20,000 accounts would be compromised with ease, and even more would be compromised after using a dictionary based attack [of users who used a dictionary word, 10% used the word followed by the number 1]) One of the best ways of ensuring user security after a hack is by using two salts, a site wide salt and a individual salt. Unless the sql server and the webserver were located in two different places and only the sql server was breached would an attacker ever need to decrypt the sql database. If the webserver is breached it WILL have the sql connection details in plain text in order for the site to function (or possibly encrypted using zend, but that that's still easy to bypass) and it WILL have a any site-wide salt in plain text. I have no idea what in the hell any of this is >_<

Important Information

By using this site, you agree to our Terms of Use.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.