RPCN doesn't actually sends token email and refuses to retry

[v-fox]

So I wanted to enabled new fancy networking mode after hearing about it, made up username and password but registering at first lead to server version mismatch (7 instead of 9), so I made update with latest revision and this time it reported that "email has been sent" to my Yandex account. But it wasn't, not even in "spam". And not it fails to retry with:

RPCS3 v0.0.12-0.0.12+54~git20200910 Alpha | master | Firmware version: 4.81
Intel(R) Xeon(R) CPU E5-2650 v2 @ 2.60GHz | 16 Threads | 15.44 GiB RAM | TSC: 2.600GHz | AVX
Operating system: POSIX, Name: Linux, Release: 5.8.7-1918.g907e449-HSF, Version: #1 SMP PREEMPT_RT Tue Sep 8 05:42:11 UTC 2020 (907e449)
·! 0:00:00.000001 SYS: Initialization times before main(): 0.181281s
·! 0:00:00.187492 RSX: Found vulkan-compatible GPU: 'AMD RADV POLARIS10 (LLVM 10.0.1)' running on driver 20.1.7
·! 0:00:00.334768 SYS: Logged in as user '00000002' with the username 'FoX'
·! 0:00:00.641813 GUI: Current language changed to English (en)
·! 0:00:00.797498 Compat: Finished reading database from file: /home/fox/.config/rpcs3/GuiConfigs/compat_database.dat
·W 0:00:12.158885 rpcn: Attempting to connect to RPCN!
·E 0:00:12.841881 rpcn: recvn failed with error: peer sent close notify alert
·E 0:00:12.841905 rpcn: Failed to read a packet header on socket
·E 0:00:12.842195 rpcn: Error creating an account!

It seem to be assumed that Microsoft is at fault for email not arriving on their accounts but it seem to be happening not only there. Maybe emails are malformed or not really sent by the server. Why it even needs emails if it has two-way communication anyway ?

PS: that CPU is actually 3.0 GHz version with 3.4 GHz boost but RPCS3 and PCSX2 like to assume 2,6 GHz… weird.

[Megamouse]

I think you're using an old build?

[v-fox]

I think you're using an old build?

Is that a question or a statement ? I've said that I've made latest git snapshot build right now. You can see the version number in the log as "54 commits past 0.0.12 tag with last commited at 2020/09/10, as in - today".

[Megamouse]

sorry, you mention version 7 vs version 9, so I stopped reading. Seems like a different issue.

@RipleyTom

[RipleyTom]

From server POV the mail has been sent, I can't access the logs of the mail server we use to see if it went through though.

[clienthax]

Yandex is generally shit at accepting mail from anything that isn't a major provider..

[v-fox]

I checked spam folder again and now message have materialized itself, even with time tag at around the time I previously checked and opened this issue. Seems that, indeed, it, as Microsoft, is aggressive in ignoring "dubious sources". I wouldn't be surprised that, if you send via your own server and without whole bunch of personalized certificates, that any email service would drop it. Yandex is number 1 email provider of Russia and Microsoft is Microsoft (which owns github, by the way), those are not things that you can simply ignore. And they, most likely, are far from only ones. So, my issues stand:

• Why use email at all instead of usual password hash authentication via encrypted tunnel ? Or even sending token back, encrypted by password, at registration ?
  • Maybe even generating certificate/key-pair for each virtual user profile in rpcs3 which would emulate real Sony profiles ? Those could be multiplexed among several rpcs3 installations into meta-profiles on the server, avoiding the need in manual profile migration and/or allowing auto-sync of profile content (if not directly via server, which would require data hosting, then by negotiating P2P connection of rpcs3 instances that are active on same or different systems).
• What to do when message is absent or lost ? Making up new accounts until one comes through ?

[dio-gh]

Why use email at all instead of usual password hash authentication via encrypted tunnel ?

We use email verification to combat account creation abuse. It's not ideal, very much not perfect, but it's a basic barrier that works pretty decently for the most part.

What to do when message is absent or lost ? Making up new accounts until one comes through ?

There will be a timeout added so that you can reuse the username and retry, yeah. Obviously not ideal, but that's the plan for now.

In general, the account management parts of the RPCN feature were pretty rushed, so other than it "working" it's arguably not the most polished set of parts. In the future, I'd imagine setting up an RPCN-side webserver via something like Rocket and hooking up ReCaptcha is going to be inevitable, but for now this is what we put in to work.

Apologies that it works so poorly with yandex, admittedly we haven't tested email verification at them. The Microsoft side of the deal should be more or less resolved now at least, even if not in the prettiest way (the mail will still land in Spam). With them it was related to their ip range blacklisting (the range RPCN is hosted in is blacklisted, so we switched to the server our webserver is running on, which passes the filter).

[v-fox]

In the future, I'd imagine setting up an RPCN-side webserver via something like Rocket and hooking up ReCaptcha is going to be inevitable, but for now this is what we put in to work.

I would advice against captchas, I see them as silly fad that creates an illusion of security and only drives off the most incompetent spammers. These things got to be major annoyance (especially with forced entry on forced relogins on web-sites) and hard to recognise even to close-to-perfect vision while decent neural-network would do it with no problem. After all, NN are based on human neural abilities but with infinitely larger training data. Certificates/key-pairs for non-interactive authentication would always a better choice. And if someone wants to tear down the server they can always DDoS it by any random data. It's not leaving messages for players, so it of no interest to spammers, just vandals.

Apologies that it works so poorly with yandex, admittedly we haven't tested email verification at them. The Microsoft side of the deal should be more or less resolved now at least, even if not in the prettiest way (the mail will still land in Spam). With them it was related to their ip range blacklisting (the range RPCN is hosted in is blacklisted, so we switched to the server our webserver is running on, which passes the filter).

Just until another blacklist, especially now that most countries do universal DPI sniffing, DNS & HTTP spoofing, HTTPS dropping on all "illegal and immoral" data. Which in my country that included Bitbucket, W3C and whole bunch of other technical sites (bastards even dance around blacklisting Youtube, Wikipedia and GitHub because those all technically host "illegal content" by their insane laws) because IPv4 address space has been exhausted for decade, double-layer NAT is a thing and thousands of sites and thousands of users often share a single address.

[dio-gh]

I see. Well that aside, you did get the email in the end proper, so I reckon this ticket is closeable?

[v-fox]

I see. Well that aside, you did get the email in the end proper, so I reckon this ticket is closeable?

Only on pure chance though, as there is still seems to be no ability to retry if it's really gone. And a better system is not even conceptualized, let alone implemented. I leave it up to your discretion but I disagree that issue is actually fully addressed.

Also, there seem to be universal disdain on me bashing captchas, state censorship & data spoofing and double NAT with thousands-scale address sharing (which is a major reason why such small personal servers go into blacklists of big networks automatically). Wouldn't have though that those things have fans in tech community. Or maybe that's about the idea that spammers would be able to spam on server that has no messaging ability ?

[dio-gh]

Only on pure chance though, as there is still seems to be no ability to retry if it's really gone.

Fair enough, I'll ask again once the cooldown has been implemented.

As for the rest of what you wrote, I didn't really have anything to add to what I already said, hence I didn't say anything. There was a point when I myself had troubles solving captchas, but it has been toned down since - I definitely don't find it something that worths rallying against.

You originally wrote:

I would advice against captchas, I see them as silly fad that creates an illusion of security and only drives off the most incompetent spammers.

That was the goal, but I believe I already mentioned that. In general, you can concoct a myriad of elaborate strategies, but they'll be always torn apart. The majority of attacks are usually the lowest effort ones - that's why it makes sense to target them from most likely to least. Captcha is an excellent first line of defense especially because of this.

You also mentioned:

Certificates/key-pairs for non-interactive authentication would always a better choice.

The issue at hand isn't authentication, it's account creation abuse.

And if someone wants to tear down the server they can always DDoS it by any random data.

This would be true even if your auth idea was implemented.

Just until another blacklist, especially now that most countries do universal DPI sniffing, DNS & HTTP spoofing, HTTPS dropping on all "illegal and immoral" data. Which in my country that included Bitbucket, W3C and whole bunch of other technical sites

Yes, if your country decides to cut you off of the internet there's nothing we will be able to do about that - not quite sure how that's our responsibility to deal with though.

Finally then:

Or maybe that's about the idea that spammers would be able to spam on server that has no messaging ability ?

I unfortunately have no idea what you mean here.

[v-fox]

Fair enough, I'll ask again once the cooldown has been implemented.

Just cooldown alone isn't really the point of my issues.

As for the rest of what you wrote, I didn't really have anything to add to what I already said, hence I didn't say anything. There was a point when I myself had troubles solving captchas, but it has been toned down since - I definitely don't find it something that worths rallying against.

Then you haven't had a pleasure of deciphering Californian buses and obnoxious fire hydrants several times in a row and/or every few days on forced relogins due to cookie expirations and/or your country's and/or ISP's IP range being blacklisted for "extra checks". The damn things only becoming more distorted and frequent.

That was the goal, but I believe I already mentioned that. In general, you can concoct a myriad of elaborate strategies, but they'll be always torn apart. The majority of attacks are usually the lowest effort ones - that's why it makes sense to target them from most likely to least. Captcha is an excellent first line of defense especially because of this.

Yeah, "the majority of attacks are usually the lowest effort ones" but what exactly are defending here and from who ? Who are those people who are going to attack you and why ?

The issue at hand isn't authentication, it's account creation abuse.

Abuse for what reason ? Is there a point of having hundreds of accounts ? Or is there desire to forbid even 2 ? The issue is authentication because of justifying overcomplicated but inefficient authentication as means of combating that supposed abuse. I'm not saying that you shouldn't be limiting account requests, just asking to avoid that way of doing so.

Generating client-side certificates would impose more demanding load on supposed abusers, there isn't likely mass cert-generating blackhat "services" to exist in contrast to anti-captcha ones.

Or maybe that's about the idea that spammers would be able to spam on server that has no messaging ability ?

I unfortunately have no idea what you mean here.

I mean that main reason for captchas is stopping spammers who are the primary threat after dumb DDoS service overload. Even "abuse of registration" is done to make spam accounts. But you're not making a messaging service here.

And if someone wants to tear down the server they can always DDoS it by any random data.

This would be true even if your auth idea was implemented.

Which is exactly my point: demanding forced pointless interactivity only serves to annoy users and adds only illusion of security. You're not securing against most likely abuse scenario while creating obstacles for pacification of fears against an unlikely one.

But maybe I just can't fathom what kind of abuse you expect.

Yes, if your country decides to cut you off of the internet there's nothing we will be able to do about that - not quite sure how that's our responsibility to deal with though.

Are you saying that you're going to ignore any user of any email service that misses your emails or somehow else prevented from going through the process with extra steps ?

Pretty much all "civilized" countries have some sort of surveillance, censorship and spoofing going on, some just more aggressive wit hit when others. Just 10 years ago it was about "propaganda and recruitment from murderous terrorists", now it's "information harmful to underdeveloped brains of children or disparaging of companies and authorities"… or "offensive expressions or open support of harmful ideas" by "political correctness" witch-hunting crowds with various states of legal backing. No one is immune from getting into the next wave of "info-cleansing".

Anyway, I'm not sure what prompted you to saying that, since I was talking about disapproval of my previous message, not that it's somehow your responsibility. Just noting that you can't be sure that any 2 peers can properly communicate in today's Internet and adding dependency to other peers, outside of your control, puts new potential limitations.

Say, you implement Google's captcha. Well, what about Iran, Syria and Crimea (I personally know people who want to buy residence there) ? Github has officially blacklisted users from there due to orders from US government. Not just by IP ranges but by "determining by other means", such as all their known personal data. Will Google send automatic captcha denial for such users, like it does with regional denial on Youtube ? It might, depending on future growth of paranoia.

[kd-11]

@v-fox Trolling already happened, we're not talking about a theoretical issue. Remember that originally we did not have the email requirement. Unfortunately people suck and the click to create account feature was just too convenient for such jerks so email verification was added to slow them down. I would rather we have a discussion about how to make this process better while still deterring such persons from ruining everyone's day. You make valid points but I'm not seeing anything that would stop someone from reserving 10k accounts and trolling server mods because they're unblockable. Ofc we're open to suggestions, but I feel like the real reason for the measure was not being communicated correctly. Also please keep in mind we have to rely on other community projects for some games' online support, we're not just talking about rpcn here.

[dio-gh]

Just cooldown alone isn't really the point of my issues.

If you're seeking us abolishing the practice of email verification, I don't really see that happening to be honest.

Then you haven't had a pleasure of deciphering Californian buses and obnoxious fire hydrants several times in a row and/or every few days on forced relogins due to

I did, which is also what I wrote.

but what exactly are defending here and from who ? Who are those people who are going to attack you and why ?

We had an asshat creating accounts left and right so that he could harass the few Demon's Souls players that utilize RPCN. Him and similar potential cases were the reason it was implemented.

Abuse for what reason ? Is there a point of having hundreds of accounts ?

See the previous paragraph.

Generating client-side certificates would impose more demanding load on supposed abusers, there isn't likely mass cert-generating blackhat "services" to exist in contrast to anti-captcha ones.

I do not have the required technical insight to the protocol you mentioned to determine the truth value to that, even though I'm well-aware that captcha-solving farms/services exist. I'm starting to suspect that we aren't really talking about the same issues though.

I mean that main reason for captchas is stopping spammers who are the primary threat after dumb DDoS service overload. Even "abuse of registration" is done to make spam accounts. But you're not making a messaging service here.

Which is why I had no idea what you're on about.

Which is exactly my point: demanding forced pointless interactivity only serves to annoy users and adds only illusion of security. You're not securing against most likely abuse scenario while creating obstacles for pacification of fears against an unlikely one.

I didn't say you'd be required to solve a captcha on every login; my idea was to only use it on registration. I did not clarify this originally, so here we go.

Are you saying that you're going to ignore any user of any email service that misses your emails or somehow else prevented from going through the process with extra steps ?

My personal opinion is around those lines, yes. It's ridiculous that a procedure as trivial as an email verification is not possible to be executed reliably in this day and age, but it's a sad geopolitical reality to some indeed. However, every service and then some relies on email verification on registration, so you can't honestly expect us to derive some other arcane method no one is familiar with, when you could just register an email account somewhere more reliable, use a VPN, or do whatever else.

Just noting that you can't be sure that any 2 peers can properly communicate in today's Internet and adding dependency to other peers, outside of your control, puts new potential limitations.

That's kind of the point though. Email services in specific usually have protections against account creation abuse, so by relying on them, we're outsourcing the issue to them. It's enough of a drag to keep creating fake email accounts at reputable providers to keep the bottom feeders away from abuse.

Say, you implement Google's captcha. Well, what about Iran, Syria and Crimea (I personally know people who want to buy residence there) ? Github has officially blacklisted users from there due to orders from US government. Not just by IP ranges but by "determining by other means", such as all their known personal data. Will Google send automatic captcha denial for such users, like it does with regional denial on Youtube ? It might, depending on future growth of paranoia.

I'm certain that users there will find their way around the geoblocking, as users from mainland china also often do. How do the other countless number of services that also rely on captchas function there? How did captchas became the focal point of this convo, when

• I just threw it in as a potential route for the future,
• it's not implemented,
• it's not actually relevant to the issue you opened the ticket for?

[nitroos-ai]

I just created an account but had to get the email from the junk/spam category. Is this still an issue?

[RipleyTom]

Things have been improved and there is now a resend token button that can be used once a day in case for some reason the initial email failed.

I'm unsure why some email providers sort our mails into spam but that is not a critical issue imo. Closing as the initial issue is fixed.