Hello From No Text To Speech!

[FireDevilX]

@andro2157 You've been caught! https://www.youtube.com/watch?v=y8crpVOLcpY

[pierrelasse]

Dumb vid tbh.

Arguments:

• Not protecting yourself against yourself
• Gives you false sense of security
• Makes you think you are unhackable
• README can lie and the program can be a virus (not that it's opensource and he can ask someone to check the code)
• Dev can update it to a virus
• Grabbers can disable the protector
• Runs on pc but not automatically running on phone so it's very bad and you should not use
• Not automatically installing a extension on all of your browsers that blocks malicious websites
• Is not a perfect antivirus
• Not protecting your bank account
• NOT PROTECTING YOUR EMAIL

At the end, no program can protect you from yourself and you should always know what you download and execute.

[NetscapeDreams]

I completely agree. The arguments made were absolutely ridiculous.

[andro2157]

My reply to NTTS : https://www.youtube.com/watch?v=y8crpVOLcpY&lc=Ugzgwz81u-gtkab34zJ4AaABAg

Hi! DiscordTokenProtector (later refered as "DTP") dev here,

TLDR : DTP protects the TOKEN not the account, nor all your pc. And the bypass has been patched a long time ago.

I just wanted to clarify some points. First of all, the main point of DTP is to protect your Discord token. Not your banking details or other sensitive information on your computer. Therefore, with no surprise, it will indeed only protect you from Discord grabbers. Something that does somewhat well from what you've shown.

This software is opensource, so anyone can check the code, and compile their own versions of it. That's literally why I opensourced this project. And even if I were to push something malicious, it would be obvious in the diffs of the release. And there's no auto update, so it's won't infect every computer that downloaded DTP.

About the "bypass", it has been patched for over a year now. I have seen many grabbers (even recent ones) that use this "bypass". Firstly, the bypass only works if you give admin permissions (with UAC) to the grabber - and if you do so, you've got much more stuff to worry about than just your Discord token as you stated. And second of all, even if you give admin perms, all it does is to remove DTP, and the grabber is NOT able to decrypt the token that is securely stored.

The goal for the end user is that they can be protected from one vector of attack that is commonly used by grabbers. Yes, there are other ways (QR code phishing, RATs with full control of the PC, ...), but DTP's point is not to protect your Discord account, only your Discord TOKEN that is stored on your computer.

[NoPlagiarism]

Maybe close this issue to give more priority to #74? (It's just has normal issue name, description and link)

Also, maybe temporarily pin #74, so if ppl wanna talk about NTTS, they talk in one place instead of creating new issues

[32bitx64bit]

Dumb vid tbh.

Arguments:

* Not protecting yourself against yourself

* Gives you false sense of security

* Makes you think you are unhackable

* README can lie and the program can be a virus (not that it's opensource and he can ask someone to check the code)

* Dev can update it to a virus

* Grabbers can disable the protector

* Runs on pc but not automaticly running on phone so it's very bad and you should not use

* Not automaticly installing a extension on all of your browsers that blocks malicious websites

* Is not a perfect antivirus

* Not protecting your bank account

* NOT PROTECTING YOUR EMAIL

At the end, no program can protect you from yourself and you should always know what you download and execute.

I completely agree, NTTS usually doesn't do the best job of reviewing crap, which is why I don't bother watching him anymore. Especially after this video. The points he brought up where so stupid.

[Serpensin]

But he is right, that the protector can be bypassed very easily.

[NoPlagiarism]

@Serpensin pls, read andro's message again. If you have UAC fully-fully disabled or if you stupidly give any program admin rights. Maybe you shouldn't care about your Discord client, cuz no one wanna update virus to bypass low-popular tool. But you should be aware of all other data on PC

[Serpensin]

I've read that.

[NoPlagiarism]

Then read goodpractice.md. https://github.com/andro2157/DiscordTokenProtector/blob/master/goodpractice.md

And if you don't need it, then you don't need it. It's easy as that

[pierrelasse]

Just not get token logged in the first place...

[Serpensin]

You think that of me? No. I am the one, who grabs.

pierrelasse @.***> schrieb am Mi., 15. Mai 2024, 06:22:

Just not get token logged in the first place...

— Reply to this email directly, view it on GitHub https://github.com/andro2157/DiscordTokenProtector/issues/73#issuecomment-2111553776, or unsubscribe https://github.com/notifications/unsubscribe-auth/APD5CCX2SEVPOZK4HYLNKVLZCLPITAVCNFSM6AAAAAA74JJFT6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCMJRGU2TGNZXGY . You are receiving this because you were mentioned.Message ID: @.***>

[pierrelasse]