doesn’t work well with eve-o preview
That’s a false statement. It actually works quite well.
yeah? which pseudo-‘full screen’ 3rd party are you referring to then?
Please decipher your reply. What did you mean by “3rd party” or “pseudo ‘full screen’”?
I always run my EVE client in borderless windows, and EVE-o preview works quite nice with it.
There are 2 kinds of people:
- Ones who care to describe their issues
- Others who write cryptic messages that are essentially ignored by everyone
Which one is you?
I see no OpenPGP signature for your releases. Can you please OpenPGP sign your release files (both binary and source archives). Github has been compromised and repositories modified in the past a number of times.
Are you confusing OpenPGP with code signing? They are different. You can verify code signing with stock system tools. But you need to install and configure PGP/GPG to verify PGP signature.
OpenPGP is a fact of life on Linux/BSD.
I don’t need to install it.
If the archives are not signed they’re open to supply chain attack. I won’t be touching it unsigned. Just because it is on Github doesn’t make it safe, it has been compromised before multiple times.
It’s to ensure the archive that are released are in fact untampered. Even the source tarball, I expect those to be signed too.
I check signatures on all things I download, if I get no signature I would tend to open tickets for lack of signatures.
You don’t need to install it. Other people do. Even I don’t have GPG installed these days, it proved cumbersome and less than useful with all the v1 vs. v2 wars going on.
You also don’t have to check the signature so they don’t have to install it if they don’t want to, those that want to, do have it or can install it. It’s pretty much standard on Linux and BSD distros.
Checking signatures is optional, you don’t have to do anything if you don’t want to, but without a signature for me to check, keep it. Not interested without signed archives.
If somebody doesn’t want to stand by their own releases with a digital signature, then they don’t believe in their release. Same with unsigned emails. They don’t believe in their own integrity.
Why not? Code signing is common in Windows land. And all modern compilers provide ability to do so out of the box.
I am not on Windows land.
Why should I accept the code archive if they’re not prepared to sign the tarball with their own identity? They don’t believe in their own integrity of the release then if they’re not prepared to sign it as proof they released it.
Naturally after I check the code I can sign it too. As proof I verified it.
It’s pure lazyness to release unsigned archives or shame perhaps. Unwilling to sign it with thier own identity.
Do you understand that I could equally respond with “why I should”? And your stubborn response won’t be any better than mine? At the end of the day it’s not your or mine choice to make. All we can do is to politely suggest changes to the way the program is distributed.
Fine, releasing unsigned archives is a sign of lack of belief in the release. Not willing to stand by it with a proof.
It’s called securing the supply chain, not stubbornness. Verification.
Placing trust in Github is foolish given historical attacks and continual attempts.
Considering the following discussion tone, let me (as the thread owner) finalize it:
**I. Don’t. Care. Will. You. Touch. It. Or. Not. **
This is your choice.
99,9% of EVE-O Preview are on Windows and won’t care about this anyway. So I won’t bother re this either. At least for now.
One can always download source code and build the tool on his own.
2 Likes
Hi
Ive recently switched over to linux and wanted to know if eve-o is working with current client? Cheers
Guys, please don’t send me such sh*t. I will gladly resend it to @CCP_Peligro (sorry for tagging you) and will hope that CCP Security will do bad things to you
edit: Removed name and email address of this guy on a public screenshot
PS Even if that was not intended result, I am happy that EVE-O Preview doesn’t work with that sripting boy.
2 Likes
Quite… 
Should choose tools more carefully, that one…