“<!--
FROM: D.R. TO: Aston Wise BCC: Lara Godfrey DATE: 8.7.2019 SUBJECT: Website Launch and Reaction
Aston, Lara,
When we launched, i was curious as to why the site kept unlocking immediately even though the newsletter hadn't gone out and I stumbled on to a Discord server dedicated to the band, and damn, STARSET fans are no joke. Maybe you guys already know this, but I must say I am super impressed. I spent some time last night reading just to learn what was happening, and even just lurking, not having said anything, they pegged me as potentially a dev working on the site, and know i'm watching, haha. I have no idea how, but either way i'm not responding unless ordered to.
Anyway, here's a couple notes and ideas going forward:
STARSET FANS ARE VERY ACTIVE They'd been trying to crack the code to the site since the initial launch, and were already active by the time ###REDACTED—REFER TO DATABASE 8.7.D.R.1### triggered standby mode. Overall this is great, and they even managed to find some api endpoints we're using, though not all of them. Unsure if this is them being super clever, or my being sloppy, haha. Either way, it;s cool.
THEY ARE RESOURCEFUL Most of the site is bundled in a Javascript file, and some clever fan created a bot to monitor code changes as a way of displaying the code (kind of like View Source). Because of the nature of how it's bundled, they can't see everything, but this is how they were able to get the password so quickly, as the unlock code was among other menu commands that are accessible in the JS source code. They've also set up a discord channel purely to monitor notifications from the bot.
On launch, they immediately went to work trying to parse everything. EVERYTHING. Every piece of text, every image, every console command, every everything. Regarding the commands, we'll definitely have to be more careful as we ###REDACTED—REFER TO DATABASE 8.7.D.R.2### later.
THEY ARE CREATIVE, OUTSIDE-THE-BOX THINKERS Once the site was unlocked, they immediately went to work trying to parse everything. EVERYTHING. Every piece of text, every image, every console command, every everything. For example, ###REDACTED—REFER TO DATABASE 8.7.D.R.3###, but they made multiple and varied attempts to decode it.
Likewise, they tried parsing the serial number and model number ###REDACTED—REFER TO DATABASE 8.7.D.R.4###.
They noticed a pattern with the Demonstrations, which was purely accidental (since that data from a 3rd party API) that I never would have noticed. That said, it does give me some potential ideas around ###REDACTED—REFER TO DATABASE 8.7.D.R.5### that we'll chat about later.
I'm a bit in awe really, and I think we've got our work cut out for us.
GOING FORWARD
-###REDACTED—REFER TO DATABASE 8.7.D.R.6###
CLOSING -###REDACTED—REFER TO DATABASE 8.7.D.R.7###
Thanks, D.R. Senior IT Specialist, TSS
TSSoS._messaging.protocol 1.0.0 CLOSE —>”