PDA

View Full Version : 1st$750,2nd$450,3rd$250 MCC championship



bobby1972
19-01-2004, 03:10 PM
real prize money for a real club championship http://home.vicnet.net.au/~chessmel/

arosar
19-01-2004, 03:17 PM
Grazie signore. Interesting pics of tables and chairs. Say, some pics links don't work. Also, any1 in those pics who post here?

AR

bobby1972
19-01-2004, 04:01 PM
yeah a few.hey we put that dollar sign up there and all the mickey mouse clubs go really quiet,why dont they tell every one about their prize money he he he.

Bill Gletsos
19-01-2004, 04:06 PM
Two questions whats the annual club membership fee for the MCC and what is the entry fee for the MCC club championship.

ursogr8
19-01-2004, 06:24 PM
yeah a few.hey we put that dollar sign up there and all the mickey mouse clubs go really quiet,why dont they tell every one about their prize money he he he.


hi Ascaro

Not like you my friend to lapse into the politicking. In fact I can recall you chastising other BBer's for politicking and not concentrating on the chess.

Can you advise us the Visitors fee to play in your championship; and I will give you a pawn start.

starter

WBA
19-01-2004, 07:34 PM
The MCC Championship is not open to non members, it is the only tournament throughout the year that is not. The members are always well rewarded with generous prizes.

For the record the Membership is $100 and $150 that equates to S2-3 per week, or 25-40 per day/ The MCC membership is in fact cheaper than some other clubs open once a week, as I know of one in particular which charges $3 per night, plus $20 yearly subscription (and it is a good club).

I do not think membership prizes are a problem at MCC.
Cannot quote the entry prizes, as I do nto have them available

arosar
19-01-2004, 07:37 PM
What is the demographic of you membership? Gimme employ stats, age, gender, all the usual stuff. Just curious.

AR

WBA
19-01-2004, 07:42 PM
Arosar there are two reasons I cannot do that
One is that the information you ask for is confidential, and it would be innappropriate to give these stats without express written consent. Secondly the information I would be able to provide would be outdateed anyway, and therefore incorrect

bobby1992
19-01-2004, 08:26 PM
yeah ok,a little politics slip in there.you know i just trying to tell every one we are a real chessclub not just a name that gets bashed on the bb all the time.by the way i plan to join and play at other clubs this year and i would not like any body nocking them either .i would like to take this oportunity to tell every one about my "specktacular" thread man he won in 19 moves with Rg7+ against a 2498!!.
ascaro.

ursogr8
19-01-2004, 09:31 PM
yeah ok,a little politics slip in there.you know i just trying to tell every one we are a real chessclub not just a name that gets bashed on the bb all the time.by the way i plan to join and play at other clubs this year and i would not like any body nocking them either .i would like to take this oportunity to tell every one about my "specktacular" thread man he won in 19 moves with Rg7+ against a 2498!!.
ascaro.

Because we love your accent and your cheerful disposition Ascaro we let you slip the politics in.

But if you don't let visitors in then why did you advertise the Championship. Just a teaser eh?

starter

Bill Gletsos
19-01-2004, 10:15 PM
Arosar there are two reasons I cannot do that
One is that the information you ask for is confidential, and it would be innappropriate to give these stats without express written consent. Secondly the information I would be able to provide would be outdateed anyway, and therefore incorrect
Give us a break. Written consent. What a load of crock. :rolleyes:
If someone asked a club member to describe the composition of his club membership whether it be chess, football, tennis or whatever it is reasonable to expect a response and not given some lame ass excuse.
It certainly wouldnt be forbidden by any club constitution unless the MCC's is based on the KKK's. :D

He did not ask for their name, rank and serial number.
Info such as x men, y women, z juniors isnt breaking any sort of confidentiality. It certainly isnt covered by privacy laws.
As for out of date you could always preface your comments by "back in xxxx the membership breakdown was as follows".

Your previous posts indicated you had some brains.
This last one seems to indicate they have taken a vacation. [-X

WBA
19-01-2004, 10:27 PM
BG I was more talking about the members employment than the age, sex etc.

I believe this is sensitive, and is information the club should not give out. Of course this is useful information that the club asks on membership forms, but not something they should share.

As for the brains part Bill........ not worth the response actually

If you are only interested in the Men/Women & Children breakdown, I will be happy to present this information,but again I will not discuss how many members are lawyers, couriers etc. If the current registrar wants to pass this through to the noard they can, but I will not be.

WBA
19-01-2004, 10:29 PM
Starter

that is good old ascaro trying to send some business MCC way, the more members the merrier. :D

skip to my lou
19-01-2004, 10:34 PM
Whats up Merv?

Bill Gletsos
19-01-2004, 10:34 PM
BG I was more talking about the members employment than the age, sex etc.

I believe this is sensitive, and is information the club should not give out. Of course this is useful information that the club asks on membership forms, but not something they should share.

As for the brains part Bill........ not worth the response actually

If you are only interested in the Men/Women & Children breakdown, I will be happy to present this information,but again I will not discuss how many members are lawyers, couriers etc. If the current registrar wants to pass this through to the noard they can, but I will not be.

AR did ask for a lot of info, but you provided absolutely NOTHING.
Given your previous posts I would have expected your response to have given whatever information you felt was ok to provide instead of just dismissing his post entirely.

Lets just say that it was disappointing and seemed to lack any real thought on your part.
Hence the brains on vacation comment seemed on the mark.

Bill Gletsos
19-01-2004, 10:37 PM
Whats up Merv?
Are you using your superadmin status to determine and reveal posters identities now Jeo?

skip to my lou
19-01-2004, 10:39 PM
Sorry, did I reveal something? I didn't know I was revealing anything. Ok, so what did I reveal anyway?

Bill Gletsos
19-01-2004, 10:43 PM
Sorry, did I reveal something? I didn't know I was revealing anything. Ok, so what did I reveal anyway?
What makes you think WBA's name is Merv.
No one has mentioned his name on the BB and I suspect you dont know WBA personally.

skip to my lou
19-01-2004, 10:46 PM
I never mentioned WBA. Anyway, I get lots of information, from lots of people. This sort of info is not stored anywhere in the DB, because your real name isn't required in registration.

Bill Gletsos
19-01-2004, 10:53 PM
I never mentioned WBA.
You posted

Whats up Merv?
immediately after WBA's post.
It certainly appears the question is directed to WBA.


Anyway, I get lots of information, from lots of people. This sort of info is not stored anywhere in the DB, because your real name isn't required in registration.
I am quite aware of that.
However there may be other means.
On phpbb boards can someone with superadmin status read other peoples private messages by any means?

skip to my lou
19-01-2004, 10:54 PM
No, everything is encrypted, except normal forum posts.

Good Night.

ursogr8
20-01-2004, 07:25 AM
No, everything is encrypted, except normal forum posts.

Good Night.

Karthik

We would like to know whether you got the information about WBA's first name from any electronic process that you can access with your special permissions, or whether you got it just through the passage of gossip.
If it is the latter, then that is OK, since I guess 'outing' of true identities on BBs is part of the 'game'.
If it is the former then I think we should have been made aware of this at some time after joining your service. I don't think it will be nice news if we find you can obtain special information and are prepared to 'out' it.

Looking forward to your reply.

starter

ursogr8
20-01-2004, 07:40 AM
Starter

that is good old ascaro trying to send some business MCC way, the more members the merrier. :D

WBA

We know and like Ascaro, and probably English is his second language.
Calling some/all other Clubs 'mickey mouse' clubs is a strange advertising tactic for an MCC event. But this one goes through to the wicket-keeper, bcause Ascaro has retracted quickly.
See if you can get your other poster to retract the 'clowns' reference, or at least give a list of who he had in mind.

starter

arosar
20-01-2004, 08:22 AM
OK...look, I'm sorry about that question. It's just that I was curious about how a chess club can ask for a $100 membership fee. That seemed very impressive to me. So my first thought was the demographic of MCC's membership.

WBA - no need to give me actual jobs, so how about salary/income ranges?

AR

Rincewind
20-01-2004, 08:35 AM
OK...look, I'm sorry about that question. It's just that I was curious about how a chess club can ask for a $100 membership fee. That seemed very impressive to me. So my first thought was the demographic of MCC's membership.

WBA - no need to give me actual jobs, so how about salary/income ranges?

$100 per annum is roughly $2 per week. There are some people who might have trouble coming up with that sort of money, but really the vast majority of people wouldn't notice it.

Rincewind
20-01-2004, 11:14 AM
No, everything is encrypted, except normal forum posts.

We would like to know whether you got the information about WBA's first name from any electronic process that you can access with your special permissions, or whether you got it just through the passage of gossip.
If it is the latter, then that is OK, since I guess 'outing' of true identities on BBs is part of the 'game'.
If it is the former then I think we should have been made aware of this at some time after joining your service. I don't think it will be nice news if we find you can obtain special information and are prepared to 'out' it.

Interesting line of inquiry.

I run another phpBB myself and assuming nothing special has been done to the inner workings, the following sums up the potential for an admin to investigate the real identity of a registered user.

Admins via the admin panel cannot access the PMs of posters. However people with access to the database at the SQL level can select the <prefix>_privmsgs_text table and all the text of the messages are stored in clear text columns.

There is probably no bullet proof way of securing text in private messages as the board needs to be able to decrypt it for the recipient to read it. This is not the same as passwords which only need to go through a one-way encryption process. (Password checks are performed by ENcrpting the password entered and comparing the two encrypted values).

Via the admin panels admins can review all the details on the profile screen including things like email address (which users have the option of keeping private) which may give a idea as to the real name of the account holder.

skip to my lou
20-01-2004, 11:33 AM
php MD5 is used for passwords.

Encrypt for VARCHAR and TEXT is built in MySQL4 extensions.

skip to my lou
20-01-2004, 11:39 AM
Nothing is "secure". Not even the passwords.

MD5 match up is only way to check pass, though anyone that knows what they are doing will also know that one way check is quite useless.

Its hard to secure something that is dynamic.

skip to my lou
20-01-2004, 11:41 AM
And I wouldn't put in the effort to decrypt it, its pointless, and basically I couldn't really be bothered.

And with most of the MySQL tables, I think its locked, rather than encrypt, I forgot how it works.

ursogr8
20-01-2004, 11:45 AM
Nothing is "secure". Not even the passwords.

MD5 match up is only way to check pass, though anyone that knows what they are doing will also know that one way check is quite useless.

Its hard to secure something that is dynamic.

hi Jeo

So, just confirming, you are answering yes to
"We would like to know whether you got the information about WBA's first name from any electronic process that you can access with your special permissions", and this is how you delved into WBA's possible first name. Yes?

starter

skip to my lou
20-01-2004, 11:55 AM
I said already, someone has told me.

Bill Gletsos
20-01-2004, 12:04 PM
I said already, someone has told me.
Actually to be totally accurate you didn't explicitly say that.

You may have meant that but what you actually said was


Anyway, I get lots of information, from lots of people.
This just implies you get information from people, not that you got the WBA information that way.

ursogr8
20-01-2004, 12:13 PM
I said already, someone has told me.

Jeo
The post I think you referring to is


I never mentioned WBA. Anyway, I get lots of information, from lots of people. This sort of info is not stored anywhere in the DB, because your real name isn't required in registration.

It doesn't exactly say you got the info. from some-one who told you.
And, although the info. is not required at registration, there are other electronic processes that potentially you had special permissions access. For example in the Private Mail messages from one poster to another.

But anyhow, I am assuming that as you now say that 'someone has told you', that it was verbal, and not as a result of special permissions. I am OK with that as I said before.

Thank you for your response.

starter

Rincewind
20-01-2004, 12:13 PM
Nothing is "secure". Not even the passwords.

MD5 match up is only way to check pass, though anyone that knows what they are doing will also know that one way check is quite useless.

The MD5 fingerprint can be replaced with another known fingerprint to get access to this board. However the value that was used to generate the user's fingerprint is secure. So if someone uses the same password on multiple BBs, you won't be able to use access to the fingerprint from one BB to get access to another. IE the MD5 encryption is one way and original passwords cannot be reverse engineered.

MD5 could not be used for private message text as you would not be able to decrypt it to display the message to the receipient.

skip to my lou
20-01-2004, 12:18 PM
MD5 is secure, the way it is used on a dynamic board, is not.

Rincewind
20-01-2004, 12:22 PM
And I wouldn't put in the effort to decrypt it, its pointless, and basically I couldn't really be bothered.

And with most of the MySQL tables, I think its locked, rather than encrypt, I forgot how it works.

The tables must be readable by the .php pages. If someone has access to the php source they would have access to a database userid and password that would give them access to all the data stored in the BB.

This would include email addresses, IP addresses, password MD5 fingerprints and private message text.

I'm not accusing anyone of anything. However, I firnly believe users should be aware of the security limitations and associated risks of any system they access.

ursogr8
20-01-2004, 12:23 PM
OK...look, I'm sorry about that question. It's just that I was curious about how a chess club can ask for a $100 membership fee. That seemed very impressive to me. So my first thought was the demographic of MCC's membership.

AR

arosar

The $100 membership fee is not an outlandish concept at all. You have already had a look at the renovated premises at the MCC. The paint job is sparkling. And it is open every day of the week. :D

If you think the proposed NSW Chess Centre will have a membership fee less than a $100 then you are in for a surprise. :shock:

We Mexicans don't want to tell you how to run your state chess, but if you start a thread called "How much should a chess membership cost, and what are the benefits", then I will help you. 8)

starter

Bill Gletsos
20-01-2004, 12:27 PM
And I wouldn't put in the effort to decrypt it, its pointless, and basically I couldn't really be bothered.

And with most of the MySQL tables, I think its locked, rather than encrypt, I forgot how it works.

The tables must be readable by the .php pages. If someone has access to the php source they would have access to a database userid and password that would give them access to all the data stored in the BB.

This would include email addresses, IP addresses, password MD5 fingerprints and private message text.

I'm not accusing anyone of anything. However, I firnly believe users should be aware of the security limitations and associated risks of any system they access.
Bottom line of this discussion is that if you want to discuss something of a confidential nature use email and not private message.

Rincewind
20-01-2004, 12:28 PM
MD5 is secure, the way it is used on a dynamic board, is not.

I repeat, the fingerprint can be gotten around but the original password is secure.

It is interesting to not that MD5 is not mathematically proven to be one-way. Rather it is conjectured that the computation effort required to generate the original password from a fingerprint prohibitive.

So it is not impossible to crack, and of course, weak passwords might leave themselves susceptible to cracking algorithms. But strong passwords should be reasonably secure.

Bill Gletsos
20-01-2004, 12:34 PM
MD5 is secure, the way it is used on a dynamic board, is not.

I repeat, the fingerprint can be gotten around but the original password is secure.

It is interesting to not that MD5 is not mathematically proven to be one-way. Rather it is conjectured that the computation effort required to generate the original password from a fingerprint prohibitive.

So it is not impossible to crack, and of course, weak passwords might leave themselves susceptible to cracking algorithms. But strong passwords should be reasonably secure.

A thought just occurred to me. :idea:

Were not all our id's and passwords migrated here from the old ACF Yabb board. :-''

How would this be possible unless the passwords on the Yabb board were not encrypted or they could be decrypted. :-$

It might therefore be wise to ensure your current password is not the same as on the old Yabb board. 8)

Garvinator
20-01-2004, 12:35 PM
guys, i would be more interested in whether or not Jeo asked WBA before giving out his real name (if it is his real name :shock: ).

No matter how Jeo got WBA real name to me is a little bit irrelavant.

WBA has gone to great pains in other threads to not give away his real name(for his own reasons) and so to 'out' him without WBA's permission is reprehensible.

where is that thread about the old bb again :P

Rincewind
20-01-2004, 12:35 PM
Bottom line of this discussion is that if you want to discuss something of a confidential nature use email and not private message.

:D

I would say much better to ring them on the phone. Not totally secure, but better than email. If you are using cordless phone, make sure it has encryption.

Or to re-use one of my favourite quotes...

You have no privacy. Get over it. - Scott McNealy

;)

Garvinator
20-01-2004, 12:37 PM
Or to re-use one of my favourite quotes...
You have no privacy. Get over it. - Scott McNealy
;)

sounds very similar to comments made my matt sweeney actually 8)

Rincewind
20-01-2004, 12:38 PM
A thought just occurred to me. :idea:

Were not all our id's and passwords migrated here from the old ACF Yabb board. :-''

How would this be possible unless the passwords on the Yabb board were not encrypted or they could be decrypted. :-$

It might therefore be wise to ensure your current password is not the same as on the old Yabb board. 8)

You're quite right. YaBB makes no effort to encrypt passwords so these were available when people migrated over. Changing passwords on a regular basis (every few months) is advisable.

Rincewind
20-01-2004, 12:40 PM
Or to re-use one of my favourite quotes...
You have no privacy. Get over it. - Scott McNealy
;)

sounds very similar to comments made my matt sweeney actually 8)

McNealy is the CEO of Sun Microsystems. So what he says about online security matters. :shock:

skip to my lou
20-01-2004, 12:42 PM
MD5 is secure, the way it is used on a dynamic board, is not.

I repeat, the fingerprint can be gotten around but the original password is secure.

It is interesting to not that MD5 is not mathematically proven to be one-way. Rather it is conjectured that the computation effort required to generate the original password from a fingerprint prohibitive.

So it is not impossible to crack, and of course, weak passwords might leave themselves susceptible to cracking algorithms. But strong passwords should be reasonably secure.

No matter how "secure" or whatever your password is, it can be accessed. There has to be a check point where the server has to match the passwords. Or more simply, the login form, can be manipulated. There are heaps of ways.

skip to my lou
20-01-2004, 12:45 PM
A thought just occurred to me. :idea:

Were not all our id's and passwords migrated here from the old ACF Yabb board. :-''

How would this be possible unless the passwords on the Yabb board were not encrypted or they could be decrypted. :-$

It might therefore be wise to ensure your current password is not the same as on the old Yabb board. 8)

You're quite right. YaBB makes no effort to encrypt passwords so these were available when people migrated over. Changing passwords on a regular basis (every few months) is advisable.

Though for some reason, passwords on the ACFBB YaBB was actually encrypted, but luckily there was a decrypt function, so no problem. :)

Bill Gletsos
20-01-2004, 12:52 PM
Bottom line of this discussion is that if you want to discuss something of a confidential nature use email and not private message.

:D

I would say much better to ring them on the phone. Not totally secure, but better than email. If you are using cordless phone, make sure it has encryption.

Or to re-use one of my favourite quotes...

You have no privacy. Get over it. - Scott McNealy

;)

Actually I was referring to this discussion about admins reading private messages by some means.
They cannot do that if you use email.

Rincewind
20-01-2004, 01:06 PM
Bottom line of this discussion is that if you want to discuss something of a confidential nature use email and not private message.

:D

I would say much better to ring them on the phone. Not totally secure, but better than email. If you are using cordless phone, make sure it has encryption.

Or to re-use one of my favourite quotes...

You have no privacy. Get over it. - Scott McNealy

;)

Actually I was referring to this discussion about admins reading private messages by some means.
They cannot do that if you use email.

Yes, if your email has content which you want to keep secure from the BB admin(s) then send it as an email from your client to the recipient email address should be reasonably secure.

Don't send it via the "email" link on the board as that would be sent from the BB configured SMTP server to which the BB admin may also have admin rights. (It could in fact be his own mail server not necessarly even in the same domain as the BB server). :D

arosar
20-01-2004, 01:16 PM
You chaps are sooo going to upset Ascaro!

AR

Rincewind
20-01-2004, 01:18 PM
MD5 is secure, the way it is used on a dynamic board, is not.

I repeat, the fingerprint can be gotten around but the original password is secure.

It is interesting to not that MD5 is not mathematically proven to be one-way. Rather it is conjectured that the computation effort required to generate the original password from a fingerprint prohibitive.

So it is not impossible to crack, and of course, weak passwords might leave themselves susceptible to cracking algorithms. But strong passwords should be reasonably secure.

No matter how "secure" or whatever your password is, it can be accessed. There has to be a check point where the server has to match the passwords. Or more simply, the login form, can be manipulated. There are heaps of ways.

Yes, that's true hacking the login page is another way to achieve that end. But it is messy and requires write access to the php source.

It also requires people to log in, if they have a cookie already saved on their desktop, then it might take some time before you get their password.

For that matter the DNS entry could get hacked and we could all be redirected to a totally bogus site. :)

ursogr8
20-01-2004, 02:38 PM
You chaps are sooo going to upset Ascaro!

AR

Depends on his objective.
Just look at how many times his prize-list has been viewed. They may even have attracted a new member or two to the MCC.
Maybe he is as happy as Larry.
At least we have not taken the mickey (mouse) out of him.

WBA
21-01-2004, 12:35 AM
Information for AR. - and a plug for MCC

I would suggest the MCC has just over 100 adult members, and approx 20 juniors attending chess training on the weekends. Of the hundred adults I am unawre of any females currently on the list, but would need to verify that. I would suggest about 20-25% of the adults are retired or of retirement age.

MCC tournaments are usually quite strong with the bottom players around the 1400 mark, the top players, GM or IM strength, and the median around 1700+ (at least this was the case when I was last taking notice of the tournaments). The tournaments have been known to be stronger than most weekenders on occasion, especially the Club Championship. (I belive Baron was the 9th or 10th seed, at over 2000 in either the 97 or 98 Club Championship).

I guess the club does have a little bit of a blitz culture in that most non-tournament days/nights people can roll into the MCC and find themselves a tough 1-5 minute adversary. I hear in the grapevine that the famous MCC Allegro may well be making (what I consider), a long overdue return at some stage this year.

Apart from Salaries etc is this enough info Arosar?

To put the Jeo question to rest, he is wrong anyway, and to my knowledge I have certainly never met him, I am not sure where or how he is getting his info.

skip to my lou
21-01-2004, 01:02 AM
I never asked a question, so how can you put my question to rest.

WBA
21-01-2004, 01:06 AM
I was referring to the whole "Merv" comment Jeo, not to question you asked

skip to my lou
21-01-2004, 01:27 AM
"To put Jeo's question" was your original post. Why didn't you just say "To put the whole 'Merv' comment at rest".

And why edit your post and reply with this, I should quote from now on. #-o

WBA
21-01-2004, 06:50 AM
Jeo you are actually wrong, you are an admin, surely you can check back??

Original post read like


To put the Jeo question to rest, he is wrong anyway, and to my knowledge I have certainly necer met him, I am not sure where or how he is getting his info.

I changed to


To put the Jeo question to rest, he is wrong anyway, and to my knowledge I have certainly never met him, I am not sure where or how he is getting his info.

I noticed the mistake when reading back over it, can you notice what I have edited? If you are going to have a go at me Jeo, wait until what you know 100% for sure you know what you are saying is accurate.

For 1 I would not change the "content" of what I am saying. I mean what I am saying. Secondly I edit mpst of my posts on most boards, because I am a pathetic typer, check back over my posts and see.

Thirdly this reply has waisted enough of my time,

skip to my lou
21-01-2004, 01:16 PM
I had the screen open for a long time and I do remember "Jeo's". Anyway this is wasting my time aswell and its not worth it.

bobby1972
28-01-2004, 10:36 AM
starts monday
new vey good carpet to back room put in today,also new wooden floor gets put in this friday for analysis/coffee room . venue looking very good,club champs should be very good tourny this year .hope we get close to half the entries that box hill gets and it will be great.