Overcast - Manage your server on your phone!

NOTE: This is not ready for download.
NOTE: I will create a GitHub page ASAP.
We always knew there was a better way to manage your server. That’s why.

Overcast is an iPhone / Android app that helps you manage your Sponge server directly from your phone. The console log is directly sent using the plugin through our servers which are then transferred to your phone. You can use this app to execute commands and change player permissions directly while on the go. Ban a griefer, get data on the server usage, watch what the chat is saying, etc… All of your favorite commands are available through this app. The interface is very user-friendly and easy to use. You are able to delete, add and manage your plugins.

The way connection works is to download the app, create an account then you get a unique code and IG you have to type /oc secretkeyconnect {key}. Then you’re good to go.

We finished creating a FAQ please click the link at the bottom of the thread to view it.


We still need people who can DESIGN apps. PM me.


Special thanks to @anon1517495 for helping with this thread.


FAQ - Website - Forum - GitHub - Application - Contact

Any suggestions, idea’s, questions? /

5 Likes

Looks good.
I am just wondered how the connection goes. Like I see it now it something like this
client <–> your server <–> server. I don’t think many server owners will like that.

1 Like

Its like this:

Plugin sends data to our servers <-> Our server <-> Your phone.
The plugin can’t send data directly to your phone. Our apologies.

Why not encrypt everything with end-to-end encryption? This would mean no MITM and no access for hackers of your server…

There is a back-up feature which means data from your server gets saved to our servers and you can recall the backup via our website (Not ready yet.) That’s why. Also if you buy a host they also can get hacked. But they won’t.

Why yml? Don’t think sponge config will be yml

1 Like

Fixed.
<sssssssssssssssssssssssssssssssssssssss

Looks nice. If you once need help with anything, hit me up.
I’m not good at working on bigger projects for a longer period of time, but if you need help with a bit of code, I’ll be willing to do my best.

1 Like

An intermediary server is required when dealing with devices that don’t have a fixed address and prevents port forwarding to be needed on the minecraft server side. However the fact that data goes through a third party, more importantly a closed source third party is worrying.

We don’t know how the data is secured, stored, or used. Not saying it’s malicious but these are questions that need answering.

2 Likes

I like the idea thought, I only have problems with this:

  • Data storage needs a privacy policy.
  • Any flaw in the system could allows hackers to get the system, … . Also with having everything on a central place, hackers have a huge amount of data they can exploit. While thats not the case if the server is running a service. (Funny enough hackers like minecraft …)
  • The maintainers of overcast (included @xxmarijnw) have basicly console of your server if you use it. I don’t know if thats bad. I guess not, but just the thought xD.
  • The need of logging in you with your LEGITIMATE Minecraft account. I guess having the server in online mode is a better requirement.
2 Likes

Not sure what you’re trying to say here. Those are all risks that maintainers of said service need to address. Because not being open source actually hurts you here. If you want to inspire trust you need to give people a reason to trust you.

A legitimate question, pls don’t take as offence but: what’s wrong with SSH and SSH for android app, or the win-phone/apple equivalents? SSH is well tested, opensource and the community is always checking its security, and it has apps for every platform (not just the major ones like android, win-phone, apple, BlackBerry). As for the remote backups and logs, I just use an offsite FTP server for this on my server (Server PC at my school, FTP server with logs/backups back home) and I manage both with OpenSSH server and client and SSH for android client. Just my ¢2CDN along with a question and opportunity for you to tell me why Overcast is better than my method.

Probably not gonna use it because I thought of that like let’s say a popular server sent the data through overcast…
And overcast got hacked or something and they screwed over all the servers that run it.
Can be very dangerous if you think about it.

Exactly what I was going to say. So, I agree with your points.

Update:
Due to all the feedback I decided to push out an update in the thread. I will make a GitHub page ASAP. And for all the people who say it’s insecure? If you host your server using a hosing company they also have all your data. It’s alot more stable this way.

@tebbenjo ever heard of ‘beginers’? They don’t know how to do that.

1 Like

Most server owners should actually know how to use SSH, at least if they use a linux server that’s not set up by the hosting company.

I don’t see the benefit of this, you would have to put your legit mc login details in the plugin config. If your hosted server were compromised they now also have your login for minecraft.

What would be better would be a hash key like the one used by buycraft

1 Like

If you host it at a hosting company with a VPS, they don’t even know your root/user password so all they could theoretically do is adding plugins or sth. to the file system, and if they do, well then they are more f****d than your server, from a legal and economical perspective…
If you manage it via a third party service, it has full access to my server console and can OP anyone. It’s free and could make money from giving OP to griefers, that’s the economical perspective. You can hide your server and personal details with little effort in the internet, so that’s the legal perspective.

Also hackers would rather hack you (OP & console on thousands of servers) than my VPS (OP & console on one server)…
And if they hack you (or if you are evil), with the data we have to provide they/you got full access not only to the server console and all the plugins but also to my minecraft identity, my inventory and the trust other players have in the server admin.
Also, SSH is encrypted, your service probably is not. If you got no HTTPS for example, everyone in the same open WiFi hotspot can take over my server if I use your service.

TL;DR: At the moment it seems totally insecure and dangerous, I will not use it and wait for SpaceCP instead. I trust @Antariano that he will add a great mobile page and hopefully an API for notifications to it so I don’t even need an app to manage my server… :wink:

3 Likes

I’m not using overcast probably because I have many reasons why I shouldn’t.

I agree on you that it is currently is very unsecure. Altough I fixed some of the issues I think I am going to use something similar to what Buycraft uses. But also please note that this plugin isn’t near to finish and we will be doing our best to give you the nicest experience you can. I will promise when we release this it’s secure. Thank you for your feedback.