IMPORTANT: Community security breach

Started by LiroyvH, July 23, 2013, 12:45:08 PM

Previous topic - Next topic

kat

Quote from: Groovystar on July 23, 2013, 04:43:07 PM
Sure he can, he's a hosting god.

Don't tell him that! He'll go all godlike, on us, again... ;)


wynnyelle

Reason I brought it up on here is I'm convinced that the network is under attack due to what happened.

kat

I doubt the two are related, to be honest.

I COULD be wrong. But, I seriously doubt it. :)

Just bad timing, I suspect.

Xarkurai

Useful paid mod: Badge Awards - Award members for actions

Zirkon

Quote from: K@ on July 23, 2013, 04:46:10 PM
Quote from: Groovystar on July 23, 2013, 04:43:07 PM
Sure he can, he's a hosting god.

Don't tell him that! He'll go all godlike, on us, again... ;)



Well I guess I gotta start goin to church!!!!. Both my temples are running now, just gotta get the minions back online to post again.

Thanks   ;)

Kindred

unless you used the same username and password on your site that you use here, there is unlikely to be anything related.

if you did use the same information on both sites *shakes finger while tsking*

However, the incident is unlikely to be related.
After all, his goal here (and on other other site like ubuntu) was not to take the sites down - it was to gather the user information without anyone knowing that he did it
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

kat

Quote from: Zirkon on July 23, 2013, 04:52:49 PMWell I guess I gotta start goin to church!!!!. Both my temples are running now, just gotta get the minions back online to post again.

Thanks   ;)


青山 素子

Quote from: Groovystar on July 23, 2013, 04:46:56 PM
Reason I brought it up on here is I'm convinced that the network is under attack due to what happened.

No, probably not. Both the website (with SMF forum) I run on CoreISP's shared hosting and my dedicated server are both working fine. Depending on what you are seeing, it is possible that it is a network issue between you and the destination or something else. Also, warriorcatsrpg)dot(com loads for me as well.
Motoko-chan
Director, Simple Machines

Note: Unless otherwise stated, my posts are not representative of any official position or opinion of Simple Machines.


Ingtar

I had forgotten about my membership here and had reused this password.  Thank you for the notice.  I'm currently insuring nothing that matters uses the same password.

wynnyelle

My site is back up, but someone has been tooling with it. all of the anti-spam verifications were gone.

exxocet

Shame on you, SMF team! Maybe is not a software issue, but still IT'S YOUR FAULT.

YOU have picked that guy to play admin on SMF forums, not me. YOU should have choose more wisely and select a person capable of understanding basics as not sharing the same password on multiple sites, especially when they serve on official communities.

What a hell, I know admins loves to behave like gods, now why he didn't came over and face the SMF community? Why he is hiding now? The big admin is a chicken now?

wynnyelle

That's kind of harsh.

I've been a victim of sabotage by rogue team members myself on my own site in the past. Sometimes you just can't anticipate these things in advance. It's already over, now we just have to do our best on damage control and use better judgement from here on.

Kindred

exxocet,

please. don't be obnoxious.
Don't tell me that *YOU* have NEVER reused a password? (If you say so, then I say you are a liar)

Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Colin

Exxocet,

That is not appropriate nor warranted. Publicly posting the administrators name will do no good. It won't resolve the situation or lead to a productive discussion. Everyone makes mistakes and now everything humanly possible is now being done to mitigate the damage. Corrective measures are being put in place to prevent this from happening again.
"If everybody is thinking alike, then somebody is not thinking." - Gen. George S. Patton Jr.

Colin

NanoSector

exxocet,  please calm down.  Accidents happen all the time, also to you. Some just bring more trouble than others.
My Mods / Mod Builder - A tool to easily create mods / Blog
"I've heard from a reliable source that the Answer is 42. But, still no word on what the question is."

exxocet

Sorry Groovystar, I don't mean to be rude or offensive, but the SMF team should understand this is a serious thing. It's not a virtual world admin/mod playing roles, this is the real ****** because it can go mad IN REAL LAWS.
Simple Machines should get prepared because they are exposed right now. And not on a server and a database, they are exposed to juridical issues.

LiroyvH

Quote from: exxocet on July 23, 2013, 05:16:34 PM
Sorry Groovystar, I don't mean to be rude or offensive, but the SMF team should understand this is a serious thing. It's not a virtual world admin/mod playing roles, this is the real ****** because it can go mad IN REAL LAWS.
Simple Machines should get prepared because they are exposed right now. And not on a server and a database, they are exposed to juridical issues.

Why do you think we released a news announcement within a very short timeframe to make everyone aware? :)
We know very well how serious it is and what complications there can potentially be.
((U + C + I)x(10 − S)) / 20xAx1 / (1 − sin(F / 10))
President/CEO of Simple Machines - Server Manager
Please do not PM for support - anything else is usually OK.

Colin

Exxocet,

Do you mean the unauthorized 3rd party that socially engineered a password to gain access to our systems is in legal trouble? You surely don't mean we are in legal trouble.
"If everybody is thinking alike, then somebody is not thinking." - Gen. George S. Patton Jr.

Colin

exxocet

  I did reused passwords, it's true, but never on official or important sites. This is business, is not like goofing around on your tuna fishing site, SMF have a company behind and things could go wrong for them right now. 

  By the way, why the hell is necessarily as ALL admins have access to the database? They play mysql with our accounts every day? Databases should be exposed only to one, maximul two server admins.

exxocet

Colin,
I'm just saying I'm a lawyer and I'd love to be a prosecutor on a case like this...

Advertisement: