Discussion of general topics related to the new version and its place in the world. Don't discuss new features, report bugs, ask for support, et cetera. Don't use this to spam for other boards or attack those boards!
Forum rules
Discussion of general topics related to the new release and its place in the world. Don't discuss new features, report bugs, ask for support, et cetera. Don't use this to spam for other boards or attack those boards!
Acyd Burn wrote:At the moment everything is going quite smooth. Depending on the time we are able to work on it (we all have day jobs too ) i predict(!) 1-3 days. It will definitely not be an additional week.
That's good. I was going to suggest losing those two weeks of posts if the sanitizing would take more than two weeks, but it sounds like you'll be up before two weeks pass.
Maybe the phpbb.com home page and the post giving more details about the hack should say something like "Please do not post asking for an estimated up time. We're working as fast as possible and asking just wastes time we could spend bringing the site back up."
Brandon07 wrote:Yeah sure, you can install the software, but the much-needed mods are down with your site. Wouldn’t be so bad if Phpbb3 wasn’t so bare bones. You pretty much need mods to make it worthwhile.
I understand your frustration with the limited access, but I wouldn't say that phpBB 3 is "bare bones" (especially compared to phpBB 2, and even that had some nice features). Implying that phpBB isn't "worthwhile" as-is is really kind of insulting to the many people who develop it. I run my board almost stock (except for modifying the registration agreement, putting my own logo in, moving the phpBB logo to the bottom and using American English) and have no problems with it.
I realize that you probably didn't mean it that way, but you really should choose your words more carefully then.
Steve
Last edited by ToonArmy on Mon Feb 09, 2009 3:35 am, edited 1 time in total.
Reason:Removed spam
Lumpy Burgertushie wrote:I think some of you are getting confused here.
This "hack" has only affected phpbb.com as far as anyone knows.
It can only affect phpbb3 boards that are on the same server with a version of phplist that is not up to date.
I think z2z knew that, but was suggesting the phpBB be very obvious when a new release comes out. I just converted from phpBB 2.0.23 to php 3.0.4, and therefore haven't seen an update notice yet, so maybe it is obvious.
In case it's similar to how phpBB 2 warned the user, it should possibly be stronger (maybe a JavaScript pop-up or changing the background color of the ACP to red and having a text message on every page to let the admin know an update is available).
rockeiro wrote:As for the incident of the hacking itself, there is no excuse for the irresponsible release of the user database. Trophy hacking is one thing but anarchy and helping the bad buys under the guise of "fun" is just total crap.
I hope that you're not actually condoning trophy hacking. Defacing somebody's Web site is the Internet equivalent of tagging, and is a crime (in the U.S., at least).
Yes, this is worse, but any unauthorized computer access should be dealt with harshly. I hope this hacker gets caught and gets jail time (preferably becoming somebody's prison wife ).
CarolC1 wrote:I in no way even remotely fault anyone on phpbb for not patching something when a patch was not even released till many days later. However, I do wonder if the knowledge of the security hole in phpList was circulating underground for a while before it was posted on milworm, and if it might have been exploited earlier than the hacker claims. If you have ways of checking old backups, etc, you may have found some indication of entry before Jan 14. Perhaps you can clarify this. Is Jan 14 the earliest date you have evidence or suspicion of access by the hacker? If not, what is the earliest date? Thanks.
You have asked for this information but you have never said why you need it. I'm curious as to why you want to know since I don't see how that it is important for you to know.
I was kind of wondering why she seemed so insistent on knowing, too. It would be nice if the detailed explanation included a history of this, but more for our curiosity than anything else.
Anon wrote:Please guys, use the edit function. It's already a long thread, please try to not inflate it by posting in succession.
I'm confused. How would the Edit function help? Assuming your post is directed at me, I responded to different people in different posts to avoid replies to one thing needing editing. (I've found that many people tend to quote an entire post instead of editing out the extraneous items and only quoting what's necessary, so I intentionally don't respond to unrelated posts in one post.)
Feel free to PM me to avoid topic drift if you want.