because jordan in the scheme of things, whether some kid who was prob. bored and decided to exploit an online forum doesn't matter to me, doesn't matter that he got me banned from an online forum....
Printable View
because jordan in the scheme of things, whether some kid who was prob. bored and decided to exploit an online forum doesn't matter to me, doesn't matter that he got me banned from an online forum....
I think a mod should close this thread, it's getting out of hand.
Deal with it? Thats like a boss saying lisen I know our place of work is unsafe but deal with it.
Its the freaking staff job here to keep us safe from stuff like that. Do you know how many link people click on forums on a daily basis. Has nothing to with looking wrong, it has to do with peole come here and feel that it should be safe to click and link from am members here.
That has nothing to with smarts or brains as it was put. Thats has to with people after being here for awhile feel like this is a community with friends and people you trust.
The Staff here unbanning this person is taking all that away from these forums.
Keep it open, I want Jake word on this
I personally think they are but I wouldn't do it radar it on a hacker channel so others can do it to open their eyes so there is nothing against you but then again if you do it you will be "protected" and considered a "God"Zitat:
Zitat von EvilSeph
no oryien, I was stating that your not a system admin, your previous posts and your use of childish "aim speak" prove that.
So you'd put security below the annoyance of rebuilding skins and mods?Zitat:
Zitat von Tommi
You aren't a very good Administrator.
and Oriyen is actually a Network Security Administrator as well as a Developer. You should show more respect to him please.
Edit:
What would the reason for closing this thread be? Everything is well within the ToS of these forums.
Except that as a forum VIP, you've been given rights and responsibilities, one of which is to help MANAGE the forum that you claim doesn't matter to you.Zitat:
Zitat von mannymix03
Fixed.Zitat:
Zitat von AndyR
This will remain open as long as personal attacks and obscure metaphors comparing this to anything but what it is are left out of the conversation.
Hows it getting out of hand we are discussing the situation and not breaking any of the rules. You are by saying GM close this thread garbage. Either fight with **** to back up ur point or get out.Zitat:
Zitat von AndyR
@mannymix03Zitat:
Zitat von FreePlay
Yea without us users you wouldn't have a forum to VIP or moderate in in the first place... Thats like telling customers in a restaurant that complain the foods bad that you don't care eat it get food poisoning and deal with it.
Thanks for the support abe_foremanZitat:
Zitat von Abe_Froeman
to whomever said update the forums, how does that help when the exploit was a user clicking a link to an external site
Because like I said, XSS exploits are the least of your worries. There are far more dangerous security holes present.Zitat:
Zitat von mannymix03
I assume you're talking about the terrorism metaphor? Well, I don't see it as a metaphor. Hacking into a forum, hijacking several accounts, and banning users without authorization is terrorism, in my book. It's meant to cause anger, fear, and confusion, and it certainly has.Zitat:
Zitat von Abe_Froeman
That's not the ONLY way he could exploit QJ. I hope you realize that.Zitat:
Zitat von mannymix03
Want my Business card and telephone to my CEO of the company to prove it. Besides Im 23 years old and I don't need to talk all professional on a forum.Zitat:
Zitat von mannymix03
oryien, owning a resturant is a business
I don't get paid at all here... bad example
and bad saying on my part, I do care about these forums, but not to the extent that I'm angry for unbanning one person, having them unbanned doesn't create any greater security risk
Wow i think someone needs to understand business 101 or Jake needs to see who is allowed to be a forum VIP.
By not banning him every time he tries to come back, the admins have essentially said that people can hack the forums as much as they want and get away with it if they tell the staff about it.Zitat:
Zitat von mannymix03
Forum rules need to be applied equally and consistently across the board, or they're totally meaningless.
And I also thought QJ was very strict with all their policy and rules,
FreePlay-By not banning him every time he tries to come back, the admins have essentially said that people can hack the forums as much as they want and get away with it if they tell the staff about it.
Exact....
@manny : In theory, the update could patch the exploit. The exploit, if you read in the other thread, is a javascript which essentially 'uploaded' your cookie from the QJ forums, containing your session ID. I don't know if the update patches this (I don't see how it would), but in theory, I believe that's what they were going for.
@everyone else:
There's no need to put your frustrations upon the other members of the forum. The topic at hand isn't something to 'take sides' on. Nobody is on TMM's side, so please don't pretend anyone is. It's only a matter of punishment severity and future instances of exloitation...
Perhaps he should have been banned longer, some/many people would say perm-ban. And don't compare the short ban to that of your own bans (I've been banned for longer myself, for less stringent reasons), it isn't a comparison issue.
He was unbanned. If he acts up again, he'll be most certainly perm-banned. But I seriously doubt that will happen. I'm sure the staff agrees as well, as they agreed to this unbanning. There's no need for an uprising as he isn't doing anything wrong at the moment.
There have been some great points made in the thread so far, and it would be nice if the flaming would stop. The thing that needs to come across is the fact that we need to PREVENT this from happening again and move on. The damages were minor, admins seem like they have a handle on things though, and it'll turn out alright. It's mostly just a large annoyance.
its not my decision for that, and in the chain of command I'm pretty small
I have reign over one forum and that's it
Okay lets just let someone see that its okay to see an exploit post a link that steals all ur cookies and Sam files as well as temp i-net files to get ur identity and let qj.net get sued over legality issues and let others possible think its okay to hack qj.net they won't do anything. That is the utter point we present as why we are talking about this. Not so much about TMM but the principle at hand.Zitat:
Zitat von TheSpiral
He hacked the forums and used other people accounts.Zitat:
Zitat von TheSpiral
"Guys, let's go f*ck up QJ's forums, they'll unban you afterwards if you tell them how you did it!"
^_^
hehZitat:
Zitat von jas0nuk
Thats what I was thinking.Zitat:
Zitat von jas0nuk
IMO, TMM is a script-kiddie who got way too excited when he figured out he could exploit the forums, and took it too far. The sheer fact that he didn't steal any personal info (paypal, ebay, email) shows that he was too scared to do anything malicious. He basically wanted to get caught and/or popular on the QJ forums.
So he's unbanned. Oh well. Yeah it's damn well immoral, unethical, and unprecedented, but holy **** this isn't a governmental district court, it's a damn internet website community. Exceptions can be made, and if the Admin wants now to patch exploits that have been pointed out to her in the past, then so be it.
That's exactly the kind of thinking that makes me question this whole situation and my future involvement as a staff member. I might as well come out and say to those who have at least noticed and acknowledged my work in managing threads and posts that I may be on the way to retirement.Zitat:
Zitat von jas0nuk
P.S. This decision was not discussed at all with the moderators who are charged with keeping the peace here. FYI... I've never publicly expressed any concerns but there's a first time for everything.
ok, i want to appologise for what i said.
when i said "they can leave", i wasnt thinking....
so to everyone who got pissed off at what i said, im truely sorry.
Im sorry to hear it NeilR your one Awesome mod that kept it clean here I appreciate you and ur abilities to keep this a peaceful place if you so do retire you will be missed. AS for the info it was not discussed helps even more.Zitat:
Zitat von NeilR
Agree with you there NeilR
come back after 10 mins. :)Zitat:
Zitat von JordanBlack68
cyanide, you're one of the only ones who typically disagrees with me.. at least you're consistent.
I completely disagree with this thread, but not for the reason you might think. I have nothing against milkman, nor about him being unbanned, but I don't think its everyones right to know whats going on behind the scenes. Sure, you have every right to unban him, but is there really any reason to make a thread to say so? It's basically like askuing people to flame him...Zitat:
Zitat von Mysticales
If it were me, I would have done this in secret, and jsut let the milkman tell me who'd been bothering him :)
Still, thats only my opinion...
Eh? I told Jordan to come back after 10 minutes on IRC because I had banned him; my post had nothing to do with you or your intentions.Zitat:
Zitat von NeilR
Either ways, you're one of the few mods that I have the utmost respect for, doesn't matter whether I agree with you or not.
okay.. OT post made for some confusion on my part.
I've said it before.. while we have our moments, you're a good blogger. ;)
The security hole was in MyQJ.Zitat:
Zitat von mannymix03
No, the security hole was in the entire QJ frontpage. There are others, too.
Please read my analysis of the exploit.
http://forums.qj.net/policies-news-help/98962-attention-recent-events-happenings.html
You are wrong. It's not even an exploit really. It's just a simple script.
Edit: The one that FreePlay is referring to is not related to the one this thread is about.