Bitcoin Forum>Other>Meta
Author

Topic: Forum upgrade????? WHEN? Just another hack. (Read 723 times)

redsn0w
legendary
Activity: 1778
Merit: 1043
#Free market
Forum upgrade????? WHEN? Just another hack.
May 25, 2015, 03:57:13 PM
#11
Quote from: Slark on May 25, 2015, 01:50:46 PM
Quote from: Quickseller on May 25, 2015, 01:37:52 PM
I don't think using the new forum software would have stopped this hack/attack.

I think this is one additional reason to show that theymos needs to be 100% sure about the security of the new forum software before implementing it as there will be many people who will attempt to exploit any security holes in it.
To be honest everything can be hacked. Even the bigger networks, services can be penetrated by hackers. People need to understand this. But I understand what is the problem here. Users are disappointed/angry that despite having multi million dollar budget we still have old forum software, that is the problem. No ETA or any news regarding this upgrade and recent compromise of bitcointalk did not really help either.

I think these type of attack (or general) will increase when the new forum software will be 'released' fully functional.. because I think it will come with a lot of bug  Roll Eyes.  Again: you can build a strong security but if an employes will reset the pwd ... then you are really fuc**d.
iopq
hero member
Activity: 658
Merit: 500
Re: Forum upgrade????? WHEN? Just another hack.
May 25, 2015, 03:26:47 PM
#10
From what I got from his post, the forum software was not compromised, but his log-in credentials to the server. Having different forum software would not help in any way for this particular attack.
Slark
legendary
Activity: 1862
Merit: 1004
Re: Forum upgrade????? WHEN? Just another hack.
May 25, 2015, 01:50:46 PM
#9
Quote from: Quickseller on May 25, 2015, 01:37:52 PM
I don't think using the new forum software would have stopped this hack/attack.

I think this is one additional reason to show that theymos needs to be 100% sure about the security of the new forum software before implementing it as there will be many people who will attempt to exploit any security holes in it.
To be honest everything can be hacked. Even the bigger networks, services can be penetrated by hackers. People need to understand this. But I understand what is the problem here. Users are disappointed/angry that despite having multi million dollar budget we still have old forum software, that is the problem. No ETA or any news regarding this upgrade and recent compromise of bitcointalk did not really help either.
Quickseller
copper member
Activity: 2996
Merit: 2374
Re: Forum upgrade????? WHEN? Just another hack.
May 25, 2015, 01:37:52 PM
#8
I don't think using the new forum software would have stopped this hack/attack.

I think this is one additional reason to show that theymos needs to be 100% sure about the security of the new forum software before implementing it as there will be many people who will attempt to exploit any security holes in it.
koelen3
legendary
Activity: 1022
Merit: 1007
Sooner or later, a man who wears two faces forgets
Re: Forum upgrade????? WHEN? Just another hack.
May 25, 2015, 01:03:01 PM
#7
It was really boring without the forum , 3 days were hardly managed as i really like reading here .
The forum have had many attack attempts since past some months. I really hope it will be better with the new software.
SaltySpitoon
legendary
Activity: 2590
Merit: 2156
Welcome to the SaltySpitoon, how Tough are ya?
Re: Forum upgrade????? WHEN? Just another hack.
May 25, 2015, 11:29:35 AM
#6
Quote from: opentoe on May 25, 2015, 11:03:00 AM
Last time I checked this forum had millions in BTC\USD in donations, but still hackers are hacking away at such old software and hacking in almost as easily as signing in with a password. Since I've been here, this is the 4th time this has happened. Can I ask, when the forum operators notice a hack is going on why don't you just turn the server or VPS off for a while? Nothing deters a planned attack then nothing to attack. But instead you leave the place up and running to all our passwords once again can get compromised.

Really, what are you doing with all that donation money? You can run 20 forums with all the bitcoin you have.

It's done when it's done. There is a lot of work left to do on the new forum, but it's progressing. There really isn't an eta, it's ready when it's ready. Not that it matters, but I believe the recent hack bypassed the forums security features by directly attacking the hosting provider. The forum hasn't been hacked since October of 2013 if I recall, given what we are working with and the technical info the bitcoin community has (which works against us in this case)it's track record isn't too bad. I don't think removing Bitcointalk for what could be a while is the best idea.
Xialla
legendary
Activity: 1036
Merit: 1001
/dev/null
Re: Forum upgrade????? WHEN? Just another hack.
May 25, 2015, 11:27:49 AM
#5
wtf? this forum is running on VPS on some public accessible hypervisor? it is not DMZ cluster in T4 DC? aha.))
achow101_alt
sr. member
Activity: 268
Merit: 258
Re: Forum upgrade????? WHEN? Just another hack.
May 25, 2015, 11:17:08 AM
#4
Quote from: opentoe on May 25, 2015, 11:03:00 AM
Last time I checked this forum had millions in BTC\USD in donations, but still hackers are hacking away at such old software and hacking in almost as easily as signing in with a password. Since I've been here, this is the 4th time this has happened. 
This attack as nothing to do with old software, but rather the people at the company running the data center because this is a social engineering attack, not a technical one.

Quote
Can I ask, when the forum operators notice a hack is going on why don't you just turn the server or VPS off for a while? Nothing deters a planned attack then nothing to attack. But instead you leave the place up and running to all our passwords once again can get compromised.
Theymos, the administrator, did in fact turn off the server, the forum was shutdown when he noticed the attack to prevent the attacker from gaining too much information. Then the forum had 3 days of downtime as theymos got another hosting provider, reinstalled everything, and restored all the data.

You should check out Theymos's thread about the compromise here: https://bitcointalksearch.org/topic/m.11445725
opentoe
legendary
Activity: 1274
Merit: 1000
Personal text my ass....
Re: Forum upgrade????? WHEN? Just another hack.
May 25, 2015, 11:08:11 AM
#3
Quote from: bigcrypto on May 25, 2015, 11:06:11 AM
They said during year, but who knows if that will happen finally

They have been saying that for years now. I have a strong feeling all those donation are paying for a couple user's really nice lifestyle.
bigcrypto
newbie
Activity: 16
Merit: 0
Re: Forum upgrade????? WHEN? Just another hack.
May 25, 2015, 11:06:11 AM
#2
They said during year, but who knows if that will happen finally
opentoe
legendary
Activity: 1274
Merit: 1000
Personal text my ass....
Re: Forum upgrade????? WHEN? Just another hack.
May 25, 2015, 11:03:00 AM
#1
Last time I checked this forum had millions in BTC\USD in donations, but still hackers are hacking away at such old software and hacking in almost as easily as signing in with a password. Since I've been here, this is the 4th time this has happened. Can I ask, when the forum operators notice a hack is going on why don't you just turn the server or VPS off for a while? Nothing deters a planned attack then nothing to attack. But instead you leave the place up and running to all our passwords once again can get compromised.

Really, what are you doing with all that donation money? You can run 20 forums with all the bitcoin you have.
Bitcoin Forum>Other>Meta
Jump to: