atleast this thread explains it all.
yes thanks for the read guys! 
Topic: how to add avatar pic? (Read 1123 times)
atleast this thread explains it all.
I don't see how simply reinstating avatars would take away focus from the new forum. And he seems to have a team working on that. not him.
No idea.
BTW, there are already dozens of threads in meta asking about the avatar for the past 3 months.
was wondering about this too
thanks 
That feature is disabled by the administration i think, because someone told me that it was the reason of forum getting hacked some time ago correct me if i'm wrong . How can that be possible?
If you mean how the feature is disabled by theymos, yes it is possible.
If you mean how the forum was hacked with avatar, please check this thread.
https://bitcointalksearch.org/topic/about-the-recent-attack-306878
It was initially suspected by many that the attack was done by exploiting a flaw in SMF which allows you to upload any file to the user avatars directory, and then using a misconfiguration in nginx to execute this file as a PHP script. However, this attack method seems impossible if PHP's security.limit_extensions is set.
So if it wasn't that then why haven't they reinstated them?
Probably because the new forum software is being developed, and theymos wants to focus on it...
You may find some info here.
https://bitcointalksearch.org/topic/leaked-latest-status-on-forum-software-451893 and https://bitcointalksearch.org/topic/--455867
I don't see how simply reinstating avatars would take away focus from the new forum. And he seems to have a team working on that. not him.
thanks
That feature is disabled by the administration i think, because someone told me that it was the reason of forum getting hacked some time ago correct me if i'm wrong . How can that be possible?
If you mean how the feature is disabled by theymos, yes it is possible.
If you mean how the forum was hacked with avatar, please check this thread.
https://bitcointalksearch.org/topic/about-the-recent-attack-306878
It was initially suspected by many that the attack was done by exploiting a flaw in SMF which allows you to upload any file to the user avatars directory, and then using a misconfiguration in nginx to execute this file as a PHP script. However, this attack method seems impossible if PHP's security.limit_extensions is set.
So if it wasn't that then why haven't they reinstated them?
Probably because the new forum software is being developed, and theymos wants to focus on it...
You may find some info here.
https://bitcointalksearch.org/topic/leaked-latest-status-on-forum-software-451893 and https://bitcointalksearch.org/topic/--455867
Pro tip: You can't.
Forum satff said that a software update is coming up somewhat soon so they won't bbother to update the current one.
Forum satff said that a software update is coming up somewhat soon so they won't bbother to update the current one.
I dont think this feature will ever come back any time soon. Ever since the hack of this forum awhile back.
Think I read they don't plan on enabling it until the new software is completed and its 100% secure.
you cant change it either.I'm stuck with WDC 
haha now that is not the situation you want yourself in..! get well soon [to you avatar]
you cant change it either.I'm stuck with WDC
you can't because the forums have been hacked and they haven't fixed it yet..
If you read the linked thread in my previous post, you will know that the avatar indeed has nothing to do with the hack at all...
It was initially suspected by many that the attack was done by exploiting a flaw in SMF which allows you to upload any file to the user avatars directory, and then using a misconfiguration in nginx to execute this file as a PHP script. However, this attack method seems impossible if PHP's security.limit_extensions is set.
Indeed, a new forum software is being developed, and the avatar will not be back until the new software is ready.
You may find some info here.
https://bitcointalksearch.org/topic/leaked-latest-status-on-forum-software-451893 and https://bitcointalksearch.org/topic/--455867
Peace
thanks
That feature is disabled by the administration i think, because someone told me that it was the reason of forum getting hacked some time ago correct me if i'm wrong . How can that be possible?
If you mean how the feature is disabled by theymos, yes it is possible.
If you mean how the forum was hacked with avatar, please check this thread.
https://bitcointalksearch.org/topic/about-the-recent-attack-306878
It was initially suspected by many that the attack was done by exploiting a flaw in SMF which allows you to upload any file to the user avatars directory, and then using a misconfiguration in nginx to execute this file as a PHP script. However, this attack method seems impossible if PHP's security.limit_extensions is set.
Thanks, I meant the latter, but I like your humor.
What humour?
thanks
That feature is disabled by the administration i think, because someone told me that it was the reason of forum getting hacked some time ago correct me if i'm wrong . How can that be possible?
If you mean how the feature is disabled by theymos, yes it is possible.
If you mean how the forum was hacked with avatar, please check this thread.
https://bitcointalksearch.org/topic/about-the-recent-attack-306878
It was initially suspected by many that the attack was done by exploiting a flaw in SMF which allows you to upload any file to the user avatars directory, and then using a misconfiguration in nginx to execute this file as a PHP script. However, this attack method seems impossible if PHP's security.limit_extensions is set.
Thanks, I meant the latter, but I like your humor.
thanks
That feature is disabled by the administration i think, because someone told me that it was the reason of forum getting hacked some time ago correct me if i'm wrong . How can that be possible?
If you mean how the feature is disabled by theymos, yes it is possible.
If you mean how the forum was hacked with avatar, please check this thread.
https://bitcointalksearch.org/topic/about-the-recent-attack-306878
It was initially suspected by many that the attack was done by exploiting a flaw in SMF which allows you to upload any file to the user avatars directory, and then using a misconfiguration in nginx to execute this file as a PHP script. However, this attack method seems impossible if PHP's security.limit_extensions is set.
So if it wasn't that then why haven't they reinstated them?
HA!
I said it was a hack attack
thanks
That feature is disabled by the administration i think, because someone told me that it was the reason of forum getting hacked some time ago correct me if i'm wrong . How can that be possible?
If you mean how the feature is disabled by theymos, yes it is possible.
If you mean how the forum was hacked with avatar, please check this thread.
https://bitcointalksearch.org/topic/about-the-recent-attack-306878
It was initially suspected by many that the attack was done by exploiting a flaw in SMF which allows you to upload any file to the user avatars directory, and then using a misconfiguration in nginx to execute this file as a PHP script. However, this attack method seems impossible if PHP's security.limit_extensions is set.
So if it wasn't that then why haven't they reinstated them?
thanks
That feature is disabled by the administration i think, because someone told me that it was the reason of forum getting hacked some time ago correct me if i'm wrong . How can that be possible?
If you mean how the feature is disabled by theymos, yes it is possible.
If you mean how the forum was hacked with avatar, please check this thread.
https://bitcointalksearch.org/topic/about-the-recent-attack-306878
It was initially suspected by many that the attack was done by exploiting a flaw in SMF which allows you to upload any file to the user avatars directory, and then using a misconfiguration in nginx to execute this file as a PHP script. However, this attack method seems impossible if PHP's security.limit_extensions is set.
thanks
That feature is disabled by the administration i think, because someone told me that it was the reason of forum getting hacked some time ago correct me if i'm wrong . How can that be possible? Learn something new everyday.
you can't because the forums have been hacked and they haven't fixed it yet..
If you read the linked thread in my previous post, you will know that the avatar indeed has nothing to do with the hack at all...
It was initially suspected by many that the attack was done by exploiting a flaw in SMF which allows you to upload any file to the user avatars directory, and then using a misconfiguration in nginx to execute this file as a PHP script. However, this attack method seems impossible if PHP's security.limit_extensions is set.
Indeed, a new forum software is being developed, and the avatar will not be back until the new software is ready.
You may find some info here.
https://bitcointalksearch.org/topic/leaked-latest-status-on-forum-software-451893 and https://bitcointalksearch.org/topic/--455867
Peace
you can't because the forums have been hacked and they haven't fixed it yet..
If you read the linked thread in my previous post, you will know that the avatar indeed has nothing to do with the hack at all...
It was initially suspected by many that the attack was done by exploiting a flaw in SMF which allows you to upload any file to the user avatars directory, and then using a misconfiguration in nginx to execute this file as a PHP script. However, this attack method seems impossible if PHP's security.limit_extensions is set.
Jump to: