Pages:
Author

Topic: narayan - attempted code injection (Read 6604 times)

sr. member
Activity: 574
Merit: 250
August 23, 2013, 09:19:08 PM
#38
This thread needs to be locked now.  It's a dead horse.  Quite honestly what was done in all rights was the best course of action.  Banned or not banned. Who's going to ever take this asshole seriously.
legendary
Activity: 1708
Merit: 1020
August 23, 2013, 02:24:19 AM
#36
I'm sort of a bastard, but I would ban him, keep the money, and replace his add in rotation with a warning about his "business".
Since he even admitted his wrongdoing that's the only way to go.

Theymos, you are too liberal.  Grin
legendary
Activity: 3066
Merit: 1147
The revolution will be monetized!
August 21, 2013, 02:52:08 PM
#35
I'm sort of a bastard, but I would ban him, keep the money, and replace his add in rotation with a warning about his "business".
legendary
Activity: 1288
Merit: 1227
Away on an extended break
August 18, 2013, 08:32:25 AM
#34
PS: Guys, I think narayan's already banned.
staff
Activity: 4284
Merit: 8808
August 16, 2013, 10:57:33 PM
#33
serious question... If I stole BTC from someone.. and used the BTC to buy an ad, would you put the ad up ?
I didnt/don't intend to steal BTC. just curious about the answer..
I think you're not providing enough information.  If I claim all your BTC was stolen from me, should Theymos never put up an ad for you?

Did you intend to ask "If someone comes to you and says, in all seriousness, 'I want to put up an ad with this big pile of totally stolen btc' would you put the ad up?"
legendary
Activity: 910
Merit: 1000
★YoBit.Net★ 350+ Coins Exchange & Dice
August 16, 2013, 10:08:21 PM
#32
serious question... If I stole BTC from someone.. and used the BTC to buy an ad, would you put the ad up ?

I didnt/don't intend to steal BTC. just curious about the answer..
staff
Activity: 4284
Merit: 8808
August 16, 2013, 09:37:50 PM
#31
And what malicious code exactly could he add? last time the code was embedded onto bitcointalk.org which means he could've altered text on the website or steal peoples passwords, but this time its not, so there isn't much he can do.
He tried adding a script tag to bitcointalk. He could have altered text or stolen passwords.

It was like he walked into a shop with a gun hidden in a bag, he pulled the trigger and Theymos did a Neo-in-the-matrix like dodge and no one was hit.  Maybe the bullets really were blank? We don't know because there wasn't a hit.

After Theymos bragged about his deft dodge the guy comes back and appears to be yabbering on about DOS attacking the proxy Theymos used to check the script.

But if you want to keep saying "Actually there was nothing malicious"... please remind me of this if it ever looks like I'm trusting your judgement for anything.
newbie
Activity: 42
Merit: 0
August 16, 2013, 06:12:57 PM
#30
Your friend walks into a shop with a loaded gun and fails to rob it.

Turns out you owe this person money, now you feel that you no longer have an obligation to pay them?
That isn't an accurate scenario.
We are not talking about a friend in any way and it isn't independant from the tried theft.
Someone paid you to borrow your car for two days. The first day he tried to rob someone with your car, do you feel obligated to lend him the car for another day?

Of course not, I was never obligated to lend him the car at all. I'd have to refund him for the second day though otherwise he could sue me for the money.
sr. member
Activity: 336
Merit: 250
Cuddling, censored, unicorn-shaped troll.
August 16, 2013, 04:51:50 PM
#29
Sure they attempted to scam, but that doesn't mean you can scam them back

Since you seem to be a little more sensitive than most scammers around, I'll just disagree with that (*), before asking you to leave us alone and target some real ennemies. People here are mostly gentle, caring, crazy, passionate, and sometimes a bit naive. They do not deserve being taken advantage of. So please fuck off.

(*)I enjoyed every bit of 419eater work, for example.
sr. member
Activity: 364
Merit: 250
August 16, 2013, 04:33:53 PM
#28
Your friend walks into a shop with a loaded gun and fails to rob it.

Turns out you owe this person money, now you feel that you no longer have an obligation to pay them?
That isn't an accurate scenario.
We are not talking about a friend in any way and it isn't independant from the tried theft.
Someone paid you to borrow your car for two days. The first day he tried to rob someone with your car, do you feel obligated to lend him the car for another day?
legendary
Activity: 966
Merit: 1004
Keep it real
August 16, 2013, 04:14:40 PM
#27
I know that, but if they're trying to get something in the ad doesn't it stand to reason that they don't deserve to have an ad in rotation?  I'd say trying to get malicious code into an ad should result in a ban from the forum.

Actually there was nothing malicious in the code. All he did was add a line code that said "run the javascript on the website blahblah.in". There was no malicious code on that website yet it was blank, he was going to add the malicious code later.

True, but it's still a sketchy thing to do.
full member
Activity: 224
Merit: 100
August 16, 2013, 03:58:06 PM
#26
I'm surprised there's no rule re malicious code in ads etc i.e. any malicious or suspicious code in your ad could mean you lose both your ad and your money...or whatever. Any attempts to subvert the proper function of this site blah blah spyware blah blah etc
newbie
Activity: 42
Merit: 0
August 16, 2013, 03:49:01 PM
#25
You may argue there was no malicious code there, but what other reason exists to try this code injection?

He could have wanted to add Google Analytics tracking to the ad or similar.

Attempted theft is also a crime.

I think trying to inject whatever code to an advertisement is enough reason to assume they wanted to scam.
No need to display the ad or refund imo.

Your friend walks into a shop with a loaded gun and fails to rob it.

Turns out you owe this person money, now you feel that you no longer have an obligation to pay them?

Displaying the ad also has a high risk that they might set up new malicious code on that site, they have proven that they want to do that.
You may argue there was no malicious code there, but what other reason exists to try this code injection?

That site is not his, it's owned by another member here, he was using a referral link.

And what malicious code exactly could he add? last time the code was embedded onto bitcointalk.org which means he could've altered text on the website or steal peoples passwords, but this time its not, so there isn't much he can do.
sr. member
Activity: 364
Merit: 250
August 16, 2013, 03:38:05 PM
#24
They paid for the ad, theymos can either show the ad or refund them, he can't just take the money. Sure they attempted to scam, but that doesn't mean you can scam them back, if they had actually defrauded somebody then maybe there would be a case where theymos would refund that person, but they haven't actually managed to scam yet, with that account anyways.

Attempted theft is also a crime.
I think trying to inject whatever code to an advertisement is enough reason to assume they wanted to scam.
No need to display the ad or refund imo.

Displaying the ad also has a high risk that they might set up new malicious code on that site, they have proven that they want to do that.
You may argue there was no malicious code there, but what other reason exists to try this code injection?
newbie
Activity: 42
Merit: 0
August 16, 2013, 03:36:46 PM
#23
I know that, but if they're trying to get something in the ad doesn't it stand to reason that they don't deserve to have an ad in rotation?  I'd say trying to get malicious code into an ad should result in a ban from the forum.

Actually there was nothing malicious in the code. All he did was add a line code that said "run the javascript on the website blahblah.in". There was no malicious code on that website yet it was blank, he was going to add the malicious code later.
legendary
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
August 16, 2013, 03:08:48 PM
#22
Technically there's no proof the guy wanted to scam people...
sr. member
Activity: 336
Merit: 250
Cuddling, censored, unicorn-shaped troll.
August 16, 2013, 02:21:55 PM
#21
I know that, but if they're trying to get something in the ad doesn't it stand to reason that they don't deserve to have an ad in rotation?  I'd say trying to get malicious code into an ad should result in a ban from the forum.

No reason to ban narayan. He has hardly trolled enough.
No reason to ban team scotaloo either, better to "LOL, thank" them for offering a domain.

Seriously, theymos, you understand that the sole purpose of this add was to scam people?
Now that you took care of the malicious part, they don't give a single fuck about the add being showed, it's use-less to them.
Showing this add, even if you just meant to be honest, which I'm convinced of, WILL encourage people thinking you're shielding scammers.
legendary
Activity: 966
Merit: 1004
Keep it real
August 16, 2013, 02:08:49 PM
#20
He paid, so I did put up a link to his http://minefield.bitcoinlab.org link. This site is safe, right? It's down now.

Are you saying you actually put up a link to that scammers website?

Confirmed that the ad is actually placed in rotation, I just saw it.

@theymos
Someone tries to run a CSS injection ad and you put up his ad because "he paid"?  That's an awful line of though.
theymos removed the malicious section of code before putting the link into the ad rotation.

I know that, but if they're trying to get something in the ad doesn't it stand to reason that they don't deserve to have an ad in rotation?  I'd say trying to get malicious code into an ad should result in a ban from the forum.
hero member
Activity: 927
Merit: 1000
฿itcoin ฿itcoin ฿itcoin
August 16, 2013, 02:00:44 PM
#19
He paid, so I did put up a link to his http://minefield.bitcoinlab.org link. This site is safe, right? It's down now.

Are you saying you actually put up a link to that scammers website?

Confirmed that the ad is actually placed in rotation, I just saw it.

@theymos
Someone tries to run a CSS injection ad and you put up his ad because "he paid"?  That's an awful line of though.
theymos removed the malicious section of code before putting the link into the ad rotation.
legendary
Activity: 966
Merit: 1004
Keep it real
August 16, 2013, 01:57:08 PM
#18
He paid, so I did put up a link to his http://minefield.bitcoinlab.org link. This site is safe, right? It's down now.

Are you saying you actually put up a link to that scammers website?

Confirmed that the ad is actually placed in rotation, I just saw it.

@theymos
Someone tries to run a CSS injection ad and you put up his ad because "he paid"?  That's an awful line of though.
Pages:
Jump to: