| Author |
Topic |
Frecator Dementa
Caldari
Perkone |
Posted - 2011.04.11 12:29:00 - [ 571]
|
Tippia
Caldari
Sunshine and Lollipops
|
Posted - 2011.04.11 12:34:00 - [ 572]
|
Grimpak
Gallente
Midnight Elites
Echelon Rising |
Posted - 2011.04.11 12:39:00 - [ 573]
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.11 12:54:00 - [ 574]
 Originally by: Grimpak
granted not really the same but the type of mistake is basically the same.
The boot.ini thing could have been an honest mistake, this one however, not so much (like Tippia pointed out, they do obsessively sanitize it in some other place). So, meh. |
Grimpak
Gallente
Midnight Elites
Echelon Rising |
Posted - 2011.04.11 13:07:00 - [ 575]
Originally by: Akita T
Originally by: Grimpak
granted not really the same but the type of mistake is basically the same.
The boot.ini thing could have been an honest mistake, this one however, not so much (like Tippia pointed out, they do obsessively sanitize it in some other place).
So, meh.
oh well, it's still an epic ****up. |
Hakaru Ishiwara
Minmatar
Republic Military School |
Posted - 2011.04.11 13:17:00 - [ 576]
Originally by: El'Niaga
Okay what we need to do is fire the individuals responsible for this fiasco. We don't need some lame excuse that the boss is gone on vacation, call him back if he is.
I seriously hope a team didn't spend 70k hours on modifying a YAF board to fit EVE's needs. If they did, then get rid of these leeches.
Whomever was project managing this initiative is the person at fault. Even if they had management breathing heavily down their neck, they should have had the professional back-bone to hold the release. We already know that CCP management is terrible and that they hold their customers in low regard. Originally by: El'Niaga
Also its now past 11 am your time, where is our promised update?
CCP's promises are always meant to be broken. Over-promise and under-deliver is CCP's unstated motto. I am honestly surprised somebody hasn't coined the term "Unicorn Development" where a company's customers get the shaft from a ****ed-up and proprietary implementation of an Open Source product. A new Internet meme perhaps.... To wikipedia! |
Niraia
Seekers of a Silent Paradise
|
Posted - 2011.04.11 13:22:00 - [ 577]
My point exactly. I know web developers who have been rejected by CCP who wouldn't do something this stupid. Whoever was in charge of recruiting them should probably be apologizing for doing a terrible job too, don't you think? Does CCP care about the quality of their staff? Does the CEO? Where is the CEO? |
MisterAl tt1 |
Posted - 2011.04.11 13:24:00 - [ 578]
After having read some external info regarding your "brand new" forums I would say that the whole team in charge of this f... up is to be fired!
To allow code insertion into signatures! What kind of "specialists" work there?! How could've you bring OUR computers under such a risk?!
Well, I'm sure CCP will state everything is OK and there was no risk. Even with my little knowledge I can say that they LIE. |
Shade Millith
Caldari
Macabre Votum
Morsus Mihi |
Posted - 2011.04.11 13:28:00 - [ 579]
Edited by: Shade Millith on 11/04/2011 13:33:28Edited by: Shade Millith on 11/04/2011 13:30:54 Quote:
I’m not claiming. I’m stating outright that customer data was never at risk. We’ve also said there will be a blog which will detail what occurred and what was wrong. -CCP Sreegs
And according to http://www.machine9.net/blog/?p=592 , and the bloke who made it public on SHC (Because you ignored his petitions, then banned him), you're lying out your arse. Screw you. Seriously, screw you. You managed to put everyone at risk. Apparently with known security issues from beta. |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 13:28:00 - [ 580]
Originally by: MisterAl tt1
After having read some external info regarding your "brand new" forums I would say that the whole team in charge of this f... up is to be fired!
To allow code insertion into signatures! What kind of "specialists" work there?! How could've you bring OUR computers under such a risk?!
Well, I'm sure CCP will state everything is OK and there was no risk. Even with my little knowledge I can say that they LIE.
I say we cancel your account after we fire them, deal? Fair exchange? |
Grimpak
Gallente
Midnight Elites
Echelon Rising |
Posted - 2011.04.11 13:31:00 - [ 581]
Edited by: Grimpak on 11/04/2011 13:31:19 Originally by: Shade Millith
Quote:
I’m not claiming. I’m stating outright that customer data was never at risk. We’ve also said there will be a blog which will detail what occurred and what was wrong. -CCP Sreegs
And according to http://www.machine9.net/blog/?p=592 , and the bloke who made it public on SHC (Because you ignored his petitions, then banned him), you're lying out your arse.
Screw you.
well it's kinda true since Sreegs might be saying that the customer data that THEY HAVE was never at risk. |
dexington
Caldari
Baconoration |
Posted - 2011.04.11 13:31:00 - [ 582]
Originally by: MisterAl tt1
To allow code insertion into signatures! What kind of "specialists" work there?! How could've you bring OUR computers under such a risk?!
Well, I'm sure CCP will state everything is OK and there was no risk. Even with my little knowledge I can say that they LIE.
hahah... you better format you computer, to be sure there is no malware installed. Remember to turn off your computer for 45 min after the format, just to be sure nothing survives in memory! anyways, when do we see the dev blog?, can someone confirm the rumors that the head of security called in sick today? |
MisterAl tt1 |
Posted - 2011.04.11 13:32:00 - [ 583]
Edited by: MisterAl tt1 on 11/04/2011 13:35:17 Originally by: Miilla
I say we cancel your account after we fire them, deal?
Fair exchange?
My dear, if you are somewhat connected to CCP (which you seem not to) them you are getting PIAD from such users as I am, and thus you are expected to do nice job for the money paid. A job like this is expected from a 16-year old pupil who has made his first "site" in his life. Originally by: dexington
hahah... you better format you computer, to be sure there is no malware installed. Remember to turn off your computer for 45 min after the format, just to be sure nothing survives in memory!
anyways, when do we see the dev blog?, can someone confirm the rumors that the head of security called in sick today?
1st - my knowledge is enough not to use some "beta", so I'm only angry about the whole CCP being that bunch of non-professionals. 2nd - those external blogs I saw are enough evidence for me. And I'm well sure that CCP will never agree they had a hole like this, like they never did about "monkey magic" and other things like that. |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 13:37:00 - [ 584]
Do we still need this thread? All it encourages is bashing and whining. We get the point :)
How about putting some real content into the forums instead of tears?
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.11 13:40:00 - [ 585]
Originally by: Miilla
How about putting some real content into the forums instead of tears?
Content is soooo mainstream... /emote adjust horn-rimmed glasses |
Zey Nadar
Gallente
Unknown Soldiers
|
Posted - 2011.04.11 13:42:00 - [ 586]
Edited by: Zey Nadar on 11/04/2011 13:45:25 Originally by: Frecator Dementa
I wouldn't call this the same ****up at all. The signature exploit sounds like they forgot to HTML encode, the boot.ini was a file name conflict.
Pointing out that there are more glaring holes in the new forum than just the signature exploit. And the best part is that these holes were reported in the test phase.  |
MisterAl tt1 |
Posted - 2011.04.11 13:42:00 - [ 587]
Originally by: Miilla
Do we still need this thread? All it encourages is bashing and whining. We get the point :)
How about putting some real content into the forums instead of tears?
Meaning "let it slide and let CCP don't bother about doing some non-professional work again" ? No. I want CCP to see that users ARE interested in seeing CCP really do something like they should. |
dexington
Caldari
Baconoration |
Posted - 2011.04.11 13:45:00 - [ 588]
Originally by: MisterAl tt1
Meaning "let it slide and let CCP don't bother about doing some non-professional work again" ? No. I want CCP to see that users ARE interested in seeing CCP really do something like they should.
You just want to ***** and whine, did someone put chilly on your tampax or what? |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 13:52:00 - [ 589]
Edited by: Miilla on 11/04/2011 13:52:06 Originally by: dexington
Originally by: MisterAl tt1
Meaning "let it slide and let CCP don't bother about doing some non-professional work again" ? No. I want CCP to see that users ARE interested in seeing CCP really do something like they should.
You just want to ***** and whine, did someone put chilly on your tampax or what?
I think CCP get the point. If you really want to make a point, STOP PAYING (and PLAYING). Right? |
MisterAl tt1 |
Posted - 2011.04.11 13:55:00 - [ 590]
Trolls damage controling CCP ? How nice. |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 13:57:00 - [ 591]
Originally by: MisterAl tt1
Trolls damage controling CCP ? How nice.
Not at all, I just know reality and don't have my head firmly rammed up my buttocks like the rest of the "engineering" "experts" on here whining and demanding firings etc. |
Gnulpie
Minmatar
Miner Tech |
Posted - 2011.04.11 14:03:00 - [ 592]
Edited by: Gnulpie on 11/04/2011 14:03:23 Originally by: Zey Nadar
Pointing out that there are more glaring holes in the new forum than just the signature exploit.
And the best part is that these holes were reported in the test phase.
Do you have any proof that those issues were reported? Any mails/correspondence? Forum posts? Bug ID's? And who reported them? And in which detail were those problems reported? |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 14:12:00 - [ 593]
Edited by: Miilla on 11/04/2011 14:15:09 Originally by: Gnulpie
Edited by: Gnulpie on 11/04/2011 14:03:23
Originally by: Zey Nadar
Pointing out that there are more glaring holes in the new forum than just the signature exploit.
And the best part is that these holes were reported in the test phase.
Do you have any proof that those issues were reported? Any mails/correspondence? Forum posts? Bug ID's?
And who reported them? And in which detail were those problems reported?
That's not the problem, the problem is, he went and exploited it. He should have just made the problem public and let it at that. But no, he had to be an a.sshat and exploit it. There is a little thing called TRIAGE on bugs. If only you saw the amount of issues triaged out to wont fix or postponed at Microsoft, why? They are below the fix bar at that point in time, and probably lack of resources and also not their primary focus or perhaps just a badly explained bug repro and impact. There is no reason to go exploit the bug to deny us all the service we pay for. That is a no no. Shout all he wants publically, thats what whistleblowers do. End of story. Given the attitude this guy has, he probably wrote it in rage speak in the email and bug report with l33t too. I can see why it would be downgraded or ignored. He crossed the line. |
Niraia
Seekers of a Silent Paradise
|
Posted - 2011.04.11 14:18:00 - [ 594]
Originally by: Miilla
That's not the problem, the problem is, he went and exploited it.
I don't think that's a problem for anyone but himself, assuming he did no damage.. |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 14:32:00 - [ 595]
Originally by: Niraia
Originally by: Miilla
That's not the problem, the problem is, he went and exploited it.
I don't think that's a problem for anyone but himself, assuming he did no damage..
He did do damage, he started posting as somebody else, modifying other customers posts and end result we where denied access to the service for a few days. |
Bomberlocks
Minmatar
CTRL-Q |
Posted - 2011.04.11 14:33:00 - [ 596]
Originally by: Miilla
Edited by: Miilla on 11/04/2011 14:15:09
Originally by: Gnulpie
Edited by: Gnulpie on 11/04/2011 14:03:23
Originally by: Zey Nadar
Pointing out that there are more glaring holes in the new forum than just the signature exploit.
And the best part is that these holes were reported in the test phase.
Do you have any proof that those issues were reported? Any mails/correspondence? Forum posts? Bug ID's?
And who reported them? And in which detail were those problems reported?
That's not the problem, the problem is, he went and exploited it. He should have just made the problem public and let it at that. But no, he had to be an a.sshat and exploit it.
There is a little thing called TRIAGE on bugs. If only you saw the amount of issues triaged out to wont fix or postponed at Microsoft, why? They are below the fix bar at that point in time, and probably lack of resources and also not their primary focus or perhaps just a badly explained bug repro and impact.
There is no reason to go exploit the bug to deny us all the service we pay for. That is a no no. Shout all he wants publically, thats what whistleblowers do. End of story.
Given the attitude this guy has, he probably wrote it in rage speak in the email and bug report with l33t too. I can see why it would be downgraded or ignored.
He crossed the line.
Catari Taga, the person who was banned, was not the only person who discovered the vulnerabilities and was not the only person to petition and report them. Regardless of your opinion of him, it doesn't change the extent of the vulnerabilities. |
Niraia
Seekers of a Silent Paradise
|
Posted - 2011.04.11 14:33:00 - [ 597]
Edited by: Niraia on 11/04/2011 14:33:57 Originally by: Miilla
He did do damage, he started posting as somebody else, modifying other customers posts and end result we where denied access to the service for a few days.
So why is the fact that he exploited it the problem, as you stated? |
Siigari Kitawa
Gallente
Perditus Peregrinus
|
Posted - 2011.04.11 14:34:00 - [ 598]
lol |
LtCol Laurentius
Caldari
Digital Fury Corporation
Northern Coalition. |
Posted - 2011.04.11 14:35:00 - [ 599]
Originally by: Miilla
That's not the problem, the problem is, he went and exploited it. He should have just made the problem public and let it at that. But no, he had to be an a.sshat and exploit it.
There is a little thing called TRIAGE on bugs. If only you saw the amount of issues triaged out to wont fix or postponed at Microsoft, why? They are below the fix bar at that point in time, and probably lack of resources and also not their primary focus or perhaps just a badly explained bug repro and impact.
There is no reason to go exploit the bug to deny us all the service we pay for. That is a no no. Shout all he wants publically, thats what whistleblowers do. End of story.
Given the attitude this guy has, he probably wrote it in rage speak in the email and bug report with l33t too. I can see why it would be downgraded or ignored.
He crossed the line.
You use the word exploits as if it were true. Previosly you linked the definition of "whistleblower" in you ongoing campaign to whiteknight CCP. Let me thus prove a definition of "exploit": "An exploit, in video games, is the use of a bug or design flaw by a player to their advantage in a manner not intended by the game's designers". Its very clear that you dont like him "feeding his ego", but I doubt that it can be classified as en "exploit". |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 14:36:00 - [ 600]
Edited by: Miilla on 11/04/2011 14:38:38 Originally by: LtCol Laurentius
Originally by: Miilla
That's not the problem, the problem is, he went and exploited it. He should have just made the problem public and let it at that. But no, he had to be an a.sshat and exploit it.
There is a little thing called TRIAGE on bugs. If only you saw the amount of issues triaged out to wont fix or postponed at Microsoft, why? They are below the fix bar at that point in time, and probably lack of resources and also not their primary focus or perhaps just a badly explained bug repro and impact.
There is no reason to go exploit the bug to deny us all the service we pay for. That is a no no. Shout all he wants publically, thats what whistleblowers do. End of story.
Given the attitude this guy has, he probably wrote it in rage speak in the email and bug report with l33t too. I can see why it would be downgraded or ignored.
He crossed the line.
You use the word exploits as if it were true. Previosly you linked the definition of "whistleblower" in you ongoing campaign to whiteknight CCP. Let me thus prove a definition of "exploit": "An exploit, in video games, is the use of a bug or design flaw by a player to their advantage in a manner not intended by the game's designers".
Its very clear that you dont like him "feeding his ego", but I doubt that it can be classified as en "exploit".
He took advantage of his bug and used it to post as other people and gain moderator privlidges and also modifying other customers posts, that is exploiting. Even using YOUR own definition, he exploited a bug in the forums (not a game) and elevated his privlidges against the intent by the designers as is injecting formatting and markup, changing the content of the intended design by the designers. Exploit is exploited. |
All Channels
EVE General Discussion
