open All Channels
seplocked EVE General Discussion
blankseplocked Goodbye, old forums... long live the new forums ? Update : NOT !
 
This thread is older than 90 days and has been locked due to inactivity.


 
Pages: 1 2 [3] 4 5

Author Topic

Larissa Sunsorrow
Posted - 2011.04.10 00:33:00 - [61]
 

whats happened to the new forum? what bug they found on it?

Tippia
Caldari
Sunshine and Lollipops
Posted - 2011.04.10 00:34:00 - [62]
 

Originally by: Akita T
(because the new forum was atrocious in MANY, MANY WAYS)
Pff. I've updated that list with at least 4 more points by now, not counting some examples of old points that could conceivably be broken out into their own points because they don't quite fit the labels I originally put on the list… Razz

Grey Stormshadow
Starwreck Industries
Posted - 2011.04.10 00:35:00 - [63]
 

I hope that there will be long enough timeout now for them to finish the product and not force us to beta test it again. At least they got plenty of feedback and data to chew now. Its a good thing.

Im sure that decission to revert back to old forums wasnt one they really wanted to make, but it was good call. Thank you for that.

Akita T
Caldari Navy Volunteer Task Force
Posted - 2011.04.10 00:36:00 - [64]
 

Edited by: Akita T on 10/04/2011 00:36:55
Originally by: Larissa Sunsorrow
whats happened to the new forum? what bug they found on it?

Let's see... short recap... what could a person with the proper knowledge do...

First, you could post as anybody (including CCP staff or even NPCs).
You could edit anybody else's posts.
You could see into normally hidden subforums, look at deleted posts.
You could access forum moderator functions.
And so on and so forth.

Then the forums went down, back up patched...

...and pretty much the same thing happened again, but slightly differently.


Originally by: Tippia
Originally by: Akita T
(because the new forum was atrocious in MANY, MANY WAYS)
Pff. I've updated that list with at least 4 more points by now, not counting some examples of old points that could conceivably be broken out into their own points because they don't quite fit the labels I originally put on the list… Razz

Let me guess...
...you didn't keep a copy of it locally on your PC Twisted Evil
How much do you want to bet the new forums will come back without content posted ?
Laughing
j/k

...I hope ?

Blane Xero
Amarr
The Firestorm Cartel
Posted - 2011.04.10 00:36:00 - [65]
 

Originally by: Larissa Sunsorrow
whats happened to the new forum? what bug they found on it?
They trusted the client too much, which resulted in people being able to manipulate cookies to edit other peoples posts, or to get access to subforums only for mods/etc. Then when they came back up, the person they banned who informed them of it, showed them they had not, infact, fixed it by posting from his now banned account.

Ulmega
Posted - 2011.04.10 00:37:00 - [66]
 

I actually think I am going to bring out a toast to the 'new' forums

*Fills glass with a good scotch single malt*

"to the 'new' forums may they last for many years"

Hakaru Ishiwara
Minmatar
Republic Military School
Posted - 2011.04.10 00:39:00 - [67]
 

Originally by: Akita T
I particularly like to remember that post a few hours ago by... CCP Navigator, was it ?
The one in which, as a response to my plea to temporarily reopen these tried and true old forums until the new ones get a thorough checkup, he said (paraphrasing) "the new forums are tied into EVE Gate, the old ones will never be reopened".
Twisted Evil

Well, I guess today is never Wink
CCP's hubris is not exclusive to CCP Greyscale. Rolling EyesLaughingSurprisedLaughingRolling Eyes

Part of excellent software design is understanding when customer feedback may have relevance. CCP will learn this even if they have to be beaten over the head time and time again.

Siiee
Recycled Heroes
Posted - 2011.04.10 00:40:00 - [68]
 

Originally by: Akita T
and the fact that they did is BOTH a sign that there's still some hope on one hand, and a sign that something really ugly happened Iceland-side on the other hand.


Not only something ugly in the company, but they were willing to strip out whole sections of functionality in an attempt to bodge a fix. Rolling back must mean that the code is in really, really bad shape.

I'm no pro coder, but from what I understand this is far more than some exploitable holes that were left open, it seems like a much deeper architectural problem. There will be no quick fixes to make it better, they're going to have to go back to scratch on some things.

Naya Sky
Posted - 2011.04.10 00:40:00 - [69]
 

Edited by: Naya Sky on 10/04/2011 00:40:49
Originally by: Blane Xero
Then when they came back up, the person they banned who informed them of it, showed them they had not, infact, fixed it by posting from his now banned account.


Why would they ban someone for showing them security holes? >.<

Siiee
Recycled Heroes
Posted - 2011.04.10 00:42:00 - [70]
 

Originally by: Akita T

How much do you want to bet the new forums will come back without content posted ?
Laughing


That's what I'm betting on now :p, I say new forums will come back up again wiped.

Akita T
Caldari Navy Volunteer Task Force
Posted - 2011.04.10 00:43:00 - [71]
 

Edited by: Akita T on 10/04/2011 00:44:47
Originally by: Naya Sky
Originally by: Blane Xero
Then when they came back up, the person they banned who informed them of it, showed them they had not, infact, fixed it by posting from his now banned account.

Why would they ban someone for showing them security holes? >.<

Because he didn't restrain himself to JUST tell it to CCP, but told it to everybody and left CCP "with egg on its face".
Justifiable or not, a tempban was kind of coming either way.
Now, not so sure about permaban, which I guess is what he actually received.

Blane Xero
Amarr
The Firestorm Cartel
Posted - 2011.04.10 00:45:00 - [72]
 

Originally by: Akita T
Edited by: Akita T on 10/04/2011 00:44:10
Originally by: Naya Sky
Originally by: Blane Xero
Then when they came back up, the person they banned who informed them of it, showed them they had not, infact, fixed it by posting from his now banned account.

Why would they ban someone for showing them security holes? >.<

Because he didn't restrain himself to JUST tell it to CCP, but told it to everybody.
Justifiable or not, a tempban was kind of coming.
Now, not so sure about permaban, which I guess is what the actually received.
Even though he petitioned to them about it way before he told the people on scrapheap. He only told folks because CCP was mute on the issue and apparently he was pretty damn sure other people were aware of, and preparing to abuse the system. Cool

Arec Bardwin
Posted - 2011.04.10 00:45:00 - [73]
 

>> Catari Taga <<

just checking to see if his name got added to the profanity filterWink

Tippia
Caldari
Sunshine and Lollipops
Posted - 2011.04.10 00:46:00 - [74]
 

Originally by: Akita T
Let me guess...
...you didn't keep a copy of it locally on your PC Twisted Evil
Weeell… Let's just say this:

For all it's faults and foibles, these forums have at least taught me to compose important messages as txt files first. Laughing

Akita T
Caldari Navy Volunteer Task Force
Posted - 2011.04.10 00:46:00 - [75]
 

Edited by: Akita T on 10/04/2011 00:46:55
Originally by: Blane Xero
Even though he petitioned to them about it way before he told the people on scrapheap. He only told folks because CCP was mute on the issue and apparently he was pretty damn sure other people were aware of, and preparing to abuse the system. Cool

Mind you, I'm not saying I would have not been mightily tempted to do something similar in his situation...
Originally by: Tippia
For all it's faults and foibles, these forums have at least taught me to compose important messages as txt files first. Laughing

Laughing
Didn't yahoo mail teach you that a decade ago ?
Laughing

Blane Xero
Amarr
The Firestorm Cartel
Posted - 2011.04.10 00:48:00 - [76]
 

Originally by: Akita T
Originally by: Blane Xero
Even though he petitioned to them about it way before he told the people on scrapheap. He only told folks because CCP was mute on the issue and apparently he was pretty damn sure other people were aware of, and preparing to abuse the system. Cool

Mind you, I'm not saying I would have not been mightily tempted to do something similar in his situation...
Tbh, I'd have done the same thing he did. At this point, I'd be ****ed about losing my account, but it'd finally solve my addiction to the forum drama Laughing

Grey Stormshadow
Starwreck Industries
Posted - 2011.04.10 00:49:00 - [77]
 

Edited by: Grey Stormshadow on 10/04/2011 00:49:34
Best would be that they just wiped them and transferred data from these forums when it is time to permanently move there... making some script to do that during game downtime isn't too difficult and could be tested forehand.

Aeronwen Carys
Sebiestor Tribe
Posted - 2011.04.10 00:49:00 - [78]
 

Originally by: Akita T
Edited by: Akita T on 10/04/2011 00:44:47
Originally by: Naya Sky
Originally by: Blane Xero
Then when they came back up, the person they banned who informed them of it, showed them they had not, infact, fixed it by posting from his now banned account.

Why would they ban someone for showing them security holes? >.<

Because he didn't restrain himself to JUST tell it to CCP, but told it to everybody and left CCP "with egg on its face".
Justifiable or not, a tempban was kind of coming either way.
Now, not so sure about permaban, which I guess is what he actually received.


He discovered a flaw which the majority of people who understand these things readily accept was a MASSIVE security flaw and he abused it for his own amusement. The fact that he did attempt to bring it to CCP's attention is highly commendable, but his subsequent actions ensured his rapid and warranted banning. I think CCP did the right thing on that front at least, if nothing else.

Akita T
Caldari Navy Volunteer Task Force
Posted - 2011.04.10 00:51:00 - [79]
 

Taken from the sticky that came up after the revival of these forums...

Originally by: CCP Wrangler
Originally by: Calathea Sata
Originally by: CCP Wrangler
It has been an interesting weekend so far. Our shiny new forums haven’t worked quite as expected and they have been going up and down a few times. We have opened up our trusted old forums for your posting pleasure and we will be keeping the new forums down until they can be sorted out. There will be more information on this on Monday. We apologize for any inconvenience this may have caused you and we thank you for your patience and understanding.

CCP needs to apologize for throwing out untested unfinished unpolished rubbish at customers as well, to a community that is so dedicated to your company's product and expecting nothing but excellence and deliverance, this is an insult.
You have my sincere and personal apology and I also apologize on behalf of CCP.

Security holes aside, how about an assurance that user feedback will be actually USED next time you ask us to test the forums ?
Or what about making the new forums not just barely functional and somewhat secure, but actually a clear improvement over the current ones in every single way ?

BuckStrider
Nano-Tech Experiments
Posted - 2011.04.10 00:51:00 - [80]
 

If the FUBAR new forums took 13 guys and 18 months to develop, I'm scared

Akita T
Caldari Navy Volunteer Task Force
Posted - 2011.04.10 01:02:00 - [81]
 

Edited by: Akita T on 10/04/2011 01:05:35

Can anybody think of something good to say about the (temp suspended) new forums ?
OTHER THAN an actually functional search function ?
I mean, a feature which actually WAS a noteworthy improvement over these forums right here ?
One that really worked as it should, not buggy as hell.
And it would have to be an OBJECTIVE improvement, not just a stylistic personal taste choice.

I can honestly think of none other than the search that was useful to me personally.
And even that wasn't such a big deal considering eve-search is around, and google works reasonably well too.

Aeronwen Carys
Sebiestor Tribe
Posted - 2011.04.10 01:02:00 - [82]
 

Originally by: BuckStrider
If the FUBAR new forums took 13 guys and 18 months to develop, I'm scared




The thing is, despite the actual forums themselves being open source and almost fully built out of the box, there was the integration into eve-gate to consider, as well as the integration with the rest of CCP's existing server architecture. Who knows how long it actually takes to do integration on that scale, or just how far that integration goes.

Chinwe Rhei
Minmatar
Tribal Liberation Force
Posted - 2011.04.10 01:05:00 - [83]
 

Honestly i kinda liked the new forums mainly for the working search and eve-gate integration (clicking on someone and seeing bio and history and corp descriptions and even being able to send an ingame mail or add a contact is pretty cool.

But now i'm worried about what could be gained from the EvE gate about a player since i think it's all done by the same guys.

Barakkus
Posted - 2011.04.10 01:08:00 - [84]
 

Originally by: BuckStrider
If the FUBAR new forums took 13 guys and 18 months to develop, I'm scared



I would be more afraid if they had 1 guy crank it out in less than a year.

Xavier Isaacson
Minmatar
Native Freshfood
Posted - 2011.04.10 01:15:00 - [85]
 

Having done a very rough search on YAF (YetAnotherForum.net), the company that supplied the forum package to CCP, it seems that they are quite well known for not only providing zero support, but that their software is full of bugs, loopholes and errors that could lead to security breaches such as these happening.

So I would like to ask CCP why out of all the companies they could have gone to, did they choose to go with YAF, a company so inept that their own forums, running their own forum software, was repeatedly hacked in 2007. Did this really seem like the best choice guys? Really??

Akita T
Caldari Navy Volunteer Task Force
Posted - 2011.04.10 01:31:00 - [86]
 

Originally by: Xavier Isaacson
it seems that they are quite well known for not only providing zero support, but that their software is full of bugs, loopholes and errors that could lead to security breaches such as these happening

For a FREE open source piece of software, what exactly do you expect ?
Also, as far as we know, CCP added a lot of the security holes themselves when they integrated it into EVE-Gate.

Diomedes Calypso
Aetolian Armada
Posted - 2011.04.10 01:35:00 - [87]
 

Originally by: Aeronwen Carys
Originally by: BuckStrider
If the FUBAR new forums took 13 guys and 18 months to develop, I'm scared




The thing is, despite the actual forums themselves being open source and almost fully built out of the box, there was the integration into eve-gate to consider, as well as the integration with the rest of CCP's existing server architecture. Who knows how long it actually takes to do integration on that scale, or just how far that integration goes.


Why is it a good idea to integrate the forums like that?

I'm worried everytime i log into the forums from other places than my home that i'm opening a potential breach to my isk by using the same password for the forums that i use in game.

wouldn't it be good to hae a bit of an airlock seperation?

Mortania
Minmatar
No Compromise
Gentlemen's Agreement
Posted - 2011.04.10 01:35:00 - [88]
 

Originally by: Xavier Isaacson
Having done a very rough search on YAF (YetAnotherForum.net), the company that supplied the forum package to CCP, it seems that they are quite well known for not only providing zero support, but that their software is full of bugs, loopholes and errors that could lead to security breaches such as these happening.


Sounds like CCP got CCP'd.

Akita T
Caldari Navy Volunteer Task Force
Posted - 2011.04.10 01:37:00 - [89]
 

Edited by: Akita T on 10/04/2011 01:52:37
Originally by: Diomedes Calypso
Originally by: Aeronwen Carys
Originally by: BuckStrider
If the FUBAR new forums took 13 guys and 18 months to develop, I'm scared


The thing is, despite the actual forums themselves being open source and almost fully built out of the box, there was the integration into eve-gate to consider, as well as the integration with the rest of CCP's existing server architecture. Who knows how long it actually takes to do integration on that scale, or just how far that integration goes.

Why is it a good idea to integrate the forums like that?
I'm worried everytime i log into the forums from other places than my home that i'm opening a potential breach to my isk by using the same password for the forums that i use in game.
wouldn't it be good to hae a bit of an airlock seperation?

The better question would be, why can't THESE forums be integrated like that instead, then just work on a functional search feature ?

Also, yes, a SECONDARY login (linked to the primary account) that ONLY works for the forum/evegate (and just that, not the game client) would be awesome.


__

P.S. Either way, CCP needs to stop rolling out rushed junk.

Aeronwen Carys
Sebiestor Tribe
Posted - 2011.04.10 01:59:00 - [90]
 

Edited by: Aeronwen Carys on 10/04/2011 02:00:30
Edited by: Aeronwen Carys on 10/04/2011 01:59:32
Would it be possible to create a modified set of API keys specific to the functions required by the forums, that can be accessed by a secondary layer of passwords and usernames? Then if the forums were ever hacked or if any more security errors cropped up, the only thing the hacker would get would be a limited access API key.

That way we could keep our standard login details as some sort of higher level security for logging in to EVE, and use the secondary "limited" details for the forums. And I am probably making no sense at all since it is now 3am Confused

EDIT: for errors in judgement, spelling and grammar. time for bed

Damn you Akita T, does your post make mine irrelevant? I don't know, but im falling asleep.


Pages: 1 2 [3] 4 5

This thread is older than 90 days and has been locked due to inactivity.


 


The new forums are live

Please adjust your bookmarks to https://forums.eveonline.com

These forums are archived and read-only