open All Channels
seplocked EVE General Discussion
blankseplocked New EVE Online forums temporarily disabled
 
This thread is older than 90 days and has been locked due to inactivity.


 
Pages: first : previous : ... 12 13 14 15 [16] 17 18 19 20 ... : last (26)

Author Topic

Kristina Vanszar
Caldari
Posted - 2011.04.10 18:46:00 - [451]
 

Edited by: Kristina Vanszar on 10/04/2011 18:46:48
Originally by: Ban Doga
Originally by: Kristina Vanszar
Edited by: Kristina Vanszar on 10/04/2011 18:40:09
Quote:
who remember they believe it was not possible


WTF!?


Sorry for paraphrasing.
The original statement was
Quote:
The word from the people who checked it earlier today was that FROM MEMORY they didn't believe script could be injected.


http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1493904&page=13#364


still from memorythey didn't belive .... so they have no idea! oh my god...

Mashie Saldana
Minmatar
Veto Corp
Posted - 2011.04.10 18:48:00 - [452]
 

Originally by: Elyssa MacLeod
so miilla, what did they give you to turn you into a CCP kiss ass?

cause you used to be a rabblerouser lie the rest of us, now all you do in troll us and kiss CCP's ass.

It's called the art of trolling.

Copine Callmeknau
Kangaroos With Frickin Lazerbeams
The KWFL Republic
Posted - 2011.04.10 18:49:00 - [453]
 

I like Sreegs, epic forum warrior willing to school the usual EVE trolls. Keep it up mate.

In other news, I have made this sig to commemorate CCP's epic achievements over the last few days.
Feel free to use it yourself, it's for all of EVE community, not just me.

Furb Killer
Gallente
Posted - 2011.04.10 18:53:00 - [454]
 

So let me get this straight: pointing out security flaws the size of the hole in the WTC and, granted, exploiting them a bit for the lulz (without afaik doing any serious damage, considering what he could have done with it and notifying you so it could be fixed), results in an account ban + IP ban. Meanwhile abusing exploits in the game client and rampant botting (often a combination of those two) is perfectly fine?

Ban Doga
Posted - 2011.04.10 18:54:00 - [455]
 

Originally by: Furb Killer
So let me get this straight: pointing out security flaws the size of the hole in the WTC and, granted, exploiting them a bit for the lulz (without afaik doing any serious damage, considering what he could have done with it and notifying you so it could be fixed), results in an account ban + IP ban. Meanwhile abusing exploits in the game client and rampant botting (often a combination of those two) is perfectly fine?

We should probably ask The Monkeysphere, but I guess he would say not telling anything is better for your account...

Miilla
Minmatar
Hulkageddon Orphanage
Posted - 2011.04.10 18:58:00 - [456]
 

Originally by: Furb Killer
So let me get this straight: pointing out security flaws the size of the hole in the WTC and, granted, exploiting them a bit for the lulz (without afaik doing any serious damage, considering what he could have done with it and notifying you so it could be fixed), results in an account ban + IP ban. Meanwhile abusing exploits in the game client and rampant botting (often a combination of those two) is perfectly fine?


Pointing out means TELLING us about it, he went beyond that, he EXPLOITED the vulnerability for his own gain (ego).


Elyssa MacLeod
Posted - 2011.04.10 18:59:00 - [457]
 

Edited by: Elyssa MacLeod on 10/04/2011 19:04:25
Edited by: Elyssa MacLeod on 10/04/2011 19:01:55
Originally by: Barakkus
Originally by: Elyssa MacLeod
so miilla, what did they give you to turn you into a CCP kiss ass?

cause you used to be a rabblerouser lie the rest of us, now all you do in troll us and kiss CCP's ass.


It's called not acting like a teenager...which I'm shocked that Miilla isn't doing so, but whatever....

You can disagree, but doing so in the manner many posters do on these forums is juvenile and frankly a lot of people around here need to grow the **** up and act like adults for once in their lives. Being a complete ass because it makes you look kewl in the internet, and there's no one sitting there to punch you in the face is just ****ing stupid.


Yes and you look all the more grown up the more **** you can inject into your statement

Originally by: Copine Callmeknau
I like Sreegs, epic forum warrior willing to school the usual EVE trolls. Keep it up mate.

In other news, I have made this sig to commemorate CCP's epic achievements over the last few days.
Feel free to use it yourself, it's for all of EVE community, not just me.


lol

Originally by: Miilla
Originally by: Furb Killer
So let me get this straight: pointing out security flaws the size of the hole in the WTC and, granted, exploiting them a bit for the lulz (without afaik doing any serious damage, considering what he could have done with it and notifying you so it could be fixed), results in an account ban + IP ban. Meanwhile abusing exploits in the game client and rampant botting (often a combination of those two) is perfectly fine?


Pointing out means TELLING us about it, he went beyond that, he EXPLOITED the vulnerability for his own gain (ego).




ah I se so long as you dont tell anyone or stroke yer ego over it, you can exploit as much as you want lol

Kerrisone
Posted - 2011.04.10 19:03:00 - [458]
 

Amazing 'shiny' didn't turn out so well did it?

Xendrais
Posted - 2011.04.10 19:06:00 - [459]
 

Originally by: Akita T
Originally by: Spyke BlackIce
I usually keep my arse out of whine-fests, troll parades, and general rock throwing, but this fiasco warrants grabbing my pitchfork and joining the mob if only because of the fact that after the two test runs of the new forums, they were released not only with HUGE, wide-open security problems, but little if any of the testers' feedback was heeded. I took part in the first test run (unfortunately I couldn't find enough time due to RL issues to help with the second) but when the forums opened, I could only find a miniscule few examples of the user feedback actually being used. Why bother with tests CCP, if our input is thrown out and disregarded along with the garbage?

It is becoming obvious that someone in upper management doesn't have a clue. They want their new toys - the way it was designed, regardless of flaws and lack of features - out the door and to hell with what the customer wants, needs, envisions, or finds lacking, and worse, to hell with the silly 'polished' idea. "Get it out so that we can move onto the next new toy and we'll finish fixing it later (maybe)", seems to be this person's (or persons') motto.

I actually have a lot of respect for most of the dev teams at CCP, and I applaud their apology and acknowledgement of the problem here as well as their dropping back and punting the old forums into service again. Many companies (no *cough* *S.O.E* *cough* names here) would have taken the stoic, we-know-best-and-you-couldn't-grasp-the-issues route by simply reopening the old forums with a message along the lines of "Due to technical issues, we will be using the old forums until further notice." and that would be that. I'm not implying that the web team should not be tarred-and-feathered for this MAJOR coding ineptitude they called a forum, but I seriously believe the issue began and ended in the top echelon of management. Something this bad quite frankly should not have happened, not even in the devs' worse nightmares. The issue HAD to be a time/deadline/personnel squeeze. Plain and simple.

Quoted it all because it bears repeating several times over.
CCP needs to change its company leadership mindset.
The notion that "new features sell, polished content doesn't" will be the doom of EVE if it persists much longer.



I totally agree

mkint
Posted - 2011.04.10 19:10:00 - [460]
 

Originally by: Miilla
Originally by: Furb Killer
So let me get this straight: pointing out security flaws the size of the hole in the WTC and, granted, exploiting them a bit for the lulz (without afaik doing any serious damage, considering what he could have done with it and notifying you so it could be fixed), results in an account ban + IP ban. Meanwhile abusing exploits in the game client and rampant botting (often a combination of those two) is perfectly fine?


Pointing out means TELLING us about it, he went beyond that, he EXPLOITED the vulnerability for his own gain (ego).



Would CCP have done anything if he didn't demonstrate it? Hell no. The entire web team is a complete failure and seriously needs to be fired. They haven't done a single piece of good work, but have instead screwed up over and over again, unapologetically putting client privacy at risk every single day, and now putting client security at risk. There is no excuse for it. They are not up to the job.

Also: surprise! Miilla is taking a contrarian position. Wonder why... troll much? Get a life.

Barakkus
Posted - 2011.04.10 19:11:00 - [461]
 

Originally by: Elyssa MacLeod
Edited by: Elyssa MacLeod on 10/04/2011 19:04:25
Edited by: Elyssa MacLeod on 10/04/2011 19:01:55
Originally by: Barakkus
Originally by: Elyssa MacLeod
so miilla, what did they give you to turn you into a CCP kiss ass?

cause you used to be a rabblerouser lie the rest of us, now all you do in troll us and kiss CCP's ass.


It's called not acting like a teenager...which I'm shocked that Miilla isn't doing so, but whatever....

You can disagree, but doing so in the manner many posters do on these forums is juvenile and frankly a lot of people around here need to grow the **** up and act like adults for once in their lives. Being a complete ass because it makes you look kewl in the internet, and there's no one sitting there to punch you in the face is just ****ing stupid.


Yes and you look all the more grown up the more **** you can inject into your statement



lol umad? Rolling Eyes

Miilla
Minmatar
Hulkageddon Orphanage
Posted - 2011.04.10 19:11:00 - [462]
 

Edited by: Miilla on 10/04/2011 19:14:56

Originally by: mkint
Originally by: Miilla
Originally by: Furb Killer
So let me get this straight: pointing out security flaws the size of the hole in the WTC and, granted, exploiting them a bit for the lulz (without afaik doing any serious damage, considering what he could have done with it and notifying you so it could be fixed), results in an account ban + IP ban. Meanwhile abusing exploits in the game client and rampant botting (often a combination of those two) is perfectly fine?


Pointing out means TELLING us about it, he went beyond that, he EXPLOITED the vulnerability for his own gain (ego).



Would CCP have done anything if he didn't demonstrate it? Hell no. The entire web team is a complete failure and seriously needs to be fired. They haven't done a single piece of good work, but have instead screwed up over and over again, unapologetically putting client privacy at risk every single day, and now putting client security at risk. There is no excuse for it. They are not up to the job.

Also: surprise! Miilla is taking a contrarian position. Wonder why... troll much? Get a life.


Did I say just tell CCP I meant tell EVERYBODY, the PUBLIC. It is very easy to download YET and install it yourself and test your theory then view the source on your client browser to see if it is much different (and the files it poo poos for authentication). If he is really concerned, he can even submit a fix into the open source YET project tree or send the diff to the owners.

Test on your own machines, not in the cloud.


What is the BUG ID for this bug he submitted to CCP (aside from the email)?



Ban Doga
Posted - 2011.04.10 19:14:00 - [463]
 

Originally by: Miilla
Edited by: Miilla on 10/04/2011 19:12:57
Originally by: mkint
Originally by: Miilla
Originally by: Furb Killer
So let me get this straight: pointing out security flaws the size of the hole in the WTC and, granted, exploiting them a bit for the lulz (without afaik doing any serious damage, considering what he could have done with it and notifying you so it could be fixed), results in an account ban + IP ban. Meanwhile abusing exploits in the game client and rampant botting (often a combination of those two) is perfectly fine?


Pointing out means TELLING us about it, he went beyond that, he EXPLOITED the vulnerability for his own gain (ego).



Would CCP have done anything if he didn't demonstrate it? Hell no. The entire web team is a complete failure and seriously needs to be fired. They haven't done a single piece of good work, but have instead screwed up over and over again, unapologetically putting client privacy at risk every single day, and now putting client security at risk. There is no excuse for it. They are not up to the job.

Also: surprise! Miilla is taking a contrarian position. Wonder why... troll much? Get a life.


Did I say just tell CCP I meant tell EVERYBODY, the PUBLIC. It is very easy to download YET and install it yourself and test your theory then view the source on your client browser to see if it is much different (and the files it poo poos for authentication). If he is really concerned, he can even submit a fix into the open source YET project tree or send the diff to the owners.

Test on your own machines, not in the cloud.


Maybe you should take a break.
This was 2/10.
At most.


Mangold
Mad Bombers
Guns and Alcohol
Posted - 2011.04.10 19:15:00 - [464]
 

Is it safe to use my password on this forum?

Thank god I picked another one than in game...ohwait.

Remarkable incompetence in this security issue. I am amazed on how badly this is being handled. Last time I checked we are paying customers and this is not a proper way to tend to your customers.


Elyssa MacLeod
Posted - 2011.04.10 19:17:00 - [465]
 

Edited by: Elyssa MacLeod on 10/04/2011 19:18:49
Originally by: Barakkus


lol umad? Rolling Eyes


lol 13 year old response from the guy crying how everyone else should be more mature?

no, not mad, pointing out funny ironies, and hippocracy apparently

you forgot the "bro" part

Miilla
Minmatar
Hulkageddon Orphanage
Posted - 2011.04.10 19:18:00 - [466]
 

Originally by: Ban Doga
Maybe you should take a break.
This was 2/10.
At most.





Didn't know we were keeping score. Do you keep little rage lists too?



Barakkus
Posted - 2011.04.10 19:19:00 - [467]
 

Originally by: Elyssa MacLeod
Originally by: Barakkus


lol umad? Rolling Eyes


lol 13 year old response from the guy crying how everyone else should be more mature?

no, not mad, pointing out funny ironies, and hippocracy apparently


You fail at internet sarcasm.
Train reading comprehension to level 1 please.

Bomberlocks
Minmatar
CTRL-Q
Posted - 2011.04.10 19:19:00 - [468]
 

Originally by: Gnulpie
Man, jeez, give them folks at CCP some time to investigate what exactly happend, where the vulnerabilities are, what communication channels failed (if they failed) etc.

This takes time and such things can't be properly done in few hours!

You guys want thorough investigation and at the same time you want results, blogs and whatnot already yesterday. That's not working!

If there is still no public reply in a few days, THEN is the time to make a huge uproar, but for now let them do their work.

Ranting, venting anger and frustration is good and fine, but after that, let it go and calm down.
You mean the year that they took to reskin an open source forum, and rewrite the authentication code, the mythical 45 man years, wasn't enough??? What exactly were they doing in that time, because I don't think it was doing the graphics or coding?

Helicity Boson
Amarr
The Python Cartel.
The Defenders of Pen Island
Posted - 2011.04.10 19:20:00 - [469]
 

I feel a little bad for flaming CCP Sreegs, it really isn't his fault.
But you know me, I get all worked up and stuff.

re: bannings.

I do think the ban is appropriate, whereas I only verified it was possible, I didn't go and USE the exploit. I blew the whistle instead, which was the right thing to do.


Ban Doga
Posted - 2011.04.10 19:20:00 - [470]
 

Edited by: Ban Doga on 10/04/2011 19:20:20
Originally by: Miilla
Originally by: Ban Doga
Maybe you should take a break.
This was 2/10.
At most.





Didn't know we were keeping score. Do you keep little rage lists too?

How could we not keep score?

And what makes you think my rage list - IF I had one - would be little? Twisted Evil

mkint
Posted - 2011.04.10 19:28:00 - [471]
 

Originally by: Bomberlocks
Originally by: Gnulpie
Man, jeez, give them folks at CCP some time to investigate what exactly happend, where the vulnerabilities are, what communication channels failed (if they failed) etc.

This takes time and such things can't be properly done in few hours!

You guys want thorough investigation and at the same time you want results, blogs and whatnot already yesterday. That's not working!

If there is still no public reply in a few days, THEN is the time to make a huge uproar, but for now let them do their work.

Ranting, venting anger and frustration is good and fine, but after that, let it go and calm down.
You mean the year that they took to reskin an open source forum, and rewrite the authentication code, the mythical 45 man years, wasn't enough??? What exactly were they doing in that time, because I don't think it was doing the graphics or coding?

What were they doing? I thought it was pretty clear.

Elyssa MacLeod
Posted - 2011.04.10 19:29:00 - [472]
 

Originally by: Helicity Boson
I feel a little bad for flaming CCP Sreegs, it really isn't his fault.
But you know me, I get all worked up and stuff.

re: bannings.

I do think the ban is appropriate, whereas I only verified it was possible, I didn't go and USE the exploit. I blew the whistle instead, which was the right thing to do.




whaaaaaaat helicity with a conscience? Tell me you got hacked an this really isnt you

Velicitia
Gallente
Open Designs
Posted - 2011.04.10 19:50:00 - [473]
 

Originally by: CCP Sreegs
Originally by: Sullen Skoung
Edited by: Sullen Skoung on 10/04/2011 17:21:43
Originally by: Hel O'Ween
And I remind you that Cat reported the issue first and then - when his warning got ignored - demonstrated it for all to see. This was the time CCP finally got the message and pulled the plug.


I think this is the part that Sreegs is trying to get us to prove



Nobody has to prove anything about anyone's actions on the forums I have full logs of everything.

Shocked
[bitter eve vet] c'mon Sreegs, we all know the logs show nothingRolling Eyes[/bitter]

I really hope the best to you guys in sorting this out... and that it prompts the teams to re-evaluate the "get it out there! they want shinies!" mentality that seems to have begun with CCP...

Teh Blade
Posted - 2011.04.10 19:53:00 - [474]
 

Originally by: CCP Navigator
Thread has been cleaned up a little.

I wanted to quickly address one or two concerns, specifically over personal information and logins. At no stage were other players able to access your login, passwords, payment details or real life information.

CCP Sreegs has already stated that he is writing a blog on this subject and this is one of the things he will cover.


Given the rate to which CCP is failing every other week, full security compromise is just a matter of time bud. Just a matter of time. You might have dodged the bullet this time but with the level of incompetence demonstrated by your web developers is going to happen sooner rather than later. Thankfully my credit card company is protecting me from crap companies like CCP, this being the reason you still have that info in your database.

Jon Taggart
State War Academy
Posted - 2011.04.10 20:01:00 - [475]
 

Kudos to those who know what film this is from.

Player Base: CCP, we were supposed to be allowed to provide feedback on upcoming changes, but your devs won't listen to us.

CCP: Guys, guys, guys! We've been through this a dozen times. We take your opinions and ideas with due consideration, and because we don't make the changes you propose, doesn't mean we don't listen to you. OK guys?

Player Base: Then let us have a look around, so we can ease the player base's collective mind. I'm sorry, but we must be firm with you. Listen to us, or else.

CCP: Or else what?

Player Base: Or else we will be very angry with you... and we will write you forum posts, telling you how angry we are.

Akita T
Caldari Navy Volunteer Task Force
Posted - 2011.04.10 20:02:00 - [476]
 

Originally by: Jon Taggart
those who know what film this is from

Roooonery... soooo roooonery.... Laughing

Barakkus
Posted - 2011.04.10 20:05:00 - [477]
 

Originally by: Helicity Boson
I feel a little bad for flaming CCP Sreegs, it really isn't his fault.
But you know me, I get all worked up and stuff.

re: bannings.

I do think the ban is appropriate, whereas I only verified it was possible, I didn't go and USE the exploit. I blew the whistle instead, which was the right thing to do.




Regardless, I just have to say thanks for divulging exactly what was going on, most of us probably wouldn't have ever found out, and after reading your blog, regardless of what CCP has said I have some serious concerns over this mess.

I have faith though that they will fix it before they attempt to release again...especially after what exactly went wrong with their implementation of the forums ended up public.

Helicity Boson
Amarr
The Python Cartel.
The Defenders of Pen Island
Posted - 2011.04.10 20:18:00 - [478]
 

Originally by: Elyssa MacLeod

whaaaaaaat helicity with a conscience? Tell me you got hacked an this really isnt you


it's more likely than you think.

Heck, it's why I get so wound up to begin with.


Miilla
Minmatar
Hulkageddon Orphanage
Posted - 2011.04.10 20:21:00 - [479]
 

Originally by: Helicity Boson
Originally by: Elyssa MacLeod

whaaaaaaat helicity with a conscience? Tell me you got hacked an this really isnt you


it's more likely than you think.

Heck, it's why I get so wound up to begin with.




Miss Conscience would like to donate a Hulkageddon 4 medal? :)


mkint
Posted - 2011.04.10 20:32:00 - [480]
 

Originally by: Barakkus
Originally by: Helicity Boson
I feel a little bad for flaming CCP Sreegs, it really isn't his fault.
But you know me, I get all worked up and stuff.

re: bannings.

I do think the ban is appropriate, whereas I only verified it was possible, I didn't go and USE the exploit. I blew the whistle instead, which was the right thing to do.




Regardless, I just have to say thanks for divulging exactly what was going on, most of us probably wouldn't have ever found out, and after reading your blog, regardless of what CCP has said I have some serious concerns over this mess.

I have faith though that they will fix it before they attempt to release again...especially after what exactly went wrong with their implementation of the forums ended up public.

What you don't seem to be getting, and CCP probably won't acknowledge at any level, is that this isn't "a problem." It's a system of problems, and this is just another manifestation of it. What will happen is CCP is going to go "whoops" and patch it and carry on until the next "whoops" moment is even bigger and starts leading to class action lawsuits, the company gets turned into a red tape bureaucracy (which would destroy the company incidentally) because it can't be trusted to exist in any other form. Yes, the web programmers are completely incompetent, but that just reflects on the corporate officers for having an incompetent business process.


Pages: first : previous : ... 12 13 14 15 [16] 17 18 19 20 ... : last (26)

This thread is older than 90 days and has been locked due to inactivity.


 


The new forums are live

Please adjust your bookmarks to https://forums.eveonline.com

These forums are archived and read-only