EVE Search - New EVE Online forums temporarily disabled

All Channels

EVE General Discussion

New EVE Online forums temporarily disabled

» Click here to find additional results for this topic using Google

Monitor this thread via RSS [?]

Author	Thread Statistics \| Show CCP posts - 36 post(s)
Steve Thomas Minmatar Sebiestor Tribe	Posted - 2011.04.10 02:38:00 - [1] Originally by: Garbol Hellbrecht But, but... They made an awesome video of things that will be in a game... Oh wait... I suspect they should hire thoes people to actualy do the development work on all future CCP projects. they can only do it better. .end of line. ---- If you think your too paranoid to play EvE... Then you clearly are not paranoid enough to play EvE (Alt list) Rico Lobo
Steve Thomas Minmatar Sebiestor Tribe	Posted - 2011.04.10 02:43:00 - [2] Originally by: Misanth CCP, was these major security issues a case of you creating something above your competence level, or a case of your upper management pushing out a product that wasn't finished? Considering that you could use the build in Developer tools in Windows Exploer 9.0 to do half of what people were complaining about. . . I would have to say Both. Seriously did you guys load the forums in developer mod on purpose or something? .end of line. ---- If you think your too paranoid to play EvE... Then you clearly are not paranoid enough to play EvE (Alt list) Rico Lobo
Steve Thomas Minmatar Sebiestor Tribe	Posted - 2011.04.10 02:55:00 - [3] Edited by: Steve Thomas on 10/04/2011 02:56:41 Originally by: CCP Sreegs My job is response, not reviewing every single line of code that gets written. to be honest it should not be, your job is security, not being nany to all 1500+ CPUs owned by CCP and lets be honest I dont think anyone expeced that just by haveing a spefice brouser and operating system combo that all you would have to do is push one button on your keybard and have the forums apear to go into "full edit" mode. Originally by: Marconus Orion I bet the forums for DUST 514 and World of Darkness won't have these problems. nope, were talking about lord muphy here. the problem will be all new, and a lot worse. .end of line. ---- If you think your too paranoid to play EvE... Then you clearly are not paranoid enough to play EvE (Alt list) Rico Lobo
Steve Thomas Minmatar Sebiestor Tribe	Posted - 2011.04.10 03:47:00 - [4] Originally by: CCP Sreegs Edited by: CCP Sreegs on 10/04/2011 03:10:15 Originally by: Marconus Orion Originally by: Trocent I really wish these whiners were real programmers. They'd know how strange problems arise. Out of all the MMOs I played CCP still does a hell of a lot better than anyone else. Also to all you whiners, remember that CCP could always make this a carebear game. That'd probably get a few million subscriptions and make a ton more money, but they don't. Feel grateful or leave. Some of these people complaining are programmers. The same people who pointed out the problems before it went live. CCP just ignored them and shoved it out to the customers so they could say they Delivered. If you have any evidence of this I'd welcome you to share it with me. [email protected] I can save you the time, on this forum thread you have one IT systems developer who works for Kinder*Morgan Pipelines, two Web content developers from CITIgroup and a Network system specialist for The Clydesdale Bank PLC UK. now how many of them actualy ARE in thoes feilds is a matter of speculation. after all you can say whatever you like in facebook. .end of line. ---- If you think your too paranoid to play EvE... Then you clearly are not paranoid enough to play EvE (Alt list) Rico Lobo
Steve Thomas Minmatar Sebiestor Tribe	Posted - 2011.04.11 01:30:00 - [5] Originally by: CCP Navigator Thread has been cleaned up a little. I wanted to quickly address one or two concerns, specifically over personal information and logins. At no stage were other players able to access your login, passwords, payment details or real life information. CCP Sreegs has already stated that he is writing a blog on this subject and this is one of the things he will cover. ... ok as mutch as it may pain a lot of the comunity... im gona have to say this Less bloging, more working. you can blog when the job is done. . .end of line. Originally by: Steve Thomas Originally by: CCP Sreegs My job is security therefore that's what I blog about. The reason we shut down the forums was security related. And that is literaly ALL
Steve Thomas Minmatar Sebiestor Tribe	Posted - 2011.04.11 01:35:00 - [6] Originally by: CCP Sreegs My job is security therefore that's what I blog about. The reason we shut down the forums was security related. And that is literaly ALL you need to put in tomorows blog at this point. and yes you can bloody quote me on that. . .end of line. Originally by: Steve Thomas Originally by: CCP Sreegs My job is security therefore that's what I blog about. The reason we shut down the forums was security related. And that is literaly ALL
Steve Thomas Minmatar Sebiestor Tribe	Posted - 2011.04.11 01:49:00 - [7] Originally by: CCP Sreegs Edited by: CCP Sreegs on 10/04/2011 16:20:34 Originally by: Helicity Boson Edited by: Helicity Boson on 10/04/2011 14:54:40 You're also being lied to. While your customer data over at CCP was indeed safe, the new forums put everyone that visited them at risk. Saying we were completely safe is, demonstrably, FALSE. I've written up a blog post on the subject here: http://www.machine9.net/blog/?p=592 After posting this, I suspect this will mean goodbye for me, so let me just preemptively state that I will miss you all, and for all your flaws you ARE the best game community in the world. There are 3 problems with your post. A) It's premature, pending investigation but from what I recall though the signatures would allow HTML you could not execute script, which kills a lot of your assertions. B) We are in the process of conducting an investigation, but thus far it appears that nobody was doing anything that could put even people's cookies at risk, much less key logging. C) We don't ban people for having opinions. Even when they're wrong. (or rude) A) it would have theoreticaly been able to execute script on any pre Vista PC with IE 7 or 8, I dont think its an issue with IE9 on any operating system. the real problem however was with the ability to log in as anyone or create-edit posts as anyone, someone who was seriously being malicious would not have even needed to do that. just go in and redirect one of the links you have set up to one of the clone sights, considering that I was aparently directed to the eve sight via that popup Warning about leaving eve I have to wonder if thats what happend with some of the edits . .end of line. Originally by: Steve Thomas Originally by: CCP Sreegs My job is security therefore that's what I blog about. The reason we shut down the forums was security related. And that is literaly ALL
Steve Thomas Minmatar Sebiestor Tribe	Posted - 2011.04.11 01:56:00 - [8] Originally by: Kengutsi Akira fix your sig O.o if youre gonna quote yourself, you might as well do it right, yes? I tried to three times now, let me try it again . .end of line. Originally by: Steve Thomas Originally by: CCP Sreegs My job is security therefore that's what I blog about. The reason we shut down the forums was security related. And that is literaly ALL
Steve Thomas Minmatar Sebiestor Tribe	Posted - 2011.04.11 02:00:00 - [9] well I think its clear enough. Originally by: CCP Sreegs My job is security therefore that's what I blog about. The reason we shut down the forums was security related. And that is literaly ALL you need to put in tomorows blog.
Steve Thomas Minmatar Sebiestor Tribe	Posted - 2011.04.11 02:05:00 - [10] Originally by: Kengutsi Akira Edited by: Kengutsi Akira on 11/04/2011 01:43:33 Originally by: Myra2007 I would assume that they have to stop playing on their normal player characters. I can't imagine that they would not play their own game at all. Pretty sure I've seen numerous devs say they still play the game. lol like T20 yeah I know, its old, still funny tho Originally by: Steve Thomas Originally by: CCP Sreegs My job is security therefore that's what I blog about. The reason we shut down the forums was security related. And that is literaly ALL you need to put in tomorows blog at this point. and yes you can bloody quote me on that. please please pleeeeease do that sreegs, I wanna see the heads explode. an you failed at quoting yourself in your sig My point is to not make heads explode. my point is that people whos job is network security need to not blog about what they do for a living in excruceating detail. Originally by: CCP Sreegs My job is security therefore that's what I blog about. The reason we shut down the forums was security related. And that is literaly ALL you need to put in tomorows blog.
Steve Thomas Minmatar Sebiestor Tribe	Posted - 2011.04.11 02:44:00 - [11] Edited by: Steve Thomas on 11/04/2011 02:45:41 Originally by: Kengutsi Akira Edited by: Kengutsi Akira on 11/04/2011 02:35:14 Edited by: Kengutsi Akira on 11/04/2011 02:07:46 Your point is beside the point. Whether or not you meant for it to happen, if he resposted that, a veritable flamestorm would rage all over the forums and there WOULD be heads a-splodin and ID be laughing my ass of at it all. Basicaly what I mean is that right now at most he should just put up something like this not this untill they have had time to lock things down, find out what exactly happend, and then run it by CSM first then the rest of us. After all that WAS the original idea behind CSM in the first place. Originally by: CCP Sreegs My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
Steve Thomas Minmatar Sebiestor Tribe	Posted - 2011.04.11 03:40:00 - [12] Originally by: Kengutsi Akira Edited by: Kengutsi Akira on 11/04/2011 03:31:31 Edited by: Kengutsi Akira on 11/04/2011 03:30:26 actually no it wasnt CSM's ORIGINAL reason for being was to send those guys to Iceland to work as a watchdog group to make sure CCP was staying legit. But that is of course impossible lol Then after they figured out it was impossible, they started the bull** suggestions forum crap that it is now. In fact, I remember the tag line on the forums back then being that we knew T20 would never happen again cause we'd have the CSM to keep em straight. Yeah ppl BOUGHT that crap back then lol my point was that CSM does a fairly good job (all things considered) when they are part of the information loop on things like this. they have been able to have a level of comunication on issues that come up without the flamefest that the forums can become Originally by:** CCP Sreegs My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
Steve Thomas Minmatar Sebiestor Tribe	Posted - 2011.04.11 16:20:00 - [13] Edited by: Steve Thomas on 11/04/2011 16:22:16 ok reguarding this exploit We did a mockup of a forum (not eves just a dummy) useing a modified version of YAF.net to permit the exploits bascialy if you were running IE 8 or 9, crome, on nonuptated Vista or newer none of the redirect scripts worked without you specificaly allowing redirect scripts in settings. the best I could get was to have IE 8 throw up a yes-no box on instaling anything, Firefox 3.5 I could somehow install active X controls and Java applets, aparently because it was a trusted sight. this was not a problem with Firefox 4.0 Crome I was promptly told that it had detected and blocked suspected attacks BEFORE THE PAGE LOADED ok I may need to replace Firefox. IE 7, well if your stubborn enough to be still useing THAT antique POC then you probably already know just how badly that went. http://desusig.crumplecorn.com/sigs.html Crumplecorn's DesuSigs
Steve Thomas Minmatar Sebiestor Tribe	Posted - 2011.04.11 16:55:00 - [14] Originally by: Helicity Boson Originally by: Miilla Stable and Secure YAF has been vetted. YAF has been around since 2003. During that time, the application has been throughly tested. Since the code has been freely available for 7 years, there is nothing to hide and no stone has been left unturned. You are correct. There's nothing inherently wrong with YAF. The blame for this shameful debacle lies squarely with CCP and their incompetent gutting of a working bit of software. I'm still not entirely sure how I feel about all this. Terified might be a good place to start, after all there Database is also a off the shelf product just like YAF is. only they customised it to work the way they wanted it to work... which reminds me, Im never ever going to use the IGB in EvE again. http://desusig.crumplecorn.com/sigs.html Crumplecorn's DesuSigs
Steve Thomas Minmatar Sebiestor Tribe	Posted - 2011.04.11 17:32:00 - [15] Originally by: Erichk Knaar Originally by: Steve Thomas Crome I was promptly told that it had detected and blocked suspected attacks BEFORE THE PAGE LOADED ok I may need to replace Firefox. ^^ This is good advice. In fairness IE9 and CROME and other new browsers were about the same and frankly I was not trying to outsmart them nor realy know how to in the first place. http://desusig.crumplecorn.com/sigs.html Crumplecorn's DesuSigs

COPYRIGHT NOTICE
EVE Online, the EVE logo, EVE and all associated logos and designs are the intellectual property of CCP hf. All artwork, screenshots, characters, vehicles, storylines, world facts or other recognizable features of the intellectual property relating to these trademarks are likewise the intellectual property of CCP hf. EVE Online and the EVE logo are the registered trademarks of CCP hf. All rights are reserved worldwide. All other trademarks are the property of their respective owners. CCP hf. has granted permission to EVE-Search.com to use EVE Online and all associated logos and designs for promotional and information purposes on its website but does not endorse, and is not in any way affiliated with, EVE-Search.com. CCP is in no way responsible for the content on or functioning of this website, nor can it be liable for any damage arising from the use of this website.