Pages: 1 2 3 4 5 6 7 8 9 10 [11] 12 13 14 15 16 17 18 19 20 .. 27 :: one page |
|
Author |
Thread Statistics | Show CCP posts - 36 post(s) |
Grimpak
Gallente The Whitehound Corporation Frontline Assembly Point
|
Posted - 2011.04.10 13:29:00 -
[301]
Originally by: Bomberlocks I'm sorry, I don't believe you. There was a sample exploit on another forum showing exactly how easy it would be to inject a keylogger. However, as you will obviously ban any discussion of that exploit, it is impossible to discuss it here and you leave it to people with less than honourable intentions to discuss it elsewhere.
in all honesty the chance was still slim. not impossible but the likelihood of it happening was small since that, altho there was some time wasted, they acted within a couple of hours.
granted it's still a couple of hours and any semi-competent scripter can code anything in that time, but as far as one can see, nothing happened yet.
also, as far as one knows, the major security breach was only code related. the cookie derp, as stated, didn't go beyond forums.
it was still a very serious security breach however, and precautions are still welcome. ---
Quote: The more I know about humans, the more I love animals.
ain't that right. |
Grey Stormshadow
Starwreck Industries
|
Posted - 2011.04.10 13:30:00 -
[302]
This entire mess is something what really didn't even need to happen... but as it did and the general plan will most likely be implemented we like it or not - at least give it enough time now and do it properly on 2nd try.
Further details here as I don't wanna repost the reasoning.
------------------------------------------------- Play with the best - die like the rest starwreck.com - support the cause :) |
|
CCP Sreegs
|
Posted - 2011.04.10 13:31:00 -
[303]
Originally by: Bomberlocks
Originally by: CCP Navigator Thread has been cleaned up a little.
I wanted to quickly address one or two concerns, specifically over personal information and logins. At no stage were other players able to access your login, passwords, payment details or real life information.
CCP Sreegs has already stated that he is writing a blog on this subject and this is one of the things he will cover.
I would like to post a few pertinent facts: - The person who was banned petitioned the vulnerability to CCP. It was not acted upon. - Said person then proceeded to demonstrate that vulnerability after discussing it on the now-defunct SHC forums. - Said person was banned for impersonating someone who was not himself. - The forums were taken down. - The forums were brought back up and CCP Fallout asserted that the vulnerabilities had been patched and "We would like to reiterate that your personal details and billing information have not been compromised, and that your eve online account was not at risk". - The banned person then proceed to post, as himself, inspite of him being banned, in reply to CCP Fallout's assertion, thereby proving Fallout's assertion to be false. - The forums were then taken down again. - The forums brought back up a while later. - Later on, I presume after having discovered that the forums were still vulnerable, they were taken down again. - The old forums were brought back up. - Discussions involving said banned person are closed with further threats of banning, ignoring the fact that the story has already been widely spread, on other forums, Facebook, twitter and probably the media as well (slashdot for example). - You now claim, again, that customer data was never at risk.
In light of that information, how do you expect us to believe your current assertion without a transparent and open discussion of the vulnerability? The banned person can easily post his version any else he chooses, and given his disproving of CCP's earlier assertions, I presume that the benefit of the doubt will go to him.
The ball, I think, is in your court.
We don't discuss administrative actions. At all. Ever. No matter how many times you ask, demand or otherwise say the same thing over and over and over again. Our policy is simply that we don't, and to be fair you only have access to enough information to speculate.
I'm not claiming. I'm stating outright that customer data was never at risk. We've also said there will be a blog which will detail what occurred and what was wrong. |
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.10 13:32:00 -
[304]
Originally by: CCP Sreegs My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
That aside, which version are you more comfortable using personally, this one or the "new" one ? And why ? _
Make ISK||Build||React||1k papercuts _
|
Calathea Sata
State War Academy
|
Posted - 2011.04.10 13:51:00 -
[305]
Originally by: Akita T
Originally by: CCP Sreegs My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
That aside, which version are you more comfortable using personally, this one or the "new" one ? And why ?
"I like the old one more, obviously, but I cannot say it because you guys will start taking my words as 'CCP's' and use it againt my company, and that will get me fired!"
|
Turix
Interstellar eXodus BricK sQuAD.
|
Posted - 2011.04.10 13:53:00 -
[306]
Originally by: CCP Sreegs My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
Well do you mind poking the people responsible for the other issues that players are identifying to communicate with us please? __________________________
|
Di Mulle
|
Posted - 2011.04.10 13:54:00 -
[307]
Originally by: Turix
Originally by: CCP Navigator Thread has been cleaned up a little.
I wanted to quickly address one or two concerns, specifically over personal information and logins. At no stage were other players able to access your login, passwords, payment details or real life information.
CCP Sreegs has already stated that he is writing a blog on this subject and this is one of the things he will cover.
This doesn't appear to be the issue most people are concerned about. There appears to be much more concern over the design style and decisions made when implementing the new forums; consensus seems to be that people simply don't like them (See the threads in General Discussion/Assembly Hall).
Though I really disliked new forums design decisions as well, let's be honest - there were lots of people who supported them. We have every right to despise their taste, do we have a right to force our taste over them ?
This controversy can be solved, however. Software in general and web applications in particular has a special blessing, they can be made configurable to a big extent, thus allowing user to choose what he wants. Almost any widely used forum software has lots of built-in opportunities for configuration.
Now, what new forums had? There were only a few configuration options, more exactly - only 3 options.
Guess what - none of them were working at all.
For me it is a glaring evidence that ability for a user to choose what he wants was a last priority for a forum team.
It is this mindset that scares me most of all. One may say, the team concentrated on things that are of an even bigger importance - stability and security. Well, now we all know what they achieved
That leaves us a sad conclusion, already voiced many times. The main task of a forum team was a dumb marketing in its' most stinking form. To promote a useless and dieing Spacebook and chestbeat even more about the character portraits.
Make no mistake please, I think new portrait generator is a great thing and CCP has every right to be proud of it. But apparently they start to think it is a main core of the game... ?????
|
Miilla
Minmatar Hulkageddon Orphanage
|
Posted - 2011.04.10 13:55:00 -
[308]
You all got what you wanted, the old fourms back, why are you all still whining?
|
Calathea Sata
State War Academy
|
Posted - 2011.04.10 13:56:00 -
[309]
Originally by: Miilla
You all got what you wanted, the old fourms back, why are you all still whining?
CCP is killing EVE
|
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.10 13:57:00 -
[310]
Edited by: Tippia on 10/04/2011 13:57:23
Originally by: Miilla You all got what you wanted, the old fourms back, why are you all still whining?
Because it won't last, and because we actually do want a new forum ù just a new forum that is also better than the old one. ùùù ôIf you're not willing to fight for what you have in ≡v≡à you don't deserve it, and you will lose it.ö ù Karath Piki |
|
Miilla
Minmatar Hulkageddon Orphanage
|
Posted - 2011.04.10 13:58:00 -
[311]
Originally by: Tippia Edited by: Tippia on 10/04/2011 13:57:23
Originally by: Miilla You all got what you wanted, the old fourms back, why are you all still whining?
Because it won't last, and because we actually do want a new forum ù just a new forum that is also better than the old one.
So go make your own style sheet.
|
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.10 14:02:00 -
[312]
Originally by: Miilla So go make your own style sheet.
That only solves (some of) the design issues ù the functionality is still gone.
Design-wise, I could probably live with the way the forums looked with my CSS. Feature-wise, it made little difference and didn't improve on what the forums offered. ùùù ôIf you're not willing to fight for what you have in ≡v≡à you don't deserve it, and you will lose it.ö ù Karath Piki |
Miilla
Minmatar Hulkageddon Orphanage
|
Posted - 2011.04.10 14:02:00 -
[313]
Originally by: Tippia
Originally by: Miilla So go make your own style sheet.
That only solves (some of) the design issues ù the functionality is still gone.
Design-wise, I could probably live with the way the forums looked with my CSS. Feature-wise, it made little difference and didn't improve on what the forums offered.
Like button withdrawals?
|
SillyWaif
Galactic Kingdom
|
Posted - 2011.04.10 14:04:00 -
[314]
Originally by: Calathea Sata I too along with many others (in fact MOST of the forum users) would like to keep the old forums.
Can we make this, using the old forums, permanent? Pretty please with sugar on top?!
Note: the fonts of the new forums give an headache, seriously. Now i am forced to either change the css with 'Stylish' or strip the html with 'Web Developer' plugin
|
Miilla
Minmatar Hulkageddon Orphanage
|
Posted - 2011.04.10 14:04:00 -
[315]
So, since we now found somebody to blame for the forums, who do we blame now for Windows Millenium?
|
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.10 14:05:00 -
[316]
Originally by: Miilla Like button withdrawals?
Ok, correction: I could improve on the feature offering by removing the whole like system with CSS. ùùù ôIf you're not willing to fight for what you have in ≡v≡à you don't deserve it, and you will lose it.ö ù Karath Piki |
Ban Doga
|
Posted - 2011.04.10 14:08:00 -
[317]
Originally by: Miilla
You all got what you wanted, the old fourms back, why are you all still whining?
Are you one of those people who are totally happy when someone steals their car and brings it back later "because you got it back now so everything is okay again"?
|
Miilla
Minmatar Hulkageddon Orphanage
|
Posted - 2011.04.10 14:08:00 -
[318]
Originally by: Ban Doga
Originally by: Miilla
You all got what you wanted, the old fourms back, why are you all still whining?
Are you one of those people who are totally happy when someone steals their car and brings it back later "because you got it back now so everything is okay again"?
Shouldn't your anology involve space ships?
|
Ban Doga
|
Posted - 2011.04.10 14:10:00 -
[319]
Originally by: Miilla
Originally by: Ban Doga
Originally by: Miilla
You all got what you wanted, the old fourms back, why are you all still whining?
Are you one of those people who are totally happy when someone steals their car and brings it back later "because you got it back now so everything is okay again"?
Shouldn't your anology involve space ships?
Are you one of those people who are totally happy when someone steals their car spaceship and brings it back later "because you got it back now so everything is okay again"?
|
Miilla
Minmatar Hulkageddon Orphanage
|
Posted - 2011.04.10 14:11:00 -
[320]
Originally by: Ban Doga
Originally by: Miilla
Originally by: Ban Doga
Originally by: Miilla
You all got what you wanted, the old fourms back, why are you all still whining?
Are you one of those people who are totally happy when someone steals their car and brings it back later "because you got it back now so everything is okay again"?
Shouldn't your anology involve space ships?
Are you one of those people who are totally happy when someone steals their car spaceship and brings it back later "because you got it back now so everything is okay again"?
No because I have a Keanu Reeves anti ship alarm fitted. I simply press a button and every ship around me exploads except my own. Makes it easier to locate in the station mall parking area.
|
|
Ban Doga
|
Posted - 2011.04.10 14:22:00 -
[321]
Originally by: Miilla
Originally by: Ban Doga
Originally by: Miilla
Originally by: Ban Doga
Are you one of those people who are totally happy when someone steals their car and brings it back later "because you got it back now so everything is okay again"?
Shouldn't your anology involve space ships?
Are you one of those people who are totally happy when someone steals their car spaceship and brings it back later "because you got it back now so everything is okay again"?
No because I have a Keanu Reeves anti ship alarm fitted. I simply press a button and every ship around me exploads except my own. Makes it easier to locate in the station mall parking area.
Shouldn't your analogy not involve Keanu Reeves?
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.10 14:29:00 -
[322]
Originally by: Calathea Sata
Originally by: Akita T
Originally by: CCP Sreegs My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
That aside, which version are you more comfortable using personally, this one or the "new" one ? And why ?
"I like the old one more, obviously, but I cannot say it because you guys will start taking my words as 'CCP's' and use it againt my company, and that will get me fired!"
Well, duh _
CCP LEADERSHIP MENTALITY NEEDS TO CHANGE FAST ! "New junky features sell, old polished content doesn't" ? KILL IT WITH FIRE. |
LtCol Laurentius
Zor Industries
|
Posted - 2011.04.10 14:37:00 -
[323]
Originally by: CCP Sreegs
We don't discuss administrative actions. At all. Ever. No matter how many times you ask, demand or otherwise say the same thing over and over and over again. Our policy is simply that we don't, and to be fair you only have access to enough information to speculate.
I'm not claiming. I'm stating outright that customer data was never at risk. We've also said there will be a blog which will detail what occurred and what was wrong.
It doesnt matter. The public image you have created is that you **** over the whistleblower, while claiming everything is allright. And unless you start to take the community i bit more seriosly, that public imagew is going to stick, no matter what your policies are.
|
Miilla
Minmatar Hulkageddon Orphanage
|
Posted - 2011.04.10 14:42:00 -
[324]
Originally by: LtCol Laurentius
Originally by: CCP Sreegs
We don't discuss administrative actions. At all. Ever. No matter how many times you ask, demand or otherwise say the same thing over and over and over again. Our policy is simply that we don't, and to be fair you only have access to enough information to speculate.
I'm not claiming. I'm stating outright that customer data was never at risk. We've also said there will be a blog which will detail what occurred and what was wrong.
It doesnt matter. The public image you have created is that you **** over the whistleblower, while claiming everything is allright. And unless you start to take the community i bit more seriosly, that public imagew is going to stick, no matter what your policies are.
Whistleblower? Whistleblowers talk about the problem, they dont EXPLOIT the problem.
|
Aneu Angellus
Caldari SKULLDOGS RED.OverLord
|
Posted - 2011.04.10 14:45:00 -
[325]
Edited by: Aneu Angellus on 10/04/2011 14:45:19
Originally by: CCP Sreegs
Originally by: Bomberlocks
Originally by: CCP Navigator Thread has been cleaned up a little.
I wanted to quickly address one or two concerns, specifically over personal information and logins. At no stage were other players able to access your login, passwords, payment details or real life information.
CCP Sreegs has already stated that he is writing a blog on this subject and this is one of the things he will cover.
I would like to post a few pertinent facts: - The person who was banned petitioned the vulnerability to CCP. It was not acted upon. - Said person then proceeded to demonstrate that vulnerability after discussing it on the now-defunct SHC forums. - Said person was banned for impersonating someone who was not himself. - The forums were taken down. - The forums were brought back up and CCP Fallout asserted that the vulnerabilities had been patched and "We would like to reiterate that your personal details and billing information have not been compromised, and that your eve online account was not at risk". - The banned person then proceed to post, as himself, inspite of him being banned, in reply to CCP Fallout's assertion, thereby proving Fallout's assertion to be false. - The forums were then taken down again. - The forums brought back up a while later. - Later on, I presume after having discovered that the forums were still vulnerable, they were taken down again. - The old forums were brought back up. - Discussions involving said banned person are closed with further threats of banning, ignoring the fact that the story has already been widely spread, on other forums, Facebook, twitter and probably the media as well (slashdot for example). - You now claim, again, that customer data was never at risk.
In light of that information, how do you expect us to believe your current assertion without a transparent and open discussion of the vulnerability? The banned person can easily post his version any else he chooses, and given his disproving of CCP's earlier assertions, I presume that the benefit of the doubt will go to him.
The ball, I think, is in your court.
We don't discuss administrative actions. At all. Ever. No matter how many times you ask, demand or otherwise say the same thing over and over and over again. Our policy is simply that we don't, and to be fair you only have access to enough information to speculate.
I'm not claiming. I'm stating outright that customer data was never at risk. We've also said there will be a blog which will detail what occurred and what was wrong.
CCP has always been the example I give when I try to show great customer service when I play other games but after knowing exactly what occurred in this event, knowing exactly how CCP responded to a community member pointing out faults in the forums then I must say I wont be doing it any-more.
You're reply is not adequate and simply doesn't show good customer service. CCP have been shown to not know what is happening with their services, the services many people pay for, a public statement needs to be made explaining EVERYTHING in order to prevent continual damage that no response will create.
Aneu ___ Death Pain Suffering
DPS - Recruitment Open
Aneu |
Grimpak
Gallente The Whitehound Corporation Frontline Assembly Point
|
Posted - 2011.04.10 14:48:00 -
[326]
Originally by: Miilla Whistleblower? Whistleblowers talk about the problem, they dont EXPLOIT the problem.
in all fairness, while he could do something much more malicious than he did and while I can understand why he did it (concern that an email simply wouldn't suffice), the means were also not the most correct.
should we thank him? yes. but punishment still must be served. A tempban in my view would probably be the most correct approach. ---
Quote: The more I know about humans, the more I love animals.
ain't that right. |
Dogo Duma
|
Posted - 2011.04.10 14:49:00 -
[327]
Originally by: Akita T
Originally by: CCP Sreegs My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
That aside, which version are you more comfortable using personally, this one or the "new" one ? And why ?
Originally by: CCP Sreegs
Originally by: Titus Phook Well if he passed the new forum as fit for use, and lets face it he's the security guy and it was a security issue, he's probably busy trying to get the egg off his face.
My job is response, not reviewing every single line of code that gets written.
Hm.
|
Miilla
Minmatar Hulkageddon Orphanage
|
Posted - 2011.04.10 14:50:00 -
[328]
Originally by: Grimpak
Originally by: Miilla Whistleblower? Whistleblowers talk about the problem, they dont EXPLOIT the problem.
in all fairness, while he could do something much more malicious than he did and while I can understand why he did it (concern that an email simply wouldn't suffice), the means were also not the most correct.
should we thank him? yes. but punishment still must be served. A tempban in my view would probably be the most correct approach.
He could publish his findings anonymously instead of exploiting it for his (ego) gain.
Tough, he went about it in the wrong way.
|
Calathea Sata
State War Academy
|
Posted - 2011.04.10 14:50:00 -
[329]
Originally by: Dogo Duma
Originally by: Akita T
Originally by: CCP Sreegs My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
That aside, which version are you more comfortable using personally, this one or the "new" one ? And why ?
Originally by: CCP Sreegs
Originally by: Titus Phook Well if he passed the new forum as fit for use, and lets face it he's the security guy and it was a security issue, he's probably busy trying to get the egg off his face.
My job is response, not reviewing every single line of code that gets written.
Hm.
CCP Sreegs has some explainations to do.
|
Miilla
Minmatar Hulkageddon Orphanage
|
Posted - 2011.04.10 14:52:00 -
[330]
Originally by: Calathea Sata
Originally by: Dogo Duma
Originally by: Akita T
Originally by: CCP Sreegs My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
That aside, which version are you more comfortable using personally, this one or the "new" one ? And why ?
Originally by: CCP Sreegs
Originally by: Titus Phook Well if he passed the new forum as fit for use, and lets face it he's the security guy and it was a security issue, he's probably busy trying to get the egg off his face.
My job is response, not reviewing every single line of code that gets written.
Hm.
CCP Sreegs has some explainations to do.
If you don't like it, stop paying.
No?
|
|
|
|
|
Pages: 1 2 3 4 5 6 7 8 9 10 [11] 12 13 14 15 16 17 18 19 20 .. 27 :: one page |
First page | Previous page | Next page | Last page |