| Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 .. 27 :: [one page] |
|
|
| Author |
Thread Statistics | Show CCP posts - 36 post(s) |
|
CCP Navigator
C C P
C C P Alliance
   |
Posted - 2011.04.09 23:21:00 -
[1]
Over the last few days we rolled out new forums which, following some security issues, have resulted in us taking them offline for further investigation.
In the meantime we have reopened the old forums for your posting pleasue.
We will use this thread to keep everyone updated about the status of the new forums and to answer your questions.
Update 2011.04.10 00:39: It has been an interesting weekend so far. Our shiny new forums havenĘt worked quite as expected and they have been going up and down a few times. We have opened up our trusted old forums for your posting pleasure and we will be keeping the new forums down until they can be sorted out. There will be more information on this on Monday. We apologize for any inconvenience this may have caused you and we thank you for your patience and understanding.
Navigator
Lead Community Representative
CCP Hf, EVE Online
|
|
sableye
principle of motion
|
Posted - 2011.04.09 23:25:00 -
[2]
I think its the best thing todo but I will miss the larger portraits.
-----------------------------------------
View The North Star! In All Its Glory!! |
Mag's
the united
Negative Ten.
|
Posted - 2011.04.09 23:26:00 -
[3]
The question is, how the hell did the new ones get released in such a bad state to begin with?
 Originally by: Allestin Villimar
Also, if your bookmarks are too far out, they can and will ban you for it.
Originally by: Torothanax
Low population in w systems makes afk cloaking unattractive.
|
Tobias Solem
|
Posted - 2011.04.09 23:27:00 -
[4]
CCP's commitment to excellence is astounding.
|
Tekedo
|
Posted - 2011.04.09 23:28:00 -
[5]
This is getting pretty ridiculous.
|
Siiee
Recycled Heroes
|
Posted - 2011.04.09 23:29:00 -
[6]
At least you've finally done the sensible thing.
|
Shaylene
Amarr
Escape from skattmasen
|
Posted - 2011.04.09 23:31:00 -
[7]
wow! A forum you can read more then 1 minute before youre eyes starts to bleed woohoo!
Hated the new forum. Old forum is way better.
|
Titus Phook
|
Posted - 2011.04.09 23:32:00 -
[8]
The new forums were like a cheap hong kong rolex, looked good and broke within a week, way to go CCP.
---------------------------------------------
|
Misaki Yuuko
Caldari
|
Posted - 2011.04.09 23:33:00 -
[9]
Edited by: Misaki Yuuko on 09/04/2011 23:32:57
EXCELLENCE! 
Better yet: DELIVER!
|
Ifly Uwalk
Caldari
Empire Tax Collection Agency
|
Posted - 2011.04.09 23:33:00 -
[10]
:ccp:
|
|
|
Alotta Baggage
Amarr
Imperial Manufactorum
Armada Assail
|
Posted - 2011.04.09 23:34:00 -
[11]
Originally by: Titus Phook
The new forums were like a cheap hong kong rolex, looked good and broke within a week, way to go CCP.
Also falls apart in the rain
Originally by: Valkoinen Heteromies
I for one would love to be able to walk on stations and fly spaceships in the body of a little cute catgirl!
|
Copine Callmeknau
Kangaroos With Frickin Lazerbeams
The KWFL Republic
|
Posted - 2011.04.09 23:34:00 -
[12]
protip CCP: FINISH making something before you force everyone to use it.
Stunning EVE Online Theme for PS3 |
Bomberlocks
Minmatar
CTRL-Q
|
Posted - 2011.04.09 23:34:00 -
[13]
I find myself literally laughing out loud at the sheer ineptitude of the way this situation was handled. Excellent entertainment.
P.S. Free Cat!
|
Jovan Geldon
Gallente
Lead Farmers
Kill It With Fire
|
Posted - 2011.04.09 23:34:00 -
[14]
Finally, a sensible decision. Get the damm thing fixed properly before you open it again.
|
Jada Maroo
|
Posted - 2011.04.09 23:35:00 -
[15]
Originally by: Misaki Yuuko
Edited by: Misaki Yuuko on 09/04/2011 23:32:57
EXCELLENCE!
Better yet: DELIVER!
What we experienced was not delivery. It was like the UPS man coming to your door with a package, opening it, letting you play with it, and then grabbing it from you and driving off!
That UPS man is an *******!
|
Mag's
the united
Negative Ten.
|
Posted - 2011.04.09 23:36:00 -
[16]
Originally by: Copine Callmeknau
protip CCP: FINISH making something before you force everyone to use it.
Also having people with a clue, working on it helps
Originally by: Allestin Villimar
Also, if your bookmarks are too far out, they can and will ban you for it.
Originally by: Torothanax
Low population in w systems makes afk cloaking unattractive. |
Molten Black
Lazy Twats Inc
|
Posted - 2011.04.09 23:37:00 -
[17]
Edited by: Molten Black on 09/04/2011 23:43:11
Edited by: Molten Black on 09/04/2011 23:37:06
Must have hurt to do this but it was the sensible decision.
BTW: I don't miss the extremly oversized quotation marks one bit.
|
Siiee
Recycled Heroes
|
Posted - 2011.04.09 23:37:00 -
[18]
Originally by: Jada Maroo
What we experienced was not delivery. It was like the UPS man coming to your door with a package, opening it, letting you play with it, and then grabbing it from you and driving off!
That UPS man is an *******!
Actually since what was in the package was a massive steaming ermm... Revenant... I don't think many people would mind all that much.
|
Elyssa MacLeod
|
Posted - 2011.04.09 23:37:00 -
[19]
I dub this the day of a thousand lolz
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
Valator Uel
Caldari
Mercenaries of Andosia
Northern Coalition.
|
Posted - 2011.04.09 23:38:00 -
[20]
- Step 1: Assemble a new professional team of web developers.
- Step 2: Cook for 18 months.
- Step 3: ???
- Step 4: New New Forums!
------------------
empty sig |
|
|
Copine Callmeknau
Kangaroos With Frickin Lazerbeams
The KWFL Republic
|
Posted - 2011.04.09 23:39:00 -
[21]
Originally by: Siiee
Originally by: Jada Maroo
What we experienced was not delivery. It was like the UPS man coming to your door with a package, opening it, letting you play with it, and then grabbing it from you and driving off!
That UPS man is an *******!
Actually since what was in the package was a massive steaming ermm... Revenant... I don't think many people would mind all that much.
Oh snap! Double whammy
Stunning EVE Online Theme for PS3 |
gargars
|
Posted - 2011.04.09 23:40:00 -
[22]
Ahhhh it's good to be home again lol. I missed the old forums more than I thought I would... even in that short a period of time. 
|
Venetian Tar
United Systems Navy
Wildly Inappropriate.
|
Posted - 2011.04.09 23:40:00 -
[23]
:ccp: |
Kerfira
Kerfira Corp
|
Posted - 2011.04.09 23:40:00 -
[24]
Before you put them back in, please address all the issues raised... a few of which are (in no particular order):
1. Waste of vertical screen space (requiring lots of scrolling)
2. Lack of features compared to this one (colour text etc.)
3. Some forums not visible without being logged in
4. Load times
The new forums felt like a bad prototype... Not something that was ready for deployment in a live environment...
There was plenty of feedback when it was deployed for testing... Why was nothing of it acted on before you put it live?
If you don't act on feedback, why put it out for testing in the first place?
Originally by: CCP Wrangler
EVE isn't designed to just look like a cold, dark and harsh world, it's designed to be a cold, dark and harsh world.
|
Aeronwen Carys
Empire of Dust
|
Posted - 2011.04.09 23:40:00 -
[25]
Well done CCP. You might find this hard to do, re-opening the old forums I mean, but you will have gained back a lot of respect from the community for doing it. Take your time sorting out the new forums, fix the security flaws and if you can maybe some of the less user friendly graphical elements and get back to us when its done. But for god, make sure they work right this time eh? lolol. 
Best of luck to you all.
|
vulnevia
The Exploited.
|
Posted - 2011.04.09 23:41:00 -
[26]
CCP I love you with all my heart, but man... you suck 
|
Yuki Kulotsuki
|
Posted - 2011.04.09 23:42:00 -
[27]
CCP sure delivered on that one.
--
There's a place called kugutsumen.com but don't go there. It's icky. |
Cake Majestic
|
Posted - 2011.04.09 23:43:00 -
[28]
CCP group hug commencing.
|
Elyssa MacLeod
|
Posted - 2011.04.09 23:43:00 -
[29]
Originally by: Kerfira
Before you put them back in, please address all the issues raised... a few of which are (in no particular order):
1. Waste of vertical screen space (requiring lots of scrolling)
2. Lack of features compared to this one (colour text etc.)
3. Some forums not visible without being logged in
4. Load times
The new forums felt like a bad prototype... Not something that was ready for deployment in a live environment...
There was plenty of feedback when it was deployed for testing... Why was nothing of it acted on before you put it live?
If you don't act on feedback, why put it out for testing in the first place?
there was also a lag issue... I could type faster than the letters would appear on the screen. Theres gotta be an issue there, and its not my connection or Id have the same issue here, which I dont
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
Chaos Incarnate
Faceless Logistics
|
Posted - 2011.04.09 23:45:00 -
[30]
Originally by: Bomberlocks
I find myself literally laughing out loud at the sheer ineptitude of the way this situation was handled. Excellent entertainment.
P.S. Free Cat!
this accurately sums up my thoughts
10/10 on this ccp, you couldn't do any better
_____________________
Look down. Back up. Where are you? You're on a forum, with the alt your alt could post like. |
|
|
Niraia
Zaratha Zarati
Shaktipat Revelators
|
Posted - 2011.04.09 23:46:00 -
[31]
Originally by: CCP Navigator
We will use this thread to keep everyone updated about the status of the new forums and to answer your questions.
Will CCP's recruitment standards be increased as a result of this? Mistakes happen, but fundamental security issues like this slipping past the entire web development team strikes myself and other web developers as nothing short of incompetence in that department.
-
shipsofeve.com
eohpoker.com
sanshasnation.net
|
Siiee
Recycled Heroes
|
Posted - 2011.04.09 23:47:00 -
[32]
Originally by: Elyssa MacLeod
there was also a lag issue... I could type faster than the letters would appear on the screen. Theres gotta be an issue there, and its not my connection or Id have the same issue here, which I dont
I think someone mentioned that the new forums were essentially streaming your post back to the server as you typed it
|
Blane Xero
Amarr
The Firestorm Cartel
|
Posted - 2011.04.09 23:47:00 -
[33]
Originally by: CCP Navigator
In the meantime we have reopened the old forums for your posting pleasue.
So let me get this right: You've basically done what Akita T posted about, and promptly had a thread locked for suggesting?
I seem to recall a pretty stern "That's never going to happen. Locked" in said thread.
_____________________________________
Haruhiist since December 2008
|
Shar Tegral
|
Posted - 2011.04.09 23:48:00 -
[34]
Dear Navigator,
Express my support to the new forums team. While there is obviously something not quite right with the new forums the integration with Eve Gate was, me thinks, inspired. When the new forums are open for testing again I will take time to utilize them and offer any comments or suggestions that I come up with.
In conclusion, I know that opening the old forums is a temporary measure however I would like to add my agreement with the positive sentiments already expressed. It takes a big man (or men in this case) to go back to the "old" knowing that this too will be used to criticize you.
My sympathies, support, and appreciation.
Wealth, howsoever got, in Eve makes
Lords of morons and gentlemen of thieves;
Aptitude and intellect are needless here;
'Tis impudence and money that grants fame. |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.09 23:48:00 -
[35]
I'll let my Willy talk for me...
▄██████████████▄▐█▄▄▄▄█
██████F█A█I█L███▌▀▀██▀▀
████▄████████████▄▄█
▄▄▄▄▄██████████████▀
Please resize signatures to the maximum allowed filesize of 400 x 120 pixels. It is also important to note that your signature should be EVE related. Navigator |
Monty Raynolds
|
Posted - 2011.04.09 23:50:00 -
[36]
CCP: Taking incompetence to entirely new levels since 2003.
|
Kerfira
Kerfira Corp
|
Posted - 2011.04.09 23:50:00 -
[37]
Why not keep BOTH forums open?
Keep improving the new one, and then when people start migrating to it, THEN you'll know that it is ready for prime-time!
Originally by: CCP Wrangler
EVE isn't designed to just look like a cold, dark and harsh world, it's designed to be a cold, dark and harsh world.
|
Jada Maroo
|
Posted - 2011.04.09 23:51:00 -
[38]
Originally by: Siiee
Originally by: Jada Maroo
What we experienced was not delivery. It was like the UPS man coming to your door with a package, opening it, letting you play with it, and then grabbing it from you and driving off!
That UPS man is an *******!
Actually since what was in the package was a massive steaming ermm... Revenant... I don't think many people would mind all that much.
CCP dropped its pants and delivered a Cleveland Steamer! 
|
Garbol Hellbrecht
|
Posted - 2011.04.09 23:52:00 -
[39]
i am disapoint 
|
Arec Bardwin
|
Posted - 2011.04.09 23:52:00 -
[40]
+1 like for CCP 
|
|
|
Elyssa MacLeod
|
Posted - 2011.04.09 23:52:00 -
[41]
Originally by: Siiee
Originally by: Elyssa MacLeod
there was also a lag issue... I could type faster than the letters would appear on the screen. Theres gotta be an issue there, and its not my connection or Id have the same issue here, which I dont
I think someone mentioned that the new forums were essentially streaming your post back to the server as you typed it
Can I suggest we scrap that crap? Deleting typos like that is a pain in the ass
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
5n4keyes
Sacred Templars
RED.OverLord
|
Posted - 2011.04.09 23:52:00 -
[42]
Good to see the new Security department is working out well for both Eve and CCP, god knows what the forums would of been like had such a department not of existed.
|
Durzel
The Xenodus Initiative.
|
Posted - 2011.04.09 23:52:00 -
[43]
You made the right call. Always better to take it completely offline and go back to something you know works, less pressure to get it working too.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.09 23:52:00 -
[44]
At least these forums can refresh in a single blink of an eye, the new ones have bad caching issues and I can read 2 pages before they refresh.
Please resize signatures to the maximum allowed filesize of 400 x 120 pixels. It is also important to note that your signature should be EVE related. Navigator |
Blane Xero
Amarr
The Firestorm Cartel
|
Posted - 2011.04.09 23:52:00 -
[45]
Originally by: Kerfira
Why not keep BOTH forums open?
Keep improving the new one, and then when people start migrating to it, THEN you'll know that it is ready for prime-time!
Because we are eve players, and who needs a new forum when we have the old ones and eve-search?
_____________________________________
Haruhiist since December 2008
|
Calathea Sata
State War Academy
|
Posted - 2011.04.09 23:53:00 -
[46]
Dear CCP, I'm quitting your failboat
|
vulnevia
The Exploited.
|
Posted - 2011.04.09 23:54:00 -
[47]
Originally by: Miilla
I'll let my Willy talk for me...
▄██████████████▄▐█▄▄▄▄█
██████F█A█I█L███▌▀▀██▀▀
████▄████████████▄▄█
▄▄▄▄▄██████████████▀
...squirt squirt?
|
Rasz Lin
Caldari
Uitraan Diversified Holdings Incorporated
|
Posted - 2011.04.09 23:54:00 -
[48]
Originally by: Mag's
The question is, how the hell did the new ones get released in such a bad state to begin with?
Agility! You release even if its half done and full of bugs.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.09 23:55:00 -
[49]
Edited by: Miilla on 09/04/2011 23:55:18
Originally by: vulnevia
Originally by: Miilla
I'll let my Willy talk for me...
▄██████████████▄▐█▄▄▄▄█
██████F█A█I█L███▌▀▀██▀▀
████▄████████████▄▄█
▄▄▄▄▄██████████████▀
...squirt squirt?
CCP don't like my Willy :(
Please resize signatures to the maximum allowed filesize of 400 x 120 pixels. It is also important to note that your signature should be EVE related. Navigator |
Titus Phook
|
Posted - 2011.04.09 23:55:00 -
[50]
Agility? is that what MS used for vista? would explain a lot ;)
---------------------------------------------
|
|
|
Jada Maroo
|
Posted - 2011.04.09 23:56:00 -
[51]
DELIVER
|
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.09 23:57:00 -
[52]
Originally by: Chaos Incarnate
Oohą that reminds me. Another thing to put on my fix-list.
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
Elyssa MacLeod
|
Posted - 2011.04.09 23:57:00 -
[53]
Originally by: Rasz Lin
Originally by: Mag's
The question is, how the hell did the new ones get released in such a bad state to begin with?
Agility! You release even if its half done and full of bugs.
Thought that was all MMOs? as the catchphrase seems to be along the order of "how can you tell when MMO stuff is finished given they never end" which is crap too lol
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
Lost Wander
Adhocracy Incorporated
|
Posted - 2011.04.09 23:57:00 -
[54]
As a person that doesn't play an IT person in-game, but plays one in RL.
Please reminder you developers the golden rule of secure (all) programming:
- CHECK USER INPUT FOR KNOW GOOD!!
- NEVER CHECK FOR KNOW BAD (cause you will fail)
|
vulnevia
The Exploited.
|
Posted - 2011.04.09 23:57:00 -
[55]
Originally by: Miilla
Originally by: vulnevia
Originally by: Miilla
I'll let my Willy talk for me...
▄██████████████▄▐█▄▄▄▄█
██████F█A█I█L███▌▀▀██▀▀
████▄████████████▄▄█
▄▄▄▄▄██████████████▀
...squirt squirt?
CCP don't like Willies :(
Oh Free Willy...
|
Titus Phook
|
Posted - 2011.04.09 23:57:00 -
[56]
Edited by: Titus Phook on 09/04/2011 23:58:45
Originally by: Jada Maroo
DELIVER
Some one used Parcel Farce (a quality service from the royal fail)
---------------------------------------------
|
Meldorn Vaash
Caldari
|
Posted - 2011.04.09 23:58:00 -
[57]
AND THIS IS WHY WE CAN'T HAVE NICE THINGS!!!
On a side note... nice to see the old forums back again \o/
"A poorly fitted ship is just wreckage waiting to be salvaged" |
Sturmwolke
|
Posted - 2011.04.09 23:59:00 -
[58]
I LOLed!
|
Froosh
Armada Assail
|
Posted - 2011.04.10 00:00:00 -
[59]
Edited by: Froosh on 10/04/2011 00:02:33
Edited by: Froosh on 10/04/2011 00:01:37
It took CCP eighteen months to make a skin for an open source forum.
CCP - 13 148 man hours doing nothing.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 00:00:00 -
[60]
Edited by: Miilla on 10/04/2011 00:04:16
Finally! Something in Eve that works!
These new forums rock! They look like the old ones, how did you do it! Awesome! Totally painless transition.
<-- this could be a new tatoo for the creator or perhaps a hat?
Please resize signatures to the maximum allowed filesize of 400 x 120 pixels. It is also important to note that your signature should be EVE related. Navigator |
|
|
Kerfira
Kerfira Corp
|
Posted - 2011.04.10 00:00:00 -
[61]
Edited by: Kerfira on 10/04/2011 00:02:22
Originally by: Rasz Lin
Originally by: Mag's
The question is, how the hell did the new ones get released in such a bad state to begin with?
Agility! You release even if its half done and full of bugs.
I don't think agile can be blamed in this case... More like CCP not doing agile properly.
It seems like they either didn't get, or chose to ignore, the customers input. Without that, any agile project is normally doomed to failure as you'll not be delivering what the customer wants or needs, and will have a lot of design and coding errors.
In this case, the really sad thing was that plenty of feedback WAS supplied after the first test, but seemed to be completely ignored. My best guess is that management chose to override agile procedures (which is never a good idea, but try telling a manager that)...
If it WASN'T the managers, but the agile team themselves that chose to deploy, then they need to take a VERY hard look at themselves and figure out how they could go so wrong...
Originally by: CCP Wrangler
EVE isn't designed to just look like a cold, dark and harsh world, it's designed to be a cold, dark and harsh world.
|
Mortania
Minmatar
Kinetic Cartel
Shadow of xXDEATHXx
|
Posted - 2011.04.10 00:01:00 -
[62]
I posted this elsewhere, but opening the old forums is sort of pointless. Other than posting fail boat and other lulz. Anything of consequence seems of little merit. It's like going back to bang your ex or something. It feels good and exciting at first, but then you realize that it's a completely pointless exercise because there's no future in it.
|
Aamrr
|
Posted - 2011.04.10 00:02:00 -
[63]
CCP, please don't be discouraged. I actually liked the new forums. If you can address the security problems, I look forward to their return. It was nice to actually get to see all the portraits we spent so much time on.
Best of luck fixing the issues.
|
Garekell
|
Posted - 2011.04.10 00:02:00 -
[64]
OMG a first - a 'Miilla post' I agree with AND found funny!
Originally by: Miilla
Finally! Something in Eve that works!
These new forums rock! They look like the old ones, how did you do it! Awesome! Totally painless transition.
|
dexington
Caldari
Baconoration
|
Posted - 2011.04.10 00:02:00 -
[65]
Originally by: Froosh
It took CCP eighteen months to make a skin for an open source forum.
CCP - 13 148 man hours doing nothing.
They most have used some time on removing what every security features the forums had...
|
Echo Mae
Caldari
State War Academy
|
Posted - 2011.04.10 00:02:00 -
[66]
My thoughts concerning the now defunct new forums...
1. Quotes were wayyy to big, seriously.. fail.
2. Way to much wasted space, and fixed width forums are fail from top to bottom.
3. Looks... to be quite honest, the new forums looked horrid. Amateur. Blocky. 1990's. Outdated.
4. Streaming while writing your post? Seriously? 
5. Security... Not always easy to get right. At least you reacted properly by closing down the forums when the holes were brought to your attention. Rumors abound that you banned the people who discovered these holes (by doing them) and reported them to you rather than thank them for testing your security and being honest enough to inform you of the glaring holes in it. THAT was the most epic failure by CCP yet. People try to help you and you punish them... just... pathetic if true.
----- ** -----
I thought I was real but found out I was just a forum troll |
Calathea Sata
State War Academy
|
Posted - 2011.04.10 00:03:00 -
[67]
Originally by: Mortania
I posted this elsewhere, but opening the old forums is sort of pointless. Other than posting fail boat and other lulz. Anything of consequence seems of little merit. It's like going back to bang your ex or something. It feels good and exciting at first, but then you realize that it's a completely pointless exercise because there's no future in it.
I think that's the whole point
|
Blane Xero
Amarr
The Firestorm Cartel
|
Posted - 2011.04.10 00:03:00 -
[68]
Originally by: Mortania
I posted this elsewhere, but opening the old forums is sort of pointless. Other than posting fail boat and other lulz. Anything of consequence seems of little merit. It's like going back to bang your ex or something. It feels good and exciting at first, but then you realize that it's a completely pointless exercise because there's no future in it.
It's better than nothing but Facebook *shudder*
_____________________________________
Haruhiist since December 2008
|
Myra2007
Millstone Industries
|
Posted - 2011.04.10 00:03:00 -
[69]
I like this place. I don't know who made it in the first place but recent events clearly say you shouldn't have let him go.
--
Originally by: CCP Elais
It was a great Frankenstein moment [...] to see the forum [...] come alive.
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.10 00:03:00 -
[70]
I am quite happy with how things turned out.
Please, take your time to plug the problems.
A couple of years will do nicely.
_
Make ISK||Build||React||1k papercuts
_
|
|
|
Garbol Hellbrecht
|
Posted - 2011.04.10 00:04:00 -
[71]
But, but... They made an awesome video of things that will be in a game... Oh wait...
|
Jada Maroo
|
Posted - 2011.04.10 00:04:00 -
[72]
Originally by: Aamrr
CCP, please don't be discouraged.
I liked the new forums too but if we don't rag on them for such an epic fail CCP would be disappointed in us.
|
Hakaru Ishiwara
Minmatar
Republic Military School
|
Posted - 2011.04.10 00:05:00 -
[73]
@ CCP: Best move that you have done so far with your forum project.
These forums are, for some reason, so much easier on the eyes. Honestly, this "old" and "out-dated" design is much, much easier to read through.
|
Elyssa MacLeod
|
Posted - 2011.04.10 00:06:00 -
[74]
Originally by: Aamrr
CCP, please don't be discouraged. I actually liked the new forums. If you can address the security problems, I look forward to their return. It was nice to actually get to see all the portraits we spent so much time on.
Best of luck fixing the issues.
I love these posts lol where can I buy what youre smoking?
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
S'Way
Bitter Vets
|
Posted - 2011.04.10 00:06:00 -
[75]
Originally by: CCP Navigator
We will use this thread to keep everyone updated about the status of the new forums and to answer your questions.
Serious question then - given the security issues those new forums had, is it unreasonable to ask that CCP consider adding a different log in for the forums from the one used for the game.
I know that might not be easy with you wanting to combine it with eve-gate, but adding an (optional maybe ?) different password log-in to use the forum as a failsafe guard is something some players might like to see.
|
Mashie Saldana
Minmatar
Veto Corp
|
Posted - 2011.04.10 00:08:00 -
[76]
I really wish for the next iteration that CCP consider migrating the old forum data across. It just felt wrong to have a "fresh start", I mean if all 8 years worth of data is too much to migrate at least migrate all the threads that have yet to hit the 90d lock timer.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 00:08:00 -
[77]
Edited by: Miilla on 10/04/2011 00:12:48
How do I edit my signiture on this forum please?
Please resize signatures to the maximum allowed filesize of 400 x 120 pixels. It is also important to note that your signature should be EVE related. Navigator |
Misanth
RABBLE RABBLE RABBLE
|
Posted - 2011.04.10 00:09:00 -
[78]
CCP, was these major security issues a case of you creating something above your competence level, or a case of your upper management pushing out a product that wasn't finished?
-
|
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.10 00:09:00 -
[79]
Originally by: Kerfira
It seems like they either didn't get, or chose to ignore, the customers input. Without that, any agile project is normally doomed to failure as you'll not be delivering what the customer wants or needs, and will have a lot of design and coding errors.
In this case, the really sad thing was that plenty of feedback WAS supplied after the first test, but seemed to be completely ignored. My best guess is that management chose to override agile procedures (which is never a good idea, but try telling a manager that)...
Pretty much.
They gave it one test, and got tons of feedback. Based on this, they made ł what? ł 16 changes? At best, it could be considered a performance tweak.
They gave it a second test, and got tons of feedback (much of which was copypasta from the old feedback), along with some worried mentions that these tests didn't seem toą you knową test much.
Then it went live, and nothing seemed to have changed. With the pace of change they chose, it would have needed maybe 5ū10 more testing rounds before we ever got to that point. It was hardly a surprise when it fell on its face in numerous and humorous ways right out the gate.
ąso now we've essentially had a third (and maybe fourth) testing phase. Hopefully, they'll actually start listening to the feedback now, once it has become abundantly clear how skipping this step will bite them in the arse in many new and improved ways.
ąhopefullyą 
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
Calathea Sata
State War Academy
|
Posted - 2011.04.10 00:10:00 -
[80]
Originally by: Miilla
Edited by: Miilla on 10/04/2011 00:08:18
How do I edit my signiture on this forum please?
Settings, choose your character name, and there is the edit box.
|
|
|
Dalketh
|
Posted - 2011.04.10 00:10:00 -
[81]
Yes this... something I noticed was in the new forum, the lack of history made it feel cold and impersonal (yes I know in year or so it won't) but these forums have volumes of great information - and for many of us - a sort of 'family history'...
Originally by: Mashie Saldana
I really wish for the next iteration that CCP consider migrating the old forum data across. It just felt wrong to have a "fresh start", I mean if all 8 years worth of data is too much to migrate at least migrate all the threads that have yet to hit the 90d lock timer.
|
Mag's
the united
Negative Ten.
|
Posted - 2011.04.10 00:11:00 -
[82]
Originally by: Tippia
Hopefully, they'll actually start listening to the feedback now, once it has become abundantly clear how skipping this step will bite them in the arse in many new and improved ways.
ąhopefullyą
Please don't hold your breath on that one. 
Originally by: Allestin Villimar
Also, if your bookmarks are too far out, they can and will ban you for it.
Originally by: Torothanax
Low population in w systems makes afk cloaking unattractive. |
Blane Xero
Amarr
The Firestorm Cartel
|
Posted - 2011.04.10 00:11:00 -
[83]
Originally by: Akita T
I am quite happy with how things turned out.
Please, take your time to plug the problems.
A couple of years will do nicely.
Last chance to overtake Dark Shikari!
_____________________________________
Haruhiist since December 2008
|
Elyssa MacLeod
|
Posted - 2011.04.10 00:12:00 -
[84]
Originally by: Echo Mae
THAT was the most epic failure by CCP yet. People try to help you and you punish them... just... pathetic if true.
its also a well known CCP tactic.
Again tho; why is kug-ut-sumen's name STILL what 3 years afterward? Filtered on this AND it was filtered on the new forums? Holding a grudge much guys?
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
sableye
principle of motion
|
Posted - 2011.04.10 00:12:00 -
[85]
Edited by: sableye on 10/04/2011 00:13:08
I would like to add while I don't use eve gate I now no longer trust it to be secure.
-----------------------------------------
View The North Star! In All Its Glory!! |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 00:12:00 -
[86]
Originally by: Calathea Sata
Originally by: Miilla
Edited by: Miilla on 10/04/2011 00:08:18
How do I edit my signiture on this forum please?
Settings, choose your character name, and there is the edit box.
Thanks :) got it I think.
Please resize signatures to the maximum allowed filesize of 400 x 120 pixels. It is also important to note that your signature should be EVE related. Navigator |
Sullen Skoung
|
Posted - 2011.04.10 00:15:00 -
[87]
Hey wait, wheres Sreeg, the mouthpiece? Why isnt he here reassuring us everything's OK etc etc etc
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.10 00:16:00 -
[88]
Now, to be honest, this move is actually quite nice.
Given how things were moving these past few days, I almost fully expected CCP to keep clamoring over the new forums and keep getting them broken and emergency-patched and so on and so forth.
However, it seems they finally saw reason and did the right thing.
It probably took quite a bit of ego restraining to make this move back, but it was the right thing to do.
So, in a way, some kudos are in order.
It could have been much worse.
_
Make ISK||Build||React||1k papercuts
_
|
Ulmega
|
Posted - 2011.04.10 00:17:00 -
[89]
I feel much more at home here, this place is lived worn down something that an old forum has which makes it just more attractive to come around and check it out.
I already knew from the day I saw the new forums I would go there less often to read to stuff, just because it didn't feel like home, it felt like some holiday apartment, all nice and tidy, but no personal touch no feeling of connection.
|
Titus Phook
|
Posted - 2011.04.10 00:17:00 -
[90]
Well if he passed the new forum as fit for use, and lets face it he's the security guy and it was a security issue, he's probably busy trying to get the egg off his face.
---------------------------------------------
|
|
|
Elyssa MacLeod
|
Posted - 2011.04.10 00:18:00 -
[91]
Edited by: Elyssa MacLeod on 10/04/2011 00:19:30
Edited by: Elyssa MacLeod on 10/04/2011 00:18:30
Originally by: Akita T
Now, to be honest, this move is actually quite nice.
Given how things were moving these past few days, I almost fully expected CCP to keep clamoring over the new forums and keep getting them broken and emergency-patched and so on and so forth.
However, it seems they finally saw reason and did the right thing.
It probably took quite a bit of ego restraining to make this move back, but it was the right thing to do.
So, in a way, some kudos are in order.
It could have been much worse.
Yeah we could still BE there. I for one vote they trash the whole idea and keep these forums
Originally by: Titus Phook
Well if he passed the new forum as fit for use, and lets face it he's the security guy and it was a security issue, he's probably busy trying to get the egg off his face.
or keep his job
wait, who am I kidding? They dont fire ppl even for good reason. T20's still working there isnt he?
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 00:19:00 -
[92]
Originally by: Titus Phook
Well if he passed the new forum as fit for use, and lets face it he's the security guy and it was a security issue, he's probably busy trying to get the egg off his face.
You should see my signiture then :)
Please resize signatures to the maximum allowed filesize of 400 x 120 pixels. It is also important to note that your signature should be EVE related. Navigator |
Misanth
RABBLE RABBLE RABBLE
|
Posted - 2011.04.10 00:20:00 -
[93]
Originally by: Akita T
Now, to be honest, this move is actually quite nice.
Given how things were moving these past few days, I almost fully expected CCP to keep clamoring over the new forums and keep getting them broken and emergency-patched and so on and so forth.
However, it seems they finally saw reason and did the right thing.
It probably took quite a bit of ego restraining to make this move back, but it was the right thing to do.
So, in a way, some kudos are in order.
It could have been much worse.
The major security issues aside? It wasn't just a small glitch. Putting back the old forums was a necessity, not like they had a choice.
Let's get it right on this one; I love this game, and got more accounts than I should/what is healthy. I talk good about EVE with people I game with, etc. But this forum debacle, is possibly the biggest gamebreaking thing CCP done since boot.ini. Heads should roll and CCP should ask themselves; did we create a monster we couldn't control, or did we push out a product that wasn't finished?
Knowing CCP, the latter seems the major culprit, but the first could very well be involved as well. And that's quite disturbing thoughts, for future development of this game.
-
|
|
CCP Sreegs
|
Posted - 2011.04.10 00:21:00 -
[94]
Originally by: Sullen Skoung
Hey wait, wheres Sreeg, the mouthpiece? Why isnt he here reassuring us everything's OK etc etc etc
I believe what I did was tell you I'd have the results of an investigation (now 2!) in a blog. That hasn't changed so I hope that makes you feel OK. |
|
Twilight Runner
|
Posted - 2011.04.10 00:21:00 -
[95]
lol at CCP for shooting down all post about new forums.
|
|
CCP Sreegs
|
Posted - 2011.04.10 00:23:00 -
[96]
Originally by: Titus Phook
Well if he passed the new forum as fit for use, and lets face it he's the security guy and it was a security issue, he's probably busy trying to get the egg off his face.
My job is response, not reviewing every single line of code that gets written. |
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 00:25:00 -
[97]
Edited by: Miilla on 10/04/2011 00:26:32
Originally by: CCP Sreegs
Originally by: Titus Phook
Well if he passed the new forum as fit for use, and lets face it he's the security guy and it was a security issue, he's probably busy trying to get the egg off his face.
My job is response, not reviewing every single line of code that gets written.
Ahh response(bility) :)
Perhaps it wasn't code, it was process? Just a random thought.
Please resize signatures to the maximum allowed filesize of 400 x 120 pixels. It is also important to note that your signature should be EVE related. Navigator |
Sullen Skoung
|
Posted - 2011.04.10 00:25:00 -
[98]
Edited by: Sullen Skoung on 10/04/2011 00:26:39
Originally by: CCP Sreegs
Originally by: Sullen Skoung
Hey wait, wheres Sreeg, the mouthpiece? Why isnt he here reassuring us everything's OK etc etc etc
I believe what I did was tell you I'd have the results of an investigation (now 2!) in a blog. That hasn't changed so I hope that makes you feel OK.
lol I invoked his name...
hi!
Its a nice excuse, theres a security issue, ppl try to take him to task, he goes "whoa whoa, Im REACTIVE not PREVENTATIVE"
|
Titus Phook
|
Posted - 2011.04.10 00:26:00 -
[99]
Edited by: Titus Phook on 10/04/2011 00:29:28
That's fair comment CCP Sreegs, I still think that the guys who were responsible for code checking and pen testing the new forums should be strung up by the gonads. It could have been much much worse.
Surely a proactive rather than reactive approach to security would be better though.
---------------------------------------------
|
Blane Xero
Amarr
The Firestorm Cartel
|
Posted - 2011.04.10 00:26:00 -
[100]
Originally by: CCP Sreegs
Originally by: Titus Phook
Well if he passed the new forum as fit for use, and lets face it he's the security guy and it was a security issue, he's probably busy trying to get the egg off his face.
My job is response, not reviewing every single line of code that gets written.
At this rate you should see about getting someone to do exactly that.
_____________________________________
Haruhiist since December 2008
|
|
|
gargars
|
Posted - 2011.04.10 00:26:00 -
[101]
Don't take it personally Sreeg, you unfortunately are the one tasked with responding and the 'visible face' (aka target), so pies are gonna be thrown at you right or wrong. Human nature.
Originally by: CCP Sreegs
Originally by: Sullen Skoung
Hey wait, wheres Sreeg, the mouthpiece? Why isnt he here reassuring us everything's OK etc etc etc
I believe what I did was tell you I'd have the results of an investigation (now 2!) in a blog. That hasn't changed so I hope that makes you feel OK.
|
Felix Decat
|
Posted - 2011.04.10 00:27:00 -
[102]
Let me play devils advocate for a minute.
The old forums (the ones were typing on right now) are kinda garbage. They are old, and their useability pretty much sucks.
We need new forums and the features in the new forums we all welcome additions.
However, the way CCP handled the "rollback" was nothing short of a debacle. And it seems to be a trend. I for one dont ***** too much about the expansions and their associated patches and problems because they are free and EVE is a super complicated game from a design standpoint, the amount of spaghetti code at this point is probably astounding. But seriously, get your crap together CCP, its starting to really look bad.
|
Elyssa MacLeod
|
Posted - 2011.04.10 00:28:00 -
[103]
Originally by: gargars
Don't take it personally Sreeg, you unfortunately are the one tasked with responding and the 'visible face' (aka target), so pies are gonna be thrown at you right or wrong. Human nature.
Originally by: CCP Sreegs
Originally by: Sullen Skoung
Hey wait, wheres Sreeg, the mouthpiece? Why isnt he here reassuring us everything's OK etc etc etc
I believe what I did was tell you I'd have the results of an investigation (now 2!) in a blog. That hasn't changed so I hope that makes you feel OK.
Given that theres only one person seemingly willing to stick their face in the pihranna tank, yeah, pretty much
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.10 00:28:00 -
[104]
Originally by: Misanth
Originally by: Akita T
Now, to be honest, this move is actually quite nice.
Given how things were moving these past few days, I almost fully expected CCP to keep clamoring over the new forums and keep getting them broken and emergency-patched and so on and so forth.
However, it seems they finally saw reason and did the right thing.
It probably took quite a bit of ego restraining to make this move back, but it was the right thing to do.
So, in a way, some kudos are in order.
It could have been much worse.
The major security issues aside? It wasn't just a small glitch. Putting back the old forums was a necessity, not like they had a choice.
Let's get it right on this one; I love this game, and got more accounts than I should/what is healthy. I talk good about EVE with people I game with, etc. But this forum debacle, is possibly the biggest gamebreaking thing CCP done since boot.ini. Heads should roll and CCP should ask themselves; did we create a monster we couldn't control, or did we push out a product that wasn't finished?
Knowing CCP, the latter seems the major culprit, but the first could very well be involved as well. And that's quite disturbing thoughts, for future development of this game.
And to think boot.ini only affected a relatively small portion of the game's population... whereas the forums... well, you get the idea.
_
Make ISK||Build||React||1k papercuts
_
|
Calathea Sata
State War Academy
|
Posted - 2011.04.10 00:30:00 -
[105]
Originally by: CCP Sreegs
Originally by: Titus Phook
Well if he passed the new forum as fit for use, and lets face it he's the security guy and it was a security issue, he's probably busy trying to get the egg off his face.
My job is response, not reviewing every single line of code that gets written.
Hai do you like my sovenior stolen from my visit to the new forums
|
V
|
Durzel
The Xenodus Initiative.
|
Posted - 2011.04.10 00:32:00 -
[106]
If Sreegs isn't a web developer then how can you expect him to know whether something is exploitable or not?
I would not expect an information security position in most companies to be responsible for, or have any real input on, the development of a website beyond advising on how to use, store, transmit customer data, etc.
|
Better Than You
|
Posted - 2011.04.10 00:35:00 -
[107]
This is called Karma CCP. You did an unnecessary nerf to the real players who were busting their ass out in null sec by removing their ability to actually make any decent ISK. I strongly suggest you reverse that anomaly change and maybe the programing gods will smile on you once more.
-
**Friendship will always trump the desire to fight!** |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 00:36:00 -
[108]
Originally by: Better Than You
This is called Karma CCP. You did an unnecessary nerf to the real players who were busting their ass out in null sec by removing their ability to actually make any decent ISK. I strongly suggest you reverse that anomaly change and maybe the programing gods will smile on you once more.
CCP Karma? When did he start working there? When does he publish a blog?
Please resize signatures to the maximum allowed filesize of 400 x 120 pixels. It is also important to note that your signature should be EVE related. Navigator |
dexington
Caldari
Baconoration
|
Posted - 2011.04.10 00:38:00 -
[109]
Originally by: Durzel
If Sreegs isn't a web developer then how can you expect him to know whether something is exploitable or not?
If you can manipulate data cross accounts just by editing ids in the url, someone in charge of security should probably realize that the system lacks any form of effective user authentication. It may not by Sreegs job to do the testing, but somewhere down the line it has be someones job to make sure the testing gets done...
|
Sullen Skoung
|
Posted - 2011.04.10 00:38:00 -
[110]
Originally by: Miilla
Originally by: Better Than You
This is called Karma CCP. You did an unnecessary nerf to the real players who were busting their ass out in null sec by removing their ability to actually make any decent ISK. I strongly suggest you reverse that anomaly change and maybe the programing gods will smile on you once more.
CCP Karma? When did he start working there? When does he publish a blog?
Soon(tm)
|
|
|
|
CCP Wrangler
|
Posted - 2011.04.10 00:39:00 -
[111]
It has been an interesting weekend so far. Our shiny new forums havenĘt worked quite as expected and they have been going up and down a few times. We have opened up our trusted old forums for your posting pleasure and we will be keeping the new forums down until they can be sorted out. There will be more information on this on Monday. We apologize for any inconvenience this may have caused you and we thank you for your patience and understanding.
Wrangler
Senior Community Manager
CCP Hf, EVE Online
Contact us
If it's stupid but works, it isn't stupid. |
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 00:39:00 -
[112]
I guess somebody is going to have a bad case of the Mondays :)
Please resize signatures to the maximum allowed filesize of 400 x 120 pixels. It is also important to note that your signature should be EVE related. Navigator |
De'Veldrin
Minmatar
Self Preservation Society the 2nd
|
Posted - 2011.04.10 00:41:00 -
[113]
Edited by: De''Veldrin on 10/04/2011 00:43:08
Originally by: Tippia
ąhopefullyą
Tippia, I have often said you have the patience of a saint, but I think you may have moved into a state bordering on denial at this point.
--Vel
Originally by: Blacksquirrel
This is EVE. PVE can happen anywhere at anytime. Be prepared.
|
Elyssa MacLeod
|
Posted - 2011.04.10 00:41:00 -
[114]
Originally by: CCP Wrangler
Sig:
If it's stupid but works, it isn't stupid.
What if its stupid and it doesnt work?
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
Nypheas Azurai
|
Posted - 2011.04.10 00:41:00 -
[115]
1) Use phpBB
2) hire php mod team, fire EVEGate asp.net team
3) ???
4) Have working, customizable, user-friendly forums. Receive bacon and remove egg off face.
|
Mortania
Minmatar
Kinetic Cartel
Shadow of xXDEATHXx
|
Posted - 2011.04.10 00:41:00 -
[116]
Originally by: Durzel
If Sreegs isn't a web developer then how can you expect him to know whether something is exploitable or not?
I would not expect an information security position in most companies to be responsible for, or have any real input on, the development of a website beyond advising on how to use, store, transmit customer data, etc.
many companies outsource security testing. there are whole other companies dedicated to telling you about your security flaws and providing solutions on how to fix them. I hear they aren't too expensive for what you get from them, either.
PS: I've also heard that there are outsourcable QA companies.
|
SupaKudoRio
|
Posted - 2011.04.10 00:42:00 -
[117]
Needed to give the web dev team some time to set up the PHPBB, eh?
Ye'llo? |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 00:42:00 -
[118]
Edited by: Miilla on 10/04/2011 00:42:11
Originally by: Elyssa MacLeod
Originally by: CCP Wrangler
Sig:
If it's stupid but works, it isn't stupid.
What if its stupid and it doesnt work?
Then you shoot the messenger, then roll back.
Please resize signatures to the maximum allowed filesize of 400 x 120 pixels. It is also important to note that your signature should be EVE related. Navigator |
Titus Phook
|
Posted - 2011.04.10 00:42:00 -
[119]
Originally by: Durzel
If Sreegs isn't a web developer then how can you expect him to know whether something is exploitable or not?
I would not expect an information security position in most companies to be responsible for, or have any real input on, the development of a website beyond advising on how to use, store, transmit customer data, etc.
He may not be a web developer but the buck has to stop somewhere. I'll give CCP Sreegs his due though the man has "balls of steel"Ö facing down botters, RMT operations and now the disgruntled forum population.
---------------------------------------------
|
Ulmega
|
Posted - 2011.04.10 00:42:00 -
[120]
Originally by: CCP Wrangler
It has been an interesting weekend so far. Our shiny new forums havenĘt worked quite as expected and they have been going up and down a few times. We have opened up our trusted old forums for your posting pleasure and we will be keeping the new forums down until they can be sorted out. There will be more information on this on Monday. We apologize for any inconvenience this may have caused you and we thank you for your patience and understanding.
Inconvenience? My dear friend this is a blessing to many of us who love this old place we call home. The only inconvenience we had where that we couldn't enter our house for several days and had to stay at some basic 2 star hotel.
|
|
|
Calathea Sata
State War Academy
|
Posted - 2011.04.10 00:43:00 -
[121]
Originally by: CCP Wrangler
It has been an interesting weekend so far. Our shiny new forums havenĘt worked quite as expected and they have been going up and down a few times. We have opened up our trusted old forums for your posting pleasure and we will be keeping the new forums down until they can be sorted out. There will be more information on this on Monday. We apologize for any inconvenience this may have caused you and we thank you for your patience and understanding.
CCP needs to apologize for throwing out untested unfinished unpolished rubbish at customers as well, to a community that is so dedicated to your company's product and expecting nothing but excellence and deliverance, this is an insult.
|
Elyssa MacLeod
|
Posted - 2011.04.10 00:44:00 -
[122]
Quote:
If Sreegs isn't a web developer then how can you expect him to know whether something is exploitable or not?
when you have a guy touting himself as "The Security Guy" geeee I wonder why ppl are gonna think he has something to do with security?
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
Mortania
Minmatar
Kinetic Cartel
Shadow of xXDEATHXx
|
Posted - 2011.04.10 00:44:00 -
[123]
Originally by: CCP Wrangler
It has been an interesting weekend so far. Our shiny new forums havenĘt worked quite as expected and they have been going up and down a few times. We have opened up our trusted old forums for your posting pleasure and we will be keeping the new forums down until they can be sorted out. There will be more information on this on Monday. We apologize for any inconvenience this may have caused you and we thank you for your patience and understanding.
We tease because we care.
But, in all seriousness. It sucks that you guys all had to come in on a weekend to try and fix some damned forums.
|
|
CCP Wrangler
|
Posted - 2011.04.10 00:46:00 -
[124]
Originally by: Calathea Sata
Originally by: CCP Wrangler
It has been an interesting weekend so far. Our shiny new forums havenĘt worked quite as expected and they have been going up and down a few times. We have opened up our trusted old forums for your posting pleasure and we will be keeping the new forums down until they can be sorted out. There will be more information on this on Monday. We apologize for any inconvenience this may have caused you and we thank you for your patience and understanding.
CCP needs to apologize for throwing out untested unfinished unpolished rubbish at customers as well, to a community that is so dedicated to your company's product and expecting nothing but excellence and deliverance, this is an insult.
You have my sincere and personal apology and I also apologize on behalf of CCP.
Wrangler
Senior Community Manager
CCP Hf, EVE Online
Contact us
If it's stupid but works, it isn't stupid. |
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 00:47:00 -
[125]
Originally by: CCP Wrangler
Originally by: Calathea Sata
Originally by: CCP Wrangler
It has been an interesting weekend so far. Our shiny new forums havenĘt worked quite as expected and they have been going up and down a few times. We have opened up our trusted old forums for your posting pleasure and we will be keeping the new forums down until they can be sorted out. There will be more information on this on Monday. We apologize for any inconvenience this may have caused you and we thank you for your patience and understanding.
CCP needs to apologize for throwing out untested unfinished unpolished rubbish at customers as well, to a community that is so dedicated to your company's product and expecting nothing but excellence and deliverance, this is an insult.
You have my sincere and personal apology and I also apologize on behalf of CCP.
Can we have that on You Tube too?
What... Whaaaat?
Please resize signatures to the maximum allowed filesize of 400 x 120 pixels. It is also important to note that your signature should be EVE related. Navigator |
dexington
Caldari
Baconoration
|
Posted - 2011.04.10 00:47:00 -
[126]
Originally by: Mortania
But, in all seriousness. It sucks that you guys all had to come in on a weekend to try and fix some damned forums.
Most other companies deploy new code in the middle of the week, they could have done the same...
|
Elyssa MacLeod
|
Posted - 2011.04.10 00:48:00 -
[127]
Edited by: Elyssa MacLeod on 10/04/2011 00:50:21
Originally by: CCP Wrangler
You have my sincere and personal apology and I also apologize on behalf of CCP.
never thought Id actually see an MO company own up to having released crap rather than pretending it wasnt O.o
Ok, wrangler, you got a bit of respect there. Were this any other company, theyd bull**** us till the end of the game before they admit they did wrong, till after the end in some cases.
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
Misanth
RABBLE RABBLE RABBLE
|
Posted - 2011.04.10 00:49:00 -
[128]
Originally by: Akita T
And to think boot.ini only affected a relatively small portion of the game's population... whereas the forums... well, you get the idea.
-
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.10 00:49:00 -
[129]
Originally by: CCP Wrangler
Originally by: Calathea Sata
Originally by: CCP Wrangler
It has been an interesting weekend so far. Our shiny new forums havenĘt worked quite as expected and they have been going up and down a few times. We have opened up our trusted old forums for your posting pleasure and we will be keeping the new forums down until they can be sorted out. There will be more information on this on Monday. We apologize for any inconvenience this may have caused you and we thank you for your patience and understanding.
CCP needs to apologize for throwing out untested unfinished unpolished rubbish at customers as well, to a community that is so dedicated to your company's product and expecting nothing but excellence and deliverance, this is an insult.
You have my sincere and personal apology and I also apologize on behalf of CCP.
Security holes aside, how about an assurance that user feedback will be actually USED next time you ask us to test the forums ?
Or what about making the new forums not just barely functional and somewhat secure, but actually a clear improvement over the current ones in every single way ?
_
Make ISK||Build||React||1k papercuts
_
|
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.10 00:50:00 -
[130]
Edited by: Tippia on 10/04/2011 00:52:01
Originally by: Elyssa MacLeod
Originally by: CCP Wrangler
Sig:
If it's stupid but works, it isn't stupid.
What if its stupid and it doesnt work?
Then it's stupid.
If it's stupid and explodes, that's when you start to have some real issuesą 
Originally by: De'Veldrin
Tippia, I have often said you have the patience of a saint, but I think you may have moved into a state bordering on denial at this point.
I wouldn't call it "denial" so much as some kind of nanve romanticism ł hope springs eternal and all that noise.
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
|
|
Diomedes Calypso
|
Posted - 2011.04.10 00:51:00 -
[131]
Oh , I guess was supposed to post questions in this thread.. i'll drag my question here.
I'm wondering what the problem is myself. Learning how to create a forum is a project in most programing for web books. And jeeze forums have been a staple from the very earliest days of the web so the mistakes that can be made must be pretty common knowledge for anyone in the busines at all.
But, I'll give the benefit of the doubt that they are attempting something unique?
Is it the interface between the game database thats an issue ? (and can't that be solved by a once a day indexing of the game info and transfer the index to the forum server?)
Well I won't guess cause thats just not my area.. but i'd love to understand the general aspects that make a forum so much more difficult in this situation that elsewhere?
|
Sullen Skoung
|
Posted - 2011.04.10 00:52:00 -
[132]
Originally by: Akita T
Security holes aside, how about an assurance that user feedback will be actually USED next time you ask us to test the forums ?
Or what about making the new forums not just barely functional and somewhat secure, but actually a clear improvement over the current ones in every single way ?
Honestly I doubt any of the CCP forum types actually CAN make any of those requests true, even if they say they can.
|
Siiee
Recycled Heroes
|
Posted - 2011.04.10 00:55:00 -
[133]
Originally by: Diomedes Calypso
But, I'll give the benefit of the doubt that they are attempting something unique?
They took off-the-shelf forum software and bodged their own auth methods with a fair helping of dynamic bling.
|
Barakkus
|
Posted - 2011.04.10 00:55:00 -
[134]
If you want to hire me, I'll make you all new boards from scratch and not use php for them :P
-
-
[SERVICE] Corp Standings For POS anchoring
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 00:56:00 -
[135]
Originally by: Siiee
Originally by: Diomedes Calypso
But, I'll give the benefit of the doubt that they are attempting something unique?
They took off-the-shelf forum software and bodged their own auth methods with a fair helping of dynamic bling.
Dynamic Bling? When do we get SPINNERS for our ships?
Please resize signatures to the maximum allowed filesize of 400 x 120 pixels. It is also important to note that your signature should be EVE related. Navigator |
dexington
Caldari
Baconoration
|
Posted - 2011.04.10 00:57:00 -
[136]
Originally by: Akita T
how about an assurance that user feedback will be actually USED next time you ask us to test the forums ?
eve user feedback... 50% says the font is to small, 50% says it's not big enough... 50% says the background color should be black, 50% says it should be white...
|
Calathea Sata
State War Academy
|
Posted - 2011.04.10 00:57:00 -
[137]
Apology accepted. CCP now please prove your sincerity by your actions. Excellence. Deliverance.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 00:58:00 -
[138]
Originally by: Calathea Sata
Apology accepted. CCP now please prove your sincerity by your actions. Excellence. Deliverance.
I'm waiting to see it on the CCP YouTube channel... in HD.
Please resize signatures to the maximum allowed filesize of 400 x 120 pixels. It is also important to note that your signature should be EVE related. Navigator |
Copine Callmeknau
Kangaroos With Frickin Lazerbeams
The KWFL Republic
|
Posted - 2011.04.10 00:59:00 -
[139]
Originally by: Akita T
Originally by: CCP Wrangler
Originally by: Calathea Sata
Originally by: CCP Wrangler
It has been an interesting weekend so far. Our shiny new forums havenĘt worked quite as expected and they have been going up and down a few times. We have opened up our trusted old forums for your posting pleasure and we will be keeping the new forums down until they can be sorted out. There will be more information on this on Monday. We apologize for any inconvenience this may have caused you and we thank you for your patience and understanding.
CCP needs to apologize for throwing out untested unfinished unpolished rubbish at customers as well, to a community that is so dedicated to your company's product and expecting nothing but excellence and deliverance, this is an insult.
You have my sincere and personal apology and I also apologize on behalf of CCP.
Security holes aside, how about an assurance that user feedback will be actually USED next time you ask us to test the forums ?
Or what about making the new forums not just barely functional and somewhat secure, but actually a clear improvement over the current ones in every single way ?
This
The new forums should have everything the old forums have and more. Not a mixed bag of dubious features coupled with reduced functionality.
Patience is not something you guys need to worry about here, we don't care if it gets released late so long as it's better, and that it WORKS when it gets released.
It's not like the old ones are falling to bits, they'll do perfectly well until the new forums are polished to a satisfactory level.
Oh and an option for an ultra low bandwidth (no avatars, plain black background, no animations etc) mode would be great, I'm paying by the kb here and while I like the new look of the forum, sometimes I wanna post without chewing through my internet.
Stunning EVE Online Theme for PS3 |
Copine Callmeknau
Kangaroos With Frickin Lazerbeams
The KWFL Republic
|
Posted - 2011.04.10 01:01:00 -
[140]
Edited by: Copine Callmeknau on 10/04/2011 01:02:09
Miilla your sig is ****ing awful, also it's oversized and gonna get nerfed when a mod sees it
Stunning EVE Online Theme for PS3 |
|
|
Siiee
Recycled Heroes
|
Posted - 2011.04.10 01:03:00 -
[141]
Originally by: dexington
Originally by: Akita T
how about an assurance that user feedback will be actually USED next time you ask us to test the forums ?
eve user feedback... 50% says the font is to small, 50% says it's not big enough... 50% says the background color should be black, 50% says it should be white...
100% of user complaints could be fixed by 2 user option settings? I'd call that an easy win.
|
Obsidian Hawk
RONA Legion
RONA Directorate
|
Posted - 2011.04.10 01:03:00 -
[142]
I think the main issue was a lot of people weren't reporting bugs during testing or those that said they were didnt.
|
dexington
Caldari
Baconoration
|
Posted - 2011.04.10 01:04:00 -
[143]
Originally by: Copine Callmeknau
The new forums should have everything the old forums have and more. Not a mixed bag of dubious features coupled with reduced functionality. Patience is not something you guys need to worry about here, we don't care if it gets released late so long as it's better, and that it WORKS when it gets released.
Except form the security being non existing, the forums was ready for use no reason not to release them.
Originally by: Copine Callmeknau
Oh and an option for an ultra low bandwidth (no avatars, plain black background, no animations etc) mode would be great, I'm paying by the kb here and while I like the new look of the forum, sometimes I wanna post without chewing through my internet.
Disable images in you browser if it's that big a problem...
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 01:04:00 -
[144]
Originally by: Copine Callmeknau
Edited by: Copine Callmeknau on 10/04/2011 01:02:09
Miilla your sig is ****ing awful, also it's oversized and gonna get nerfed when a mod sees it
Yours is too violent and should be also nerfed due to the blood and gore.
Please resize signatures to the maximum allowed filesize of 400 x 120 pixels. It is also important to note that your signature should be EVE related. Navigator |
Mortania
Minmatar
Kinetic Cartel
Shadow of xXDEATHXx
|
Posted - 2011.04.10 01:04:00 -
[145]
Originally by: Copine Callmeknau
Patience is not something you guys need to worry about here, we don't care if it gets released late so long as it's better, and that it WORKS when it gets released.
It's not like the old ones are falling to bits, they'll do perfectly well until the new forums are polished to a satisfactory level.
SO this.
These forums work, most people were *****ing about the change over before it happened. You don't need to rush out the new forums, at all! Beta test those suckers for a few months. Have them live and optional while you fix them. Then when it's 100% and has everything we love about the old forums and more, then bring on the new forums.
Also, please find some way to populate the old forum posts to the new forums, at least the under 90 days ones. This will allow these forums to be relevant and important right up until the change over occurs. Oh and buy out eve-search.com so that the old forums are preserved for as long as this game is running (in a easily searchable format).
|
Diomedes Calypso
|
Posted - 2011.04.10 01:04:00 -
[146]
Oh, while we're at it, I'm curios to your guys thoughts on an issue long long bantered about.
Wouldn't using different forum password than those used to log into the game itself be much more secure in many instances (like when we access forums from computers at freinds houses , via wifi, or from semi public computers)
Would that be a large technical hurdle for developers to program ?
|
Grey Stormshadow
Starwreck Industries
|
Posted - 2011.04.10 01:06:00 -
[147]
Yep... duke nukem forever took forever to finish, but people were still waiting for it as it was going to be epic :)
-------------------------------------------------
Play with the best - die like the rest
starwreck.com - support the cause :) |
Mortania
Minmatar
Kinetic Cartel
Shadow of xXDEATHXx
|
Posted - 2011.04.10 01:07:00 -
[148]
Originally by: dexington
Except form the security being non existing, the forums was ready for use no reason not to release them.
You're a moron. img support, sigs, color support, read/unread posts, understandable last read functionality, like system, all broken.
And I'm not bringing in the visual items others complain about, because I found them mostly to be better.
|
leboe
Stimulus
Rote Kapelle
|
Posted - 2011.04.10 01:09:00 -
[149]
Originally by: CCP Wrangler
It has been an interesting weekend so far. Our shiny new forums havenĘt worked quite as expected and they have been going up and down a few times. We have opened up our trusted old forums for your posting pleasure and we will be keeping the new forums down until they can be sorted out. There will be more information on this on Monday. We apologize for any inconvenience this may have caused you and we thank you for your patience and understanding.
they worked exactly how the users expected them to after looking at the beta, broken, ugly and exploitable.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 01:10:00 -
[150]
HOW MUCH FREE SKILL POINTS ARE WE GETTING FOR THIS?
Well, somebody had to ask :)
Please resize signatures to the maximum allowed filesize of 400 x 120 pixels. It is also important to note that your signature should be EVE related. Navigator |
|
|
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.10 01:12:00 -
[151]
Edited by: Tippia on 10/04/2011 01:12:45
Originally by: dexington
Originally by: Akita T
how about an assurance that user feedback will be actually USED next time you ask us to test the forums ?
eve user feedback... 50% says the font is to small, 50% says it's not big enough... 50% says the background color should be black, 50% says it should be white...
ąand the beauty of modern web design is that you can have it both ways with next to no work. Moreover, these poor old forums that should have been put out to pasture a long time ago already offer similar functionality.
Quote:
Except form the security being non existing, the forums was ready for use no reason not to release them.
ąexcept that they were hugely lacking in functionality compared to what they were meant to replace.
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
dexington
Caldari
Baconoration
|
Posted - 2011.04.10 01:12:00 -
[152]
Originally by: Mortania
Originally by: dexington
Except form the security being non existing, the forums was ready for use no reason not to release them.
You're a moron. img support, sigs, color support, read/unread posts, understandable last read functionality, like system, all broken.
And I'm not bringing in the visual items others complain about, because I found them mostly to be better.
NO UOI A MOROMN!!!!!
I had no problems with the new forums, some things seemed not 100% there yet and some features were missing, but it worked for me.
|
Julien Brellier
|
Posted - 2011.04.10 01:12:00 -
[153]
This entire, lamentable episode is typical CCP.
OMG NEW CONTENT!!!!
Who care if it doesn't work, PUSH IT OUT AT ALL COSTS!!!!!one one eleven!!
You're becoming an embrassasment when you can't even run a bloody MESSAGEBOARD in 2011.
|
Mortania
Minmatar
Kinetic Cartel
Shadow of xXDEATHXx
|
Posted - 2011.04.10 01:13:00 -
[154]
Originally by: Miilla
HOW MUCH FREE SKILL POINTS ARE WE GETTING FOR THIS?
Well, somebody had to ask :)
I know most people call you a troll, but you make me laugh.
|
Siiee
Recycled Heroes
|
Posted - 2011.04.10 01:14:00 -
[155]
Originally by: dexington
Disable images in you browser if it's that big a problem...
I don't even think that would help him as much as it should. Someone reported a 980k pageload at one point, and only 200k of that is the background image.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 01:14:00 -
[156]
Originally by: Siiee
Originally by: dexington
Disable images in you browser if it's that big a problem...
I don't even think that would help him as much as it should. Someone reported a 980k pageload at one point, and only 200k of that is the background image.
Firefox, prefbar, disable images, flash and colours.
Please resize signatures to the maximum allowed filesize of 400 x 120 pixels. It is also important to note that your signature should be EVE related. Navigator |
Siiee
Recycled Heroes
|
Posted - 2011.04.10 01:18:00 -
[157]
Originally by: Miilla
Firefox, prefbar, disable images, flash and colours.
Found it.
Originally by: Ix Forres
I can't be arsed to restate everything already mentioned but here's some "what the ****?" selections from a few moments of poking around.
18 external JS references per page. That means 18 HTTP requests per page, at least on first load, to get JS stuff up and running. Slloooow.
Gzip compression is not enabled. Could pull the page size down by ~100kb by enabling that, which is utterly trivial to do.
None of the static content (images, JS etc) have cache expiry times. This means browsers may well not cache them at all, redownloading every time they load a page. They're also not set to have cache-control:public.
You get cookies with all those images and CSS/JS files; 60kb a page load.
And according to Chrome's auditer, "122.90KB (94%) of CSS is not used by the current page." That's some prime wastage right there.
To load this thread page took 980 kilobytes. That's 4 seconds on my connection (50Mbit/s). 1 second of that is the server coming up with the page I asked for, which is pretty shoddy. Using what my browser's caching, it's still 150kb.
This whole thing stinks to high heaven of bad programming and poor understanding of what makes web applications tick.
|
SupaKudoRio
|
Posted - 2011.04.10 01:20:00 -
[158]
Originally by: Siiee
Originally by: dexington
Disable images in you browser if it's that big a problem...
I don't even think that would help him as much as it should. Someone reported a 980k pageload at one point, and only 200k of that is the background image.
Seriously!? Damn CCP, how do you manage that with a forum? Even with all that shiny, and quite useless fluff you had going on there.
Ye'llo? |
Copine Callmeknau
Kangaroos With Frickin Lazerbeams
The KWFL Republic
|
Posted - 2011.04.10 01:20:00 -
[159]
Edited by: Copine Callmeknau on 10/04/2011 01:24:14
Originally by: dexington
Originally by: Copine Callmeknau
The new forums should have everything the old forums have and more. Not a mixed bag of dubious features coupled with reduced functionality. Patience is not something you guys need to worry about here, we don't care if it gets released late so long as it's better, and that it WORKS when it gets released.
Except form the security being non existing, the forums was ready for use no reason not to release them.
Says the guy who doesn't have a sig
Quote:
Originally by: Copine Callmeknau
Oh and an option for an ultra low bandwidth (no avatars, plain black background, no animations etc) mode would be great, I'm paying by the kb here and while I like the new look of the forum, sometimes I wanna post without chewing through my internet.
Disable images in you browser if it's that big a problem...
WHY DIDN'T I THINK OF THAT!
Cause it's SOOOOO convenient having to constantly disable and reenable images across my entire browser because one site I browse happens to be a complete lardass
I mean EVE website is the only website on the entire interwebs amirite?
Not that it would even make a difference, it's not just the images that cause the excessive page size, it's the blingy **** they put in that was resulting in 500kb, or even 750kb+ forum pages. Sure CCP, I'd love to download 15mb to read a thread when I'm paying $50 for 3gb...
---
Originally by: Miilla
Originally by: Copine Callmeknau
Edited by: Copine Callmeknau on 10/04/2011 01:02:09
Miilla your sig is ****ing awful, also it's oversized and gonna get nerfed when a mod sees it
Yours is too violent and should be also nerfed due to the blood and gore.
I've had mine 5yrs, you've had yours 10min. We'll see who's gets nerfed first k?
Stunning EVE Online Theme for PS3 |
Jack Tronic
|
Posted - 2011.04.10 01:22:00 -
[160]
Originally by: Ix Forres
And according to Chrome's auditer, "122.90KB (94%) of CSS is not used by the current page." That's some prime wastage right there.
Dude needs to be less silly. If css file is cached, and it contains all the css for all the pages regardless of how much is used on the current page, it's fine.
|
|
|
Sullen Skoung
|
Posted - 2011.04.10 01:23:00 -
[161]
Originally by: Grey Stormshadow
Yep... duke nukem forever took forever to finish, but people were still waiting for it as it was going to be epic :)
Ever hear of a company called Gearbox? They published Borderlands... and took over Duke Nukem.
http://www.dukenukemforever.com/full/us/
Kind of a fail comparison as it IS gonna be epic lol
|
Mortania
Minmatar
Kinetic Cartel
Shadow of xXDEATHXx
|
Posted - 2011.04.10 01:23:00 -
[162]
Originally by: dexington
Originally by: Mortania
Originally by: dexington
Except form the security being non existing, the forums was ready for use no reason not to release them.
You're a moron. img support, sigs, color support, read/unread posts, understandable last read functionality, like system, all broken.
And I'm not bringing in the visual items others complain about, because I found them mostly to be better.
NO UOI A MOROMN!!!!!
I had no problems with the new forums, some things seemed not 100% there yet and some features were missing, but it worked for me.
heh.
it worked, yes. but barely. there were two previous rounds of testing a ton of feedback was given about things that needed improvement. it looked like almost none of them were listened too.
It makes me wonder if we should bother giving feedback on future releases.
|
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.10 01:24:00 -
[163]
Originally by: Jack Tronic
Dude needs to be less silly. If css file is cached, and it contains all the css for all the pages regardless of how much is used on the current page, it's fine.
ąexcept that, as mentioned, the server doesn't pass along any expiry information so there's a distinct risk that the browser won't cache it.
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
Froosh
Armada Assail
|
Posted - 2011.04.10 01:25:00 -
[164]
Right before forums went down, this one guy posted a topic as a dev, and made it have 197 likes.
I lol'd.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 01:25:00 -
[165]
I think CCP should made mine the asteroids in a 0.5 system and let everybody know.
Please resize signatures to the maximum allowed filesize of 400 x 120 pixels. It is also important to note that your signature should be EVE related. Navigator |
Siiee
Recycled Heroes
|
Posted - 2011.04.10 01:26:00 -
[166]
Originally by: Tippia
Originally by: Jack Tronic
Dude needs to be less silly. If css file is cached, and it contains all the css for all the pages regardless of how much is used on the current page, it's fine.
ąexcept that, as mentioned, the server doesn't pass along any expiry information so there's a distinct risk that the browser won't cache it.
And is it typical for a single page on a site to use 6% of the entire site's unique CSS rules?
|
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.10 01:30:00 -
[167]
Originally by: Siiee
And is it typical for a single page on a site to use 6% of the entire site's unique CSS rules?
I could think that it would happen if, say, most of the styling is done on the thread pages (which contain a larger number of, and far more varied, elements), whereas the test was run on the topic list page.
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
James Tylan
|
Posted - 2011.04.10 01:30:00 -
[168]
I miss my likes already....
|
SupaKudoRio
|
Posted - 2011.04.10 01:31:00 -
[169]
Originally by: Siiee
Originally by: Tippia
Originally by: Jack Tronic
Dude needs to be less silly. If css file is cached, and it contains all the css for all the pages regardless of how much is used on the current page, it's fine.
ąexcept that, as mentioned, the server doesn't pass along any expiry information so there's a distinct risk that the browser won't cache it.
And is it typical for a single page on a site to use 6% of the entire site's unique CSS rules?
Perhaps all the CSS for the entire EVE-Gate domain was loaded all at once... that might explain it.
Ye'llo? |
Froosh
Armada Assail
|
Posted - 2011.04.10 01:33:00 -
[170]
Edited by: Froosh on 10/04/2011 01:33:42
Originally by: James Tylan
I miss my likes already....
me2!1 It was fun to add as many likes as you wanted to your own posts.
err, what I means was - too see others do that.
|
|
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 01:34:00 -
[171]
Originally by: Froosh
Originally by: James Tylan
I miss my likes already....
me2 - it was fun to add as many likes as you wanted to your own posts.
err, what I means was too see others do that.
Me too, it made me feel wanted and important.
Please resize signatures to the maximum allowed filesize of 400 x 120 pixels. It is also important to note that your signature should be EVE related. Navigator |
Jada Maroo
|
Posted - 2011.04.10 01:36:00 -
[172]
Originally by: Miilla
HOW MUCH FREE SKILL POINTS ARE WE GETTING FOR THIS?
Well, somebody had to ask :)
500k sounds good.
I will become a total shill for CCP for one million though.
|
Calathea Sata
State War Academy
|
Posted - 2011.04.10 01:37:00 -
[173]
Originally by: Miilla
Originally by: Calathea Sata
Apology accepted. CCP now please prove your sincerity by your actions. Excellence. Deliverance.
I'm waiting to see it on the CCP YouTube channel... in HD.
The corruption that is now present within CCP is not just a temporary illness but a defect that is manifested deep from a more fundamental level of managements/how the company is run/how the top levels decide how the game is going to roll out. We customers are not stupid, in fact, we can be many times cleverer than the staff in CCP (see the recent forum drama) and we all know what we signed up for. There is a limit of our patience. There is a limit of our tolerance. CCP promised 18 months until the phasing out of "EVE beta" (aka the dream game) we said ok, we wait. CCP rolled out empty frameworks of features we said ok because CCP surely is going to polish it. At this point, all is fine, because we still think CCP is actually a competent company that is really going to push out the polished stuff eventually.
However this forum drama have proven, at least to me, that they are just a bunch of conceptual visionaries that have grand ideas but no clear goal and no ability to deliver it. 75,000 man hours producing this kind of forum that has no BASIC security, has bad codings/features not ironed out after two beta tests that are IMMEDIATELY improved by some scripts written by players, has a "like" function that serves absolutely NO function and is proven to be a lagsause/obviously a bad idea to begin with/a lolfeature that has GOT to be removed some day or other. Really? Excellence, deliverance, with the current ways of CCP, they are impossiblilities. This is a very obvious conclusion from this episode of epic forum fail.
Now with CCP proven to be without excellence and deliverance, the 18 months promise immediately doesn't seem so attractive or even FEASABLE anymore. Incarna will be walking in your own room. Dust will come out with only 2 maps initially and 2 guns from 2 of the 4 races, and no orbital strike. 18 months they will start saying there is too much broken features in EVE that they are simply going to reinvent them all making it a totally different game, and will happen only 36 months later.
EVE is dead. Not now, not soon. But unless CCP change their ways of doing things, all the possibilities, all the potentials, the grand visions of an ultimate sci-fi, the epic 1000 ships lag-free battle everyone dreamed about, the exciting individual features that can be fun for all types of players... they do not seem so much of a realistic probability anymore.
Regain our faith CCP. I do not wish to see such a great internet sci-fi simulator in the future getting crushed by incompetance and poor management of its mother company. We all want to see the day coming. But you guys are the ones that need to reconsolidate among yourselves. I hope this message can serve as a gentle slap in the face for CCP, and wake up the dreaming giant within you to build us that untimate galatic kingdom that we see in our dreams.
*the statistics are probably wrong but they are not the mainpoint here.
|
Froosh
Armada Assail
|
Posted - 2011.04.10 01:37:00 -
[174]
Originally by: Miilla
Originally by: Froosh
Originally by: James Tylan
I miss my likes already....
me2 - it was fun to add as many likes as you wanted to your own posts.
err, what I means was too see others do that.
Me too, it made me feel wanted and important.
me3! It was cool to be acknowledged on teh interwebs when I fail in real life, only having two bachelors and one on going masters degree :ŗ
/wrists
|
Desert Ice78
Gryphon River Industries
R-I-P
|
Posted - 2011.04.10 01:38:00 -
[175]
Honestly, hands up anyone who is truely not surprised.
CCP: Consistency since 2003.
|
Sturmwolke
|
Posted - 2011.04.10 01:39:00 -
[176]
Edited by: Sturmwolke on 10/04/2011 01:43:35
Originally by: Copine Callmeknau
Originally by: Akita T
Security holes aside, how about an assurance that user feedback will be actually USED next time you ask us to test the forums ?
Or what about making the new forums not just barely functional and somewhat secure, but actually a clear improvement over the current ones in every single way ?
This
The new forums should have everything the old forums have and more. Not a mixed bag of dubious features coupled with reduced functionality.
Patience is not something you guys need to worry about here, we don't care if it gets released late so long as it's better, and that it WORKS when it gets released.
It's not like the old ones are falling to bits, they'll do perfectly well until the new forums are polished to a satisfactory level.
They're probably under a time constraint or internal roadmap that builds up to DUST514. Their grand vision is to integrate both communities under EVEGate, which may or may not back fire when the time comes, imo ... but we'll deal with it when the time comes.
Good implementations can generally be identified by having met or surpassed what it replaces - measured from both internal tests and user feedback. The (temporarily defunct) new EVE forum did not meet these basic criterion. The user feedbacks were generally negative, based on the noise level it generated. I offer you, contrast that to how CCP implemented the beta Contracts Search ... note any difference?
Depending on the workings inside CCP, yes the project leader's hand may be shortened due to lack of resources - but I highly doubt that based on the time they've had building it. All evidences (the ones which are public anyway) thus far points to massive incompetence in both the code architecture and decision making process.
You'd typically be running a post-mortem on this after putting out the immediate fires, mainly to ensure that it is mitigated and never happens again by adopting (pro-actively) the learnings into an internal BKMs. Infact, large companies like Intel (for example) have an internal BKM database that serves as a sort of internal wiki for employees for all sorts of things.
edit:clarity
|
Razin
The xDEATHx Squadron
Legion of xXDEATHXx
|
Posted - 2011.04.10 01:40:00 -
[177]
Originally by: Shaylene
wow! A forum you can read more then 1 minute before youre eyes starts to bleed woohoo!
Hated the new forum. Old forum is way better.
I have to agree with this. Damn but the new forums are an eyesore!
...
|
Sullen Skoung
|
Posted - 2011.04.10 01:40:00 -
[178]
*hand up*
ok ok you caught me trollin
|
Froosh
Armada Assail
|
Posted - 2011.04.10 01:41:00 -
[179]
Originally by: Calathea Sata
Originally by: Miilla
Originally by: Calathea Sata
Apology accepted. CCP now please prove your sincerity by your actions. Excellence. Deliverance.
I'm waiting to see it on the CCP YouTube channel... in HD.
The corruption that is now present within CCP is not just a temporary illness but a defect that is manifested deep from a more fundamental level of managements/how the company is run/how the top levels decide how the game is going to roll out. We customers are not stupid, in fact, we can be many times cleverer than the staff in CCP (see the recent forum drama) and we all know what we signed up for. There is a limit of our patience. There is a limit of our tolerance. CCP promised 18 months until the phasing out of "EVE beta" (aka the dream game) we said ok, we wait. CCP rolled out empty frameworks of features we said ok because CCP surely is going to polish it. At this point, all is fine, because we still think CCP is actually a competent company that is really going to push out the polished stuff eventually.
However this forum drama have proven, at least to me, that they are just a bunch of conceptual visionaries that have grand ideas but no clear goal and no ability to deliver it. 75,000 man hours producing this kind of forum that has no BASIC security, has bad codings/features not ironed out after two beta tests that are IMMEDIATELY improved by some scripts written by players, has a "like" function that serves absolutely NO function and is proven to be a lagsause/obviously a bad idea to begin with/a lolfeature that has GOT to be removed some day or other. Really? Excellence, deliverance, with the current ways of CCP, they are impossiblilities. This is a very obvious conclusion from this episode of epic forum fail.
Now with CCP proven to be without excellence and deliverance, the 18 months promise immediately doesn't seem so attractive or even FEASABLE anymore. Incarna will be walking in your own room. Dust will come out with only 2 maps initially and 2 guns from 2 of the 4 races, and no orbital strike. 18 months they will start saying there is too much broken features in EVE that they are simply going to reinvent them all making it a totally different game, and will happen only 36 months later.
EVE is dead. Not now, not soon. But unless CCP change their ways of doing things, all the possibilities, all the potentials, the grand visions of an ultimate sci-fi, the epic 1000 ships lag-free battle everyone dreamed about, the exciting individual features that can be fun for all types of players... they do not seem so much of a realistic probability anymore.
Regain our faith CCP. I do not wish to see such a great internet sci-fi simulator in the future getting crushed by incompetance and poor management of its mother company. We all want to see the day coming. But you guys are the ones that need to reconsolidate among yourselves. I hope this message can serve as a gentle slap in the face for CCP, and wake up the dreaming giant within you to build us that untimate galatic kingdom that we see in our dreams.
*the statistics are probably wrong but they are not the mainpoint here.
tl;dr: you see me quittin', imma be hatin'
btw. can i has ur stuffs
|
Calathea Sata
State War Academy
|
Posted - 2011.04.10 01:43:00 -
[180]
Originally by: Froosh
tl;dr: you see me quittin', imma be hatin'
btw. can i has ur stuffs
I might consider if you say please.
|
|
|
Elyssa MacLeod
|
Posted - 2011.04.10 01:44:00 -
[181]
Originally by: Froosh
tl;dr: you see me quittin', imma be hatin'
so youre saying you dont see any incompetance in CCP?
This is all good in your eyes? Or are you just trolling? cause that tl/dr had some good points to it.
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
Froosh
Armada Assail
|
Posted - 2011.04.10 01:44:00 -
[182]
Edited by: Froosh on 10/04/2011 01:49:16
Edited by: Froosh on 10/04/2011 01:46:47
Originally by: Calathea Sata
Originally by: Froosh
tl;dr: you see me quittin', imma be hatin'
btw. can i has ur stuffs
I might consider if you say please.
Pretty please - u be my internets spazship hero!
|
Elyssa MacLeod
|
Posted - 2011.04.10 01:47:00 -
[183]
Originally by: Calathea Sata
Originally by: Froosh
tl;dr: you see me quittin', imma be hatin'
btw. can i has ur stuffs
I might consider if you say please.
Hey give it to me I stuck up for you lol
The only good thing about the new forums is it didnt have the bull**** two minute wait crap... ofc it took 2 minutes to do anything...
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
Froosh
Armada Assail
|
Posted - 2011.04.10 01:49:00 -
[184]
Originally by: Elyssa MacLeod
Originally by: Froosh
tl;dr: you see me quittin', imma be hatin'
so youre saying you dont see any incompetance in CCP?
This is all good in your eyes? Or are you just trolling? cause that tl/dr had some good points to it.
You're right, valid points indeed.
I just think it's so hilarious that CCP has made such an utterly epic fail boat of the new forums that it's just disgusting. Hence the trolling.
Valid points are made in this thread - I approve.
|
Siiee
Recycled Heroes
|
Posted - 2011.04.10 01:50:00 -
[185]
Originally by: SupaKudoRio
Perhaps all the CSS for the entire EVE-Gate domain was loaded all at once... that might explain it.
Evegate loads a different file global.CSS, which is 2846 lines and includes plentiful formatting and whitespace is about 9k. The forum main CSS file does seem to be almost entirely .yafnet tags, is 72k fully compacted, and expands out to 3842 lines when breaking on ;s
Ix's page load test was done on the "reasons this forum sucks" thread, on a page that was maybe 1/2 full of posts at the time
|
Sullen Skoung
|
Posted - 2011.04.10 01:52:00 -
[186]
Ah, I understand!!
The forum fail was on purpose, to distract ppl from the botting cancer growing in the game.
|
Myra2007
Millstone Industries
|
Posted - 2011.04.10 01:54:00 -
[187]
Originally by: CCP Alice
[...] we want to launch with a solidly working, polished product.
So my question is simple: what happened?
--
Originally by: CCP Elais
It was a great Frankenstein moment [...] to see the forum [...] come alive.
|
Copine Callmeknau
Kangaroos With Frickin Lazerbeams
The KWFL Republic
|
Posted - 2011.04.10 01:56:00 -
[188]
Originally by: Myra2007
Originally by: CCP Alice
[...] we want to launch with a solidly working, polished product.
So my question is simple: what happened?
CCP happened
Stunning EVE Online Theme for PS3 |
Nyio
Gallente
Federal Navy Academy
|
Posted - 2011.04.10 01:58:00 -
[189]
Hm.. I had the strangest dream, about CCP making a new "shiny" forum.
When I woke up I had to check if it was only a nightmare, and *pheew* it was.
Seriously though, New isn't always better.
Especially not when the majority thinks so.
(I still like the awesome way this "old" forum opens up in the mainsite.)
<-- Bearded pirate.
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.10 02:00:00 -
[190]
Originally by: Sturmwolke
Originally by: Copine Callmeknau
Originally by: Akita T
Security holes aside, how about an assurance that user feedback will be actually USED next time you ask us to test the forums ?
Or what about making the new forums not just barely functional and somewhat secure, but actually a clear improvement over the current ones in every single way ?
This
The new forums should have everything the old forums have and more. Not a mixed bag of dubious features coupled with reduced functionality.
Patience is not something you guys need to worry about here, we don't care if it gets released late so long as it's better, and that it WORKS when it gets released.
It's not like the old ones are falling to bits, they'll do perfectly well until the new forums are polished to a satisfactory level.
They're probably under a time constraint or internal roadmap that builds up to DUST514. Their grand vision is to integrate both communities under EVEGate, which may or may not back fire when the time comes, imo ... but we'll deal with it when the time comes.
Good implementations can generally be identified by having met or surpassed what it replaces - measured from both internal tests and user feedback. The (temporarily defunct) new EVE forum did not meet these basic criterion. The user feedbacks were generally negative, based on the noise level it generated. I offer you, contrast that to how CCP implemented the beta Contracts Search ... note any difference?
Depending on the workings inside CCP, yes the project leader's hand may be shortened due to lack of resources - but I highly doubt that based on the time they've had building it. All evidences (the ones which are public anyway) thus far points to massive incompetence in both the code architecture and decision making process.
You'd typically be running a post-mortem on this after putting out the immediate fires, mainly to ensure that it is mitigated and never happens again by adopting (pro-actively) the learnings into an internal BKMs. Infact, large companies like Intel (for example) have an internal BKM database that serves as a sort of internal wiki for employees for all sorts of things.
edit:clarity
CCP needs to change its strategy of rolling out new shiny junk over polished features.
That path leads to self-destruction in the long run.
_
Make ISK||Build||React||1k papercuts
_
|
|
|
Elyssa MacLeod
|
Posted - 2011.04.10 02:09:00 -
[191]
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs
I think I have a new sig lol
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
David Hassan
|
Posted - 2011.04.10 02:12:00 -
[192]
Eve Online, greatest vaporware ever sold. How many 'expansions' have we gotten now that are entirely broken upon launch?
-Faction Warfare
-Dominion Sov mechanics (not just bad, but didnt work for weeks after launch)
-PI and Facebook faux content
-Incursions
CCP is Committed to something, but it sure as hell isn't quality.
At least you put back up working forums after the new ones fell apart at the seams for 2 days. I guess that whole 'testing the new forums' thing was just your devs pretending to work. They are either lazy or incompetent, which is it?
Just keep pouring more money into advertising, the actual quality of services rendered doesn't matter at all.
Also, funny as hell that you advertised the new forums with a really th'uper gay unicorn banner. Honesty in advertising.
|
Elyssa MacLeod
|
Posted - 2011.04.10 02:15:00 -
[193]
I think what we saw WAS the testing phase of the forums
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
Calathea Sata
State War Academy
|
Posted - 2011.04.10 02:16:00 -
[194]
Originally by: David Hassan
Eve Online, greatest vaporware ever sold. How many 'expansions' have we gotten now that are entirely broken upon launch?
-Faction Warfare
-Dominion Sov mechanics (not just bad, but didnt work for weeks after launch)
-PI and Facebook faux content
-Incursions
CCP is Committed to something, but it sure as hell isn't quality.
At least you put back up working forums after the new ones fell apart at the seams for 2 days. I guess that whole 'testing the new forums' thing was just your devs pretending to work. They are either lazy or incompetent, which is it?
Just keep pouring more money into advertising, the actual quality of services rendered doesn't matter at all.
Also, funny as hell that you advertised the new forums with a really th'uper gay unicorn banner. Honesty in advertising.
This.
It's a proven and undeniable track record that CCP has shown us over YEARS. This path leads to nowhere.
|
Froosh
Armada Assail
|
Posted - 2011.04.10 02:18:00 -
[195]
Originally by: Akita T
CCP needs to change its strategy of rolling out new shiny junk over polished features.
That path leads to self-destruction in the long run.
|
Julyan Fox
Caldari
|
Posted - 2011.04.10 02:25:00 -
[196]
Maybe if more ppl went to test it things would have been better too. Ppl tend to forget EVE isn't an 11 million subscriber mmo.
As for the design I vote for transparent forums over godly gaz cloud backgrounds
|
Bhattran
|
Posted - 2011.04.10 02:32:00 -
[197]
I take this opportunity to once again salute the CCP QA team.
Papa don't preach, I've been losing sleep
But I made up my mind, I'm keeping my baby, oh
I'm gonna keep my baby, mmm... |
Rico Lobo
|
Posted - 2011.04.10 02:37:00 -
[198]
Originally by: Akita T
I am quite happy with how things turned out.
Please, take your time to plug the problems.
A couple of years will do nicely.
Um Akita, literaly the only way there gona plug some of the problems is to literaly plug some of the problems.
and by plug, I mean the West Texas cowboy meaning of the word.
|
Steve Thomas
Minmatar
Sebiestor Tribe
|
Posted - 2011.04.10 02:38:00 -
[199]
Originally by: Garbol Hellbrecht
But, but... They made an awesome video of things that will be in a game... Oh wait...
I suspect they should hire thoes people to actualy do the development work on all future CCP projects. they can only do it better.
.end of line.
----
If you think your too paranoid to play EvE...
Then you clearly are not paranoid enough to play EvE
(Alt list) Rico Lobo |
Elyssa MacLeod
|
Posted - 2011.04.10 02:42:00 -
[200]
lol yeah, theres a great way to look at it, they cant do any worse, things can only get better here on out
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
|
|
Steve Thomas
Minmatar
Sebiestor Tribe
|
Posted - 2011.04.10 02:43:00 -
[201]
Originally by: Misanth
CCP, was these major security issues a case of you creating something above your competence level, or a case of your upper management pushing out a product that wasn't finished?
Considering that you could use the build in Developer tools in Windows Exploer 9.0 to do half of what people were complaining about. . . I would have to say Both.
Seriously did you guys load the forums in developer mod on purpose or something?
.end of line.
----
If you think your too paranoid to play EvE...
Then you clearly are not paranoid enough to play EvE
(Alt list) Rico Lobo |
Mag's
the united
Negative Ten.
|
Posted - 2011.04.10 02:47:00 -
[202]
Edited by: Mag''s on 10/04/2011 02:49:16
Originally by: CCP Wrangler
It has been an interesting weekend so far. Our shiny new forums havenĘt worked quite as expected and they have been going up and down a few times. We have opened up our trusted old forums for your posting pleasure and we will be keeping the new forums down until they can be sorted out. There will be more information on this on Monday. We apologize for any inconvenience this may have caused you and we thank you for your patience and understanding.
Funny thing is, they work exactly how many of us expected. Not at all well.
Edit: Respect for the apology.
Originally by: Allestin Villimar
Also, if your bookmarks are too far out, they can and will ban you for it.
Originally by: Torothanax
Low population in w systems makes afk cloaking unattractive. |
Marconus Orion
S.E.G.W.A.Y.
|
Posted - 2011.04.10 02:47:00 -
[203]
I bet the forums for DUST 514 and World of Darkness won't have these problems.
|
Steve Thomas
Minmatar
Sebiestor Tribe
|
Posted - 2011.04.10 02:55:00 -
[204]
Edited by: Steve Thomas on 10/04/2011 02:56:41
Originally by: CCP Sreegs
My job is response, not reviewing every single line of code that gets written.
to be honest it should not be, your job is security, not being nany to all 1500+ CPUs owned by CCP
and lets be honest I dont think anyone expeced that just by haveing a spefice brouser and operating system combo that all you would have to do is push one button on your keybard and have the forums apear to go into "full edit" mode.
Originally by: Marconus Orion
I bet the forums for DUST 514 and World of Darkness won't have these problems.
nope, were talking about lord muphy here.
the problem will be all new,
and a lot worse.
.end of line.
----
If you think your too paranoid to play EvE...
Then you clearly are not paranoid enough to play EvE
(Alt list) Rico Lobo |
Trocent
Amarr
24th Imperial Crusade
|
Posted - 2011.04.10 02:57:00 -
[205]
I really wish these whiners were real programmers. They'd know how strange problems arise. Out of all the MMOs I played CCP still does a hell of a lot better than anyone else.
Also to all you whiners, remember that CCP could always make this a carebear game. That'd probably get a few million subscriptions and make a ton more money, but they don't. Feel grateful or leave.
|
Marconus Orion
S.E.G.W.A.Y.
|
Posted - 2011.04.10 03:07:00 -
[206]
Originally by: Trocent
I really wish these whiners were real programmers. They'd know how strange problems arise. Out of all the MMOs I played CCP still does a hell of a lot better than anyone else.
Also to all you whiners, remember that CCP could always make this a carebear game. That'd probably get a few million subscriptions and make a ton more money, but they don't. Feel grateful or leave.
Some of these people complaining are programmers. The same people who pointed out the problems before it went live. CCP just ignored them and shoved it out to the customers so they could say they Delivered.
|
|
CCP Sreegs
|
Posted - 2011.04.10 03:09:00 -
[207]
Just to keep you guys who weren't in the loop aware there will still be a security-related blog about the forum issues Monday or so. Now with BONUS CONTENT! |
|
|
CCP Sreegs
|
Posted - 2011.04.10 03:10:00 -
[208]
Edited by: CCP Sreegs on 10/04/2011 03:10:15
Originally by: Marconus Orion
Originally by: Trocent
I really wish these whiners were real programmers. They'd know how strange problems arise. Out of all the MMOs I played CCP still does a hell of a lot better than anyone else.
Also to all you whiners, remember that CCP could always make this a carebear game. That'd probably get a few million subscriptions and make a ton more money, but they don't. Feel grateful or leave.
Some of these people complaining are programmers. The same people who pointed out the problems before it went live. CCP just ignored them and shoved it out to the customers so they could say they Delivered.
If you have any evidence of this I'd welcome you to share it with me. [email protected] |
|
Habaticus
Gallente
|
Posted - 2011.04.10 03:15:00 -
[209]
Thanks for being proactive on this CCP. Many companies would have to tried fix on the move to avoid the trollfest.
Kudos to you and your hardworking people.
|
Calathea Sata
State War Academy
|
Posted - 2011.04.10 03:18:00 -
[210]
Originally by: Habaticus
Thanks for being proactive on this CCP. Many companies would have to tried fix on the move to avoid the trollfest.
Kudos to you and your hardworking people.
They don't deserve kudos. Kudos are for people who can deliver excellence, they cannot.
|
|
|
Froosh
Armada Assail
|
Posted - 2011.04.10 03:19:00 -
[211]
All hatin should be directed at this guy:
CCP Lingorm
CCP Quality Assurance
QA Engineering Team Leader
|
Diomedes Calypso
|
Posted - 2011.04.10 03:21:00 -
[212]
Originally by: Froosh
All hatin should be directed at this guy:
CCP Lingorm
CCP Quality Assurance
QA Engineering Team Leader
What sort of ship does he fly and what systems does he frequent... i'll get a bubbler and a hurricane parked on the gate asap ...
I should be able to get his pod too with the double sebo cane fit ; )
|
Ben Derindar
Dirty Deeds Corp.
|
Posted - 2011.04.10 03:23:00 -
[213]
Originally by: Froosh
All hatin should be directed at this guy:
CCP Lingorm
CCP Quality Assurance
QA Engineering Team Leader
That's a bit unfair, considering he left CCP a couple of years back now.
But for sure, whoever his current successor is, should be in deep trouble over this mess.
|
Jaik7
|
Posted - 2011.04.10 03:40:00 -
[214]
Originally by: CCP Wrangler[/quote
You have my sincere and personal apology and I also apologize on behalf of CCP.
ok, now you need to make an audio file, preferably one normal, and one with a dance remix and beatboxing, and one in waltz.
one two three, one two three, one two three
p.s., i missed you so much lol for me my
|
Steve Thomas
Minmatar
Sebiestor Tribe
|
Posted - 2011.04.10 03:47:00 -
[215]
Originally by: CCP Sreegs
Edited by: CCP Sreegs on 10/04/2011 03:10:15
Originally by: Marconus Orion
Originally by: Trocent
I really wish these whiners were real programmers. They'd know how strange problems arise. Out of all the MMOs I played CCP still does a hell of a lot better than anyone else.
Also to all you whiners, remember that CCP could always make this a carebear game. That'd probably get a few million subscriptions and make a ton more money, but they don't. Feel grateful or leave.
Some of these people complaining are programmers. The same people who pointed out the problems before it went live. CCP just ignored them and shoved it out to the customers so they could say they Delivered.
If you have any evidence of this I'd welcome you to share it with me. [email protected]
I can save you the time, on this forum thread you have one IT systems developer who works for Kinder*Morgan Pipelines, two Web content developers from CITIgroup and a Network system specialist for The Clydesdale Bank PLC UK.
now how many of them actualy ARE in thoes feilds is a matter of speculation. after all you can say whatever you like in facebook.
.end of line.
----
If you think your too paranoid to play EvE...
Then you clearly are not paranoid enough to play EvE
(Alt list) Rico Lobo |
Anulla Bequin
Minmatar
|
Posted - 2011.04.10 03:47:00 -
[216]
Hurray for socks!
|
Calathea Sata
State War Academy
|
Posted - 2011.04.10 03:58:00 -
[217]
CCP broke my heart
|
Jonathan Malcom
Gallente
Test Alliance Please Ignore
|
Posted - 2011.04.10 03:59:00 -
[218]
Originally by: Calathea Sata
CCP broke my heart
Holy ****ing dog ****. Quit the game already and stop ****ting up my forums with your intolerable drivel.
|
Fearless M0F0
Aliastra
|
Posted - 2011.04.10 04:17:00 -
[219]
We will know after the dev blog about this forum fiasco but from what little info I could found about these "security issues" it appears they are related to not validating server-side along with client-side.
I think the new forums are in c# and .NET 3.5 and as one who has been developing in this technology for the last 8 years I've found such mistakes being made by noobs and very senior developers. Just this week I showed a senior dev in my office how his security feature was easily by-passable by just typing a new url
So yeah, it's an epic fail but it's understandable if the web team doesn't have the right kind of experience.
Btw, storing sensitive data such as my char id in unencrypted cookies?  . Do they know about the ASP.NET Session object?
--
I take offense on people feeling offended by me |
Serpents smile
|
Posted - 2011.04.10 04:17:00 -
[220]
I can only hope that this delay gives the moderation team like Navigator and Wrangler time to reflect back, think over how the past days felt under the new forums and compare it with the current revived old one.
There is no hair on my slowly baldly going head who believes that we the users are the only ones who got serious trouble with the new forums readability. If you have to work with it all day, there is no way to ignore it.
We can, and I was seriously planning on cutting severely down on EVE forum time because of the eye strain. As a moderator, you cannot.
Just think o the pain you'll have going through (trying to read) a thread naught like when CCP disabled 'ghost training' or took Chribba's Veldnaught away from high sec.
So, I really hope next monday that during the morning (web development) round table session you guys and girls, chime in and get your foot down and make sure that the next forum itteration includes as much of your user feedback as possible.
Cheers and, thanks for the chuckles.
|
|
|
Jada Maroo
|
Posted - 2011.04.10 04:19:00 -
[221]
Edited by: Jada Maroo on 10/04/2011 04:20:08
Originally by: Jonathan Malcom
Originally by: Calathea Sata
CCP broke my heart
Holy ****ing dog ****. Quit the game already and stop ****ting up my forums with your intolerable drivel.
Yeah, that's always the problem with dramatically announcing your farewell on a forum. It's never quite the event you hope for, and you can't take part in the drama if you actually leave. So really to soak it all in you have to announce that you're leaving and then create drama for the next week or so. Otherwise, quitting is short and not at all satisfying.
This is why I never announce anything whenever I leave an online community. I simply leave, and for years people are like "Where did that person go? Are they dead? Was it butt cancer? I hope it was butt cancer."
|
Calathea Sata
State War Academy
|
Posted - 2011.04.10 04:20:00 -
[222]
Verdana > Arial
|
Elyssa MacLeod
|
Posted - 2011.04.10 04:21:00 -
[223]
Originally by: Marconus Orion
I bet the forums for DUST 514 and World of Darkness won't have these problems.
*clicks like*
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
Sullen Skoung
|
Posted - 2011.04.10 04:24:00 -
[224]
Originally by: Jonathan Malcom
Originally by: Calathea Sata
CCP broke my heart
Holy ****ing dog ****. Quit the game already and stop ****ting up my forums with your intolerable drivel.
you first :)
|
dexington
Caldari
Baconoration
|
Posted - 2011.04.10 04:25:00 -
[225]
Originally by: Fearless M0F0
Btw, storing sensitive data such as my char id in unencrypted cookies? . Do they know about the ASP.NET Session object?
Are you talking about the charid, everyone can see by mouse over you picture her on the forums?
|
Spyke BlackIce
Minmatar
|
Posted - 2011.04.10 04:25:00 -
[226]
I usually keep my arse out of whine-fests, troll parades, and general rock throwing, but this fiasco warrants grabbing my pitchfork and joining the mob if only because of the fact that after the two test runs of the new forums, they were released not only with HUGE, wide-open security problems, but little if any of the testers' feedback was heeded. I took part in the first test run (unfortunately I couldn't find enough time due to RL issues to help with the second) but when the forums opened, I could only find a miniscule few examples of the user feedback actually being used. Why bother with tests CCP, if our input is thrown out and disregarded along with the garbage?
It is becoming obvious that someone in upper management doesn't have a clue. They want their new toys - the way it was designed, regardless of flaws and lack of features - out the door and to hell with what the customer wants, needs, envisions, or finds lacking, and worse, to hell with the silly 'polished' idea. "Get it out so that we can move onto the next new toy and we'll finish fixing it later (maybe)", seems to be this person's (or persons') motto.
I actually have a lot of respect for most of the dev teams at CCP, and I applaud their apology and acknowledgement of the problem here as well as their dropping back and punting the old forums into service again. Many companies (no *cough* *S.O.E* *cough* names here) would have taken the stoic, we-know-best-and-you-couldn't-grasp-the-issues route by simply reopening the old forums with a message along the lines of "Due to technical issues, we will be using the old forums until further notice." and that would be that. I'm not implying that the web team should not be tarred-and-feathered for this MAJOR coding ineptitude they called a forum, but I seriously believe the issue began and ended in the top echelon of management. Something this bad quite frankly should not have happened, not even in the devs' worse nightmares. The issue HAD to be a time/deadline/personnel squeeze. Plain and simple.
__________________________
~~~Spyke
Blog: Mortal Immortals - Pods & Footprints in the Dust
Twitter: @Spyke_BlackIce (#TweetFleet)
Facebook: facebook.com/spyke.blackice |
Cambarus
The Baros Syndicate
|
Posted - 2011.04.10 04:26:00 -
[227]
Originally by: Jada Maroo
Edited by: Jada Maroo on 10/04/2011 04:20:08
Originally by: Jonathan Malcom
Originally by: Calathea Sata
CCP broke my heart
Holy ****ing dog ****. Quit the game already and stop ****ting up my forums with your intolerable drivel.
Yeah, that's always the problem with dramatically announcing your farewell on a forum. It's never quite the event you hope for, and you can't take part in the drama if you actually leave. So really to soak it all in you have to announce that you're leaving and then create drama for the next week or so. Otherwise, quitting is short and not at all satisfying.
This is why I never announce anything whenever I leave an online community. I simply leave, and for years people are like "Where did that person go? Are they dead? Was it butt cancer? I hope it was butt cancer."
Confirming that I was VERY pleased when a few months back I checked on the forum for the game I left for eve (nearly 5 years ago) to find that there were still a few people bringing me up in arguments where people were posting page-long rebuttals |
Calathea Sata
State War Academy
|
Posted - 2011.04.10 04:30:00 -
[228]
Originally by: Spyke BlackIce
I usually keep my arse out of whine-fests, troll parades, and general rock throwing, but this fiasco warrants grabbing my pitchfork and joining the mob if only because of the fact that after the two test runs of the new forums, they were released not only with HUGE, wide-open security problems, but little if any of the testers' feedback was heeded. I took part in the first test run (unfortunately I couldn't find enough time due to RL issues to help with the second) but when the forums opened, I could only find a miniscule few examples of the user feedback actually being used. Why bother with tests CCP, if our input is thrown out and disregarded along with the garbage?
It is becoming obvious that someone in upper management doesn't have a clue. They want their new toys - the way it was designed, regardless of flaws and lack of features - out the door and to hell with what the customer wants, needs, envisions, or finds lacking, and worse, to hell with the silly 'polished' idea. "Get it out so that we can move onto the next new toy and we'll finish fixing it later (maybe)", seems to be this person's (or persons') motto.
I actually have a lot of respect for most of the dev teams at CCP, and I applaud their apology and acknowledgement of the problem here as well as their dropping back and punting the old forums into service again. Many companies (no *cough* *S.O.E* *cough* names here) would have taken the stoic, we-know-best-and-you-couldn't-grasp-the-issues route by simply reopening the old forums with a message along the lines of "Due to technical issues, we will be using the old forums until further notice." and that would be that. I'm not implying that the web team should not be tarred-and-feathered for this MAJOR coding ineptitude they called a forum, but I seriously believe the issue began and ended in the top echelon of management. Something this bad quite frankly should not have happened, not even in the devs' worse nightmares. The issue HAD to be a time/deadline/personnel squeeze. Plain and simple.
__________________________
~~~Spyke
Liked
|
Liang Nuren
|
Posted - 2011.04.10 04:34:00 -
[229]
Edited by: Liang Nuren on 10/04/2011 04:36:27
Originally by: Miilla
HOW MUCH FREE SKILL POINTS ARE WE GETTING FOR THIS?
Well, somebody had to ask :)
We should get 5k SP per post on the old forums. :)
-Liang
Ed: Also, good luck getting it all sorted out. Sreegs, may I kindly suggest that you have the Evegate/Web PO tell us just what that team has been up to for the last X months? I don't demand it, because that'd be horribly arrogant - but it sure would be nice to see that they're not the gross incompetents they are made out to be (taking X months to turn out a YAF.net). :)
--
Eve Forum ***** Extraordinaire
On Twitter
|
Rakshasa Taisab
Caldari
Sane Industries Inc.
Initiative Mercenaries
|
Posted - 2011.04.10 04:45:00 -
[230]
Originally by: Fearless M0F0
Btw, storing sensitive data such as my char id in unencrypted cookies? . Do they know about the ASP.NET Session object?
The 8 years of experience hasn't thought you that the char id isn't sensitive data? lol
Validation of the char id is what is failing, an as such the AUTH key in the cookie is the likely culprit. Either they only hashed the user id rather than including the char id or somehow messed up something like that. You do not need to encrypt the cookie to have proper security.
|
|
|
Fearless M0F0
Aliastra
|
Posted - 2011.04.10 05:00:00 -
[231]
Originally by: dexington
Originally by: Fearless M0F0
Btw, storing sensitive data such as my char id in unencrypted cookies? . Do they know about the ASP.NET Session object?
Are you talking about the charid, everyone can see by mouse over you picture her on the forums?
It's not disclosing the charid, is the fact that they are revealing to anybody who cares to inspect cookies that they are using this value to drive a security feature.
--
I take offense on people feeling offended by me |
Trocent
Amarr
24th Imperial Crusade
|
Posted - 2011.04.10 05:04:00 -
[232]
Originally by: Marconus Orion
Originally by: Trocent
I really wish these whiners were real programmers. They'd know how strange problems arise. Out of all the MMOs I played CCP still does a hell of a lot better than anyone else.
Also to all you whiners, remember that CCP could always make this a carebear game. That'd probably get a few million subscriptions and make a ton more money, but they don't. Feel grateful or leave.
Some of these people complaining are programmers. The same people who pointed out the problems before it went live. CCP just ignored them and shoved it out to the customers so they could say they Delivered.
Then I take it they've programmed a game as advanced as Eve and could single handedly fix the problems in eve. I doubt it. All these people do is whine. CCP released some forums, people exploided them and CCP took it down, would you rather them just keep the forums up?
Regardless of what the whiners say, CCP are doing a pretty good job even when problems arise. Suck it up people.
|
Liang Nuren
|
Posted - 2011.04.10 05:07:00 -
[233]
Edited by: Liang Nuren on 10/04/2011 05:07:26
Originally by: Trocent
Then I take it they've programmed a game as advanced as Eve and could single handedly fix the problems in eve. I doubt it. All these people do is whine. CCP released some forums, people exploided them and CCP took it down, would you rather them just keep the forums up?
Regardless of what the whiners say, CCP are doing a pretty good job even when problems arise. Suck it up people.
For the most part, +1. There are a huge number of armchair developers playing Eve. But I must admit there are also a pretty good number of actually solid developers playing Eve. Apparently one of the bigger problems CCP has for attracting good talent is the fact that they're in Iceland. This comes with all the associated problems - from "its cold" to "its different than home". Being an expat isn't terribly easy.
-Liang
Ed: Formatting.
--
Eve Forum ***** Extraordinaire
On Twitter
|
De'Veldrin
Minmatar
Self Preservation Society the 2nd
|
Posted - 2011.04.10 05:17:00 -
[234]
Originally by: Tippia
Originally by: De'Veldrin
Tippia, I have often said you have the patience of a saint, but I think you may have moved into a state bordering on denial at this point.
I wouldn't call it "denial" so much as some kind of nanve romanticism ł hope springs eternal and all that noise.
Well, hope is a virtue...even when it chances to be misplaced.
--Vel
Originally by: Blacksquirrel
This is EVE. PVE can happen anywhere at anytime. Be prepared.
|
Mnengli Noiliffe
|
Posted - 2011.04.10 05:45:00 -
[235]
And while you're at fixing your new forums, don't forget to make the "Likes" PER POST as you announced in the blog, not per character as it was implemented.
|
Grimpak
Gallente
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.10 05:57:00 -
[236]
Originally by: Ben Derindar
Originally by: Froosh
All hatin should be directed at this guy:
CCP Lingorm
CCP Quality Assurance
QA Engineering Team Leader
That's a bit unfair, considering he left CCP a couple of years back now.
But for sure, whoever his current successor is, should be in deep trouble over this mess.
I think that QA didn't even touched the forums, or if they did, nobody listened.
---
Quote:
The more I know about humans, the more I love animals.
ain't that right. |
Whitehound
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.10 06:18:00 -
[237]
Frankly, it is what you get for putting this onto my EVE login screen. Your failure serves you right! 
--
|
Karia Sur
|
Posted - 2011.04.10 06:34:00 -
[238]
Grats to CCP for finally seeing sense.
|
Vaerah Vahrokha
Minmatar
Vahrokh Consulting
|
Posted - 2011.04.10 07:18:00 -
[239]
Originally by: Tippia
Hopefully, they'll actually start listening to the feedback now
I was about to type "are you new"?
Nah, it has to be a troll.
Originally by: Akita T
However, it seems they finally saw reason and did the right thing.
It probably took quite a bit of ego restraining to make this move back, but it was the right thing to do.
So, in a way, some kudos are in order.
No, due to horrid PR the thing has been escalated to upper brass who care for PR more than the regular employees. Upper brass can pull the plug.
Originally by: Sullen Skoung
lol I invoked his name...
hi!
Its a nice excuse, theres a security issue, ppl try to take him to task, he goes "whoa whoa, Im REACTIVE not PREVENTATIVE"
It's not his job to make sure these are not Geocities quality pages.
The guys paid to make them should have used one of the several "injection and hardening test" softwares available for free.
Originally by: CCP Wrangler
You have my sincere and personal apology and I also apologize on behalf of CCP
Because of people like this, there's still hope for CCP.
Finally, an usability feature that along others I reported in the beta test feedback and got promptly ignored:
1) Use a proper font, or make it selectable.
2) Use alternating colors like in the old forum to make eyes relax better.
Auditing | Research | 3rd Party | Collateral Holding | EvE RL Charity |
|
Chribba
Otherworld Enterprises
Otherworld Empire
|
Posted - 2011.04.10 07:38:00 -
[240]
Hope you get it sorted, until you do I am not sad since I like the old ones way better anyway
But best of luck, and pls see if you can make the new ones be faster...
/c
Secure 3rd party service | my in-game channel 'Holy Veldspar' |
|
|
|
Ban Doga
|
Posted - 2011.04.10 07:41:00 -
[241]
Originally by: Trocent
Originally by: Marconus Orion
Originally by: Trocent
I really wish these whiners were real programmers. They'd know how strange problems arise. Out of all the MMOs I played CCP still does a hell of a lot better than anyone else.
Also to all you whiners, remember that CCP could always make this a carebear game. That'd probably get a few million subscriptions and make a ton more money, but they don't. Feel grateful or leave.
Some of these people complaining are programmers. The same people who pointed out the problems before it went live. CCP just ignored them and shoved it out to the customers so they could say they Delivered.
Then I take it they've programmed a game as advanced as Eve and could single handedly fix the problems in eve. I doubt it. All these people do is whine. CCP released some forums, people exploided them and CCP took it down, would you rather them just keep the forums up?
Regardless of what the whiners say, CCP are doing a pretty good job even when problems arise. Suck it up people.
This was a forum issue, not an ingame issue.
As is many times pointed out: those two things are not done by the same people.
I would not have them keep the compromised forums running.
I want them to release software that has received at least a modicum of testing so that the users won't tear it appart in less than 24 hours.
|
Ban Doga
|
Posted - 2011.04.10 07:57:00 -
[242]
Originally by: Julyan Fox
Maybe if more ppl went to test it things would have been better too. Ppl tend to forget EVE isn't an 11 million subscriber mmo.
You can't transfer the developer's responsibility for delivering a quality product to the users by throwing your product out and telling users "Please test it".
You can ask your users to help but the responsibility stays with the one delivering the product.
And if you really want people to help with finding defects, do it in a way that actually works.
Give people an incentive to spend their time. Give them a reason to really try.
"You get better software" is not really an incentive at all (see above: that's already the developer's responsibility).
Open an empty instance of the new forums, tell people that its contents will be whiped after the "Hack me if you can" phase.
Hide a PLEX (eg in form of a unique code that can be used to get a PLEX in-game) in a forum area that should be inaccesible to players.
Offer a PLEX for the first post as CCP Explorer stating "WE WERE GANKED!", first locked thread, first banned user, first poll, first ...
All this half-assed "Here, you can test the new forums for a week" is only leading to half-assed results which will eventually lead to **** like falling back to your old forums.
|
Bumblefck
Kerensky Initiatives
|
Posted - 2011.04.10 08:10:00 -
[243]
Well done CCP...now, if you'd just listened to us, kept the old forums and not bother with any of that 'like' crap we wouldn't be in this position 
--------------
? |
RaTTuS
BIG
Gentlemen's Agreement
|
Posted - 2011.04.10 08:20:00 -
[244]
while your fixing them can you import these forums into the new ones.
mark the old posts as read only if nothing else
and good luck
--
Join BIG
|
Dark Striped
|
Posted - 2011.04.10 08:27:00 -
[245]
keep the new ones disabled, i like my eyes not bleeding when im trolling. plus they are just a pain to use.
|
mkint
|
Posted - 2011.04.10 08:35:00 -
[246]
Yeah, remember when you guys had this brilliant idea "Hey! We're gonna make a clean break transition rather than gradual! We feel forcing people in to it will make life better!"? Remember when your users said "why don't you overlap the transition so things can go smoother, conversations can transition with less interruption, and more people will choose to use your new forums rather than feel forced into something they aren't excited about"? Remember when your users said "these new forums are not ready to go live"? Remember how you keep ignoring what your customers ask for and you end up looking like jackasses?
|
lisaaa
|
Posted - 2011.04.10 08:43:00 -
[247]
Just let them die CCP. Let them disabled and forget about it, or just say they are scheduled to be fixed right after FW and Lag. :))
|
Darth Vapour
|
Posted - 2011.04.10 08:48:00 -
[248]
As with all of EVE, the shenanigans surrounding the new forums are much more entertaining then the actual forums themselves.
|
Kerfira
Kerfira Corp
|
Posted - 2011.04.10 08:53:00 -
[249]
Edited by: Kerfira on 10/04/2011 08:53:07
Originally by: CCP Sreegs
Just to keep you guys who weren't in the loop aware there will still be a security-related blog about the forum issues Monday or so. Now with BONUS CONTENT!
Sorry, but to me this (and the post after it) smells like CCP are pretending that the ONLY problems with the new forums were the security issues, and are deliberately ignoring all the other usability issues...
If this is the case, then you really, REALLY(!) should take a step back and think a bit about the image you present to your customers.
The new forums were horrible to read, wasted a shedload of bandwidth (especially on mobile devices which is what a lot of people use these days), lacked very basic functionality that the current forums have, and were horribly slow.
In short, they were, and ARE, not ready for live deployment!
As one previous poster in this thread said, compare it with the introduction of the new contracts search... That was also a complete new interface, and I don't think I've seen a single complaint over it.
Why? Because it replaced something BAD with something OK (still not 'good'). With the forums, you're replacing OK with BAD. No wonder people complain...
Originally by: CCP Wrangler
EVE isn't designed to just look like a cold, dark and harsh world, it's designed to be a cold, dark and harsh world.
|
Dalmont Delantee
Gallente
British Legion
|
Posted - 2011.04.10 09:01:00 -
[250]
I feel sorry for skreegs, as the security guy he's getting the brunt of it, it could be that he was never passed the code to check or noone ever thought to ask the security guy about forum security, because its always been secure...
But now he's on it I'm glad :)
Take comfort in knowing that its probably some pimply faced twit, or 40 year old virgin, who gleens everytime mommy offfers to take them to needle point lessons |
|
|
Bomberlocks
Minmatar
CTRL-Q
|
Posted - 2011.04.10 09:09:00 -
[251]
Originally by: Liang Nuren
Edited by: Liang Nuren on 10/04/2011 05:07:26
Originally by: Trocent
Then I take it they've programmed a game as advanced as Eve and could single handedly fix the problems in eve. I doubt it. All these people do is whine. CCP released some forums, people exploided them and CCP took it down, would you rather them just keep the forums up?
Regardless of what the whiners say, CCP are doing a pretty good job even when problems arise. Suck it up people.
For the most part, +1. There are a huge number of armchair developers playing Eve. But I must admit there are also a pretty good number of actually solid developers playing Eve. Apparently one of the bigger problems CCP has for attracting good talent is the fact that they're in Iceland. This comes with all the associated problems - from "its cold" to "its different than home". Being an expat isn't terribly easy.
-Liang
Ed: Formatting.
Paying decent salaries would help a bit, too.
|
Kerfira
Kerfira Corp
|
Posted - 2011.04.10 09:15:00 -
[252]
Edited by: Kerfira on 10/04/2011 09:20:53
Originally by: Bomberlocks
Paying decent salaries would help a bit, too.
This is not a practice followed by gaming companies
It may also explain why so many games are released in very buggy states... The people they can hire at their pay levels are simply not up to the job of delivering quality software.
I've been in the software industry now for 18 years, and I see a clear correlation between pay and quality. The good people KNOW they're good, and they in general don't work for people who won't acknowledge that (ie. pay them what they're worth).
Originally by: CCP Wrangler
EVE isn't designed to just look like a cold, dark and harsh world, it's designed to be a cold, dark and harsh world.
|
mkint
|
Posted - 2011.04.10 09:24:00 -
[253]
Originally by: Kerfira
Edited by: Kerfira on 10/04/2011 08:53:07
Originally by: CCP Sreegs
Just to keep you guys who weren't in the loop aware there will still be a security-related blog about the forum issues Monday or so. Now with BONUS CONTENT!
Sorry, but to me this (and the post after it) smells like CCP are pretending that the ONLY problems with the new forums were the security issues, and are deliberately ignoring all the other usability issues...
If this is the case, then you really, REALLY(!) should take a step back and think a bit about the image you present to your customers.
The new forums were horrible to read, wasted a shedload of bandwidth (especially on mobile devices which is what a lot of people use these days), lacked very basic functionality that the current forums have, and were horribly slow.
In short, they were, and ARE, not ready for live deployment!
As one previous poster in this thread said, compare it with the introduction of the new contracts search... That was also a complete new interface, and I don't think I've seen a single complaint over it.
Why? Because it replaced something BAD with something OK (still not 'good'). With the forums, you're replacing OK with BAD. No wonder people complain...
Also, for the record, I poked my head in to the forums for about 5 minutes, but readability and usability were so bad, I went away right away. Maybe the strategy is to make the forums a crappy product on purpose so people won't use them and new people investigating EVE won't be turned off by any dirty secrets. Gawd I hope not, because that's gonna shoot CCP in the foot right there. CCP, if you put up crappy forums that nobody wants to use, the legitimate non-complaining traffic will drop, meaning a higher proportion of complaints, meaning a worse impression to prospective subscribers. Pull the new forums as not-ready, polish them up to the level where it doesn't look like it's done by some 17 year old in his basement programming for his retired graphic designer uncle. Making the new forums good enough so people prefer them over these old ones and migrate over voluntarily would be good for the whole game (not to mention the bottom line.) With the amount of drama surrounding the development of EVE (that is dev created drama, not player created drama) I definitely do not, and will not recommend this game to my friends, even though I practically live in the game myself.
|
Bumblefck
Kerensky Initiatives
|
Posted - 2011.04.10 09:25:00 -
[254]
Originally by: Kerfira
I see a clear correlation between pay and quality.
And in other news, the sky is blue and EVE lags
--------------
? |
TigerXtrm
APEX ARDENT COALITION
|
Posted - 2011.04.10 09:28:00 -
[255]
I liked the new forums, I don't know what everyone is complaining about when it comes to the layout or bleeding eyes. Do any of you people go to other websites than this one? This forum is stuck in the bloody 1980's... there is absolutely NO useability at all.
CCP I keep trying to defend your new forums because I like them but **** you're making it ****ing difficult here! TEST your ****ing **** before you throw it online! TEST IT!!!
|
Bumblefck
Kerensky Initiatives
|
Posted - 2011.04.10 09:34:00 -
[256]
Originally by: TigerXtrm
I liked the new forums, I don't know what everyone is complaining about when it comes to the layout or bleeding eyes. Do any of you people go to other websites than this one? This forum is stuck in the bloody 1980's... there is absolutely NO useability at all.
CCP I keep trying to defend your new forums because I like them but **** you're making it ****ing difficult here! TEST your ****ing **** before you throw it online! TEST IT!!!
This forum's layout is clean, the text is readable, and it has some basic but functional utility. The new forums lack most of that, but they add a Facebook-esque 'like' system.
Now, go out and ask the EVE playerbase which one they would prefer. I think we both know the answer. I mean, just because the layout and graphics aren't whizz-bang up to date, does that automatically invalidate them?
With that reasoning, you might as well say the wheel is old-fashioned as it was developed millennia ago.
--------------
? |
Grimpak
Gallente
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.10 09:42:00 -
[257]
Originally by: TigerXtrm
I liked the new forums, I don't know what everyone is complaining about when it comes to the layout or bleeding eyes. Do any of you people go to other websites than this one? This forum is stuck in the bloody 1980's... there is absolutely NO useability at all.
CCP I keep trying to defend your new forums because I like them but **** you're making it ****ing difficult here! TEST your ****ing **** before you throw it online! TEST IT!!!
the problem here is not a dislike for the new forums. it's a dislike on how they were pushed with several issues in usability and, more serious, security.
making the new forums work faster and better than the old ones isn't a very daunting task, considering how bad bad the old ones are.
they, however, managed to out-done themselves and released to public a forum that had space management problems, useless time wasters (in terms of loading times), search function still not working, img tags disabled, signatures broken, and readability problems due to some strange combination of fonts, rendering and background colours.
now, those issues, while a pain in the ass, didn't warrant a forum shutdown. while it was bad that they pushed it without fixing these issues that were pointed out in both times the forums went public testing, the fact was that they could be fixed "live" and we would be done with it.
what warranted the forum shutdown was when the (almost) glaring and nearly childish security bugs that started to creep out.
those were the 2x4's that broke the camel's back.
---
Quote:
The more I know about humans, the more I love animals.
ain't that right. |
Jennifer Starling
Imperial Navy Forum Patrol
|
Posted - 2011.04.10 09:52:00 -
[258]
Originally by: TigerXtrm
I liked the new forums, I don't know what everyone is complaining about when it comes to the layout or bleeding eyes. Do any of you people go to other websites than this one? This forum is stuck in the bloody 1980's... there is absolutely NO useability at all.
CCP I keep trying to defend your new forums because I like them but **** you're making it ****ing difficult here! TEST your ****ing **** before you throw it online! TEST IT!!!
Fully agreed. They "test" it but apparently it's CCP's policy not to read any test feedback and do something with it, I've seen it happen far too often. Issues that are mentioned multiple times are systematically being ignored and CCP acts surprised if the same issue proves to be a showstopper.
It's beyond my comprehension.
|
Mystri
|
Posted - 2011.04.10 09:56:00 -
[259]
Originally by: Steve Thomas
Originally by: CCP Sreegs
Edited by: CCP Sreegs on 10/04/2011 03:10:15
Originally by: Marconus Orion
Originally by: Trocent
I really wish these whiners were real programmers. They'd know how strange problems arise. Out of all the MMOs I played CCP still does a hell of a lot better than anyone else.
Also to all you whiners, remember that CCP could always make this a carebear game. That'd probably get a few million subscriptions and make a ton more money, but they don't. Feel grateful or leave.
Some of these people complaining are programmers. The same people who pointed out the problems before it went live. CCP just ignored them and shoved it out to the customers so they could say they Delivered.
If you have any evidence of this I'd welcome you to share it with me. [email protected]
I can save you the time, on this forum thread you have one IT systems developer who works for Kinder*Morgan Pipelines, two Web content developers from CITIgroup and a Network system specialist for The Clydesdale Bank PLC UK.
now how many of them actualy ARE in thoes feilds is a matter of speculation. after all you can say whatever you like in facebook.
Highlighted the bit CCP Sreegs meant... Looks like he is trying to find out why this happened and if the team were informed of the problems before deployment; communication problems?
The developers of the new forum will be under a hell of a lot of pressure right now and rightly so. Their boss should be dragged across the coals for not having proper (complete) testing procedures. If he thinks that he doesn't have the necessary skills to scrutinise the security of finished software, then he needs to get someone on his team that can. But I bet for future deployments, security will be his number one priority (that's if he's not arrogant ).
Mystri |
mkint
|
Posted - 2011.04.10 10:11:00 -
[260]
Originally by: Mystri
Highlighted the bit CCP Sreegs meant... Looks like he is trying to find out why this happened and if the team were informed of the problems before deployment; communication problems?
The developers of the new forum will be under a hell of a lot of pressure right now and rightly so. Their boss should be dragged across the coals for not having proper (complete) testing procedures. If he thinks that he doesn't have the necessary skills to scrutinise the security of finished software, then he needs to get someone on his team that can. But I bet for future deployments, security will be his number one priority (that's if he's not arrogant ).
lol @ using "security" to describe any of CCP's new web stuff. spacebook = security hole. CCP Sreegs, please make the web guys pull spacebook down entirely until they can learn to respect user privacy. Seriously, the fact that the only reason the majority of the players log in to a piece of software is to attempt to preserve their privacy is a PROBLEM (not to mention that the test server spacebook has a tendency to reset privacy settings to "stark-ass naked" unexpectedly.) The CCP web guys are some of the most inept people in the field. Anyone remember the time all you had to do was type in someone's name into spacebook and it would share just about everything short of their login credentials?
|
|
|
Grimpak
Gallente
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.10 10:12:00 -
[261]
Originally by: Better Than You
So basically what you are saying is if we used the new forums, our account details were exposed? Including credit card information?
Yeah ok. Between the anomaly nerf and CCP exposing everyone's account details including credit cards, I quit. This is just unacceptable. Great job CCP. I trusted you and this is how you treat your customers.
Time to spend my money on another game that doesn't expose my information.
not quite.
the security holes themselves didn't go past the forum cookies, that don't store any password information. eveGate and account management themselves were secure since the cookies didn't "transport" from one place to another. At most all you could do was impersonating people in the forums.
now, IF someone less scrupulous posted html code in the 6000-character limited post and/or the 500-character limited signature to inject malicious code or any kind of malware, now there's a good chance that you could get your own computer's security compromised.
so yes, the main security hole wasn't the cookies, but the fact that the forums didn't sanitize html code.
better safe than sorry tho, so I changed passwords.
---
Quote:
The more I know about humans, the more I love animals.
ain't that right. |
Danastar
|
Posted - 2011.04.10 10:14:00 -
[262]
Can't wait to see "Vote for the best game of the year - EVE" again....
|
Jennifer Starling
Imperial Navy Forum Patrol
|
Posted - 2011.04.10 10:16:00 -
[263]
Originally by: Marconus Orion
Some of these people complaining are programmers. The same people who pointed out the problems before it went live. CCP just ignored them and shoved it out to the customers so they could say they Delivered.
Yes exactly what's the problem with CCP in general and why people often have the feeling that they're playing beta content all the time ^^
|
BackStreet Babe
|
Posted - 2011.04.10 10:21:00 -
[264]
Originally by: CCP Sreegs
Originally by: Titus Phook
Well if he passed the new forum as fit for use, and lets face it he's the security guy and it was a security issue, he's probably busy trying to get the egg off his face.
My job is response, not reviewing every single line of code that gets written.
dosnt look like anyone had the job of reviewing the code in the new forums. fail is fail is ccp
|
Y Berion
Minmatar
|
Posted - 2011.04.10 10:23:00 -
[265]
Good news! Now please don't bring them back online, ever.
|
Darth Vapour
|
Posted - 2011.04.10 10:34:00 -
[266]
Maybe CCP management should just cut their losses and admit EVE-Gate will not be the big social media thing that whoever thought of it predicted it would be. Except for a way to check EVE game content (mails) on your iPhone no one uses it and trying to move stuff that is actually used like forums to it has produced this spectacular fiasco.
|
Ban Doga
|
Posted - 2011.04.10 10:36:00 -
[267]
Originally by: BackStreet Babe
Originally by: CCP Sreegs
Originally by: Titus Phook
Well if he passed the new forum as fit for use, and lets face it he's the security guy and it was a security issue, he's probably busy trying to get the egg off his face.
My job is response, not reviewing every single line of code that gets written.
dosnt look like anyone had the job of reviewing the code in the new forums. fail is fail is ccp
Looks like there isn't even someone to review the security concept.
"... and then the server uses the character ID provided by the client to add the posting ..." should make someone fall out of their chair even without looking at any code at all.
Same with "... if a thread is locked the client will not show buttons to "like" postings, that'll suffice".
People are really fast to argue on the code level ("I don't review code", "It's just x lines of code", ...) when most of the problems are really on the conceptual level.
IMO that suggest people are still struggling to get the code to do what they want and cannot even start to think about whether their concept makes sense (or not).
|
TamiyaCowboy
Caldari
KRAKEN FLEET
|
Posted - 2011.04.10 10:39:00 -
[268]
Edited by: TamiyaCowboy on 10/04/2011 10:40:05
This added Forum/evegate thing does not affect me.
I DONT USE EVE GATE !!!
Never wanted it either !!
CCP NAVIGATOR can we just keep the old forums, like the old mission storylines ingame, very outdated but does the job ( nearly)
i am so glad i don't use that evegate stuffz
|
Grimpak
Gallente
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.10 10:55:00 -
[269]
Edited by: Grimpak on 10/04/2011 10:56:16
Originally by: Bomberlocks
The problem is that an injected keylogger could conceivably get hold of your forum username and password. I am NOT sure that this would work (js posting to another domain), but IF it was, the obvious problem is that the username and password for the forums and account management are the same and that this could lead to theft of your account and abuse of your credit card in certain cases.
I think you should draw your own conclusions, but personally I prefer to be safe rather than sorry.
that's what I'm trying to say.
the cookie-derp thing, by itself, was not an issue that affected anything besides the forums, since the guy that did it, said that the cookies didn't store any password info. the HTML code security hole tho, that's what could make things go south very fast.
anyways password changes, better safe than sorry and all that.
here's an extra
---
Quote:
The more I know about humans, the more I love animals.
ain't that right. |
dexington
Caldari
Baconoration
|
Posted - 2011.04.10 10:59:00 -
[270]
Originally by: Bomberlocks
The problem is that an injected keylogger could conceivably get hold of your forum username and password.
Not going to happen without the user downloading and installing the program, you can¦t just inject a running keylogger using html. Unless the attack is exploiting over security hole in the browser, it would be much the same as linking url to malware on this forum.
|
|
|
Grimpak
Gallente
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.10 11:04:00 -
[271]
Edited by: Grimpak on 10/04/2011 11:04:51
Originally by: dexington
Originally by: Bomberlocks
The problem is that an injected keylogger could conceivably get hold of your forum username and password.
Not going to happen without the user downloading and installing the program, you can¦t just inject a running keylogger using html. Unless the attack is exploiting over security hole in the browser, it would be much the same as linking url to malware on this forum.
Quote:
The new EVE forums need a special plugin to read them. Install? <yes> <no>.
I think this type of attack is conceivable with the html vulnerabilities that existed on the forum.
---
Quote:
The more I know about humans, the more I love animals.
ain't that right. |
dexington
Caldari
Baconoration
|
Posted - 2011.04.10 11:18:00 -
[272]
Edited by: dexington on 10/04/2011 11:19:45
Originally by: Grimpak
Quote:
The new EVE forums need a special plugin to read them. Install? <yes> <no>.
I think this type of attack is conceivable with the html vulnerabilities that existed on the forum.
Even if this is possible you would still need to download the software from another server, and run it yourself. Their would be not automated installation and execution of the keylogger.
|
Kerfira
Kerfira Corp
|
Posted - 2011.04.10 11:23:00 -
[273]
Edited by: Kerfira on 10/04/2011 11:25:22
Originally by: dexington
Even if this is possible you would still need to download the software from another server, and run it yourself. Their would be not automated installation and execution of the keylogger.
Given the average internet knowledge of people, how many would press 'Yes' to the 'Request to Install EVE Forum Search plugin' popup?
That the security holes even allowed something like that to BE there would be enough to seriously compromise a lot of peoples accounts...
...and them of course there are all the usability problems on top...
Originally by: CCP Wrangler
EVE isn't designed to just look like a cold, dark and harsh world, it's designed to be a cold, dark and harsh world.
|
simocast
Minmatar
Razorback Industrial
|
Posted - 2011.04.10 11:26:00 -
[274]
Keep these old forums... I mean having a "like" feature and the fact the forums are annoying to read is a deal breaker.
|
Calathea Sata
State War Academy
|
Posted - 2011.04.10 11:30:00 -
[275]
I too along with many others (in fact MOST of the forum users) would like to keep the old forums.
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.10 11:41:00 -
[276]
Originally by: Spyke BlackIce
I usually keep my arse out of whine-fests, troll parades, and general rock throwing, but this fiasco warrants grabbing my pitchfork and joining the mob if only because of the fact that after the two test runs of the new forums, they were released not only with HUGE, wide-open security problems, but little if any of the testers' feedback was heeded. I took part in the first test run (unfortunately I couldn't find enough time due to RL issues to help with the second) but when the forums opened, I could only find a miniscule few examples of the user feedback actually being used. Why bother with tests CCP, if our input is thrown out and disregarded along with the garbage?
It is becoming obvious that someone in upper management doesn't have a clue. They want their new toys - the way it was designed, regardless of flaws and lack of features - out the door and to hell with what the customer wants, needs, envisions, or finds lacking, and worse, to hell with the silly 'polished' idea. "Get it out so that we can move onto the next new toy and we'll finish fixing it later (maybe)", seems to be this person's (or persons') motto.
I actually have a lot of respect for most of the dev teams at CCP, and I applaud their apology and acknowledgement of the problem here as well as their dropping back and punting the old forums into service again. Many companies (no *cough* *S.O.E* *cough* names here) would have taken the stoic, we-know-best-and-you-couldn't-grasp-the-issues route by simply reopening the old forums with a message along the lines of "Due to technical issues, we will be using the old forums until further notice." and that would be that. I'm not implying that the web team should not be tarred-and-feathered for this MAJOR coding ineptitude they called a forum, but I seriously believe the issue began and ended in the top echelon of management. Something this bad quite frankly should not have happened, not even in the devs' worse nightmares. The issue HAD to be a time/deadline/personnel squeeze. Plain and simple.
Quoted it all because it bears repeating several times over.
CCP needs to change its company leadership mindset.
The notion that "new features sell, polished content doesn't" will be the doom of EVE if it persists much longer.
_
Make ISK||Build||React||1k papercuts
_
|
Bomberlocks
Minmatar
CTRL-Q
|
Posted - 2011.04.10 11:49:00 -
[277]
Originally by: dexington
Originally by: Bomberlocks
The problem is that an injected keylogger could conceivably get hold of your forum username and password.
Not going to happen without the user downloading and installing the program, you can¦t just inject a running keylogger using html. Unless the attack is exploiting over security hole in the browser, it would be much the same as linking url to malware on this forum.
You don't need to download any software since the keylogger is done in javascript. The problem is posting that info to another domain which the security model normally will not allow. However, there are ways around this, using either flash raw sockets, cookies or iframes (or perhaps other methods that I don't know about as I haven't coded any js in the last two years). You could conceivably redirect the entire page to another site after the user has entered his credentials and then send it back.
All this depends on a number of things I'm not up to speed on, but when I did used to code for banks some years ago, I was up to speed on things like this and my code would have to be pretty thoroughly reviewed before being implemented.
|
William Henry McGregor
|
Posted - 2011.04.10 11:55:00 -
[278]
Originally by: Ban Doga
Looks like there isn't even someone to review the security concept.
"... and then the server uses the character ID provided by the client to add the posting ..." should make someone fall out of their chair even without looking at any code at all.
Same with "... if a thread is locked the client will not show buttons to "like" postings, that'll suffice".
People are really fast to argue on the code level ("I don't review code", "It's just x lines of code", ...) when most of the problems are really on the conceptual level.
IMO that suggest people are still struggling to get the code to do what they want and cannot even start to think about whether their concept makes sense (or not).
The new forum was "Broken by Design"(c)(TM) - same as this SpaceBook thingy.
CCP better moves from "new and shiny" "hype" to quality - but excellence is where they failed!
|
dexington
Caldari
Baconoration
|
Posted - 2011.04.10 11:58:00 -
[279]
Originally by: Kerfira
Given the average internet knowledge of people, how many would press 'Yes' to the 'Request to Install EVE Forum Search plugin' popup?
That the security holes even allowed something like that to BE there would be enough to seriously compromise a lot of peoples accounts...
Probably not as many as you think, everyone is so paranoid over getting hacked that a lot of people in fact do double check unexpected install options. Within the first 5 people seeing the popup, i'm sure at least one of them would notice something is wrong. After that the window of opportunity is more or less closed, as people would start to warn about something not being right.
It is problem that you could inject html into the page, and it does open up for some types of attack chains. On the other hand it's not something that is easily exploited to gain full system access, it's a ncommon type of security flaw and it is considered a minor one.
|
Grimpak
Gallente
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.10 12:02:00 -
[280]
Originally by: dexington
Originally by: Kerfira
Given the average internet knowledge of people, how many would press 'Yes' to the 'Request to Install EVE Forum Search plugin' popup?
That the security holes even allowed something like that to BE there would be enough to seriously compromise a lot of peoples accounts...
Probably not as many as you think, everyone is so paranoid over getting hacked that a lot of people in fact do double check unexpected install options. Within the first 5 people seeing the popup, i'm sure at least one of them would notice something is wrong. After that the window of opportunity is more or less closed, as people would start to warn about something not being right.
It is problem that you could inject html into the page, and it does open up for some types of attack chains. On the other hand it's not something that is easily exploited to gain full system access, it's a ncommon type of security flaw and it is considered a minor one.
risk is still there tho, and that tickles many people's paranoia nerve, as well as scares people away.
---
Quote:
The more I know about humans, the more I love animals.
ain't that right. |
|
|
dexington
Caldari
Baconoration
|
Posted - 2011.04.10 12:10:00 -
[281]
Originally by: Bomberlocks
You don't need to download any software since the keylogger is done in javascript.
Was anyone able to inject js code?, i didn't see anything working except html.
|
Vaerah Vahrokha
Minmatar
Vahrokh Consulting
|
Posted - 2011.04.10 12:15:00 -
[282]
Quote:
So basically what you are saying is if we used the new forums, our account details were exposed? Including credit card information?
Yeah ok. Between the anomaly nerf and CCP exposing everyone's account details including credit cards, I quit. This is just unacceptable. Great job CCP. I trusted you and this is how you treat your customers.
Time to spend my money on another game that doesn't expose my information.
No, it's much worse.
I was just wondering why Avira kept telling me that I was to download an infected page....
Now, if you got a troyan, you can stop playing EvE TODAY and still all your future credit card and log in information of everything you do, are being sent to some pirate site for their perusal.
You will thank CCP and the web "masters" they used to (fail to) copy the open source forum they used, for your money losses and for that maybe sue them.
Auditing | Research | 3rd Party | Collateral Holding | EvE RL Charity |
Kerfira
Kerfira Corp
|
Posted - 2011.04.10 12:16:00 -
[283]
Originally by: dexington
Probably not as many as you think, everyone is so paranoid over getting hacked that a lot of people in fact do double check unexpected install options. Within the first 5 people seeing the popup, i'm sure at least one of them would notice something is wrong. After that the window of opportunity is more or less closed, as people would start to warn about something not being right.
The average internet user is PERFECTLY able to ignore warnings
Also bear in mind that most people are actually not really complaining about the missing security... but about the general usability of the new forums...
Quite frankly... They sucked!
Originally by: CCP Wrangler
EVE isn't designed to just look like a cold, dark and harsh world, it's designed to be a cold, dark and harsh world.
|
Bomberlocks
Minmatar
CTRL-Q
|
Posted - 2011.04.10 12:22:00 -
[284]
Originally by: dexington
Originally by: Bomberlocks
You don't need to download any software since the keylogger is done in javascript.
Was anyone able to inject js code?, i didn't see anything working except html.
How do you think the html was injected?
|
|
CCP Navigator
C C P
C C P Alliance
|
Posted - 2011.04.10 12:23:00 -
[285]
Thread has been cleaned up a little.
I wanted to quickly address one or two concerns, specifically over personal information and logins. At no stage were other players able to access your login, passwords, payment details or real life information.
CCP Sreegs has already stated that he is writing a blog on this subject and this is one of the things he will cover.
Navigator
Lead Community Representative
CCP Hf, EVE Online
|
|
dexington
Caldari
Baconoration
|
Posted - 2011.04.10 12:37:00 -
[286]
Originally by: Bomberlocks
Originally by: dexington
Originally by: Bomberlocks
You don't need to download any software since the keylogger is done in javascript.
Was anyone able to inject js code?, i didn't see anything working except html.
How do you think the html was injected?
You make it sound like js was used to inject html, how do you inject js when you can't inject html?
|
Turix
Interstellar eXodus
BricK sQuAD.
|
Posted - 2011.04.10 12:38:00 -
[287]
Originally by: CCP Navigator
Thread has been cleaned up a little.
I wanted to quickly address one or two concerns, specifically over personal information and logins. At no stage were other players able to access your login, passwords, payment details or real life information.
CCP Sreegs has already stated that he is writing a blog on this subject and this is one of the things he will cover.
This doesn't appear to be the issue most people are concerned about. There appears to be much more concern over the design style and decisions made when implementing the new forums; consensus seems to be that people simply don't like them (See the threads in General Discussion/Assembly Hall).
__________________________
|
Mag's
the united
Negative Ten.
|
Posted - 2011.04.10 12:42:00 -
[288]
Originally by: CCP Navigator
Thread has been cleaned up a little.
I wanted to quickly address one or two concerns, specifically over personal information and logins. At no stage were other players able to access your login, passwords, payment details or real life information.
CCP Sreegs has already stated that he is writing a blog on this subject and this is one of the things he will cover.
You've missed the point, again.
Your massive forum fu failure allowed for bad script injection. Sure the chance of anyone gaining any info was small, but there was still a chance.
Originally by: Allestin Villimar
Also, if your bookmarks are too far out, they can and will ban you for it.
Originally by: Torothanax
Low population in w systems makes afk cloaking unattractive. |
Bomberlocks
Minmatar
CTRL-Q
|
Posted - 2011.04.10 12:43:00 -
[289]
Originally by: CCP Navigator
Thread has been cleaned up a little.
I wanted to quickly address one or two concerns, specifically over personal information and logins. At no stage were other players able to access your login, passwords, payment details or real life information.
CCP Sreegs has already stated that he is writing a blog on this subject and this is one of the things he will cover.
I would like to post a few pertinent facts:
- The person who was banned petitioned the vulnerability to CCP. It was not acted upon.
- Said person then proceeded to demonstrate that vulnerability after discussing it on the now-defunct SHC forums.
- Said person was banned for impersonating someone who was not himself.
- The forums were taken down.
- The forums were brought back up and CCP Fallout asserted that the vulnerabilities had been patched and "We would like to reiterate that your personal details and billing information have not been compromised, and that your eve online account was not at risk".
- The banned person then proceed to post, as himself, inspite of him being banned, in reply to CCP Fallout's assertion, thereby proving Fallout's assertion to be false.
- The forums were then taken down again.
- The forums brought back up a while later.
- Later on, I presume after having discovered that the forums were still vulnerable, they were taken down again.
- The old forums were brought back up.
- Discussions involving said banned person are closed with further threats of banning, ignoring the fact that the story has already been widely spread, on other forums, Facebook, twitter and probably the media as well (slashdot for example).
- You now claim, again, that customer data was never at risk.
In light of that information, how do you expect us to believe your current assertion without a transparent and open discussion of the vulnerability? The banned person can easily post his version any else he chooses, and given his disproving of CCP's earlier assertions, I presume that the benefit of the doubt will go to him.
The ball, I think, is in your court.
|
Phocas Lebournes
Northbridge Services Group
|
Posted - 2011.04.10 12:46:00 -
[290]
Originally by: CCP Navigator
Thread has been cleaned up a little.
I wanted to quickly address one or two concerns, specifically over personal information and logins. At no stage were other players able to access your login, passwords, payment details or real life information.
CCP Sreegs has already stated that he is writing a blog on this subject and this is one of the things he will cover.
Thank you for making this clear. So no need to change the passwords if someone used the new forums, right?
|
|
|
Ban Doga
|
Posted - 2011.04.10 12:53:00 -
[291]
Originally by: CCP Navigator
Thread has been cleaned up a little.
I wanted to quickly address one or two concerns, specifically over personal information and logins. At no stage were other players able to access your login, passwords, payment details or real life information.
CCP Sreegs has already stated that he is writing a blog on this subject and this is one of the things he will cover.
Are you sure?
Scratch that, you were probably sure the new forums were ready to be rolled out too.
Are you saying at no time someone was able to access my personal information stored on CCP's systems?
Or are you saying no one injected a keylogger/trojan/malware executing/downloading/installing signature that could access information on the forum users' system(s)?
|
|
CCP Navigator
C C P
C C P Alliance
|
Posted - 2011.04.10 12:53:00 -
[292]
Originally by: Phocas Lebournes
Originally by: CCP Navigator
Thread has been cleaned up a little.
I wanted to quickly address one or two concerns, specifically over personal information and logins. At no stage were other players able to access your login, passwords, payment details or real life information.
CCP Sreegs has already stated that he is writing a blog on this subject and this is one of the things he will cover.
Thank you for making this clear. So no need to change the passwords if someone used the new forums, right?
That is right. Your login and password would not have been compromised.
It should also be noted though that it is just good practice to change your passwords regularly
Navigator
Lead Community Representative
CCP Hf, EVE Online
|
|
Phocas Lebournes
Northbridge Services Group
|
Posted - 2011.04.10 12:57:00 -
[293]
Originally by: CCP Navigator
Originally by: Phocas Lebournes
Originally by: CCP Navigator
Thread has been cleaned up a little.
I wanted to quickly address one or two concerns, specifically over personal information and logins. At no stage were other players able to access your login, passwords, payment details or real life information.
CCP Sreegs has already stated that he is writing a blog on this subject and this is one of the things he will cover.
Thank you for making this clear. So no need to change the passwords if someone used the new forums, right?
That is right. Your login and password would not have been compromised.
It should also be noted though that it is just good practice to change your passwords regularly
Cheers, in that case I am a happy chappy again. :)
|
Bomberlocks
Minmatar
CTRL-Q
|
Posted - 2011.04.10 12:57:00 -
[294]
Originally by: CCP Navigator
Originally by: Phocas Lebournes
Originally by: CCP Navigator
Thread has been cleaned up a little.
I wanted to quickly address one or two concerns, specifically over personal information and logins. At no stage were other players able to access your login, passwords, payment details or real life information.
CCP Sreegs has already stated that he is writing a blog on this subject and this is one of the things he will cover.
Thank you for making this clear. So no need to change the passwords if someone used the new forums, right?
That is right. Your login and password would not have been compromised.
It should also be noted though that it is just good practice to change your passwords regularly
I'm sorry, I don't believe you. There was a sample exploit on another forum showing exactly how easy it would be to inject a keylogger. However, as you will obviously ban any discussion of that exploit, it is impossible to discuss it here and you leave it to people with less than honourable intentions to discuss it elsewhere.
|
Mag's
the united
Negative Ten.
|
Posted - 2011.04.10 13:08:00 -
[295]
Originally by: CCP Navigator
Originally by: Phocas Lebournes
Thank you for making this clear. So no need to change the passwords if someone used the new forums, right?
That is right. Your login and password would not have been compromised.
It should also be noted though that it is just good practice to change your passwords regularly
If you're as confident about this as you were about the new forums, everything should be fine yea?
Originally by: Allestin Villimar
Also, if your bookmarks are too far out, they can and will ban you for it.
Originally by: Torothanax
Low population in w systems makes afk cloaking unattractive. |
Ellen Woods
|
Posted - 2011.04.10 13:10:00 -
[296]
Please, keep the new forum offline forever. The new forum is pain to read, oversized portraits, bad layout... This old forum is much smoother and comfortable to read, and imo it matters.
|
Calathea Sata
State War Academy
|
Posted - 2011.04.10 13:18:00 -
[297]
Originally by: Ellen Woods
Please, keep the new forum offline forever. The new forum is pain to read, oversized portraits, bad layout... This old forum is much smoother and comfortable to read, and imo it matters.
Agreed. Now that I have tried both of them I can honestly say I will be much more happier with the old forums because of all the reasons people have stated. Also the two minute timer does a good job of keeping the posts more intellectual and free from redundant jubberish. Also Verdana > Arial. Keep the old forums pls.
|
|
CCP Sreegs
|
Posted - 2011.04.10 13:24:00 -
[298]
Originally by: Steve Thomas
Originally by: CCP Sreegs
Edited by: CCP Sreegs on 10/04/2011 03:10:15
Originally by: Marconus Orion
Originally by: Trocent
I really wish these whiners were real programmers. They'd know how strange problems arise. Out of all the MMOs I played CCP still does a hell of a lot better than anyone else.
Also to all you whiners, remember that CCP could always make this a carebear game. That'd probably get a few million subscriptions and make a ton more money, but they don't. Feel grateful or leave.
Some of these people complaining are programmers. The same people who pointed out the problems before it went live. CCP just ignored them and shoved it out to the customers so they could say they Delivered.
If you have any evidence of this I'd welcome you to share it with me. [email protected]
I can save you the time, on this forum thread you have one IT systems developer who works for Kinder*Morgan Pipelines, two Web content developers from CITIgroup and a Network system specialist for The Clydesdale Bank PLC UK.
now how many of them actualy ARE in thoes feilds is a matter of speculation. after all you can say whatever you like in facebook.
I'm sure a lot of people work for a lot of good companies. What I was stating was that if anyone has an actual evidence of the malfeasance that was suggested they're welcome to email it to me. |
|
Darth Vapour
|
Posted - 2011.04.10 13:26:00 -
[299]
Originally by: CCP Sreegs
I'm sure a lot of people work for a lot of good companies. What I was stating was that if anyone has an actual evidence of the malfeasance that was suggested they're welcome to email it to me.
Those responsible are working in the same building as you are.
|
|
CCP Sreegs
|
Posted - 2011.04.10 13:26:00 -
[300]
Originally by: Kerfira
Edited by: Kerfira on 10/04/2011 08:53:07
Originally by: CCP Sreegs
Just to keep you guys who weren't in the loop aware there will still be a security-related blog about the forum issues Monday or so. Now with BONUS CONTENT!
Sorry, but to me this (and the post after it) smells like CCP are pretending that the ONLY problems with the new forums were the security issues, and are deliberately ignoring all the other usability issues...
If this is the case, then you really, REALLY(!) should take a step back and think a bit about the image you present to your customers.
The new forums were horrible to read, wasted a shedload of bandwidth (especially on mobile devices which is what a lot of people use these days), lacked very basic functionality that the current forums have, and were horribly slow.
In short, they were, and ARE, not ready for live deployment!
As one previous poster in this thread said, compare it with the introduction of the new contracts search... That was also a complete new interface, and I don't think I've seen a single complaint over it.
Why? Because it replaced something BAD with something OK (still not 'good'). With the forums, you're replacing OK with BAD. No wonder people complain...
My job is security therefore that's what I blog about. The reason we shut down the forums was security related. |
|
|
|
Grimpak
Gallente
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.10 13:29:00 -
[301]
Originally by: Bomberlocks
I'm sorry, I don't believe you. There was a sample exploit on another forum showing exactly how easy it would be to inject a keylogger. However, as you will obviously ban any discussion of that exploit, it is impossible to discuss it here and you leave it to people with less than honourable intentions to discuss it elsewhere.
in all honesty the chance was still slim. not impossible but the likelihood of it happening was small since that, altho there was some time wasted, they acted within a couple of hours.
granted it's still a couple of hours and any semi-competent scripter can code anything in that time, but as far as one can see, nothing happened yet.
also, as far as one knows, the major security breach was only code related. the cookie derp, as stated, didn't go beyond forums.
it was still a very serious security breach however, and precautions are still welcome.
---
Quote:
The more I know about humans, the more I love animals.
ain't that right. |
Grey Stormshadow
Starwreck Industries
|
Posted - 2011.04.10 13:30:00 -
[302]
This entire mess is something what really didn't even need to happen... but as it did and the general plan will most likely be implemented we like it or not - at least give it enough time now and do it properly on 2nd try.
Further details here as I don't wanna repost the reasoning.
-------------------------------------------------
Play with the best - die like the rest
starwreck.com - support the cause :) |
|
CCP Sreegs
|
Posted - 2011.04.10 13:31:00 -
[303]
Originally by: Bomberlocks
Originally by: CCP Navigator
Thread has been cleaned up a little.
I wanted to quickly address one or two concerns, specifically over personal information and logins. At no stage were other players able to access your login, passwords, payment details or real life information.
CCP Sreegs has already stated that he is writing a blog on this subject and this is one of the things he will cover.
I would like to post a few pertinent facts:
- The person who was banned petitioned the vulnerability to CCP. It was not acted upon.
- Said person then proceeded to demonstrate that vulnerability after discussing it on the now-defunct SHC forums.
- Said person was banned for impersonating someone who was not himself.
- The forums were taken down.
- The forums were brought back up and CCP Fallout asserted that the vulnerabilities had been patched and "We would like to reiterate that your personal details and billing information have not been compromised, and that your eve online account was not at risk".
- The banned person then proceed to post, as himself, inspite of him being banned, in reply to CCP Fallout's assertion, thereby proving Fallout's assertion to be false.
- The forums were then taken down again.
- The forums brought back up a while later.
- Later on, I presume after having discovered that the forums were still vulnerable, they were taken down again.
- The old forums were brought back up.
- Discussions involving said banned person are closed with further threats of banning, ignoring the fact that the story has already been widely spread, on other forums, Facebook, twitter and probably the media as well (slashdot for example).
- You now claim, again, that customer data was never at risk.
In light of that information, how do you expect us to believe your current assertion without a transparent and open discussion of the vulnerability? The banned person can easily post his version any else he chooses, and given his disproving of CCP's earlier assertions, I presume that the benefit of the doubt will go to him.
The ball, I think, is in your court.
We don't discuss administrative actions. At all. Ever. No matter how many times you ask, demand or otherwise say the same thing over and over and over again. Our policy is simply that we don't, and to be fair you only have access to enough information to speculate.
I'm not claiming. I'm stating outright that customer data was never at risk. We've also said there will be a blog which will detail what occurred and what was wrong. |
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.10 13:32:00 -
[304]
Originally by: CCP Sreegs
My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
That aside, which version are you more comfortable using personally, this one or the "new" one ? 
And why ?
_
Make ISK||Build||React||1k papercuts
_
|
Calathea Sata
State War Academy
|
Posted - 2011.04.10 13:51:00 -
[305]
Originally by: Akita T
Originally by: CCP Sreegs
My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
That aside, which version are you more comfortable using personally, this one or the "new" one ?
And why ?
"I like the old one more, obviously, but I cannot say it because you guys will start taking my words as 'CCP's' and use it againt my company, and that will get me fired!"
|
Turix
Interstellar eXodus
BricK sQuAD.
|
Posted - 2011.04.10 13:53:00 -
[306]
Originally by: CCP Sreegs
My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
Well do you mind poking the people responsible for the other issues that players are identifying to communicate with us please?
__________________________
|
Di Mulle
|
Posted - 2011.04.10 13:54:00 -
[307]
Originally by: Turix
Originally by: CCP Navigator
Thread has been cleaned up a little.
I wanted to quickly address one or two concerns, specifically over personal information and logins. At no stage were other players able to access your login, passwords, payment details or real life information.
CCP Sreegs has already stated that he is writing a blog on this subject and this is one of the things he will cover.
This doesn't appear to be the issue most people are concerned about. There appears to be much more concern over the design style and decisions made when implementing the new forums; consensus seems to be that people simply don't like them (See the threads in General Discussion/Assembly Hall).
Though I really disliked new forums design decisions as well, let's be honest - there were lots of people who supported them. We have every right to despise their taste, do we have a right to force our taste over them ?
This controversy can be solved, however. Software in general and web applications in particular has a special blessing, they can be made configurable to a big extent, thus allowing user to choose what he wants. Almost any widely used forum software has lots of built-in opportunities for configuration.
Now, what new forums had? There were only a few configuration options, more exactly - only 3 options.
Guess what - none of them were working at all.
For me it is a glaring evidence that ability for a user to choose what he wants was a last priority for a forum team.
It is this mindset that scares me most of all. One may say, the team concentrated on things that are of an even bigger importance - stability and security. Well, now we all know what they achieved
That leaves us a sad conclusion, already voiced many times. The main task of a forum team was a dumb marketing in its' most stinking form. To promote a useless and dieing Spacebook and chestbeat even more about the character portraits.
Make no mistake please, I think new portrait generator is a great thing and CCP has every right to be proud of it. But apparently they start to think it is a main core of the game... ?????
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 13:55:00 -
[308]
You all got what you wanted, the old fourms back, why are you all still whining?
 |
Calathea Sata
State War Academy
|
Posted - 2011.04.10 13:56:00 -
[309]
Originally by: Miilla
You all got what you wanted, the old fourms back, why are you all still whining?
CCP is killing EVE
|
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.10 13:57:00 -
[310]
Edited by: Tippia on 10/04/2011 13:57:23
Originally by: Miilla
You all got what you wanted, the old fourms back, why are you all still whining?
Because it won't last, and because we actually do want a new forum ł just a new forum that is also better than the old one.
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
|
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 13:58:00 -
[311]
Originally by: Tippia
Edited by: Tippia on 10/04/2011 13:57:23
Originally by: Miilla
You all got what you wanted, the old fourms back, why are you all still whining?
Because it won't last, and because we actually do want a new forum ł just a new forum that is also better than the old one.
So go make your own style sheet.
|
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.10 14:02:00 -
[312]
Originally by: Miilla
So go make your own style sheet.
That only solves (some of) the design issues ł the functionality is still gone.
Design-wise, I could probably live with the way the forums looked with my CSS. Feature-wise, it made little difference and didn't improve on what the forums offered.
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 14:02:00 -
[313]
Originally by: Tippia
Originally by: Miilla
So go make your own style sheet.
That only solves (some of) the design issues ł the functionality is still gone.
Design-wise, I could probably live with the way the forums looked with my CSS. Feature-wise, it made little difference and didn't improve on what the forums offered.
Like button withdrawals?
|
SillyWaif
Galactic Kingdom
|
Posted - 2011.04.10 14:04:00 -
[314]
Originally by: Calathea Sata
I too along with many others (in fact MOST of the forum users) would like to keep the old forums.
Can we make this, using the old forums, permanent?
Pretty please with sugar on top?!
Note: the fonts of the new forums give an headache, seriously.
Now i am forced to either change the css with 'Stylish' or strip the
html with 'Web Developer' plugin
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 14:04:00 -
[315]
So, since we now found somebody to blame for the forums, who do we blame now for Windows Millenium?
|
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.10 14:05:00 -
[316]
Originally by: Miilla
Like button withdrawals?
Ok, correction: I could improve on the feature offering by removing the whole like system with CSS.
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
Ban Doga
|
Posted - 2011.04.10 14:08:00 -
[317]
Originally by: Miilla
You all got what you wanted, the old fourms back, why are you all still whining?
Are you one of those people who are totally happy when someone steals their car and brings it back later "because you got it back now so everything is okay again"?
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 14:08:00 -
[318]
Originally by: Ban Doga
Originally by: Miilla
You all got what you wanted, the old fourms back, why are you all still whining?
Are you one of those people who are totally happy when someone steals their car and brings it back later "because you got it back now so everything is okay again"?
Shouldn't your anology involve space ships?
|
Ban Doga
|
Posted - 2011.04.10 14:10:00 -
[319]
Originally by: Miilla
Originally by: Ban Doga
Originally by: Miilla
You all got what you wanted, the old fourms back, why are you all still whining?
Are you one of those people who are totally happy when someone steals their car and brings it back later "because you got it back now so everything is okay again"?
Shouldn't your anology involve space ships?
Are you one of those people who are totally happy when someone steals their car spaceship and brings it back later "because you got it back now so everything is okay again"?
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 14:11:00 -
[320]
Originally by: Ban Doga
Originally by: Miilla
Originally by: Ban Doga
Originally by: Miilla
You all got what you wanted, the old fourms back, why are you all still whining?
Are you one of those people who are totally happy when someone steals their car and brings it back later "because you got it back now so everything is okay again"?
Shouldn't your anology involve space ships?
Are you one of those people who are totally happy when someone steals their car spaceship and brings it back later "because you got it back now so everything is okay again"?
No because I have a Keanu Reeves anti ship alarm fitted. I simply press a button and every ship around me exploads except my own. Makes it easier to locate in the station mall parking area.
|
|
|
Ban Doga
|
Posted - 2011.04.10 14:22:00 -
[321]
Originally by: Miilla
Originally by: Ban Doga
Originally by: Miilla
Originally by: Ban Doga
Are you one of those people who are totally happy when someone steals their car and brings it back later "because you got it back now so everything is okay again"?
Shouldn't your anology involve space ships?
Are you one of those people who are totally happy when someone steals their car spaceship and brings it back later "because you got it back now so everything is okay again"?
No because I have a Keanu Reeves anti ship alarm fitted. I simply press a button and every ship around me exploads except my own. Makes it easier to locate in the station mall parking area.
Shouldn't your analogy not involve Keanu Reeves?
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.10 14:29:00 -
[322]
Originally by: Calathea Sata
Originally by: Akita T
Originally by: CCP Sreegs
My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
That aside, which version are you more comfortable using personally, this one or the "new" one ?
And why ?
"I like the old one more, obviously, but I cannot say it because you guys will start taking my words as 'CCP's' and use it againt my company, and that will get me fired!"
Well, duh
_
CCP LEADERSHIP MENTALITY NEEDS TO CHANGE FAST !
"New junky features sell, old polished content doesn't" ? KILL IT WITH FIRE. |
LtCol Laurentius
Zor Industries
|
Posted - 2011.04.10 14:37:00 -
[323]
Originally by: CCP Sreegs
We don't discuss administrative actions. At all. Ever. No matter how many times you ask, demand or otherwise say the same thing over and over and over again. Our policy is simply that we don't, and to be fair you only have access to enough information to speculate.
I'm not claiming. I'm stating outright that customer data was never at risk. We've also said there will be a blog which will detail what occurred and what was wrong.
It doesnt matter. The public image you have created is that you **** over the whistleblower, while claiming everything is allright. And unless you start to take the community i bit more seriosly, that public imagew is going to stick, no matter what your policies are.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 14:42:00 -
[324]
Originally by: LtCol Laurentius
Originally by: CCP Sreegs
We don't discuss administrative actions. At all. Ever. No matter how many times you ask, demand or otherwise say the same thing over and over and over again. Our policy is simply that we don't, and to be fair you only have access to enough information to speculate.
I'm not claiming. I'm stating outright that customer data was never at risk. We've also said there will be a blog which will detail what occurred and what was wrong.
It doesnt matter. The public image you have created is that you **** over the whistleblower, while claiming everything is allright. And unless you start to take the community i bit more seriosly, that public imagew is going to stick, no matter what your policies are.
Whistleblower? Whistleblowers talk about the problem, they dont EXPLOIT the problem.
|
Aneu Angellus
Caldari
SKULLDOGS
RED.OverLord
|
Posted - 2011.04.10 14:45:00 -
[325]
Edited by: Aneu Angellus on 10/04/2011 14:45:19
Originally by: CCP Sreegs
Originally by: Bomberlocks
Originally by: CCP Navigator
Thread has been cleaned up a little.
I wanted to quickly address one or two concerns, specifically over personal information and logins. At no stage were other players able to access your login, passwords, payment details or real life information.
CCP Sreegs has already stated that he is writing a blog on this subject and this is one of the things he will cover.
I would like to post a few pertinent facts:
- The person who was banned petitioned the vulnerability to CCP. It was not acted upon.
- Said person then proceeded to demonstrate that vulnerability after discussing it on the now-defunct SHC forums.
- Said person was banned for impersonating someone who was not himself.
- The forums were taken down.
- The forums were brought back up and CCP Fallout asserted that the vulnerabilities had been patched and "We would like to reiterate that your personal details and billing information have not been compromised, and that your eve online account was not at risk".
- The banned person then proceed to post, as himself, inspite of him being banned, in reply to CCP Fallout's assertion, thereby proving Fallout's assertion to be false.
- The forums were then taken down again.
- The forums brought back up a while later.
- Later on, I presume after having discovered that the forums were still vulnerable, they were taken down again.
- The old forums were brought back up.
- Discussions involving said banned person are closed with further threats of banning, ignoring the fact that the story has already been widely spread, on other forums, Facebook, twitter and probably the media as well (slashdot for example).
- You now claim, again, that customer data was never at risk.
In light of that information, how do you expect us to believe your current assertion without a transparent and open discussion of the vulnerability? The banned person can easily post his version any else he chooses, and given his disproving of CCP's earlier assertions, I presume that the benefit of the doubt will go to him.
The ball, I think, is in your court.
We don't discuss administrative actions. At all. Ever. No matter how many times you ask, demand or otherwise say the same thing over and over and over again. Our policy is simply that we don't, and to be fair you only have access to enough information to speculate.
I'm not claiming. I'm stating outright that customer data was never at risk. We've also said there will be a blog which will detail what occurred and what was wrong.
CCP has always been the example I give when I try to show great customer service when I play other games but after knowing exactly what occurred in this event, knowing exactly how CCP responded to a community member pointing out faults in the forums then I must say I wont be doing it any-more.
You're reply is not adequate and simply doesn't show good customer service. CCP have been shown to not know what is happening with their services, the services many people pay for, a public statement needs to be made explaining EVERYTHING in order to prevent continual damage that no response will create.
Aneu
___
Death Pain Suffering
DPS - Recruitment Open
Aneu |
Grimpak
Gallente
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.10 14:48:00 -
[326]
Originally by: Miilla
Whistleblower? Whistleblowers talk about the problem, they dont EXPLOIT the problem.
in all fairness, while he could do something much more malicious than he did and while I can understand why he did it (concern that an email simply wouldn't suffice), the means were also not the most correct.
should we thank him? yes. but punishment still must be served. A tempban in my view would probably be the most correct approach.
---
Quote:
The more I know about humans, the more I love animals.
ain't that right. |
Dogo Duma
|
Posted - 2011.04.10 14:49:00 -
[327]
Originally by: Akita T
Originally by: CCP Sreegs
My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
That aside, which version are you more comfortable using personally, this one or the "new" one ?
And why ?
Originally by: CCP Sreegs
Originally by: Titus Phook
Well if he passed the new forum as fit for use, and lets face it he's the security guy and it was a security issue, he's probably busy trying to get the egg off his face.
My job is response, not reviewing every single line of code that gets written.
Hm.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 14:50:00 -
[328]
Originally by: Grimpak
Originally by: Miilla
Whistleblower? Whistleblowers talk about the problem, they dont EXPLOIT the problem.
in all fairness, while he could do something much more malicious than he did and while I can understand why he did it (concern that an email simply wouldn't suffice), the means were also not the most correct.
should we thank him? yes. but punishment still must be served. A tempban in my view would probably be the most correct approach.
He could publish his findings anonymously instead of exploiting it for his (ego) gain.
Tough, he went about it in the wrong way.
|
Calathea Sata
State War Academy
|
Posted - 2011.04.10 14:50:00 -
[329]
Originally by: Dogo Duma
Originally by: Akita T
Originally by: CCP Sreegs
My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
That aside, which version are you more comfortable using personally, this one or the "new" one ?
And why ?
Originally by: CCP Sreegs
Originally by: Titus Phook
Well if he passed the new forum as fit for use, and lets face it he's the security guy and it was a security issue, he's probably busy trying to get the egg off his face.
My job is response, not reviewing every single line of code that gets written.
Hm.
CCP Sreegs has some explainations to do.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 14:52:00 -
[330]
Originally by: Calathea Sata
Originally by: Dogo Duma
Originally by: Akita T
Originally by: CCP Sreegs
My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
That aside, which version are you more comfortable using personally, this one or the "new" one ?
And why ?
Originally by: CCP Sreegs
Originally by: Titus Phook
Well if he passed the new forum as fit for use, and lets face it he's the security guy and it was a security issue, he's probably busy trying to get the egg off his face.
My job is response, not reviewing every single line of code that gets written.
Hm.
CCP Sreegs has some explainations to do.
If you don't like it, stop paying.
No?
|
|
|
LtCol Laurentius
Zor Industries
|
Posted - 2011.04.10 14:52:00 -
[331]
Originally by: Miilla
Whistleblower? Whistleblowers talk about the problem, they dont EXPLOIT the problem.
I would probably have given you a reasonable response if it was apparent that you had at least SOME clue of what you are talking about. But since you dont, I wont care.
|
dexington
Caldari
Baconoration
|
Posted - 2011.04.10 14:53:00 -
[332]
Originally by: CCP Sreegs
I'm not claiming. I'm stating outright that customer data was never at risk. We've also said there will be a blog which will detail what occurred and what was wrong.
If i remember correct the "EVE Technology Lab" forums had posts with people posting links to 3 party tools, and with people being able to edit all posts it would be possible to change the links without the users downloading the tools noticing the change.
Have you been able to verify that no data tempering was going on while the forums was online, else everyone who download any program using links from the forums could potentially be at risk of running modified versions.
|
Darth Vapour
|
Posted - 2011.04.10 14:53:00 -
[333]
Quote:
We've also said there will be a blog which will detail what occurred and what was wrong.
How about a blog that explains what steps are taken to make sure it does not happen again ?
|
Helicity Boson
Amarr
The Python Cartel.
The Defenders of Pen Island
|
Posted - 2011.04.10 14:54:00 -
[334]
Edited by: Helicity Boson on 10/04/2011 14:54:40
You're also being lied to.
While your customer data over at CCP was indeed safe, the new forums put everyone that visited them at risk.
Saying we were completely safe is, demonstrably, FALSE.
I've written up a blog post on the subject here: http://www.machine9.net/blog/?p=592
After posting this, I suspect this will mean goodbye for me, so let me just preemptively state that I will miss you all, and for all your flaws you ARE the best game community in the world.
|
Grimpak
Gallente
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.10 14:55:00 -
[335]
Originally by: Miilla
Originally by: Grimpak
Originally by: Miilla
Whistleblower? Whistleblowers talk about the problem, they dont EXPLOIT the problem.
in all fairness, while he could do something much more malicious than he did and while I can understand why he did it (concern that an email simply wouldn't suffice), the means were also not the most correct.
should we thank him? yes. but punishment still must be served. A tempban in my view would probably be the most correct approach.
He could publish his findings anonymously instead of exploiting it for his (ego) gain.
Tough, he went about it in the wrong way.
in the end there was no harm done to nobody. still, rules must be followed, and not punishing him would give a very bad precedent, even if his goal was just to rush the process a bit and/or ego boosting.
not condoning what he has done. it was still wrong even if it was done with good and understandable intentions.
---
Quote:
The more I know about humans, the more I love animals.
ain't that right. |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 14:56:00 -
[336]
Edited by: Miilla on 10/04/2011 14:56:57
Originally by: Helicity Boson
Edited by: Helicity Boson on 10/04/2011 14:54:40
You're also being lied to.
While your customer data over at CCP was indeed safe, the new forums put everyone that visited them at risk.
Saying we were completely safe is, demonstrably, FALSE.
I've written up a blog post on the subject here: http://www.machine9.net/blog/?p=592
After posting this, I suspect this will mean goodbye for me, so let me just preemptively state that I will miss you all, and for all your flaws you ARE the best game community in the world.
Can I have my Hulkageddon 4 Medal before you go please?
|
Calathea Sata
State War Academy
|
Posted - 2011.04.10 14:59:00 -
[337]
Originally by: Helicity Boson
Edited by: Helicity Boson on 10/04/2011 14:54:40
You're also being lied to.
While your customer data over at CCP was indeed safe, the new forums put everyone that visited them at risk.
Saying we were completely safe is, demonstrably, FALSE.
I've written up a blog post on the subject here: http://www.machine9.net/blog/?p=592
After posting this, I suspect this will mean goodbye for me, so let me just preemptively state that I will miss you all, and for all your flaws you ARE the best game community in the world.
You are not alone in the escape pod.
Get onboard before the failboat sinks!
|
Grimpak
Gallente
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.10 15:06:00 -
[338]
Originally by: Helicity Boson
Edited by: Helicity Boson on 10/04/2011 14:54:40
You're also being lied to.
While your customer data over at CCP was indeed safe, the new forums put everyone that visited them at risk.
Saying we were completely safe is, demonstrably, FALSE.
I've written up a blog post on the subject here: http://www.machine9.net/blog/?p=592
After posting this, I suspect this will mean goodbye for me, so let me just preemptively state that I will miss you all, and for all your flaws you ARE the best game community in the world.
I can't believe you just soooo went there.
good luck \o
---
Quote:
The more I know about humans, the more I love animals.
ain't that right. |
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.10 15:07:00 -
[339]
Originally by: Helicity Boson
I've written up a blog post on the subject here: http://www.machine9.net/blog/?p=592
Thumbed.
(Who needs likes? We already have that functionality.)
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 15:08:00 -
[340]
I think everybody is overreacting and making a mountian out of a molehill.
DON'T PANIC!!!
|
|
|
Grimpak
Gallente
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.10 15:17:00 -
[341]
Originally by: Miilla
I think everybody is overreacting and making a mountian out of a molehill.
DON'T PANIC!!!
tbh no need to panic now, since the security break has been closed.
being worried on how this has come to pass and if it has a chance of happening again however, is something that is valid.
---
Quote:
The more I know about humans, the more I love animals.
ain't that right. |
Bhattran
|
Posted - 2011.04.10 15:17:00 -
[342]
Originally by: Helicity Boson
Edited by: Helicity Boson on 10/04/2011 14:54:40
You're also being lied to.
While your customer data over at CCP was indeed safe, the new forums put everyone that visited them at risk.
Saying we were completely safe is, demonstrably, FALSE.
I've written up a blog post on the subject here: http://www.machine9.net/blog/?p=592
After posting this, I suspect this will mean goodbye for me, so let me just preemptively state that I will miss you all, and for all your flaws you ARE the best game community in the world.
Thank you pilot.
Papa don't preach, I've been losing sleep
But I made up my mind, I'm keeping my baby, oh
I'm gonna keep my baby, mmm... |
Neo Gabriel
Gallente
Percussive Diplomacy
|
Posted - 2011.04.10 15:22:00 -
[343]
I don't play this game for a couple of days, stay awake into the morning playing assassins creed brotherhood (yeah eve is really starting to feel like sh!t compared to fun, new games) then go check scrapheap/eve24 for eve news...
Scrapheap is down, eve24 has an article on ccp failed to make forums and some dude pulled a prank and got banned and ccp pulled a massive fail.
So go to failheap and kuqgu to check for info. Kuqgu i guess only posts important stuff on the ultrarich faqgs section so deleting the bm. While looking at the failheap posts i see the eve24 gif links and comments. Ok, read up time.
...
So GMs giving away BPOS is ok, Monkeysphere injecting python is ok, but some dude reporting MASSIVE security flaws in your failure of a forum, then being ignored and pulling a small prank gets him insta-banned.
How is this for for you as a deal? I am cancelling all my 3 accounts as of now until you un-ban the guy that exposed your failure (hopefully before someone was able to steal account ids off everyone that posted and stated cross referencing passwords from other forums).
I have put up with your failure to maintain the game that I play for years. No interactions in lowsec and facwar and then all you cumulative failures of judgement have pushed me into a corner. Only thing you care about is money, and mine you will have no longer.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 15:24:00 -
[344]
Edited by: Miilla on 10/04/2011 15:24:35
Originally by: Grimpak
tbh no need to panic now, since the security break has been closed.
being worried on how this has come to pass and if it has a chance of happening again however, is something that is valid.
Hanging Lady: Nervous?
Ted Striker: Yes.
Hanging Lady: First time?
Ted Striker: No, I've been nervous lots of times.
|
Kerfira
Kerfira Corp
|
Posted - 2011.04.10 15:32:00 -
[345]
What's all this talk of 72000 or 75000 man hours to build the new forums?
That's about ~45 MAN YEARS (which is several hundred miles beyond ridiculous for a forum)!!!
Originally by: CCP Wrangler
EVE isn't designed to just look like a cold, dark and harsh world, it's designed to be a cold, dark and harsh world.
|
Grimpak
Gallente
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.10 15:33:00 -
[346]
Originally by: Miilla
Edited by: Miilla on 10/04/2011 15:24:35
Originally by: Grimpak
tbh no need to panic now, since the security break has been closed.
being worried on how this has come to pass and if it has a chance of happening again however, is something that is valid.
Hanging Lady: Nervous?
Ted Striker: Yes.
Hanging Lady: First time?
Ted Striker: No, I've been nervous lots of times.
---
Quote:
The more I know about humans, the more I love animals.
ain't that right. |
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.10 15:40:00 -
[347]
Originally by: Kerfira
What's all this talk of 72000 or 75000 man hours to build the new forums?
That's about ~45 MAN YEARS (which is several hundred miles beyond ridiculous for a forum)!!!
I seem to recall that it was a figure mentioned at one of the fanfest presentations.
It also kind of makes sense: they started mumbling about new forums just over a year ago, and apparently, the web team consists of 40 ppl. So if that last number is correct, the man hour count seems reasonable as well.
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 15:44:00 -
[348]
Originally by: Tippia
Originally by: Kerfira
What's all this talk of 72000 or 75000 man hours to build the new forums?
That's about ~45 MAN YEARS (which is several hundred miles beyond ridiculous for a forum)!!!
I seem to recall that it was a figure mentioned at one of the fanfest presentations.
It also kind of makes sense: they started mumbling about new forums just over a year ago, and apparently, the web team consists of 40 ppl. So if that last number is correct, the man hour count seems reasonable as well.
All companies and employees huff hot air to make them awesome, when infact they are just cogs doing production.
|
Gnulpie
Minmatar
Miner Tech
|
Posted - 2011.04.10 15:44:00 -
[349]
Originally by: CCP Sreegs
I'm not claiming. I'm stating outright that customer data was never at risk. We've also said there will be a blog which will detail what occurred and what was wrong.
What do you say about that the "new forums" allowed the injection of any code (depending on the users computer configuration, even keyloggers and other nasty stuff) which would be then executed by the forum users?
Wouldn't you agree that this is not a huge risk of your customers?
You didn't risk your customers data on your internal servers, no. Far WORSE, you risked your customers security as whole.
Do you think it is the right step to downplay this incredible risk?
And what do you say to the rumours that these gaping security holes were all reported in the testing BEFORE the forums went public? Is that true or not? |
Kerfira
Kerfira Corp
|
Posted - 2011.04.10 15:48:00 -
[350]
Originally by: Tippia
Originally by: Kerfira
What's all this talk of 72000 or 75000 man hours to build the new forums?
That's about ~45 MAN YEARS (which is several hundred miles beyond ridiculous for a forum)!!!
I seem to recall that it was a figure mentioned at one of the fanfest presentations.
It also kind of makes sense: they started mumbling about new forums just over a year ago, and apparently, the web team consists of 40 ppl. So if that last number is correct, the man hour count seems reasonable as well.
Ok, so it's probably for the entire evebook farce... Maybe a bit more reasonable, but not by much...
My guess is that being married to Micro$oft's architecture carries a steep price in development hours...
Originally by: CCP Wrangler
EVE isn't designed to just look like a cold, dark and harsh world, it's designed to be a cold, dark and harsh world.
|
|
|
Vaerah Vahrokha
Minmatar
Vahrokh Consulting
|
Posted - 2011.04.10 15:52:00 -
[351]
Support!
Auditing | Research | 3rd Party | Collateral Holding | EvE RL Charity |
Cletus Graeme
Caldari
North Eastern Swat
Pandemic Legion
|
Posted - 2011.04.10 16:01:00 -
[352]
Originally by: Grimpak
in the end there was no harm done to nobody. still, rules must be followed, and not punishing ccp would give a very bad precedent, even if their goal was just to rush the process a bit and/or ego boosting.
not condoning what ccp has done. it was still wrong even if it was done with good and understandable intentions.
fyp
also, what the hell is wrong with the current forums anyway?
if it ain't broken....
|
Baihuigau
Gallente
The Scope
|
Posted - 2011.04.10 16:04:00 -
[353]
To be honest im actually liking skreegs more and more, like others have said its not his job to poor over every single line of code to make sure the forums were secure hes not a coder, hell alot of IT guys hate coding, but hes doing his job now reacting to a security matter kudos to you man..........on the other hand i dident like the whole IP banning of the guy that pointed out the exploit, that left me with extreme sour grapes about ccp just like the t20 incident, not to mention since it was not a account man but ip ban, there is this thing called a dynamic ip.....its almost like someone freaked out and pushed the ban button without knowing how to do a propper ban.
|
|
CCP Sreegs
|
Posted - 2011.04.10 16:15:00 -
[354]
Edited by: CCP Sreegs on 10/04/2011 16:20:34
Originally by: Helicity Boson
Edited by: Helicity Boson on 10/04/2011 14:54:40
You're also being lied to.
While your customer data over at CCP was indeed safe, the new forums put everyone that visited them at risk.
Saying we were completely safe is, demonstrably, FALSE.
I've written up a blog post on the subject here: http://www.machine9.net/blog/?p=592
After posting this, I suspect this will mean goodbye for me, so let me just preemptively state that I will miss you all, and for all your flaws you ARE the best game community in the world.
There are 3 problems with your post.
A) It's premature, pending investigation but from what I recall though the signatures would allow HTML you could not execute script, which kills a lot of your assertions.
B) We are in the process of conducting an investigation, but thus far it appears that nobody was doing anything that could put even people's cookies at risk, much less key logging.
C) We don't ban people for having opinions. Even when they're wrong. (or rude) |
|
Calathea Sata
State War Academy
|
Posted - 2011.04.10 16:16:00 -
[355]
Originally by: Calathea Sata
Originally by: Dogo Duma
Originally by: Akita T
Originally by: CCP Sreegs
My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
That aside, which version are you more comfortable using personally, this one or the "new" one ?
And why ?
Originally by: CCP Sreegs
Originally by: Titus Phook
Well if he passed the new forum as fit for use, and lets face it he's the security guy and it was a security issue, he's probably busy trying to get the egg off his face.
My job is response, not reviewing every single line of code that gets written.
Hm.
CCP Sreegs has some explainations to do.
|
|
CCP Sreegs
|
Posted - 2011.04.10 16:18:00 -
[356]
Edited by: CCP Sreegs on 10/04/2011 16:23:05
Originally by: Baihuigau
To be honest im actually liking skreegs more and more, like others have said its not his job to poor over every single line of code to make sure the forums were secure hes not a coder, hell alot of IT guys hate coding, but hes doing his job now reacting to a security matter kudos to you man..........on the other hand i dident like the whole IP banning of the guy that pointed out the exploit, that left me with extreme sour grapes about ccp just like the t20 incident, not to mention since it was not a account man but ip ban, there is this thing called a dynamic ip.....its almost like someone freaked out and pushed the ban button without knowing how to do a propper ban.
Nobody who has ever come forward with a legitimate security concern, with full details of what the exploit was, that they were not actively exploiting themselves, has ever been actioned against by us. There is a right way and a wrong way to report things, as I've said.
It's against policy to discuss the any detail whatsoever about an ban so I'm not allowed to do so. I can say that you don't have access to determine how any ban in our system was instituted. |
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.10 16:19:00 -
[357]
Edited by: Akita T on 10/04/2011 16:25:04
Originally by: Baihuigau
To be honest im actually liking skreegs more and more [...snip...]
CCP Sreegs being a pretty decent guy and trying his best to sort out problems still doesn't make "CCP, the enterprise" any less exasperating considering what's happening nowadays.
Originally by: Calathea Sata
[bigsnip]
Quote:
CCP Sreegs has some explainations to do.
The answer is simple : his job is to respond to security issues, no ?
EDIT : in after Sreegs
Back on topic : Sreegs, security issues and your job title and all those things aside...
...which version are you more comfortable using personally, this one right here or the "new" (now closed) one ? And why ?
_
CCP LEADERSHIP MENTALITY NEEDS TO CHANGE FAST !
"New junky features sell, old polished content doesn't" ? KILL IT WITH FIRE. |
Elyssa MacLeod
|
Posted - 2011.04.10 16:20:00 -
[358]
Edited by: Elyssa MacLeod on 10/04/2011 16:26:34
Originally by: TigerXtrm
I liked the new forums, I don't know what everyone is complaining about when it comes to the layout or bleeding eyes. Do any of you people go to other websites than this one? This forum is stuck in the bloody 1980's... there is absolutely NO useability at all.
Epic troll
Originally by: Grimpak
Originally by: Better Than You
So basically what you are saying is if we used the new forums, our account details were exposed? Including credit card information?
Yeah ok. Between the anomaly nerf and CCP exposing everyone's account details including credit cards, I quit. This is just unacceptable. Great job CCP. I trusted you and this is how you treat your customers.
Time to spend my money on another game that doesn't expose my information.
not quite.
the security holes themselves didn't go past the forum cookies, that don't store any password information. eveGate and account management themselves were secure since the cookies didn't "transport" from one place to another. At most all you could do was impersonating people in the forums.
now, IF someone less scrupulous posted html code in the 6000-character limited post and/or the 500-character limited signature to inject malicious code or any kind of malware, now there's a good chance that you could get your own computer's security compromised.
so yes, the main security hole wasn't the cookies, but the fact that the forums didn't sanitize html code.
better safe than sorry tho, so I changed passwords.
Wasnt there a ISD guy that got said info and went an posted it on SHC and kugu's boards shortly after the T20 debacle? So its not like its never happened here before.
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
Nikita Alterana
Risen Angels
|
Posted - 2011.04.10 16:26:00 -
[359]
Originally by: Helicity Boson
Edited by: Helicity Boson on 10/04/2011 14:54:40
You're also being lied to.
While your customer data over at CCP was indeed safe, the new forums put everyone that visited them at risk.
Saying we were completely safe is, demonstrably, FALSE.
I've written up a blog post on the subject here: http://www.machine9.net/blog/?p=592
After posting this, I suspect this will mean goodbye for me, so let me just preemptively state that I will miss you all, and for all your flaws you ARE the best game community in the world.
I salute you brave forum warrior o7
Nikita's Graphic Arts Studio
|
Baihuigau
Gallente
The Scope
|
Posted - 2011.04.10 16:26:00 -
[360]
Originally by: Akita T
Edited by: Akita T on 10/04/2011 16:21:53
Originally by: Baihuigau
To be honest im actually liking skreegs more and more, like others have said its not his job to poor over every single line of code to make sure the forums were secure hes not a coder, hell alot of IT guys hate coding, but hes doing his job now reacting to a security matter kudos to you man..........on the other hand i dident like the whole IP banning of the guy that pointed out the exploit, that left me with extreme sour grapes about ccp just like the t20 incident, not to mention since it was not a account man but ip ban, there is this thing called a dynamic ip.....its almost like someone freaked out and pushed the ban button without knowing how to do a propper ban.
CCP Sreegs being a pretty decent guy and trying his best to sort out problems still doesn't make "CCP, the enterprise" any less exasperating considering what's happening nowadays.
I agree with you on that akita, to be honest i just dont know anything we could do to change that, in the past month i have read alot of stuff about internal procedures of ccp mostly from disgruntled employees around the net and it does paint a picture of management being rather incompetent and full of themselves, but thats not anything new when companies get big.
|
|
|
|
CCP Sreegs
|
Posted - 2011.04.10 16:27:00 -
[361]
Originally by: Akita T
Back on topic : Sreegs, security issues and your job title and all those things aside...
...which version are you more comfortable using personally, this one right here or the "new" (now closed) one ? And why ?
I like... oh wait I see what you're doing...
Seriously that's a loaded question with no right answer. |
|
Helicity Boson
Amarr
The Python Cartel.
The Defenders of Pen Island
|
Posted - 2011.04.10 16:28:00 -
[362]
Edited by: Helicity Boson on 10/04/2011 16:31:30
Originally by: CCP Sreegs
There are 3 problems with your post.
A) It's premature, pending investigation but from what I recall though the signatures would allow HTML you could not execute script, which kills a lot of your assertions.
Horsedung. And you know it. Javascript and CSS were confirmed to work.
I appreciate your need to save face, but your guys made an unforgivable screwup, own up to it and instill me with the feeling you guys are deserving of our trust.
And no matter what, that you didn't even see the error in your login design for forum posting and the documented injection holes in the forum you gutted to serve as a base for "your" 72,000 man hour project is pretty damning.
You need peer reviews of code, you need penetration tests.
But most of all you need to get your collective heads out of your "awesome" backsides and start communicating internally and externally.
And above all you need to be honest and forthcoming.
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.10 16:29:00 -
[363]
Edited by: Akita T on 10/04/2011 16:29:31
Originally by: Baihuigau
Originally by: Akita T
CCP Sreegs being a pretty decent guy and trying his best to sort out problems still doesn't make "CCP, the enterprise" any less exasperating considering what's happening nowadays.
I agree with you on that akita, to be honest i just dont know anything we could do to change that, in the past month i have read alot of stuff about internal procedures of ccp mostly from disgruntled employees around the net and it does paint a picture of management being rather incompetent and full of themselves, but thats not anything new when companies get big.
Feel free to evemail me some links to the type of stories you mention if you think posting them in public would be a big nono for you.
Originally by: CCP Sreegs
Originally by: Akita T
Back on topic : Sreegs, security issues and your job title and all those things aside...
...which version are you more comfortable using personally, this one right here or the "new" (now closed) one ? And why ?
I like... oh wait I see what you're doing...
Seriously that's a loaded question with no right answer.
:evil grin:
_
CCP LEADERSHIP MENTALITY NEEDS TO CHANGE FAST !
"New junky features sell, old polished content doesn't" ? KILL IT WITH FIRE. |
|
CCP Sreegs
|
Posted - 2011.04.10 16:31:00 -
[364]
Edited by: CCP Sreegs on 10/04/2011 16:34:23
Originally by: Helicity Boson
Originally by: CCP Sreegs
There are 3 problems with your post.
A) It's premature, pending investigation but from what I recall though the signatures would allow HTML you could not execute script, which kills a lot of your assertions.
Horsedung. And you know it. Javascript and CSS were confirmed to work.
I appreciate your need to save face, but your guys made an unforgivable screwup, own up to it and instill me with the feeling you guys are deserving of our trust.
If I knew it I'd say so. I'm not here to save face and I'd ask that you not continue to mischaracterize me. IF when we continue our investigation I find out I am wrong and you WERE actually able to inject script then I'll say so in my blog. The word from the people who checked it earlier today was that FROM MEMORY they didn't believe script could be injected.
Everything's not some shadowy conspiracy. I appreciate that you feel wronged somehow and I can't change that. I have no need whatsoever to save anyone's face, my job is to determine and respond to the problem. Honestly.
:Edit: to respond to the rest, I can say that we have internal procedure which include peer review and pen testing. Part of the investigation will be to determine if that was done and if not why, etc... That's probably mostly going to be internal, but it's not something I'm not thinking about. |
|
Sullen Skoung
|
Posted - 2011.04.10 16:32:00 -
[365]
Originally by: CCP Navigator
That is right. Your login and password would not have been compromised.
It should also be noted though that it is just good practice to change your passwords regularly
lol this reads "there was no danger, but you probably should anyways" to me
|
Jon Taggart
State War Academy
|
Posted - 2011.04.10 16:34:00 -
[366]
Originally by: Sullen Skoung
Originally by: CCP Navigator
That is right. Your login and password would not have been compromised.
It should also be noted though that it is just good practice to change your passwords regularly
lol this reads "there was no danger, but you probably should anyways" to me
Isn't this standard operating procedure?
I'm not an alt |
Sullen Skoung
|
Posted - 2011.04.10 16:35:00 -
[367]
Originally by: CCP Sreegs
I'm sure a lot of people work for a lot of good companies. What I was stating was that if anyone has an actual evidence of the malfeasance that was suggested they're welcome to email it to me.
love the defense by way of "prove we got the emails" when theres no way you actually can do that short of working at CCP.
|
Helicity Boson
Amarr
The Python Cartel.
The Defenders of Pen Island
|
Posted - 2011.04.10 16:35:00 -
[368]
Edited by: Helicity Boson on 10/04/2011 16:38:15
Originally by: CCP Sreegs
my job is to determine and respond to the problem. Honestly.
I appreciate that, I'm not having a go at you as a person.
These things are some pretty damned basic security risks, and you cannot in good conscience sit there and just blankly state "your account info was not compromised" when that is only a half truth, yeah your logins were safe, but their browsers weren't.
I'd also really appreciate a devblog detailing how something THIS BASIC could go live like this. And how you are altering peer review procedures to make sure it does not happen again.
I'm not causing a ruckus because I don't like you, I'm doing so because you have let us down, yet again, but you're all still walking around with your head in the clouds of "awesome".
I want you to be the company we deserve, and you are failing.
Also, please don't make me bring up the part of last night where I was explaining how it was done to one of your coworkers via someone with access to your communicator and they didn't and quote "get it."
I'm pretty mad at CCP as a whole, please don't pour fuel on my fire.
|
Baihuigau
Gallente
The Scope
|
Posted - 2011.04.10 16:36:00 -
[369]
Originally by: Akita T
Edited by: Akita T on 10/04/2011 16:29:31
Originally by: Baihuigau
Originally by: Akita T
CCP Sreegs being a pretty decent guy and trying his best to sort out problems still doesn't make "CCP, the enterprise" any less exasperating considering what's happening nowadays.
I agree with you on that akita, to be honest i just dont know anything we could do to change that, in the past month i have read alot of stuff about internal procedures of ccp mostly from disgruntled employees around the net and it does paint a picture of management being rather incompetent and full of themselves, but thats not anything new when companies get big.
Feel free to evemail me some links to the type of stories you mention if you think posting them in public would be a big nono for you.
Originally by: CCP Sreegs
Originally by: Akita T
Back on topic : Sreegs, security issues and your job title and all those things aside...
...which version are you more comfortable using personally, this one right here or the "new" (now closed) one ? And why ?
I like... oh wait I see what you're doing...
Seriously that's a loaded question with no right answer.
:evil grin:
There was a post in shc a while back discussing it, and a site where you can post reviews of your employer cant think of it now but it was interesting, if i find the thread and site ill send it to you it would be a interesting article.
|
|
CCP Sreegs
|
Posted - 2011.04.10 16:37:00 -
[370]
Originally by: Sullen Skoung
Originally by: CCP Sreegs
I'm sure a lot of people work for a lot of good companies. What I was stating was that if anyone has an actual evidence of the malfeasance that was suggested they're welcome to email it to me.
love the defense by way of "prove we got the emails" when theres no way you actually can do that short of working at CCP.
I said if you have evidence send it to me. I never said prove we got them. If you're going to try to reword a post you should probably not do so with the complete text of the statement quoted. |
|
|
|
Sullen Skoung
|
Posted - 2011.04.10 16:40:00 -
[371]
Originally by: Grimpak
in all honesty the chance was still slim. not impossible but the likelihood of it happening was small since that, altho there was some time wasted, they acted within a couple of hours.
granted it's still a couple of hours and any semi-competent scripter can code anything in that time, but as far as one can see, nothing happened yet.
also, as far as one knows, the major security breach was only code related. the cookie derp, as stated, didn't go beyond forums.
it was still a very serious security breach however, and precautions are still welcome.
Is it scary to anyone that here, slim chance is OK in a situation where "no chance" SHOULD be whats acceptable?
|
Grimpak
Gallente
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.10 16:41:00 -
[372]
Edited by: Grimpak on 10/04/2011 16:46:35
Originally by: Helicity Boson
Edited by: Helicity Boson on 10/04/2011 16:38:15
Originally by: CCP Sreegs
my job is to determine and respond to the problem. Honestly.
I appreciate that, I'm not having a go at you as a person.
These things are some pretty damned basic security risks, and you cannot in good conscience sit there and just blankly state "your account info was not compromised" when that is only a half truth, yeah your logins were safe, but their browsers weren't.
I'd also really appreciate a devblog detailing how something THIS BASIC could go live like this. And how you are altering peer review procedures to make sure it does not happen again.
I'm not causing a ruckus because I don't like you, I'm doing so because you have let us down, yet again, but you're all still walking around with your head in the clouds of "awesome".
I want you to be the company we deserve, and you are failing.
Also, please don't make me bring up the part of last night where I was explaining how it was done to one of your coworkers via someone with access to your communicator and they didn't and quote "get it."
I'm pretty mad at CCP as a whole, please don't pour fuel on my fire.
in all honesty, Helicity, I think Sreegs is giving us as much info as he can without risking his job, which is quite alot, considering he has been the front face from CCP about this issue.
just give him some time, I bet he didn't had any decent sleep in these past 2-3 days
Originally by: Sullen Skoung
Is it scary to anyone that here, slim chance is OK in a situation where "no chance" SHOULD be whats acceptable?
no, it's not ok. slim chance is still a chance. it doesn't mean it won't happen however (or that it will for that matter), but from what it has been said, security had a hole, but it wasn't exploited (in a harmful way) in time.
---
Quote:
The more I know about humans, the more I love animals.
ain't that right. |
|
CCP Sreegs
|
Posted - 2011.04.10 16:41:00 -
[373]
Originally by: Helicity Boson
Originally by: CCP Sreegs
my job is to determine and respond to the problem. Honestly.
I appreciate that, I'm not having a go at you as a person.
These things are some pretty damned basic security risks, and you cannot in good conscience sit there and just blankly state "your account info was not compromised" when that is only a half truth, yeah your logins were safe, but their browsers weren't.
I'd also really appreciate a devblog detailing how something THIS BASIC could go live like this. And how you are altering peer review procedures to make sure it does not happen again.
I'm not causing a ruckus because I don't like you, I'm doing so because you have let us down, yet again, but you're all still walking around with your head in the clouds of "awesome".
I want you to be the company we deserve, and you are failing.
I want us to be the company we deserve to be as well. I think perhaps where we digress a bit is that I have to deal with hard solid evidence before I have an opinion. If it does come out that script could be executed (I'm trying to sort that), then there is a chance someone could have done something malicious.
However, beyond that are logging processes which is a part of the picture you don't have. Logs allow us to do a deeper investigation into how any exploits were actually applied rather than how something theoretically could be applied.
So as I said, I get why you're mad. I get why you'd come to the conclusions you came to. I just don't believe them all to be true at this time and if I do find that script could have been executed I'll let you know that you were correct. My job isn't to make anyone look good it's to catch bad guys and deal with problems. |
|
Ban Doga
|
Posted - 2011.04.10 16:42:00 -
[374]
Edited by: Ban Doga on 10/04/2011 16:43:28
Originally by: CCP Sreegs
Edited by: CCP Sreegs on 10/04/2011 16:34:23
Originally by: Helicity Boson
Originally by: CCP Sreegs
There are 3 problems with your post.
A) It's premature, pending investigation but from what I recall though the signatures would allow HTML you could not execute script, which kills a lot of your assertions.
Horsedung. And you know it. Javascript and CSS were confirmed to work.
I appreciate your need to save face, but your guys made an unforgivable screwup, own up to it and instill me with the feeling you guys are deserving of our trust.
If I knew it I'd say so. I'm not here to save face and I'd ask that you not continue to mischaracterize me. IF when we continue our investigation I find out I am wrong and you WERE actually able to inject script then I'll say so in my blog. The word from the people who checked it earlier today was that FROM MEMORY they didn't believe script could be injected.
So if you aren't SURE script could not be injected how can you be SURE that there was no risk?
*EDIT*
It looks like you haven't seen everything that was injected (because then you could state that no script was injected) so you're really going out on an assumption here...
|
Elyssa MacLeod
|
Posted - 2011.04.10 16:43:00 -
[375]
Originally by: Miilla
Originally by: Tippia
Originally by: Miilla
So go make your own style sheet.
That only solves (some of) the design issues ł the functionality is still gone.
Design-wise, I could probably live with the way the forums looked with my CSS. Feature-wise, it made little difference and didn't improve on what the forums offered.
Like button withdrawals?
I see your sig got nerfed... bitter much?
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
Helicity Boson
Amarr
The Python Cartel.
The Defenders of Pen Island
|
Posted - 2011.04.10 16:44:00 -
[376]
Originally by: CCP Sreegs
My job isn't to make anyone look good it's to catch bad guys and deal with problems.
Good, so we can look forwards to a devblog explaining exactly what changes you are going to make in your structure to make sure something so utterly moronic as not having validation on a charID number will never ever ever occur then?
Because frankly that makes me even more mad than the injection (which is also unforgivable really).
If you do that, then we have a deal.
If, instead, you guys just keep monkeying around and pretend it took 72,000 man hours to chop down an existing forum, break it's security and then reskin it. Then we're going to be having a problem.
|
|
CCP Sreegs
|
Posted - 2011.04.10 16:44:00 -
[377]
Originally by: Ban Doga
Edited by: Ban Doga on 10/04/2011 16:43:28
Originally by: CCP Sreegs
Edited by: CCP Sreegs on 10/04/2011 16:34:23
Originally by: Helicity Boson
Originally by: CCP Sreegs
There are 3 problems with your post.
A) It's premature, pending investigation but from what I recall though the signatures would allow HTML you could not execute script, which kills a lot of your assertions.
Horsedung. And you know it. Javascript and CSS were confirmed to work.
I appreciate your need to save face, but your guys made an unforgivable screwup, own up to it and instill me with the feeling you guys are deserving of our trust.
If I knew it I'd say so. I'm not here to save face and I'd ask that you not continue to mischaracterize me. IF when we continue our investigation I find out I am wrong and you WERE actually able to inject script then I'll say so in my blog. The word from the people who checked it earlier today was that FROM MEMORY they didn't believe script could be injected.
So if you aren't SURE script could not be injected how can you be SURE that there was no risk?
*EDIT*
It looks like you haven't seen everything that was injected (because then you could state that no script was injected) so you're really going out on an assumption here...
I explained this. |
|
Elyssa MacLeod
|
Posted - 2011.04.10 16:46:00 -
[378]
Originally by: LtCol Laurentius
Edited by: LtCol Laurentius on 10/04/2011 14:48:57
Originally by: CCP Sreegs
We don't discuss administrative actions. At all. Ever. No matter how many times you ask, demand or otherwise say the same thing over and over and over again. Our policy is simply that we don't, and to be fair you only have access to enough information to speculate.
I'm not claiming. I'm stating outright that customer data was never at risk. We've also said there will be a blog which will detail what occurred and what was wrong.
It doesnt matter. The public image you have created is that you **** over the whistleblower, while claiming everything is allright.
and put their ame on the name filter like ********** - four years plus later and you STILL ban the use of his name? why is that? Isnt that a LITTLE childish guys?
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
|
CCP Sreegs
|
Posted - 2011.04.10 16:46:00 -
[379]
Originally by: Helicity Boson
Originally by: CCP Sreegs
My job isn't to make anyone look good it's to catch bad guys and deal with problems.
Good, so we can look forwards to a devblog explaining exactly what changes you are going to make in your structure to make sure something so utterly moronic as not having validation on a charID number will never ever ever occur then?
Because frankly that makes me even more mad than the injection (which is also unforgivable really).
If you do that, then we have a deal.
If, instead, you guys just keep monkeying around and pretend it took 72,000 man hours to chop down an existing forum, break it's security and then reskin it. Then we're going to be having a problem.
I don't blog about forums so lets see where the investigation takes us and we'll figure out if you have a reason to be mad at me after I've actually finished the work :) |
|
|
CCP Sreegs
|
Posted - 2011.04.10 16:47:00 -
[380]
Originally by: LtCol Laurentius
Edited by: LtCol Laurentius on 10/04/2011 14:48:57
Originally by: CCP Sreegs
We don't discuss administrative actions. At all. Ever. No matter how many times you ask, demand or otherwise say the same thing over and over and over again. Our policy is simply that we don't, and to be fair you only have access to enough information to speculate.
I'm not claiming. I'm stating outright that customer data was never at risk. We've also said there will be a blog which will detail what occurred and what was wrong.
It doesnt matter. The public image you have created is that you **** over the whistleblower, while claiming everything is allright.
If I don't talk about administrative actions I'm really not sure how I could have created an opinion about one. I'm pretty sure what you mean to say is "The public image that SOMEONE ELSE has created". |
|
|
|
Elyssa MacLeod
|
Posted - 2011.04.10 16:48:00 -
[381]
Originally by: Miilla
If you don't like it, stop paying.
No?
nice 180 there... from rabblerouser to kiss ass in .5 sec
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
Gnulpie
Minmatar
Miner Tech
|
Posted - 2011.04.10 16:48:00 -
[382]
At least that CCP Sreegs guy seems to do good work right now.
Props for that. I can imagine way better things to do than talking with angry EVE people on the forums |
Jon Taggart
State War Academy
|
Posted - 2011.04.10 16:49:00 -
[383]
Originally by: Gnulpie
At least that CCP Sreegs guy seems to do good work right now.
Props for that. I can imagine way better things to do than talking with angry EVE people on the forums
Glutton for punishment .
I'm not an alt |
Helicity Boson
Amarr
The Python Cartel.
The Defenders of Pen Island
|
Posted - 2011.04.10 16:50:00 -
[384]
Sean, btw, who do you think Virt was copy/pasting to you last night?
|
Grimpak
Gallente
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.10 16:51:00 -
[385]
Originally by: Jon Taggart
Originally by: Gnulpie
At least that CCP Sreegs guy seems to do good work right now.
Props for that. I can imagine way better things to do than talking with angry EVE people on the forums
Glutton for punishment .
or at the very least just trying to explain what he can to us, the angry mob.
honestly Sreegs, try to get some sleep.
---
Quote:
The more I know about humans, the more I love animals.
ain't that right. |
|
CCP Sreegs
|
Posted - 2011.04.10 16:53:00 -
[386]
Originally by: Helicity Boson
Sean, btw, who do you think Virt was copy/pasting to you last night?
I don't have Virt on any of my IMs anymore and I don't recall getting any pastes, but I'll check through my logs and see if maybe I was just stupid after sleeping 3 hours in 2 days. |
|
Ban Doga
|
Posted - 2011.04.10 16:53:00 -
[387]
Originally by: CCP Sreegs
Originally by: Ban Doga
Edited by: Ban Doga on 10/04/2011 16:43:28
Originally by: CCP Sreegs
Edited by: CCP Sreegs on 10/04/2011 16:34:23
If I knew it I'd say so. I'm not here to save face and I'd ask that you not continue to mischaracterize me. IF when we continue our investigation I find out I am wrong and you WERE actually able to inject script then I'll say so in my blog. The word from the people who checked it earlier today was that FROM MEMORY they didn't believe script could be injected.
So if you aren't SURE script could not be injected how can you be SURE that there was no risk?
*EDIT*
It looks like you haven't seen everything that was injected (because then you could state that no script was injected) so you're really going out on an assumption here...
I explained this.
Originally by: CCP Sreegs
IF when we continue our investigation I find out I am wrong and you WERE actually able to inject script then I'll say so in my blog. The word from the people who checked it earlier today was that FROM MEMORY they didn't believe script could be injected.
So are you saying you already know your investigation will show that no script could be injected or
that injecting script posed no risk to the computers of the forums users?
|
|
CCP Sreegs
|
Posted - 2011.04.10 16:55:00 -
[388]
Originally by: Ban Doga
Originally by: CCP Sreegs
Originally by: Ban Doga
Edited by: Ban Doga on 10/04/2011 16:43:28
Originally by: CCP Sreegs
Edited by: CCP Sreegs on 10/04/2011 16:34:23
If I knew it I'd say so. I'm not here to save face and I'd ask that you not continue to mischaracterize me. IF when we continue our investigation I find out I am wrong and you WERE actually able to inject script then I'll say so in my blog. The word from the people who checked it earlier today was that FROM MEMORY they didn't believe script could be injected.
So if you aren't SURE script could not be injected how can you be SURE that there was no risk?
*EDIT*
It looks like you haven't seen everything that was injected (because then you could state that no script was injected) so you're really going out on an assumption here...
I explained this.
Originally by: CCP Sreegs
IF when we continue our investigation I find out I am wrong and you WERE actually able to inject script then I'll say so in my blog. The word from the people who checked it earlier today was that FROM MEMORY they didn't believe script could be injected.
So are you saying you already know your investigation will show that no script could be injected or
that injecting script posed no risk to the computers of the forums users?
I'm saying exactly what I said. |
|
Grimpak
Gallente
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.10 16:55:00 -
[389]
Edited by: Grimpak on 10/04/2011 16:57:15
dude, go to sleep, lol
powernap, anything. don't you have half of the staff working on this already?
---
Quote:
The more I know about humans, the more I love animals.
ain't that right. |
|
CCP Sreegs
|
Posted - 2011.04.10 16:57:00 -
[390]
Originally by: Grimpak
dude, go to sleep, lol
I slept last night like a good 7 hours. I came back in today to continue, so I'm pretty well rested actually. |
|
|
|
Helicity Boson
Amarr
The Python Cartel.
The Defenders of Pen Island
|
Posted - 2011.04.10 16:57:00 -
[391]
Originally by: CCP Sreegs
I'm saying exactly what I said.
you're damned if you do, damned if you don't mate.
I don't believe for one second your "review" will ever yield any result other than "no we were safe".
Especially since via-via-via-IM I was showing you how the night before and you didn't get it.
You'd never own up to the site being vulnerable anyways, and it's that fact that makes me shudder with revulsion.
Terrible coding practices combined with a willingness to lie make for a grim picture indeed.
|
Grimpak
Gallente
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.10 16:58:00 -
[392]
Originally by: CCP Sreegs
Originally by: Grimpak
dude, go to sleep, lol
I slept last night like a good 7 hours. I came back in today to continue, so I'm pretty well rested actually.
oh, ok.
---
Quote:
The more I know about humans, the more I love animals.
ain't that right. |
Bomberlocks
Minmatar
CTRL-Q
|
Posted - 2011.04.10 16:59:00 -
[393]
Originally by: CCP Sreegs
Originally by: Bomberlocks
......
We don't discuss administrative actions. At all. Ever. No matter how many times you ask, demand or otherwise say the same thing over and over and over again. Our policy is simply that we don't, and to be fair you only have access to enough information to speculate.
I'm not claiming. I'm stating outright that customer data was never at risk. We've also said there will be a blog which will detail what occurred and what was wrong.
Your policy of not discussing administrative actions is one thing (and IMO is currently being used to shield CCP from public humiliation), but if you read the post on Helicity's blog, you'll see that what you are saying with respect to the vulnerability is demonstrably false. If you do not honestly address the issues in at least the same detail Helicity did, then I think it's time to take this to the media, because, as it currently stands, there is no good reason to believe anything you are saying, but there are a lot of good reasons to not believe anything you say.
In short: Customer data was in danger through code injected into the signature. CCP did ignore the warnings of numerous people. You are trying to avoid admitting to your errors. Prove me wrong and I'll happily apologise, but simply claiming I'm wrong without proof is simply not good enough.
|
Myra2007
Millstone Industries
|
Posted - 2011.04.10 16:59:00 -
[394]
Originally by: Gnulpie
At least that CCP Sreegs guy seems to do good work right now.
Props for that. I can imagine way better things to do than talking with angry EVE people on the forums
QFT
The people who are probably directly responsible (be it coders or management or whatever) still have to show their faces. I doubt it's going to happen though. The next time we hear anything from say CCP Alice, CCP Paradox or CCP Elais will probably be when they launch this "feature rich" forum a 2nd (3rd?4th?) time with security holes fixed (again...) and no other fixes at all. And this are only the "public" faces to the new forum. I simply refuse to believe that they are completely inept and like to believe they got extreme pressure from management or something. Time for a Hilmar devblog or something imho...
--
Originally by: CCP Elais
It was a great Frankenstein moment [...] to see the forum [...] come alive.
|
Sullen Skoung
|
Posted - 2011.04.10 17:00:00 -
[395]
Originally by: CCP Sreegs
Originally by: Sullen Skoung
Originally by: CCP Sreegs
I'm sure a lot of people work for a lot of good companies. What I was stating was that if anyone has an actual evidence of the malfeasance that was suggested they're welcome to email it to me.
love the defense by way of "prove we got the emails" when theres no way you actually can do that short of working at CCP.
I said if you have evidence send it to me. I never said prove we got them. If you're going to try to reword a post you should probably not do so with the complete text of the statement quoted.
Still a crap defense man, we CANT get the emails from your site so theres no way TO prove that we sent them. Its a stupid defense when all you have to do is get whoever browses ccp@security email FOR those emails, assuming that isnt you. Unless of course you cant send them an email or talk to them or something. Which would be a ****ty way to run a company tbh
|
Dark Striped
|
Posted - 2011.04.10 17:01:00 -
[396]
ive changed my passwords just incase.
aside from that DONT MAKE ME USE THEM NEW ****TY ASS FORUMS AGAIN
|
Bomberlocks
Minmatar
CTRL-Q
|
Posted - 2011.04.10 17:03:00 -
[397]
Edited by: Bomberlocks on 10/04/2011 17:04:51
Originally by: CCP Sreegs
....
Nobody who has ever come forward with a legitimate security concern, with full details of what the exploit was, that they were not actively exploiting themselves, has ever been actioned against by us. There is a right way and a wrong way to report things, as I've said.
If that is the case, why did CCP ignore Virtuozzo's and Helicity's attempts to warn you?
Quote:
It's against policy to discuss the any detail whatsoever about an ban so I'm not allowed to do so. I can say that you don't have access to determine how any ban in our system was instituted.
In fact we do. We can just ask Cat. I'm more inclined to believe him than you tbqFh.
|
Helicity Boson
Amarr
The Python Cartel.
The Defenders of Pen Island
|
Posted - 2011.04.10 17:04:00 -
[398]
Originally by: Bomberlocks
]If that is the case, why did CCP ignore Virtuozzo's and Helicity's attempts to warn you?
To be fair they didn't do that.
|
Elyssa MacLeod
|
Posted - 2011.04.10 17:05:00 -
[399]
Originally by: CCP Sreegs
I don't blog about forums so lets see where the investigation takes us and we'll figure out if you have a reason to be mad at me after I've actually finished the work :)
you realize yer talking in circles right? You earlier stated it was a security issue that brought down the forums and now youre saying you dont blog about forums.
That blog is gonna be pretty thin then if its not about this fiasco.
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
|
CCP Sreegs
|
Posted - 2011.04.10 17:06:00 -
[400]
Originally by: Helicity Boson
Originally by: CCP Sreegs
I'm saying exactly what I said.
you're damned if you do, damned if you don't mate.
I don't believe for one second your "review" will ever yield any result other than "no we were safe".
Especially since via-via-via-IM I was showing you how the night before and you didn't get it.
You'd never own up to the site being vulnerable anyways, and it's that fact that makes me shudder with revulsion.
Terrible coding practices combined with a willingness to lie make for a grim picture indeed.
I can assure you that I never came close to an IM from you. I did see some information that lead directly to patching the problem, but I never personally got any IM from anyone from you. If I was somehow "not owning up to the site being vulnerable" I wouldn't have said it was vulnerable and I wouldn't have had it taken down.
I don't know what you're seeing from your perspective but it sounds to me like you're being taken for a ride by someone else or there's a really really hilarious miscommunication chain here. |
|
|
|
Bomberlocks
Minmatar
CTRL-Q
|
Posted - 2011.04.10 17:07:00 -
[401]
Originally by: CCP Sreegs
Edited by: CCP Sreegs on 10/04/2011 16:34:23
Originally by: Helicity Boson
Originally by: CCP Sreegs
There are 3 problems with your post.
A) It's premature, pending investigation but from what I recall though the signatures would allow HTML you could not execute script, which kills a lot of your assertions.
Horsedung. And you know it. Javascript and CSS were confirmed to work.
I appreciate your need to save face, but your guys made an unforgivable screwup, own up to it and instill me with the feeling you guys are deserving of our trust.
If I knew it I'd say so. I'm not here to save face and I'd ask that you not continue to mischaracterize me. IF when we continue our investigation I find out I am wrong and you WERE actually able to inject script then I'll say so in my blog. The word from the people who checked it earlier today was that FROM MEMORY they didn't believe script could be injected.
Everything's not some shadowy conspiracy. I appreciate that you feel wronged somehow and I can't change that. I have no need whatsoever to save anyone's face, my job is to determine and respond to the problem. Honestly.
:Edit: to respond to the rest, I can say that we have internal procedure which include peer review and pen testing. Part of the investigation will be to determine if that was done and if not why, etc... That's probably mostly going to be internal, but it's not something I'm not thinking about.
You'd trust the people who made the mistake in the first place more than the people who tried to warn you about it?
|
|
CCP Sreegs
|
Posted - 2011.04.10 17:08:00 -
[402]
Originally by: Bomberlocks
Originally by: CCP Sreegs
Originally by: Bomberlocks
......
We don't discuss administrative actions. At all. Ever. No matter how many times you ask, demand or otherwise say the same thing over and over and over again. Our policy is simply that we don't, and to be fair you only have access to enough information to speculate.
I'm not claiming. I'm stating outright that customer data was never at risk. We've also said there will be a blog which will detail what occurred and what was wrong.
Your policy of not discussing administrative actions is one thing (and IMO is currently being used to shield CCP from public humiliation), but if you read the post on Helicity's blog, you'll see that what you are saying with respect to the vulnerability is demonstrably false. If you do not honestly address the issues in at least the same detail Helicity did, then I think it's time to take this to the media, because, as it currently stands, there is no good reason to believe anything you are saying, but there are a lot of good reasons to not believe anything you say.
In short: Customer data was in danger through code injected into the signature. CCP did ignore the warnings of numerous people. You are trying to avoid admitting to your errors. Prove me wrong and I'll happily apologise, but simply claiming I'm wrong without proof is simply not good enough.
I'm not trying to avoid anything. It seems a bit silly to say YOUR WRONG PROVE ME YOUR RIGHT, then make the opposite assertion with less burden. At this point in time the only thing we can do is point fingers at each other and that's not very productive. Nevermind the fact that you're just rehashing a conversation I responded to not 30 minutes ago. |
|
|
CCP Sreegs
|
Posted - 2011.04.10 17:09:00 -
[403]
Originally by: Sullen Skoung
Originally by: CCP Sreegs
Originally by: Sullen Skoung
Originally by: CCP Sreegs
I'm sure a lot of people work for a lot of good companies. What I was stating was that if anyone has an actual evidence of the malfeasance that was suggested they're welcome to email it to me.
love the defense by way of "prove we got the emails" when theres no way you actually can do that short of working at CCP.
I said if you have evidence send it to me. I never said prove we got them. If you're going to try to reword a post you should probably not do so with the complete text of the statement quoted.
Still a crap defense man, we CANT get the emails from your site so theres no way TO prove that we sent them. Its a stupid defense when all you have to do is get whoever browses ccp@security email FOR those emails, assuming that isnt you. Unless of course you cant send them an email or talk to them or something. Which would be a ****ty way to run a company tbh
What? I have no idea what you're trying to say. |
|
Bomberlocks
Minmatar
CTRL-Q
|
Posted - 2011.04.10 17:09:00 -
[404]
Originally by: CCP Sreegs
Originally by: Helicity Boson
Originally by: CCP Sreegs
I'm saying exactly what I said.
you're damned if you do, damned if you don't mate.
I don't believe for one second your "review" will ever yield any result other than "no we were safe".
Especially since via-via-via-IM I was showing you how the night before and you didn't get it.
You'd never own up to the site being vulnerable anyways, and it's that fact that makes me shudder with revulsion.
Terrible coding practices combined with a willingness to lie make for a grim picture indeed.
I can assure you that I never came close to an IM from you. I did see some information that lead directly to patching the problem, but I never personally got any IM from anyone from you. If I was somehow "not owning up to the site being vulnerable" I wouldn't have said it was vulnerable and I wouldn't have had it taken down.
I don't know what you're seeing from your perspective but it sounds to me like you're being taken for a ride by someone else or there's a really really hilarious miscommunication chain here.
And if he posts his chat logs?
|
Helicity Boson
Amarr
The Python Cartel.
The Defenders of Pen Island
|
Posted - 2011.04.10 17:12:00 -
[405]
Originally by: CCP Sreegs
or there's a really really hilarious miscommunication chain here.
It's that. But in the scheme of thing this is moot.
|
Copine Callmeknau
Kangaroos With Frickin Lazerbeams
The KWFL Republic
|
Posted - 2011.04.10 17:12:00 -
[406]
Originally by: Copine Callmeknau
Originally by: Miilla
Originally by: Copine Callmeknau
Miilla your sig is ****ing awful, also it's oversized and gonna get nerfed when a mod sees it
Yours is too violent and should be also nerfed due to the blood and gore.
I've had mine 5yrs, you've had yours 10min. We'll see who's gets nerfed first k?
LULZ I WIN
Stunning EVE Online Theme for PS3 |
|
CCP Sreegs
|
Posted - 2011.04.10 17:12:00 -
[407]
Originally by: Elyssa MacLeod
you realize yer talking in circles right? You earlier stated it was a security issue that brought down the forums and now youre saying you dont blog about forums.
That blog is gonna be pretty thin then if its not about this fiasco.
Hey helicity, how you know his name? Sreegs: An whats all this about you not having ppl on yer IM anymore?
lol these ppl are all closer than we think they are...
I was a player for a long time. When I joined the company I removed a bunch of people from IM and had to leave the game as per policy. No huge mystery there.
|
|
Sullen Skoung
|
Posted - 2011.04.10 17:12:00 -
[408]
Originally by: CCP Sreegs
Quote:
Still a crap defense man, we CANT get the emails from your site so theres no way TO prove that we sent them. Its a stupid defense when all you have to do is get whoever browses ccp@security email FOR those emails, assuming that isnt you. Unless of course you cant send them an email or talk to them or something. Which would be a ****ty way to run a company tbh
What? I have no idea what you're trying to say.
you are saying WE need to provide proof of sending emails to ccp@security
IM saying we cant provide this proof being that we cant get into ccp@security to get copies of those emails sent.
YOU who work at CCP, supposedly AS security, should either be able to access that email account or email the guy that can and can see if those emails do in fact exist.
|
|
CCP Sreegs
|
Posted - 2011.04.10 17:14:00 -
[409]
Originally by: Bomberlocks
You'd trust the people who made the mistake in the first place more than the people who tried to warn you about it?
Who said it was them that I asked? |
|
Elyssa MacLeod
|
Posted - 2011.04.10 17:15:00 -
[410]
Originally by: Bomberlocks
And if he posts his chat logs?
gets banned for posting GM communications?
Im guessing he cant say anything like he gets IMs from players cause that player/GM interaction wall breach was part of the issue in T20
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
|
|
Dark Striped
|
Posted - 2011.04.10 17:15:00 -
[411]
Originally by: CCP Sreegs
Originally by: Bomberlocks
You'd trust the people who made the mistake in the first place more than the people who tried to warn you about it?
Who said it was them that I asked?
not fused about all this smack.
can you close these new pile of crap forums down forever? i hope you have that power cos they suck
|
|
CCP Sreegs
|
Posted - 2011.04.10 17:15:00 -
[412]
Originally by: Sullen Skoung
Originally by: CCP Sreegs
Quote:
Still a crap defense man, we CANT get the emails from your site so theres no way TO prove that we sent them. Its a stupid defense when all you have to do is get whoever browses ccp@security email FOR those emails, assuming that isnt you. Unless of course you cant send them an email or talk to them or something. Which would be a ****ty way to run a company tbh
What? I have no idea what you're trying to say.
you are saying WE need to provide proof of sending emails to ccp@security
IM saying we cant provide this proof being that we cant get into ccp@security to get copies of those emails sent.
YOU who work at CCP, supposedly AS security, should either be able to access that email account or email the guy that can and can see if those emails do in fact exist.
I never said I didn't have those mails....
I said that if you have any evidence that someone within the company is doing something wrong as was intimated by the original post, then that was the address to send it to... that was the entirety of what I was trying to state. I don't know how that got twisted into this. |
|
Bomberlocks
Minmatar
CTRL-Q
|
Posted - 2011.04.10 17:16:00 -
[413]
Originally by: CCP Sreegs
Originally by: Bomberlocks
Originally by: CCP Sreegs
Originally by: Bomberlocks
......
We don't discuss administrative actions. At all. Ever. No matter how many times you ask, demand or otherwise say the same thing over and over and over again. Our policy is simply that we don't, and to be fair you only have access to enough information to speculate.
I'm not claiming. I'm stating outright that customer data was never at risk. We've also said there will be a blog which will detail what occurred and what was wrong.
Your policy of not discussing administrative actions is one thing (and IMO is currently being used to shield CCP from public humiliation), but if you read the post on Helicity's blog, you'll see that what you are saying with respect to the vulnerability is demonstrably false. If you do not honestly address the issues in at least the same detail Helicity did, then I think it's time to take this to the media, because, as it currently stands, there is no good reason to believe anything you are saying, but there are a lot of good reasons to not believe anything you say.
In short: Customer data was in danger through code injected into the signature. CCP did ignore the warnings of numerous people. You are trying to avoid admitting to your errors. Prove me wrong and I'll happily apologise, but simply claiming I'm wrong without proof is simply not good enough.
I'm not trying to avoid anything. It seems a bit silly to say YOUR WRONG PROVE ME YOUR RIGHT, then make the opposite assertion with less burden. At this point in time the only thing we can do is point fingers at each other and that's not very productive. Nevermind the fact that you're just rehashing a conversation I responded to not 30 minutes ago.
Bolded the part you seem to have missed.
But whatever, Screegs. I don't want to jump on your case. I've cancelled my credit card and I doubt that I'll be renewing that data with CCP unless CCP post a very honest and open discussion on how they will not in future endanger my computer, or the data I entrust them with. A broken game is one thing, but bad security has repercussions in the real world.
|
Jon Taggart
State War Academy
|
Posted - 2011.04.10 17:17:00 -
[414]
People want to get as much rage out there as possible before these forums go kaput and everything here gets locked and archived.
I'm not an alt |
Sullen Skoung
|
Posted - 2011.04.10 17:17:00 -
[415]
Originally by: CCP Sreegs
I never said I didn't have those mails....
I said that if you have any evidence that someone within the company is doing something wrong as was intimated by the original post, then that was the address to send it to... that was the entirety of what I was trying to state. I don't know how that got twisted into this.
cause we work for CCP Internal affairs and can provide this proof? Again, using the defence of "prove it to me" when we dont have access to internal CCP documents isnt a defense
|
|
CCP Sreegs
|
Posted - 2011.04.10 17:17:00 -
[416]
Originally by: Elyssa MacLeod
Originally by: Bomberlocks
And if he posts his chat logs?
gets banned for posting GM communications?
Im guessing he cant say anything like he gets IMs from players cause that player/GM interaction wall breach was part of the issue in T20
If someone had found a way to get me an IM from him I'd have no problem saying so. I don't think that was the case here. I did have some information forwarded to me, that was used. But I had no IM convo tmk. |
|
Hel O'Ween
Men On A Mission
|
Posted - 2011.04.10 17:18:00 -
[417]
Originally by: Neo Gabriel
[...] but some dude reporting MASSIVE security flaws in your failure of a forum, then being ignored and pulling a small prank gets him insta-banned.
This is the real problem. I mean, we're not talking about some ingame bug that makes you a billionaire instantly - which would be bad enough but hurts no one outside the game.
We're talking about a glaring security hole that puts every forum user in the risk of having his computer hacked/infected.
Cat (and potentially others) shouldn't have been punished and banned for this. They should have been rewarded with a free life time subscription instead. And I remind you that Cat reported the issue first and then - when his warning got ignored - demonstrated it for all to see. This was the time CCP finally got the message and pulled the plug.
--
EVEWalletAware - an offline wallet manager |
Gnulpie
Minmatar
Miner Tech
|
Posted - 2011.04.10 17:18:00 -
[418]
Man, jeez, give them folks at CCP some time to investigate what exactly happend, where the vulnerabilities are, what communication channels failed (if they failed) etc.
This takes time and such things can't be properly done in few hours!
You guys want thorough investigation and at the same time you want results, blogs and whatnot already yesterday. That's not working!
If there is still no public reply in a few days, THEN is the time to make a huge uproar, but for now let them do their work.
Ranting, venting anger and frustration is good and fine, but after that, let it go and calm down. |
Sullen Skoung
|
Posted - 2011.04.10 17:19:00 -
[419]
Edited by: Sullen Skoung on 10/04/2011 17:21:43
Originally by: Hel O'Ween
And I remind you that Cat reported the issue first and then - when his warning got ignored - demonstrated it for all to see. This was the time CCP finally got the message and pulled the plug.
I think this is the part that Sreegs is trying to get us to prove
Originally by: Gnulpie
Man, jeez, give them folks at CCP some time to investigate what exactly happend, where the vulnerabilities are, what communication channels failed (if they failed) etc.
This takes time and such things can't be properly done in few hours!
You guys want thorough investigation and at the same time you want results, blogs and whatnot already yesterday. That's not working!
If there is still no public reply in a few days, THEN is the time to make a huge uproar, but for now let them do their work.
Ranting, venting anger and frustration is good and fine, but after that, let it go and calm down.
no offense, but look at the player base youre talking to...
the phrase "falling on deaf ears" comes to mind
|
Helicity Boson
Amarr
The Python Cartel.
The Defenders of Pen Island
|
Posted - 2011.04.10 17:20:00 -
[420]
Originally by: CCP Sreegs
I did have some information forwarded to me, that was used. But I had no IM convo tmk.
yeah, that's the info I was giving via an extremely convoluted route, but this is irrelevant to the discussion, I just wanted to make sure you knew where it was coming from and why I'm skeptical of how sincere (and accurate) your blog post will be.
We'll be scrutinizing said blog post very closely, I hope you can find it in yourself to be honest and forthright in it.
|
|
|
Jon Taggart
State War Academy
|
Posted - 2011.04.10 17:20:00 -
[421]
Originally by: Sullen Skoung
Originally by: Hel O'Ween
And I remind you that Cat reported the issue first and then - when his warning got ignored - demonstrated it for all to see. This was the time CCP finally got the message and pulled the plug.
I think this is the part that Sreegs is trying to get us to prove
Will have to wait until the forums are back up. The link to the test forums provided here does not work.
I'm not an alt |
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.10 17:23:00 -
[422]
Originally by: Jon Taggart
Will have to wait until the forums are back up. The link to the test forums provided here does not work.
https://testforums.evegate.com/ -> "The page cannot be displayed because an internal server error has occurred."
_
CCP LEADERSHIP MENTALITY NEEDS TO CHANGE FAST !
"New junky features sell, old polished content doesn't" ? KILL IT WITH FIRE. |
Sullen Skoung
|
Posted - 2011.04.10 17:23:00 -
[423]
Edited by: Sullen Skoung on 10/04/2011 17:23:43
Originally by: Jon Taggart
Originally by: Sullen Skoung
Originally by: Hel O'Ween
And I remind you that Cat reported the issue first and then - when his warning got ignored - demonstrated it for all to see. This was the time CCP finally got the message and pulled the plug.
I think this is the part that Sreegs is trying to get us to prove
Will have to wait until the forums are back up. The link to the test forums provided here does not work.
well the reported part was what I was talking about
There are pics showing the demonstrated part already lol
|
Mortania
Minmatar
Kinetic Cartel
Shadow of xXDEATHXx
|
Posted - 2011.04.10 17:26:00 -
[424]
I just wanted to post to say that's one heck of a flame-******ant suit that you've got Sreegs.
I applaud you wading into the lion's den.
|
|
CCP Sreegs
|
Posted - 2011.04.10 17:26:00 -
[425]
Originally by: Sullen Skoung
Edited by: Sullen Skoung on 10/04/2011 17:21:43
Originally by: Hel O'Ween
And I remind you that Cat reported the issue first and then - when his warning got ignored - demonstrated it for all to see. This was the time CCP finally got the message and pulled the plug.
I think this is the part that Sreegs is trying to get us to prove
Nobody has to prove anything about anyone's actions on the forums I have full logs of everything. |
|
Sullen Skoung
|
Posted - 2011.04.10 17:35:00 -
[426]
Originally by: CCP Sreegs
Originally by: Sullen Skoung
Originally by: CCP Sreegs
I'm sure a lot of people work for a lot of good companies. What I was stating was that if anyone has an actual evidence of the malfeasance that was suggested they're welcome to email it to me.
love the defense by way of "prove we got the emails" when theres no way you actually can do that short of working at CCP.
I said if you have evidence send it to me. I never said prove we got them. If you're going to try to reword a post you should probably not do so with the complete text of the statement quoted.
why do we need to send you evidence?
Originally by: CCP Sreegs
Nobody has to prove anything about anyone's actions on the forums I have full logs of everything.
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.10 17:37:00 -
[427]
Originally by: Sullen Skoung
why do we need to send you evidence?
Because, apparently, the QA team is not.
_
CCP LEADERSHIP MENTALITY NEEDS TO CHANGE FAST !
"New junky features sell, old polished content doesn't" ? KILL IT WITH FIRE. |
Sullen Skoung
|
Posted - 2011.04.10 17:39:00 -
[428]
Originally by: Akita T
Originally by: Sullen Skoung
why do we need to send you evidence?
Because, apparently, the QA team is not.
you gotta read all the quotes lol
|
Jon Taggart
State War Academy
|
Posted - 2011.04.10 17:42:00 -
[429]
Originally by: Sullen Skoung
Originally by: Akita T
Originally by: Sullen Skoung
why do we need to send you evidence?
Because, apparently, the QA team is not.
you gotta read all the quotes lol
Any word when the dev blog detailing the goings-on of the weekend comes out? Skreegs, or whoever is going to spear-head that, will have to prepare the flame suit again for the next threadnaught.
I'm not an alt |
Erichk Knaar
Caldari
Noir.
Noir. Mercenary Group
|
Posted - 2011.04.10 17:43:00 -
[430]
Originally by: Akita T
Originally by: Sullen Skoung
why do we need to send you evidence?
Because, apparently, the QA team is not.
Sounds to me like some QA with specific skills is needed. Game QA will never find this type of thing. Most black-box web QA won't either.
|
|
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.10 17:45:00 -
[431]
Originally by: Sullen Skoung
you gotta read all the quotes lol
Yeah, I know, I was purposefully ignoring that line of the argument because it's pointless.
You are arguing that CCP received warning of it before it happened (which CCP is not actually denying), CCP Sreegs is arguing that nobody who JUST reported it and did nothing else would get banned.
Those two arguments are not incompatible.
CCP could have been warned, the other guy could have been showing off, CCP might have not reacted quite as fast as we hoped, the guy might have been banned.
I'm not saying it's what happened, but it's probably what happened.
_
CCP LEADERSHIP MENTALITY NEEDS TO CHANGE FAST !
"New junky features sell, old polished content doesn't" ? KILL IT WITH FIRE. |
Sullen Skoung
|
Posted - 2011.04.10 17:47:00 -
[432]
Edited by: Sullen Skoung on 10/04/2011 17:47:03
no, I was saying that Sreegs said to prove such we needed to send evidenve then tells us we dont need to send it cause he has all the logs
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.10 17:49:00 -
[433]
Originally by: Sullen Skoung
no, I was saying that Sreegs said to prove such we needed to send evidenve then tells us we dont need to send it cause he has all the logs
That's not what he said
Train "evasive statement reading" to L4.
_
CCP LEADERSHIP MENTALITY NEEDS TO CHANGE FAST !
"New junky features sell, old polished content doesn't" ? KILL IT WITH FIRE. |
Mr Pikey
Caldari
|
Posted - 2011.04.10 17:50:00 -
[434]
Originally by: CCP Sreegs
Snip;
Nobody has to prove anything about anyone's actions on the forums I have full logs of everything.
But the logs always show nothing
|
Ban Doga
|
Posted - 2011.04.10 17:55:00 -
[435]
Originally by: CCP Sreegs
I'm saying exactly what I said.
That's great, I'm doing the same.
I think more people should do it...
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 17:57:00 -
[436]
Biatch fight! I called it first!
|
LtCol Laurentius
Zor Industries
|
Posted - 2011.04.10 18:10:00 -
[437]
Originally by: CCP Sreegs
Originally by: LtCol Laurentius
Edited by: LtCol Laurentius on 10/04/2011 14:48:57
Originally by: CCP Sreegs
We don't discuss administrative actions. At all. Ever. No matter how many times you ask, demand or otherwise say the same thing over and over and over again. Our policy is simply that we don't, and to be fair you only have access to enough information to speculate.
I'm not claiming. I'm stating outright that customer data was never at risk. We've also said there will be a blog which will detail what occurred and what was wrong.
It doesnt matter. The public image you have created is that you **** over the whistleblower, while claiming everything is allright.
If I don't talk about administrative actions I'm really not sure how I could have created an opinion about one. I'm pretty sure what you mean to say is "The public image that SOMEONE ELSE has created".
Not really. You HAVE banned the wistleblower. And the way you communicate OFFICIALLY (in news and devblogs) gives the following message: "YOU discovered the securityholes yourselves" (which is blatant bull****), and "there is no reason to be concerned about security" (more blatant bull****). Based on this, players will form an opinion. And it is not favourable.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 18:19:00 -
[438]
Edited by: Miilla on 10/04/2011 18:22:55
Originally by: LtCol Laurentius
Originally by: CCP Sreegs
Originally by: LtCol Laurentius
Edited by: LtCol Laurentius on 10/04/2011 14:48:57
Originally by: CCP Sreegs
We don't discuss administrative actions. At all. Ever. No matter how many times you ask, demand or otherwise say the same thing over and over and over again. Our policy is simply that we don't, and to be fair you only have access to enough information to speculate.
I'm not claiming. I'm stating outright that customer data was never at risk. We've also said there will be a blog which will detail what occurred and what was wrong.
It doesnt matter. The public image you have created is that you **** over the whistleblower, while claiming everything is allright.
If I don't talk about administrative actions I'm really not sure how I could have created an opinion about one. I'm pretty sure what you mean to say is "The public image that SOMEONE ELSE has created".
Not really. You HAVE banned the wistleblower. And the way you communicate OFFICIALLY (in news and devblogs) gives the following message: "YOU discovered the securityholes yourselves" (which is blatant bull****), and "there is no reason to be concerned about security" (more blatant bull****). Based on this, players will form an opinion. And it is not favourable.
The "whistleblower" who "exploited" the issue instead of posting about it publically anonymously.
He crossed the line when he "exploited" the hole.
Whistleblower
A whistleblower (whistle-blower or whistle blower)[1] is a person who tells the public or someone in authority about alleged dishonest or illegal activities (misconduct) occurring in a government department, a public or private organization, or a company. The alleged misconduct may be classified in many ways; for example, a violation of a law, rule, regulation and/or a direct threat to public interest, such as fraud, health/safety violations, and corruption. Whistleblowers may make their allegations internally (for example, to other people within the accused organization) or externally (to regulators, law enforcement agencies, to the media or to groups concerned with the issues).
|
Elyssa MacLeod
|
Posted - 2011.04.10 18:25:00 -
[439]
so miilla, what did they give you to turn you into a CCP kiss ass?
cause you used to be a rabblerouser lie the rest of us, now all you do in troll us and kiss CCP's ass.
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 18:26:00 -
[440]
Originally by: Elyssa MacLeod
so miilla, what did they give you to turn you into a CCP kiss ass?
cause you used to be a rabblerouser lie the rest of us, now all you do in troll us and kiss CCP's ass.
I don't take sides :)
|
|
|
Ban Doga
|
Posted - 2011.04.10 18:26:00 -
[441]
Edited by: Ban Doga on 10/04/2011 18:26:35
Originally by: Miilla
Edited by: Miilla on 10/04/2011 18:22:55
The "whistleblower" who "exploited" the issue instead of posting about it publically anonymously.
How can anyone say there's a security hole without exploiting it?
"Uhm, your client is sending data to your server. If the server does not validate this data you have a security hole..."?
|
Grimpak
Gallente
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.10 18:27:00 -
[442]
Originally by: Miilla
The "whistleblower" who "exploited" the issue instead of posting about it publically anonymously.
He crossed the line when he "exploited" the hole.
Whistleblower
A whistleblower (whistle-blower or whistle blower)[1] is a person who tells the public or someone in authority about alleged dishonest or illegal activities (misconduct) occurring in a government department, a public or private organization, or a company. The alleged misconduct may be classified in many ways; for example, a violation of a law, rule, regulation and/or a direct threat to public interest, such as fraud, health/safety violations, and corruption. Whistleblowers may make their allegations internally (for example, to other people within the accused organization) or externally (to regulators, law enforcement agencies, to the media or to groups concerned with the issues).
and there you go. Altho I'm more in favour of CCP being a bit light-handed on him, as in giving him a tempban (he didn't do anything that can be considered harmful, besides pranks harmless pranks), punishment still needs to be served.
---
Quote:
The more I know about humans, the more I love animals.
ain't that right. |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 18:28:00 -
[443]
Edited by: Miilla on 10/04/2011 18:30:31
Originally by: Ban Doga
Edited by: Ban Doga on 10/04/2011 18:26:35
Originally by: Miilla
Edited by: Miilla on 10/04/2011 18:22:55
The "whistleblower" who "exploited" the issue instead of posting about it publically anonymously.
How can anyone say there's a security hole without exploiting it?
"Uhm, your client is sending data to your server. If the server does not validate this data you have a security hole..."?
So post it as theory then, but don't EXPLPOIT it, it is clearly obvious he exploited it from his self bragging posts on SHC forum.
"hey look at me, look what I can do etc etc" even the forum thread was titled who wanted to post as somebody else.
|
Elyssa MacLeod
|
Posted - 2011.04.10 18:30:00 -
[444]
Originally by: Miilla
Originally by: Elyssa MacLeod
so miilla, what did they give you to turn you into a CCP kiss ass?
cause you used to be a rabblerouser lie the rest of us, now all you do in troll us and kiss CCP's ass.
I don't take sides :)
yeah sure you dont lol
how much isk or PLEX did it take? lol
----------------------------
fail leads to anger
anger leads to hate
hate leads to the dark side of MMOs |
Ban Doga
|
Posted - 2011.04.10 18:34:00 -
[445]
Originally by: Miilla
Edited by: Miilla on 10/04/2011 18:30:31
Originally by: Ban Doga
Edited by: Ban Doga on 10/04/2011 18:26:35
Originally by: Miilla
Edited by: Miilla on 10/04/2011 18:22:55
The "whistleblower" who "exploited" the issue instead of posting about it publically anonymously.
How can anyone say there's a security hole without exploiting it?
"Uhm, your client is sending data to your server. If the server does not validate this data you have a security hole..."?
So post it as theory then, but don't EXPLPOIT it, it is clearly obvious he exploited it from his self bragging posts on SHC forum.
"hey look at me, look what I can do etc etc" even the forum thread was titled who wanted to post as somebody else.
There would be quite a lot of possible theories.
You can't be sure there is a weakness until you try (this is not like finding a hole in a fence, it's like finding a tunnel and guessing where it might lead)
You would get ignored pretty quickly (I'd assume) and in the story about the boy who cried wolf the wolf actually comes and no one believes it...
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 18:34:00 -
[446]
Originally by: Elyssa MacLeod
Originally by: Miilla
Originally by: Elyssa MacLeod
so miilla, what did they give you to turn you into a CCP kiss ass?
cause you used to be a rabblerouser lie the rest of us, now all you do in troll us and kiss CCP's ass.
I don't take sides :)
yeah sure you dont lol
how much isk or PLEX did it take? lol
He denied me the oppertunity to use my paid for trolling service for the weekend. The agony was terrible. All because some know it all show off wanted to act big on the internet posting javascript signiture exploits.
|
Ban Doga
|
Posted - 2011.04.10 18:37:00 -
[447]
Edited by: Ban Doga on 10/04/2011 18:37:44
Originally by: Miilla
Originally by: Elyssa MacLeod
Originally by: Miilla
Originally by: Elyssa MacLeod
so miilla, what did they give you to turn you into a CCP kiss ass?
cause you used to be a rabblerouser lie the rest of us, now all you do in troll us and kiss CCP's ass.
I don't take sides :)
yeah sure you dont lol
how much isk or PLEX did it take? lol
He denied me the oppertunity to use my paid for trolling service for the weekend. The agony was terrible. All because some know it all show off wanted to act big on the internet posting javascript signiture exploits.
Careful now.
Sreegs already said he talked to some people who remember they believe it was not possible to post Javascript.
And he really says what he said.
|
Kristina Vanszar
Caldari
|
Posted - 2011.04.10 18:40:00 -
[448]
Edited by: Kristina Vanszar on 10/04/2011 18:40:09
Quote:
who remember they believe it was not possible
WTF!?
|
Barakkus
|
Posted - 2011.04.10 18:40:00 -
[449]
Originally by: Elyssa MacLeod
so miilla, what did they give you to turn you into a CCP kiss ass?
cause you used to be a rabblerouser lie the rest of us, now all you do in troll us and kiss CCP's ass.
It's called not acting like a teenager...which I'm shocked that Miilla isn't doing so, but whatever....
You can disagree, but doing so in the manner many posters do on these forums is juvenile and frankly a lot of people around here need to grow the **** up and act like adults for once in their lives. Being a complete ass because it makes you look kewl in the internet, and there's no one sitting there to punch you in the face is just ****ing stupid.
-
-
[SERVICE] Corp Standings For POS anchoring
|
Ban Doga
|
Posted - 2011.04.10 18:42:00 -
[450]
Originally by: Kristina Vanszar
Edited by: Kristina Vanszar on 10/04/2011 18:40:09
Quote:
who remember they believe it was not possible
WTF!?
Sorry for paraphrasing.
The original statement was
Quote:
The word from the people who checked it earlier today was that FROM MEMORY they didn't believe script could be injected.
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1493904&page=13#364
|
|
|
Kristina Vanszar
Caldari
|
Posted - 2011.04.10 18:46:00 -
[451]
Edited by: Kristina Vanszar on 10/04/2011 18:46:48
Originally by: Ban Doga
Originally by: Kristina Vanszar
Edited by: Kristina Vanszar on 10/04/2011 18:40:09
Quote:
who remember they believe it was not possible
WTF!?
Sorry for paraphrasing.
The original statement was
Quote:
The word from the people who checked it earlier today was that FROM MEMORY they didn't believe script could be injected.
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1493904&page=13#364
still from memorythey didn't belive .... so they have no idea! oh my god...
|
Mashie Saldana
Minmatar
Veto Corp
|
Posted - 2011.04.10 18:48:00 -
[452]
Originally by: Elyssa MacLeod
so miilla, what did they give you to turn you into a CCP kiss ass?
cause you used to be a rabblerouser lie the rest of us, now all you do in troll us and kiss CCP's ass.
It's called the art of trolling.
|
Copine Callmeknau
Kangaroos With Frickin Lazerbeams
The KWFL Republic
|
Posted - 2011.04.10 18:49:00 -
[453]
I like Sreegs, epic forum warrior willing to school the usual EVE trolls. Keep it up mate.
In other news, I have made this sig to commemorate CCP's epic achievements over the last few days.
Feel free to use it yourself, it's for all of EVE community, not just me.
Stunning EVE Online Theme for PS3 |
Furb Killer
Gallente
|
Posted - 2011.04.10 18:53:00 -
[454]
So let me get this straight: pointing out security flaws the size of the hole in the WTC and, granted, exploiting them a bit for the lulz (without afaik doing any serious damage, considering what he could have done with it and notifying you so it could be fixed), results in an account ban + IP ban. Meanwhile abusing exploits in the game client and rampant botting (often a combination of those two) is perfectly fine?
|
Ban Doga
|
Posted - 2011.04.10 18:54:00 -
[455]
Originally by: Furb Killer
So let me get this straight: pointing out security flaws the size of the hole in the WTC and, granted, exploiting them a bit for the lulz (without afaik doing any serious damage, considering what he could have done with it and notifying you so it could be fixed), results in an account ban + IP ban. Meanwhile abusing exploits in the game client and rampant botting (often a combination of those two) is perfectly fine?
We should probably ask The Monkeysphere, but I guess he would say not telling anything is better for your account...
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 18:58:00 -
[456]
Originally by: Furb Killer
So let me get this straight: pointing out security flaws the size of the hole in the WTC and, granted, exploiting them a bit for the lulz (without afaik doing any serious damage, considering what he could have done with it and notifying you so it could be fixed), results in an account ban + IP ban. Meanwhile abusing exploits in the game client and rampant botting (often a combination of those two) is perfectly fine?
Pointing out means TELLING us about it, he went beyond that, he EXPLOITED the vulnerability for his own gain (ego).
|
Elyssa MacLeod
|
Posted - 2011.04.10 18:59:00 -
[457]
Edited by: Elyssa MacLeod on 10/04/2011 19:04:25
Edited by: Elyssa MacLeod on 10/04/2011 19:01:55
Originally by: Barakkus
Originally by: Elyssa MacLeod
so miilla, what did they give you to turn you into a CCP kiss ass?
cause you used to be a rabblerouser lie the rest of us, now all you do in troll us and kiss CCP's ass.
It's called not acting like a teenager...which I'm shocked that Miilla isn't doing so, but whatever....
You can disagree, but doing so in the manner many posters do on these forums is juvenile and frankly a lot of people around here need to grow the **** up and act like adults for once in their lives. Being a complete ass because it makes you look kewl in the internet, and there's no one sitting there to punch you in the face is just ****ing stupid.
Yes and you look all the more grown up the more **** you can inject into your statement
Originally by: Copine Callmeknau
I like Sreegs, epic forum warrior willing to school the usual EVE trolls. Keep it up mate.
In other news, I have made this sig to commemorate CCP's epic achievements over the last few days.
Feel free to use it yourself, it's for all of EVE community, not just me.
lol
Originally by: Miilla
Originally by: Furb Killer
So let me get this straight: pointing out security flaws the size of the hole in the WTC and, granted, exploiting them a bit for the lulz (without afaik doing any serious damage, considering what he could have done with it and notifying you so it could be fixed), results in an account ban + IP ban. Meanwhile abusing exploits in the game client and rampant botting (often a combination of those two) is perfectly fine?
Pointing out means TELLING us about it, he went beyond that, he EXPLOITED the vulnerability for his own gain (ego).
ah I se so long as you dont tell anyone or stroke yer ego over it, you can exploit as much as you want lol
|
Kerrisone
|
Posted - 2011.04.10 19:03:00 -
[458]
Amazing 'shiny' didn't turn out so well did it?
|
Xendrais
|
Posted - 2011.04.10 19:06:00 -
[459]
Originally by: Akita T
Originally by: Spyke BlackIce
I usually keep my arse out of whine-fests, troll parades, and general rock throwing, but this fiasco warrants grabbing my pitchfork and joining the mob if only because of the fact that after the two test runs of the new forums, they were released not only with HUGE, wide-open security problems, but little if any of the testers' feedback was heeded. I took part in the first test run (unfortunately I couldn't find enough time due to RL issues to help with the second) but when the forums opened, I could only find a miniscule few examples of the user feedback actually being used. Why bother with tests CCP, if our input is thrown out and disregarded along with the garbage?
It is becoming obvious that someone in upper management doesn't have a clue. They want their new toys - the way it was designed, regardless of flaws and lack of features - out the door and to hell with what the customer wants, needs, envisions, or finds lacking, and worse, to hell with the silly 'polished' idea. "Get it out so that we can move onto the next new toy and we'll finish fixing it later (maybe)", seems to be this person's (or persons') motto.
I actually have a lot of respect for most of the dev teams at CCP, and I applaud their apology and acknowledgement of the problem here as well as their dropping back and punting the old forums into service again. Many companies (no *cough* *S.O.E* *cough* names here) would have taken the stoic, we-know-best-and-you-couldn't-grasp-the-issues route by simply reopening the old forums with a message along the lines of "Due to technical issues, we will be using the old forums until further notice." and that would be that. I'm not implying that the web team should not be tarred-and-feathered for this MAJOR coding ineptitude they called a forum, but I seriously believe the issue began and ended in the top echelon of management. Something this bad quite frankly should not have happened, not even in the devs' worse nightmares. The issue HAD to be a time/deadline/personnel squeeze. Plain and simple.
Quoted it all because it bears repeating several times over.
CCP needs to change its company leadership mindset.
The notion that "new features sell, polished content doesn't" will be the doom of EVE if it persists much longer.
I totally agree
|
mkint
|
Posted - 2011.04.10 19:10:00 -
[460]
Originally by: Miilla
Originally by: Furb Killer
So let me get this straight: pointing out security flaws the size of the hole in the WTC and, granted, exploiting them a bit for the lulz (without afaik doing any serious damage, considering what he could have done with it and notifying you so it could be fixed), results in an account ban + IP ban. Meanwhile abusing exploits in the game client and rampant botting (often a combination of those two) is perfectly fine?
Pointing out means TELLING us about it, he went beyond that, he EXPLOITED the vulnerability for his own gain (ego).
Would CCP have done anything if he didn't demonstrate it? Hell no. The entire web team is a complete failure and seriously needs to be fired. They haven't done a single piece of good work, but have instead screwed up over and over again, unapologetically putting client privacy at risk every single day, and now putting client security at risk. There is no excuse for it. They are not up to the job.
Also: surprise! Miilla is taking a contrarian position. Wonder why... troll much? Get a life.
|
|
|
Barakkus
|
Posted - 2011.04.10 19:11:00 -
[461]
Originally by: Elyssa MacLeod
Edited by: Elyssa MacLeod on 10/04/2011 19:04:25
Edited by: Elyssa MacLeod on 10/04/2011 19:01:55
Originally by: Barakkus
Originally by: Elyssa MacLeod
so miilla, what did they give you to turn you into a CCP kiss ass?
cause you used to be a rabblerouser lie the rest of us, now all you do in troll us and kiss CCP's ass.
It's called not acting like a teenager...which I'm shocked that Miilla isn't doing so, but whatever....
You can disagree, but doing so in the manner many posters do on these forums is juvenile and frankly a lot of people around here need to grow the **** up and act like adults for once in their lives. Being a complete ass because it makes you look kewl in the internet, and there's no one sitting there to punch you in the face is just ****ing stupid.
Yes and you look all the more grown up the more **** you can inject into your statement
lol umad?
-
-
[SERVICE] Corp Standings For POS anchoring
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 19:11:00 -
[462]
Edited by: Miilla on 10/04/2011 19:14:56
Originally by: mkint
Originally by: Miilla
Originally by: Furb Killer
So let me get this straight: pointing out security flaws the size of the hole in the WTC and, granted, exploiting them a bit for the lulz (without afaik doing any serious damage, considering what he could have done with it and notifying you so it could be fixed), results in an account ban + IP ban. Meanwhile abusing exploits in the game client and rampant botting (often a combination of those two) is perfectly fine?
Pointing out means TELLING us about it, he went beyond that, he EXPLOITED the vulnerability for his own gain (ego).
Would CCP have done anything if he didn't demonstrate it? Hell no. The entire web team is a complete failure and seriously needs to be fired. They haven't done a single piece of good work, but have instead screwed up over and over again, unapologetically putting client privacy at risk every single day, and now putting client security at risk. There is no excuse for it. They are not up to the job.
Also: surprise! Miilla is taking a contrarian position. Wonder why... troll much? Get a life.
Did I say just tell CCP I meant tell EVERYBODY, the PUBLIC. It is very easy to download YET and install it yourself and test your theory then view the source on your client browser to see if it is much different (and the files it poo poos for authentication). If he is really concerned, he can even submit a fix into the open source YET project tree or send the diff to the owners.
Test on your own machines, not in the cloud.
What is the BUG ID for this bug he submitted to CCP (aside from the email)?
|
Ban Doga
|
Posted - 2011.04.10 19:14:00 -
[463]
Originally by: Miilla
Edited by: Miilla on 10/04/2011 19:12:57
Originally by: mkint
Originally by: Miilla
Originally by: Furb Killer
So let me get this straight: pointing out security flaws the size of the hole in the WTC and, granted, exploiting them a bit for the lulz (without afaik doing any serious damage, considering what he could have done with it and notifying you so it could be fixed), results in an account ban + IP ban. Meanwhile abusing exploits in the game client and rampant botting (often a combination of those two) is perfectly fine?
Pointing out means TELLING us about it, he went beyond that, he EXPLOITED the vulnerability for his own gain (ego).
Would CCP have done anything if he didn't demonstrate it? Hell no. The entire web team is a complete failure and seriously needs to be fired. They haven't done a single piece of good work, but have instead screwed up over and over again, unapologetically putting client privacy at risk every single day, and now putting client security at risk. There is no excuse for it. They are not up to the job.
Also: surprise! Miilla is taking a contrarian position. Wonder why... troll much? Get a life.
Did I say just tell CCP I meant tell EVERYBODY, the PUBLIC. It is very easy to download YET and install it yourself and test your theory then view the source on your client browser to see if it is much different (and the files it poo poos for authentication). If he is really concerned, he can even submit a fix into the open source YET project tree or send the diff to the owners.
Test on your own machines, not in the cloud.
Maybe you should take a break.
This was 2/10.
At most.
|
Mangold
Mad Bombers
Merciless.
|
Posted - 2011.04.10 19:15:00 -
[464]
Is it safe to use my password on this forum?
Thank god I picked another one than in game...ohwait.
Remarkable incompetence in this security issue. I am amazed on how badly this is being handled. Last time I checked we are paying customers and this is not a proper way to tend to your customers.
|
Elyssa MacLeod
|
Posted - 2011.04.10 19:17:00 -
[465]
Originally by: Barakkus
lol umad?
lol 13 year old response from the guy crying how everyone else should be more mature?
no, not mad, pointing out funny ironies, and hippocracy apparently
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 19:18:00 -
[466]
Originally by: Ban Doga
Maybe you should take a break.
This was 2/10.
At most.
Didn't know we were keeping score. Do you keep little rage lists too?
|
Barakkus
|
Posted - 2011.04.10 19:19:00 -
[467]
Originally by: Elyssa MacLeod
Originally by: Barakkus
lol umad?
lol 13 year old response from the guy crying how everyone else should be more mature?
no, not mad, pointing out funny ironies, and hippocracy apparently
You fail at internet sarcasm.
Train reading comprehension to level 1 please.
-
-
[SERVICE] Corp Standings For POS anchoring
|
Bomberlocks
Minmatar
CTRL-Q
|
Posted - 2011.04.10 19:19:00 -
[468]
Originally by: Gnulpie
Man, jeez, give them folks at CCP some time to investigate what exactly happend, where the vulnerabilities are, what communication channels failed (if they failed) etc.
This takes time and such things can't be properly done in few hours!
You guys want thorough investigation and at the same time you want results, blogs and whatnot already yesterday. That's not working!
If there is still no public reply in a few days, THEN is the time to make a huge uproar, but for now let them do their work.
Ranting, venting anger and frustration is good and fine, but after that, let it go and calm down.
You mean the year that they took to reskin an open source forum, and rewrite the authentication code, the mythical 45 man years, wasn't enough??? What exactly were they doing in that time, because I don't think it was doing the graphics or coding?
|
Helicity Boson
Amarr
The Python Cartel.
The Defenders of Pen Island
|
Posted - 2011.04.10 19:20:00 -
[469]
I feel a little bad for flaming CCP Sreegs, it really isn't his fault.
But you know me, I get all worked up and stuff.
re: bannings.
I do think the ban is appropriate, whereas I only verified it was possible, I didn't go and USE the exploit. I blew the whistle instead, which was the right thing to do.
|
Ban Doga
|
Posted - 2011.04.10 19:20:00 -
[470]
Edited by: Ban Doga on 10/04/2011 19:20:20
Originally by: Miilla
Originally by: Ban Doga
Maybe you should take a break.
This was 2/10.
At most.
Didn't know we were keeping score. Do you keep little rage lists too?
How could we not keep score?
And what makes you think my rage list - IF I had one - would be little?
|
|
|
mkint
|
Posted - 2011.04.10 19:28:00 -
[471]
Originally by: Bomberlocks
Originally by: Gnulpie
Man, jeez, give them folks at CCP some time to investigate what exactly happend, where the vulnerabilities are, what communication channels failed (if they failed) etc.
This takes time and such things can't be properly done in few hours!
You guys want thorough investigation and at the same time you want results, blogs and whatnot already yesterday. That's not working!
If there is still no public reply in a few days, THEN is the time to make a huge uproar, but for now let them do their work.
Ranting, venting anger and frustration is good and fine, but after that, let it go and calm down.
You mean the year that they took to reskin an open source forum, and rewrite the authentication code, the mythical 45 man years, wasn't enough??? What exactly were they doing in that time, because I don't think it was doing the graphics or coding?
What were they doing? I thought it was pretty clear.
|
Elyssa MacLeod
|
Posted - 2011.04.10 19:29:00 -
[472]
Originally by: Helicity Boson
I feel a little bad for flaming CCP Sreegs, it really isn't his fault.
But you know me, I get all worked up and stuff.
re: bannings.
I do think the ban is appropriate, whereas I only verified it was possible, I didn't go and USE the exploit. I blew the whistle instead, which was the right thing to do.
whaaaaaaat helicity with a conscience? Tell me you got hacked an this really isnt you
|
Velicitia
Open Designs
|
Posted - 2011.04.10 19:50:00 -
[473]
Originally by: CCP Sreegs
Originally by: Sullen Skoung
Edited by: Sullen Skoung on 10/04/2011 17:21:43
Originally by: Hel O'Ween
And I remind you that Cat reported the issue first and then - when his warning got ignored - demonstrated it for all to see. This was the time CCP finally got the message and pulled the plug.
I think this is the part that Sreegs is trying to get us to prove
Nobody has to prove anything about anyone's actions on the forums I have full logs of everything.
[bitter eve vet] c'mon Sreegs, we all know the logs show nothing[/bitter]
I really hope the best to you guys in sorting this out... and that it prompts the teams to re-evaluate the "get it out there! they want shinies!" mentality that seems to have begun with CCP...
|
Teh Blade
|
Posted - 2011.04.10 19:53:00 -
[474]
Originally by: CCP Navigator
Thread has been cleaned up a little.
I wanted to quickly address one or two concerns, specifically over personal information and logins. At no stage were other players able to access your login, passwords, payment details or real life information.
CCP Sreegs has already stated that he is writing a blog on this subject and this is one of the things he will cover.
Given the rate to which CCP is failing every other week, full security compromise is just a matter of time bud. Just a matter of time. You might have dodged the bullet this time but with the level of incompetence demonstrated by your web developers is going to happen sooner rather than later. Thankfully my credit card company is protecting me from crap companies like CCP, this being the reason you still have that info in your database. |
Jon Taggart
State War Academy
|
Posted - 2011.04.10 20:01:00 -
[475]
Kudos to those who know what film this is from.
Player Base: CCP, we were supposed to be allowed to provide feedback on upcoming changes, but your devs won't listen to us.
CCP: Guys, guys, guys! We've been through this a dozen times. We take your opinions and ideas with due consideration, and because we don't make the changes you propose, doesn't mean we don't listen to you. OK guys?
Player Base: Then let us have a look around, so we can ease the player base's collective mind. I'm sorry, but we must be firm with you. Listen to us, or else.
CCP: Or else what?
Player Base: Or else we will be very angry with you... and we will write you forum posts, telling you how angry we are.
I'm not an alt |
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.10 20:02:00 -
[476]
Originally by: Jon Taggart
those who know what film this is from
Roooonery... soooo roooonery....
_
CCP LEADERSHIP MENTALITY NEEDS TO CHANGE FAST !
"New junky features sell, old polished content doesn't" ? KILL IT WITH FIRE. |
Barakkus
|
Posted - 2011.04.10 20:05:00 -
[477]
Originally by: Helicity Boson
I feel a little bad for flaming CCP Sreegs, it really isn't his fault.
But you know me, I get all worked up and stuff.
re: bannings.
I do think the ban is appropriate, whereas I only verified it was possible, I didn't go and USE the exploit. I blew the whistle instead, which was the right thing to do.
Regardless, I just have to say thanks for divulging exactly what was going on, most of us probably wouldn't have ever found out, and after reading your blog, regardless of what CCP has said I have some serious concerns over this mess.
I have faith though that they will fix it before they attempt to release again...especially after what exactly went wrong with their implementation of the forums ended up public.
-
-
[SERVICE] Corp Standings For POS anchoring
|
Helicity Boson
Amarr
The Python Cartel.
The Defenders of Pen Island
|
Posted - 2011.04.10 20:18:00 -
[478]
Originally by: Elyssa MacLeod
whaaaaaaat helicity with a conscience? Tell me you got hacked an this really isnt you
it's more likely than you think.
Heck, it's why I get so wound up to begin with.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 20:21:00 -
[479]
Originally by: Helicity Boson
Originally by: Elyssa MacLeod
whaaaaaaat helicity with a conscience? Tell me you got hacked an this really isnt you
it's more likely than you think.
Heck, it's why I get so wound up to begin with.
Miss Conscience would like to donate a Hulkageddon 4 medal? :)
|
mkint
|
Posted - 2011.04.10 20:32:00 -
[480]
Originally by: Barakkus
Originally by: Helicity Boson
I feel a little bad for flaming CCP Sreegs, it really isn't his fault.
But you know me, I get all worked up and stuff.
re: bannings.
I do think the ban is appropriate, whereas I only verified it was possible, I didn't go and USE the exploit. I blew the whistle instead, which was the right thing to do.
Regardless, I just have to say thanks for divulging exactly what was going on, most of us probably wouldn't have ever found out, and after reading your blog, regardless of what CCP has said I have some serious concerns over this mess.
I have faith though that they will fix it before they attempt to release again...especially after what exactly went wrong with their implementation of the forums ended up public.
What you don't seem to be getting, and CCP probably won't acknowledge at any level, is that this isn't "a problem." It's a system of problems, and this is just another manifestation of it. What will happen is CCP is going to go "whoops" and patch it and carry on until the next "whoops" moment is even bigger and starts leading to class action lawsuits, the company gets turned into a red tape bureaucracy (which would destroy the company incidentally) because it can't be trusted to exist in any other form. Yes, the web programmers are completely incompetent, but that just reflects on the corporate officers for having an incompetent business process.
|
|
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 20:37:00 -
[481]
Edited by: Miilla on 10/04/2011 20:57:16
Originally by: mkint
Originally by: Barakkus
Originally by: Helicity Boson
I feel a little bad for flaming CCP Sreegs, it really isn't his fault.
But you know me, I get all worked up and stuff.
re: bannings.
I do think the ban is appropriate, whereas I only verified it was possible, I didn't go and USE the exploit. I blew the whistle instead, which was the right thing to do.
Regardless, I just have to say thanks for divulging exactly what was going on, most of us probably wouldn't have ever found out, and after reading your blog, regardless of what CCP has said I have some serious concerns over this mess.
I have faith though that they will fix it before they attempt to release again...especially after what exactly went wrong with their implementation of the forums ended up public.
What you don't seem to be getting, and CCP probably won't acknowledge at any level, is that this isn't "a problem." It's a system of problems, and this is just another manifestation of it. What will happen is CCP is going to go "whoops" and patch it and carry on until the next "whoops" moment is even bigger and starts leading to class action lawsuits, the company gets turned into a red tape bureaucracy (which would destroy the company incidentally) because it can't be trusted to exist in any other form. Yes, the web programmers are completely incompetent, but that just reflects on the corporate officers for having an incompetent business process.
You do know corporate world is just full of Yes Sir or your out. I worked at Microsoft for many years, all bull****, why? cuz they pay me. and I like being paid. You think we give a crap about it? Hell no. Its all about our "career profiles". Once you hit management it is about, delivering, not nuts and bolts, and rightly so, you deliver a good enough product to market, fix it later. That is reality. Its not an engineers business world, its a business business world, usually budget and more specifically DATE DRIVEN.
A company doesn't need 100 or 200 architects (chefs) or 100 or 200 specialists they just need a few of each domain and the rest cooks.
That is the problem with so many technology companies claiming to hire the best, they want all Chefs but not enough cooks. That is certinally the problem at MSFT, a revolving door HR policy lol. Been there done that. Woke up :)
|
Elyssa MacLeod
|
Posted - 2011.04.10 21:18:00 -
[482]
Funny thing about the deliver now patch later thing. Eventually, ppl stop paying for crap.
Then how do you deliver when noone's buying your product?
and before you start on something about M$, CCP aint M$ and Im talking about CCP
|
Jon Taggart
State War Academy
|
Posted - 2011.04.10 21:18:00 -
[483]
I'm surprised the CSM haven't been more vocal about this whole affair. I remember a letter was posted from CSM5 some weeks ago, but nothing recent.
I'm not an alt |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 21:19:00 -
[484]
Edited by: Miilla on 10/04/2011 21:23:36
Originally by: Jon Taggart
I'm surprised the CSM haven't been more vocal about this whole affair. I remember a letter was posted from CSM5 some weeks ago, but nothing recent.
CSM is a Customer PR Horse and Pony roadshow lol.
Come on, wake up.
|
Jon Taggart
State War Academy
|
Posted - 2011.04.10 21:21:00 -
[485]
Originally by: Miilla
Originally by: Jon Taggart
I'm surprised the CSM haven't been more vocal about this whole affair. I remember a letter was posted from CSM5 some weeks ago, but nothing recent.
CSM is a Customer PR roadshow lol.
Come on, wake up.
My point was more of a ponderous regarding a lack of response. Nothing really to read into.
I'm not an alt |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 21:22:00 -
[486]
Originally by: Elyssa MacLeod
Funny thing about the deliver now patch later thing. Eventually, ppl stop paying for crap.
Then how do you deliver when noone's buying your product?
and before you start on something about M$, CCP aint M$ and Im talking about CCP
So why are YOU here if you didn't buy it?
I did, a lot of people here did, doesn't matter what you PAID whether in PLEX; Time, USD, GBP EURO etc, you all paid for it. You invested time at the very very least, and you know you want to keep going, at least until something more exciting comes along. You know it, you don't fool me, so quit fooling yourself.
|
sableye
principle of motion
|
Posted - 2011.04.10 21:56:00 -
[487]
anyone got a copy of that banner they put on eve client to advertise the new forums the one with unicorns want to keep a copy for memories.
-----------------------------------------
View The North Star! In All Its Glory!!
|
Elyssa MacLeod
|
Posted - 2011.04.10 22:02:00 -
[488]
Originally by: Miilla
Are you still running Windows? Did you eventually stop paying for crap? I'm guessing NO :) I didn't either. The difference between me and you is I am not full of bull****, I know bull**** when I see it but speak it straight up and bluntly.
try reading the second half of my statement please... the part where I told you NOT to bring up microsoft cause CCP AINT M$
And yea, I know bull**** too and its in like every troll I see you try
kiss CCPs ass some more lol
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 22:03:00 -
[489]
Edited by: Miilla on 10/04/2011 22:03:39
Originally by: Elyssa MacLeod
Originally by: Miilla
Are you still running Windows? Did you eventually stop paying for crap? I'm guessing NO :) I didn't either. The difference between me and you is I am not full of bull****, I know bull**** when I see it but speak it straight up and bluntly.
try reading the second half of my statement please... the part where I told you NOT to bring up microsoft cause CCP AINT M$
And yea, I know bull**** too and its in like every troll I see you try
kiss CCPs ass some more lol
Different in name I agree yes.
So, if you stopped paying for crap, why are you still here? That part I don't understand. Please explain.
|
Elyssa MacLeod
|
Posted - 2011.04.10 22:05:00 -
[490]
Originally by: Miilla
Edited by: Miilla on 10/04/2011 22:03:39
Originally by: Elyssa MacLeod
Originally by: Miilla
Are you still running Windows? Did you eventually stop paying for crap? I'm guessing NO :) I didn't either. The difference between me and you is I am not full of bull****, I know bull**** when I see it but speak it straight up and bluntly.
try reading the second half of my statement please... the part where I told you NOT to bring up microsoft cause CCP AINT M$
And yea, I know bull**** too and its in like every troll I see you try
kiss CCPs ass some more lol
Different in name I agree yes.
So, if you stopped paying for crap, why are you still here? That part I don't understand. Please explain.
k, I didnt know that when you stopped paying they cut off your game and forum access instantly
oh wait they dont
lol troll more buddy
|
|
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 22:07:00 -
[491]
Originally by: Elyssa MacLeod
Originally by: Miilla
Edited by: Miilla on 10/04/2011 22:03:39
Originally by: Elyssa MacLeod
Originally by: Miilla
Are you still running Windows? Did you eventually stop paying for crap? I'm guessing NO :) I didn't either. The difference between me and you is I am not full of bull****, I know bull**** when I see it but speak it straight up and bluntly.
try reading the second half of my statement please... the part where I told you NOT to bring up microsoft cause CCP AINT M$
And yea, I know bull**** too and its in like every troll I see you try
kiss CCPs ass some more lol
Different in name I agree yes.
So, if you stopped paying for crap, why are you still here? That part I don't understand. Please explain.
k, I didnt know that when you stopped paying they cut off your game and forum access instantly
oh wait they dont
lol troll more buddy
Sounds like something they should do, when customers cancel their accounts, cut off their forum posting rights too.
Don't want ghost posting eh.
|
Elyssa MacLeod
|
Posted - 2011.04.10 22:08:00 -
[492]
Yeah I actually agree. Itd show the ppl actually quitting vs those that put up those bull**** "IM RAGEQUITTING QQQQQQQQQ" threads then spend the next two years posting lol
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 22:09:00 -
[493]
Originally by: Elyssa MacLeod
Yeah I actually agree. Itd show the ppl actually quitting vs those that put up those bull**** "IM RAGEQUITTING QQQQQQQQQ" threads then spend the next two years posting lol
So why are you still here?
|
Elyssa MacLeod
|
Posted - 2011.04.10 22:11:00 -
[494]
Edited by: Elyssa MacLeod on 10/04/2011 22:12:11
Originally by: Miilla
Originally by: Elyssa MacLeod
Yeah I actually agree. Itd show the ppl actually quitting vs those that put up those bull**** "IM RAGEQUITTING QQQQQQQQQ" threads then spend the next two years posting lol
So why are you still here?
When did I say "IM RAGEQUITTING QQQQQQQQQ"
Cause I dont think I did, I just said I stopped PAYING for the game. I can still play fine till my time runs out lol
and Im still HERE as apparently trollery isnt against the rules here cause if it was you and I both would be banned
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 22:12:00 -
[495]
Originally by: Elyssa MacLeod
Originally by: Miilla
Originally by: Elyssa MacLeod
Yeah I actually agree. Itd show the ppl actually quitting vs those that put up those bull**** "IM RAGEQUITTING QQQQQQQQQ" threads then spend the next two years posting lol
So why are you still here?
When did I say "IM RAGEQUITTING QQQQQQQQQ"
Cause I dont think I did, I just said I stopped PAYING for the game. I can still play fine till my time runs out lol
You still paid.
Please tell us when your time runs out, I want to check your gone.
|
Elyssa MacLeod
|
Posted - 2011.04.10 22:13:00 -
[496]
Edited by: Elyssa MacLeod on 10/04/2011 22:14:07
Originally by: Miilla
Originally by: Elyssa MacLeod
Originally by: Miilla
Originally by: Elyssa MacLeod
Yeah I actually agree. Itd show the ppl actually quitting vs those that put up those bull**** "IM RAGEQUITTING QQQQQQQQQ" threads then spend the next two years posting lol
So why are you still here?
When did I say "IM RAGEQUITTING QQQQQQQQQ"
Cause I dont think I did, I just said I stopped PAYING for the game. I can still play fine till my time runs out lol
You still paid.
Please tell us when your time runs out, I want to check your gone.
so.... if you EVER paid you cant say that ppl will stop paying for the product? by that logic ppl are still playing Hellgate london
Id ask why are you still here but I already know the answer:
you get paid for it: as evidenced by your overnight 180 lol
|
Erichk Knaar
Caldari
Noir.
Noir. Mercenary Group
|
Posted - 2011.04.10 22:14:00 -
[497]
Originally by: Miilla
Sounds like something they should do, when customers cancel their accounts, cut off their forum posting rights too.
Don't want ghost posting eh.
Oh lordy, I'm agreeing with it.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 22:16:00 -
[498]
Originally by: Elyssa MacLeod
so.... if you EVER paid you cant say that ppl will stop paying for the product? by that logic ppl are still playing Hellgate london
So, you're not leaving are you? It was all just twisted garbled balloney to suit your flappy gob.
|
Elyssa MacLeod
|
Posted - 2011.04.10 22:17:00 -
[499]
Originally by: Erichk Knaar
Originally by: Miilla
Sounds like something they should do, when customers cancel their accounts, cut off their forum posting rights too.
Don't want ghost posting eh.
Oh lordy, I'm agreeing with it.
Funny how I agreed an its still trollin me lol
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 22:18:00 -
[500]
Originally by: Elyssa MacLeod
Edited by: Elyssa MacLeod on 10/04/2011 22:17:56
Originally by: Erichk Knaar
Originally by: Miilla
Sounds like something they should do, when customers cancel their accounts, cut off their forum posting rights too.
Don't want ghost posting eh.
Oh lordy, I'm agreeing with it.
Funny how I agreed an its still trollin me lol
quote=Miilla] Originally by: Elyssa MacLeod
so.... if you EVER paid you cant say that ppl will stop paying for the product? by that logic ppl are still playing Hellgate london
So, you're not leaving are you? It was all just twisted garbled balloney to suit your flappy gob.
lol... just lol
Im feedin the troll but I wanna see what comes out next
man you got me laughin tho
You don't understand trolling do you.
|
|
|
Elyssa MacLeod
|
Posted - 2011.04.10 22:20:00 -
[501]
Originally by: Miilla
You don't understand trolling do you.
Guess not as yer sposed to be ****in me ofs but all yer doin is making me laugh lol
so who fails in that case? Guess its both of us lol
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 22:21:00 -
[502]
Originally by: Elyssa MacLeod
Originally by: Miilla
You don't understand trolling do you.
Guess not as yer sposed to be ****in me ofs but all yer doin is making me laugh lol
so who fails in that case? Guess its both of us lol
Not at all, I always win and I'm always right, read my bio.
|
Calathea Sata
State War Academy
|
Posted - 2011.04.10 22:22:00 -
[503]
Originally by: Miilla
Originally by: Elyssa MacLeod
Originally by: Miilla
You don't understand trolling do you.
Guess not as yer sposed to be ****in me ofs but all yer doin is making me laugh lol
so who fails in that case? Guess its both of us lol
Not at all, I always win and I'm always right, read my bio.
*puts up a sticker of troll warning*
|
Elyssa MacLeod
|
Posted - 2011.04.10 22:24:00 -
[504]
Originally by: Calathea Sata
*puts up a sticker of troll warning*
Is it still trolling if you fail to **** ppl off and just babble about gobs and stuff? lol
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 22:24:00 -
[505]
Originally by: Elyssa MacLeod
Originally by: Calathea Sata
*puts up a sticker of troll warning*
Is it still trolling if you fail to **** ppl off and just babble about gobs and stuff? lol
What is that on your head? Looks like a dead skunk.
|
Elyssa MacLeod
|
Posted - 2011.04.10 22:27:00 -
[506]
Originally by: Miilla
Originally by: Elyssa MacLeod
Originally by: Calathea Sata
*puts up a sticker of troll warning*
Is it still trolling if you fail to **** ppl off and just babble about gobs and stuff? lol
What is that on your head? Looks like a dead skunk.
Is that REALLY what youve been reduced to?
roflmao
Take 15 minutes off an come up with something good please
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.10 22:28:00 -
[507]
Originally by: Elyssa MacLeod
Originally by: Miilla
Originally by: Elyssa MacLeod
Originally by: Calathea Sata
*puts up a sticker of troll warning*
Is it still trolling if you fail to **** ppl off and just babble about gobs and stuff? lol
What is that on your head? Looks like a dead skunk.
Is that REALLY what youve been reduced to?
roflmao
Take 15 minutes off an come up with something good please
Well, that's what the skunk looks like it's been reduced to.
|
p0rkch0pz and applesauce
|
Posted - 2011.04.10 23:04:00 -
[508]
Originally by: Elyssa MacLeod
Originally by: Calathea Sata
*puts up a sticker of troll warning*
Is it still trolling if you fail to **** ppl off and just babble about gobs and stuff? lol
I dunno u sound mad bro
|
Sullen Skoung
|
Posted - 2011.04.10 23:17:00 -
[509]
I found something more fail than CCP's fiasco
----------------------------------------
CCP Forum fail ALMOST as much fail as this:
http://www.youtube.com/watch?v=hnZb5wi_jsU |
Calathea Sata
State War Academy
|
Posted - 2011.04.10 23:26:00 -
[510]
Originally by: Sullen Skoung
I found something more fail than CCP's fiasco
what is it
|
|
|
Barakkus
|
Posted - 2011.04.10 23:30:00 -
[511]
Originally by: Sullen Skoung
I found something more fail than CCP's fiasco
Lol, yeah I've seen that one.
@Calthea, turn on forum sigs, it's in his sig.
Btw, police in Chicago regularly steal drugs from people they bust, they just don't do the drugs they resell them themselves.
-
-
[SERVICE] Corp Standings For POS anchoring
|
Sullen Skoung
|
Posted - 2011.04.10 23:33:00 -
[512]
Originally by: Calathea Sata
Originally by: Sullen Skoung
I found something more fail than CCP's fiasco
what is it
http://www.youtube.com/watch?v=hnZb5wi_jsU
----------------------------------------
CCP Forum fail ALMOST as much fail as this:
http://www.youtube.com/watch?v=hnZb5wi_jsU |
Calathea Sata
State War Academy
|
Posted - 2011.04.10 23:39:00 -
[513]
Oh I see it now
|
Sullen Skoung
|
Posted - 2011.04.10 23:40:00 -
[514]
Edited by: Sullen Skoung on 10/04/2011 23:40:15
Yeah I fail in that I forgot to put it in URL
Edit: fixt
----------------------------------------
CCP Forum fail ALMOST as much fail as this:
http://www.youtube.com/watch?v=hnZb5wi_jsU |
Linda Shadowborn
Gallente
Dark Steel Industries
|
Posted - 2011.04.11 00:36:00 -
[515]
Originally by: Helicity Boson
Edited by: Helicity Boson on 10/04/2011 14:54:40
You're also being lied to.
While your customer data over at CCP was indeed safe, the new forums put everyone that visited them at risk.
Saying we were completely safe is, demonstrably, FALSE.
I've written up a blog post on the subject here: http://www.machine9.net/blog/?p=592
After posting this, I suspect this will mean goodbye for me, so let me just preemptively state that I will miss you all, and for all your flaws you ARE the best game community in the world.
*internet hugs for that*
|
Elyssa MacLeod
|
Posted - 2011.04.11 00:39:00 -
[516]
Originally by: Linda Shadowborn
Originally by: Helicity Boson
Edited by: Helicity Boson on 10/04/2011 14:54:40
You're also being lied to.
While your customer data over at CCP was indeed safe, the new forums put everyone that visited them at risk.
Saying we were completely safe is, demonstrably, FALSE.
I've written up a blog post on the subject here: http://www.machine9.net/blog/?p=592
After posting this, I suspect this will mean goodbye for me, so let me just preemptively state that I will miss you all, and for all your flaws you ARE the best game community in the world.
*internet hugs for that*
lol tho; even CCP doesnt dare **** with Helicity Boson
|
Vaerah Vahrokha
Minmatar
Vahrokh Consulting
|
Posted - 2011.04.11 00:58:00 -
[517]
Edited by: Vaerah Vahrokha on 11/04/2011 00:58:36
Originally by: CCP Sreegs
I was a player for a long time. When I joined the company I removed a bunch of people from IM and had to leave the game as per policy. No huge mystery there.
It has to suck that everyone else, even the bitter vets and the ranters may play EvE as much as they want and you cannot any more.
How do you manage to never play again the game that has been your companion for years?
Auditing | Research | 3rd Party | Collateral Holding | EvE RL Charity |
Kengutsi Akira
|
Posted - 2011.04.11 01:13:00 -
[518]
Originally by: Vaerah Vahrokha
Edited by: Vaerah Vahrokha on 11/04/2011 00:58:36
Originally by: CCP Sreegs
I was a player for a long time. When I joined the company I removed a bunch of people from IM and had to leave the game as per policy. No huge mystery there.
It has to suck that everyone else, even the bitter vets and the ranters may play EvE as much as they want and you cannot any more.
How do you manage to never play again the game that has been your companion for years?
Since when can CCP not play eve? Of course the fact that CCP were in high positions in the highest corps was a main point on contention in the T20 incident, I wasnt aware that theyd banned CCP from playing now
------------------------------------
"You know, my foot oughta vandilize your ass" |
Myra2007
Millstone Industries
|
Posted - 2011.04.11 01:30:00 -
[519]
I would assume that they have to stop playing on their normal player characters. I can't imagine that they would not play their own game at all. Pretty sure I've seen numerous devs say they still play the game.
--
Originally by: CCP Elais
It was a great Frankenstein moment [...] to see the forum [...] come alive.
|
Steve Thomas
Minmatar
Sebiestor Tribe
|
Posted - 2011.04.11 01:30:00 -
[520]
Originally by: CCP Navigator
Thread has been cleaned up a little.
I wanted to quickly address one or two concerns, specifically over personal information and logins. At no stage were other players able to access your login, passwords, payment details or real life information.
CCP Sreegs has already stated that he is writing a blog on this subject and this is one of the things he will cover.
... ok as mutch as it may pain a lot of the comunity... im gona have to say this
Less bloging, more working. you can blog when the job is done.
.
.end of line.
Originally by: Steve Thomas
Originally by: CCP Sreegs
My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
And that is literaly ALL |
|
|
Steve Thomas
Minmatar
Sebiestor Tribe
|
Posted - 2011.04.11 01:35:00 -
[521]
Originally by: CCP Sreegs
My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
And that is literaly ALL you need to put in tomorows blog at this point.
and yes you can bloody quote me on that.
.
.end of line.
Originally by: Steve Thomas
Originally by: CCP Sreegs
My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
And that is literaly ALL |
Kengutsi Akira
|
Posted - 2011.04.11 01:42:00 -
[522]
Edited by: Kengutsi Akira on 11/04/2011 01:43:33
Originally by: Myra2007
I would assume that they have to stop playing on their normal player characters. I can't imagine that they would not play their own game at all. Pretty sure I've seen numerous devs say they still play the game.
lol like T20
yeah I know, its old, still funny tho
Originally by: Steve Thomas
Originally by: CCP Sreegs
My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
And that is literaly ALL you need to put in tomorows blog at this point.
and yes you can bloody quote me on that.
please please pleeeeease do that sreegs, I wanna see the heads explode.
an you failed at quoting yourself in your sig
------------------------------------
"You know, my foot oughta vandilize your ass" |
Steve Thomas
Minmatar
Sebiestor Tribe
|
Posted - 2011.04.11 01:49:00 -
[523]
Originally by: CCP Sreegs
Edited by: CCP Sreegs on 10/04/2011 16:20:34
Originally by: Helicity Boson
Edited by: Helicity Boson on 10/04/2011 14:54:40
You're also being lied to.
While your customer data over at CCP was indeed safe, the new forums put everyone that visited them at risk.
Saying we were completely safe is, demonstrably, FALSE.
I've written up a blog post on the subject here: http://www.machine9.net/blog/?p=592
After posting this, I suspect this will mean goodbye for me, so let me just preemptively state that I will miss you all, and for all your flaws you ARE the best game community in the world.
There are 3 problems with your post.
A) It's premature, pending investigation but from what I recall though the signatures would allow HTML you could not execute script, which kills a lot of your assertions.
B) We are in the process of conducting an investigation, but thus far it appears that nobody was doing anything that could put even people's cookies at risk, much less key logging.
C) We don't ban people for having opinions. Even when they're wrong. (or rude)
A) it would have *theoreticaly* been able to execute script on any pre Vista PC with IE 7 or 8, I dont think its an issue with IE9 on any operating system.
the real problem however was with the ability to log in as anyone or create-edit posts as anyone, someone who was seriously being malicious would not have even needed to do that. just go in and redirect one of the links you have set up to one of the clone sights, considering that I was aparently directed to the eve sight via that popup Warning about leaving eve I have to wonder if thats what happend with some of the edits
.
.end of line.
Originally by: Steve Thomas
Originally by: CCP Sreegs
My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
And that is literaly ALL |
Kengutsi Akira
|
Posted - 2011.04.11 01:50:00 -
[524]
fix your sig O.o if youre gonna quote yourself, you might as well do it right, yes?
------------------------------------
"You know, my foot oughta vandilize your ass" |
Steve Thomas
Minmatar
Sebiestor Tribe
|
Posted - 2011.04.11 01:56:00 -
[525]
Originally by: Kengutsi Akira
fix your sig O.o if youre gonna quote yourself, you might as well do it right, yes?
I tried to three times now, let me try it again
.
.end of line.
Originally by: Steve Thomas
Originally by: CCP Sreegs
My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
And that is literaly ALL |
Kengutsi Akira
|
Posted - 2011.04.11 01:59:00 -
[526]
Edited by: Kengutsi Akira on 11/04/2011 01:59:50
It ends on "and that is literally ALL"
edit: hey, there you go
------------------------------------
"You know, my foot oughta vandilize your ass" |
Steve Thomas
Minmatar
Sebiestor Tribe
|
Posted - 2011.04.11 02:00:00 -
[527]
well I think its clear enough.
Originally by: CCP Sreegs
My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
And that is literaly ALL you need to put in tomorows blog.
|
Kengutsi Akira
|
Posted - 2011.04.11 02:02:00 -
[528]
He really should put out a one line blog. With all the hype he's put into it, Is love to see the flamewar that would start and all the ppls' heads exploding lol
------------------------------------
"You know, my foot oughta vandilize your ass" |
Steve Thomas
Minmatar
Sebiestor Tribe
|
Posted - 2011.04.11 02:05:00 -
[529]
Originally by: Kengutsi Akira
Edited by: Kengutsi Akira on 11/04/2011 01:43:33
Originally by: Myra2007
I would assume that they have to stop playing on their normal player characters. I can't imagine that they would not play their own game at all. Pretty sure I've seen numerous devs say they still play the game.
lol like T20
yeah I know, its old, still funny tho
Originally by: Steve Thomas
Originally by: CCP Sreegs
My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
And that is literaly ALL you need to put in tomorows blog at this point.
and yes you can bloody quote me on that.
please please pleeeeease do that sreegs, I wanna see the heads explode.
an you failed at quoting yourself in your sig
My point is to not make heads explode.
my point is that people whos job is network security need to not blog about what they do for a living in excruceating detail.
Originally by: CCP Sreegs
My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
And that is literaly ALL you need to put in tomorows blog.
|
Kengutsi Akira
|
Posted - 2011.04.11 02:07:00 -
[530]
Your point is beside the point. Whether or not you meant for it to happen, if he resposted that, a veritable flamestorm wouldrage all over the forums and there WOULD be heads a splodin and ID be laughing my ass of at it all.
------------------------------------
"You know, my foot oughta vandilize your ass" |
|
|
Steve Thomas
Minmatar
Sebiestor Tribe
|
Posted - 2011.04.11 02:44:00 -
[531]
Edited by: Steve Thomas on 11/04/2011 02:45:41
Originally by: Kengutsi Akira
Edited by: Kengutsi Akira on 11/04/2011 02:35:14
Edited by: Kengutsi Akira on 11/04/2011 02:07:46
Your point is beside the point. Whether or not you meant for it to happen, if he resposted that, a veritable flamestorm would rage all over the forums and there WOULD be heads a-splodin and ID be laughing my ass of at it all.
Basicaly what I mean is that right now at most he should just put up something like
this
not
this
untill they have had time to lock things down, find out what exactly happend, and then run it by CSM first then the rest of us. After all that WAS the original idea behind CSM in the first place.
Originally by: CCP Sreegs
My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
|
Kengutsi Akira
|
Posted - 2011.04.11 03:22:00 -
[532]
actually no it wasnt
CSM's ORIGINAL reason for being was to send those guys to Iceland to work as a watchdog group to make sure CCP was staying legit. But that is of course impossible lol
------------------------------------
"You know, my foot oughta vandilize your ass" |
Maplestone
|
Posted - 2011.04.11 03:33:00 -
[533]
Nothing good can come from allowing users to include raw HTML in a post.
|
Steve Thomas
Minmatar
Sebiestor Tribe
|
Posted - 2011.04.11 03:40:00 -
[534]
Originally by: Kengutsi Akira
Edited by: Kengutsi Akira on 11/04/2011 03:31:31
Edited by: Kengutsi Akira on 11/04/2011 03:30:26
actually no it wasnt
CSM's ORIGINAL reason for being was to send those guys to Iceland to work as a watchdog group to make sure CCP was staying legit. But that is of course impossible lol
Then after they figured out it was impossible, they started the bull**** suggestions forum crap that it is now.
In fact, I remember the tag line on the forums back then being that we knew T20 would never happen again cause we'd have the CSM to keep em straight. Yeah ppl BOUGHT that crap back then lol
my point was that CSM does a fairly good job (all things considered) when they are part of the information loop on things like this. they have been able to have a level of comunication on issues that come up without the flamefest that the forums can become
Originally by: CCP Sreegs
My job is security therefore that's what I blog about. The reason we shut down the forums was security related.
|
Kengutsi Akira
|
Posted - 2011.04.11 03:41:00 -
[535]
Edited by: Kengutsi Akira on 11/04/2011 03:43:27
Originally by: Steve Thomas
Originally by: Kengutsi Akira
Edited by: Kengutsi Akira on 11/04/2011 03:31:31
Edited by: Kengutsi Akira on 11/04/2011 03:30:26
actually no it wasnt
CSM's ORIGINAL reason for being was to send those guys to Iceland to work as a watchdog group to make sure CCP was staying legit. But that is of course impossible lol
Then after they figured out it was impossible, they started the bull**** suggestions forum crap that it is now.
In fact, I remember the tag line on the forums back then being that we knew T20 would never happen again cause we'd have the CSM to keep em straight. Yeah ppl BOUGHT that crap back then lol
my point was that CSM does a fairly good job (all things considered) when they are part of the information loop on things like this. they have been able to have a level of comunication on issues that come up without the flamefest that the forums can become
I thought when they object to the information given they get slapped with NDCs so they cant tell anyone about what they were told, like that one over what is rumored to be MT issues
and given how many of the CSM this time are Goonfleet are we really expecting anything positive to come from them? They may have done good things with the game but their main objective in this game has been to break it. lol The only reason I think they have so much presence here is theyre allowed to get away with more here than pretty much anywhere else
------------------------------------
"You know, my foot oughta vandilize your ass" |
Yuki Kulotsuki
|
Posted - 2011.04.11 04:00:00 -
[536]
Originally by: Kengutsi Akira
They may have done good things with the game but their main objective in this game has been to break it.
Not quite.
Originally by: Darius JOHNSON CCP Screegs
The idea that people have is that we are out to destroy the game.
...
At the end of the day our goal is to destroy your game.
--
There's a place called kugutsumen.com but don't go there. It's icky. |
Kengutsi Akira
|
Posted - 2011.04.11 04:27:00 -
[537]
Edited by: Kengutsi Akira on 11/04/2011 04:32:34
Edited by: Kengutsi Akira on 11/04/2011 04:30:15
Edited by: Kengutsi Akira on 11/04/2011 04:28:20
given that the game is our game I dont see the difference
theyre out to break it period, and if sreegs IS dude from Goonfleet, thats just a big sign theyre done with this game and moving on to WoD lol
honestly though, when they invaded STO early on and did everything they could to break THAT game too including turning non PVP areas into a PVP areas, the "we're not out to break the game" was shown as the bull**** that it is lol
PLEASE tell me that was meant in sarcasm lol
------------------------------------
"You know, my foot oughta vandilize your ass" |
Yuki Kulotsuki
|
Posted - 2011.04.11 04:53:00 -
[538]
You know soundwave used to be goon director too right?
Here's most of the reply to the question if goons are trying to break eve. Link.
--
There's a place called kugutsumen.com but don't go there. It's icky. |
Calathea Sata
State War Academy
|
Posted - 2011.04.11 04:55:00 -
[539]
Originally by: Yuki Kulotsuki
You know soundwave used to be goon director too right?
Here's most of the reply to the question if goons are trying to break eve. Link.
I'm suprised that I'm not entirely suprised at the conspiracies hinted above.
|
Better Than You
|
Posted - 2011.04.11 05:01:00 -
[540]
So basically goons have always had it out to ruin this game. Now that Darius, ex-ceo of goonswarm, is in charge of security at CCP, it looks like they get to do exactly that.
Way to let the fox in the hen house CCP.
-
**Friendship will always trump the desire to fight!** |
|
|
Kengutsi Akira
|
Posted - 2011.04.11 05:04:00 -
[541]
lol nice hat... cant say that goonfleet running the game is a good thing. It still reeks of the lunatics running the asylum.
------------------------------------
"You know, my foot oughta vandilize your ass" |
Calathea Sata
State War Academy
|
Posted - 2011.04.11 05:05:00 -
[542]
Well Goons or no Goons I think EVE is already on its way into the abyss. It's jumped off the edge and slow motion flying in mid air now.
|
Kengutsi Akira
|
Posted - 2011.04.11 05:08:00 -
[543]
Edited by: Kengutsi Akira on 11/04/2011 05:11:34
Originally by: Better Than You
So basically goons have always had it out to ruin this game. Now that Darius, ex-ceo of goonswarm, is in charge of security at CCP, it looks like they get to do exactly that.
Way to let the fox in the hen house CCP.
Its actually better than that lol
What did they do to BoB? They infiltrated their corp and disbanded it... this is just life imitating art lol
An "what do they get for destroying the game"? Fame and lolz an thats all they seem to be out for anyways lol
------------------------------------
"You know, my foot oughta vandilize your ass" |
Ambein Flambein
352 Industries
|
Posted - 2011.04.11 05:32:00 -
[544]
so the goons metagaming division is now infiltrating ccp? they finally decicded to stop ****ing around with infiltrating ingame corps and went straight for the source of the game. they might **** the game completely, but i cant help but sit back, grab some popcorn and watch the drama unfold. and if tghey actually manage to make the game better for the rest of us while making **** more fun for their "former" corpmates, then so much the better.
______________________________________________
Sig is Broken |
Kengutsi Akira
|
Posted - 2011.04.11 05:38:00 -
[545]
Originally by: Ambein Flambein
so the goons metagaming division is now infiltrating ccp? they finally decicded to stop ****ing around with infiltrating ingame corps and went straight for the source of the game. they might **** the game completely, but i cant help but sit back, grab some popcorn and watch the drama unfold. and if tghey actually manage to make the game better for the rest of us while making **** more fun for their "former" corpmates, then so much the better.
well, most of the ppl voted Goons into the CSM for the same reason: fix it or burn it to the ground lol
I cant say which Id prefer honestly
------------------------------------
"You know, my foot oughta vandilize your ass" |
Jada Maroo
|
Posted - 2011.04.11 05:47:00 -
[546]
All they really did was make it certain that the CSM would be taken even less seriously than it was before. It was a fabulous troll by the Goons, don't get me wrong, but it's a wasted year.
|
Kengutsi Akira
|
Posted - 2011.04.11 05:48:00 -
[547]
Originally by: Jada Maroo
but it's a wasted year.
The whole of the CSM IS a waste lol
Not JUST this group of them
------------------------------------
"You know, my foot oughta vandilize your ass" |
Ambein Flambein
352 Industries
|
Posted - 2011.04.11 05:52:00 -
[548]
Originally by: Jada Maroo
All they really did was make it certain that the CSM would be taken even less seriously than it was before. It was a fabulous troll by the Goons, don't get me wrong, but it's a wasted year.
and yet clearly the other power blocs ingame arent that concered abotu goons running csm or they would have put some actual effort into getting thier members to vote for someoen other than goons.
besides, i think themittani coudl actually do the csm some good, afterall as a lawyer he'll know if ccp is trying to throw bull**** at them, so hopefully it will keep ccp honest
______________________________________________
Sig is Broken |
Yuki Kulotsuki
|
Posted - 2011.04.11 05:52:00 -
[549]
I seem to remember part of the stated reason for the bloc vote this year was:
Lulz.
CCP is a strategic thread to 0.0 sov.
Trolling pubbies.
CSM 5 actually mattered this time and no one from 0.0 was there to curb check really dumb decisions.
Making SHC posters froth at the mouth.
--
There's a place called kugutsumen.com but don't go there. It's icky. |
Jada Maroo
|
Posted - 2011.04.11 05:57:00 -
[550]
Maybe so. But it was at least an attempt at player participation in the direction of the game. And I'm pretty sure some of the "small things" patches were based on CSM priority lists.
But even if CCP didn't take it seriously, players at least had the moral high ground and could point to the CSM and say it was a legitimate effort to shape the game into something greater. That ground's lost now.
Not saying we lost much, mind you. But if we're going to have Goons **** all over it in well orchestrated troll, which I admit was fantastic, isn't it time for the joke to end?
Just get rid of it at this point.
|
|
|
Barakkus
|
Posted - 2011.04.11 06:19:00 -
[551]
It doesn't matter one bit if a player that gets a job at CCP was BoB or Goon or your damn mother. They are adults and will behave as such...you all are forgetting there is a difference between REAL LIFE and internet spaceships.
And no, you don't have to run around screaming about blah blah blah, BoB scandal, blah blah blah...I'm completely aware of that and **** happens sometimes. There is not a single major MMO on the market that hasn't has something similar happen, not a single one. EverQuest II, WoW, I'm sure LOTRO has had some **** go on...**** happens...it's akin to a stupid kid cheating in school...no one is out to ruin from inside the company.
I could care less how any of the devs play the game on their personal time, it doesn't matter one bit because their PAYCHECKS come from EVE being a success, not playing some stupid childish game of "let's break stuff and ruin the company" That's just asinine to even consider that.
Get out of your basements and realize that there is a difference between playing a video game and real life for once.
-
-
[SERVICE] Corp Standings For POS anchoring
|
Calathea Sata
State War Academy
|
Posted - 2011.04.11 06:34:00 -
[552]
But but EVE IS REAL
|
Yuki Kulotsuki
|
Posted - 2011.04.11 06:38:00 -
[553]
Originally by: Barakkus
rabble rabble
You're spoiling the fun. Trolling with truth is so much more effective than normal. Like this tidbit: the first CEO of goonfleet ran off with a titan fund worth approx 2.8k USD at the time. He is now under investigation for unlicensed mortgage brokering and other shady lawyer stuff.
--
There's a place called kugutsumen.com but don't go there. It's icky. |
Jada Maroo
|
Posted - 2011.04.11 07:25:00 -
[554]
Edited by: Jada Maroo on 11/04/2011 07:25:58
Originally by: Barakkus
It doesn't matter one bit if a player that gets a job at CCP was BoB or Goon or your damn mother. They are adults and will behave as such...you all are forgetting there is a difference between REAL LIFE and internet spaceships.
I'll explain what you're overlooking.
The CSM is a bridge between the players and CCP. It relies on a point of contact between the CSM and the players. But the forum personas of Goons tend to be trolls, and the comments made by the newest CSM members so far are exactly the kind of non-serious trolling I would expect and demand of Goons. But not CSM members.
If players can't effectively communicate with the CSM because the troll personas get in the way then it is nonfunctional.
Granted, most of us are forum trolls too but we are not CSM.
|
Scorpyn
Caldari
Warp Ghosts Omega
Spectres of the Deep
|
Posted - 2011.04.11 07:46:00 -
[555]
Originally by: sableye
I think its the best thing todo but I will miss the larger portraits.
Speaking of this...
Since I'm the kind of person that prefers these small photos... will that be configurable?
Also, with the new forums I lost connection in the middle of typing a reply. Not ok.
Tbh I'd prefer it if the new forums were simply disabled forever. Annoying to look at, slow, unstable... no thanks.
|
Elisha Matahari
|
Posted - 2011.04.11 08:49:00 -
[556]
Ok CCP Spitfire. Nice edit of my threads title. You and you're evil mod powers!
Security CCP... Not just something you think about now and then.
|
Furb Killer
Gallente
|
Posted - 2011.04.11 08:56:00 -
[557]
Quote:
if CCP didn't take it seriously
Sorry, but where does the "if" come from? Regardless of you are in favour or against the anomaly changes, wouldnt you think that if there was a chance CCP took the CSM serious they would at least ask their input about such an enormous change? But instead they completely ignored the CSM and timed the dev blog such that the CSM (or anyone else) couldnt ask about it during the 0.0 roundtable. And then you still think there is a chance CCP takes the CSM serious?
|
Bomberlocks
Minmatar
CTRL-Q
|
Posted - 2011.04.11 08:56:00 -
[558]
Originally by: Steve Thomas
.....
A) it would have *theoreticaly* been able to execute script on any pre Vista PC with IE 7 or 8, I dont think its an issue with IE9 on any operating system.
the real problem however was with the ability to log in as anyone or create-edit posts as anyone, someone who was seriously being malicious would not have even needed to do that. just go in and redirect one of the links you have set up to one of the clone sights, considering that I was aparently directed to the eve sight via that popup Warning about leaving eve I have to wonder if thats what happend with some of the edits
I think this is not entirely correct. It seems that it was possible to execute signature injected javascript via jquery eventlistener binding/unbinding, and since the sigs persist across page loads, you would have been able to pass garnered data along to another domain via the query string. AFAIK no one did this, but the possibility was real.
In addition to that there are many players who still use XP with the stock installed browser.
We'll see what Sreegs posts in his blog, but I'm not entirely convinced that CCP will be honest as to the extent of the problem as I think it might open them up to possible legal problems.
|
Ban Doga
|
Posted - 2011.04.11 09:52:00 -
[559]
Edited by: Ban Doga on 11/04/2011 09:53:23
Originally by: Bomberlocks
We'll see what Sreegs posts in his blog, but I'm not entirely convinced that CCP will be honest as to the extent of the problem as I think it might open them up to possible legal problems.
The blog will reiterate the statements already made.
This will include "injection of HTML", "user data was not at risk" and "security's job is to react to issues - not to prevent them by reading code".
It will contain a more lengthy and (slightly) more detailed explanation of "What" happened but not "Why".
Questions regarding "Why" will be met with "Policy says 'No'", "I already explained that", "I say what I said" and "Asking about bans or warnings could get you a ban or warning yourself".
And I'll be delighted to be wrong...
|
Ambein Flambein
352 Industries
|
Posted - 2011.04.11 10:01:00 -
[560]
Originally by: Barakkus
I'm sure LOTRO has had some **** go on.
the biggest scandal lotro has had was 2 years ago when turbine broke the servers for like 2 days. they gave everyone 2 free day of game time and some pretty candles ingame. but as its entering its 5th year this month im sure some serious **** is about to go down and i will be watching and waiting with popcorn at the ready, in the mean time, ive got the drama involving the new forums here to keep me occupied, as well as whatever drama the goons on the csm can create (thats gonna be the highlight of the year for me, either they **** **** up, or get **** done, either way theres gogin to be some nice drama. dont let us down goons)
and yes i play lotro, it has **** pvp, but its pve is great ( i have a lifetime sub, so i take massive breaks from it ot come play eve and blown some **** up) i await the wardecs that this comment is bound to generate
______________________________________________
Sig is Broken |
|
|
Chesty McJubblies
Gallente
Center for Advanced Studies
|
Posted - 2011.04.11 10:20:00 -
[561]
Edited by: Chesty McJubblies on 11/04/2011 10:21:08
Originally by: Mag's
The question is, how the hell did the new ones get released in such a bad state to begin with?
No, the question is, why would you ask such a thing? Oo
|
Misanth
RABBLE RABBLE RABBLE
|
Posted - 2011.04.11 10:54:00 -
[562]
Originally by: Chesty McJubblies
Edited by: Chesty McJubblies on 11/04/2011 10:21:08
Originally by: Mag's
The question is, how the hell did the new ones get released in such a bad state to begin with?
No, the question is, why would you ask such a thing? Oo
No, the question is, why do we have to assume that's the case..
-
|
El'Niaga
Minmatar
Republic Military School
|
Posted - 2011.04.11 11:10:00 -
[563]
Okay what we need to do is fire the individuals responsible for this fiasco. We don't need some lame excuse that the boss is gone on vacation, call him back if he is.
I seriously hope a team didn't spend 70k hours on modifying a YAF board to fit EVE's needs. If they did get rid of these leeches.
Also its now past 11 am your time, where is our promised update?
|
Kristina Vanszar
Caldari
|
Posted - 2011.04.11 11:10:00 -
[564]
The only thing i am accepting as an appologize from CCP,
is either:
1. prooving the guys who figured out the giant holes, have not tried to contact CCP, but they've tried to make use of it, so the perma + IP Bans are OK
or
2. if they can not proove it, remove the ban of thoose guys, becouse they've more or less saved our and CCPs asses from a way bigger insult.
I do not want to discuss the "ban policy", i just want to make my point clear
Br o7
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.11 12:02:00 -
[565]
Funny (to me) translated and slightly adapted tidbit from my brother (who's a .Net/C#/whatever codemonkey)... if this is not accurate, I have no clue...
"I don't get it, how did they manage to make the signature f-up, in .Net you have the .HTMLEncode() method, and then everything is magically secure from cross-site scripting. That's all they had to do. 1 line.
Also, .Net has built-in safeguards for cross site scripting, which you specifically need to disable by hand... guess what? they probably effin' did, because otherwise you couldn't enter HTML code in text boxes.
HTMLEncode(), that's all they needed to do, as in, REALLY.
Item.Signature.Text = HTMLEncode(Item.Signature.Text) ... or something like that, and that's it.
... from http://msdn.microsoft.com/en-us/library/w3te6wfz.aspx ...
HTML encoding makes sure that text is displayed correctly in the browser and not interpreted by the browser as HTML. For example, if a text string contains a less than sign (<) or greater than sign (>), the browser would interpret these characters as the opening or closing bracket of an HTML tag. When the characters are HTML encoded, they are converted to the strings < and >, which causes the browser to display the less than sign and greater than sign correctly.
HttpServerUtility.HtmlEncode()
..."
_
CCP LEADERSHIP MENTALITY NEEDS TO CHANGE FAST !
"New junky features sell, old polished content doesn't" ? KILL IT WITH FIRE. |
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.11 12:10:00 -
[566]
Originally by: Akita T
Funny (to me) translated and slightly adapted tidbit from my brother (who's a .Net/C#/whatever codemonkey)... if this is not accurate, I have no clue...
ąand what's even more fun is that they're overdoing the same translation in the normal post edit boxes, where text is encoded on the fly so you can't even use HTML entities to insert special characters (which is yet another reason for the slowdown in the post editor).
As soon as you enter "&", it gets translated into "&" and entering "×" to get a × sign only prints the original × you entered. These forums do it much better: the translation is done when you click post, and entities you've entered manually are preserved and come out as the special characters you wanted to display.
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
Grimpak
Gallente
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.11 12:10:00 -
[567]
Edited by: Grimpak on 11/04/2011 12:11:07
Originally by: Akita T
Funny (to me) translated and slightly adapted tidbit from my brother (who's a .Net/C#/whatever codemonkey)... if this is not accurate, I have no clue...
"I don't get it, how did they manage to make the signature f-up, in .Net you have the .HTMLEncode() method, and then everything is magically secure from cross-site scripting. That's all they had to do. 1 line.
Also, .Net has built-in safeguards for cross site scripting, which you specifically need to disable by hand... guess what? they probably effin' did, because otherwise you couldn't enter HTML code in text boxes.
HTMLEncode(), that's all they needed to do, as in, REALLY.
Item.Signature.Text = HTMLEncode(Item.Signature.Text) ... or something like that, and that's it.
... from http://msdn.microsoft.com/en-us/library/w3te6wfz.aspx ...
HTML encoding makes sure that text is displayed correctly in the browser and not interpreted by the browser as HTML. For example, if a text string contains a less than sign (<) or greater than sign (>), the browser would interpret these characters as the opening or closing bracket of an HTML tag. When the characters are HTML encoded, they are converted to the strings < and >, which causes the browser to display the less than sign and greater than sign correctly.
HttpServerUtility.HtmlEncode()
..."
wait, are you telling me that this the exact same ****up as on boot.ini but in a different place?
---
Quote:
The more I know about humans, the more I love animals.
ain't that right. |
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.11 12:23:00 -
[568]
Originally by: Grimpak
wait, are you telling me that this the exact same ****up as on boot.ini but in a different place?
It would appear so, at least as far as signatures are concerned...
Originally by: Tippia
ąand what's even more fun is that they're overdoing the same translation in the normal post edit boxes, where text is encoded on the fly so you can't even use HTML entities to insert special characters (which is yet another reason for the slowdown in the post editor).
As soon as you enter "&", it gets translated into "&" and entering "×" to get a + sign only prints the original × you entered. These forums do it much better: the translation is done when you click post, and entities you've entered manually are preserved and come out as the special characters you wanted to display.
_
CCP LEADERSHIP MENTALITY NEEDS TO CHANGE FAST !
"New junky features sell, old polished content doesn't" ? KILL IT WITH FIRE. |
Grimpak
Gallente
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.11 12:26:00 -
[569]
Originally by: Akita T
Originally by: Grimpak
wait, are you telling me that this the exact same ****up as on boot.ini but in a different place?
It would appear so, at least as far as signatures are concerned...
wtf, didn't they fired that guy?
---
Quote:
The more I know about humans, the more I love animals.
ain't that right. |
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.11 12:28:00 -
[570]
Well, it's not QUITE the same, just somewhat similar.
Still same logic, a trivial error.
_
CCP LEADERSHIP MENTALITY NEEDS TO CHANGE FAST !
"New junky features sell, old polished content doesn't" ? KILL IT WITH FIRE. |
|
|
Frecator Dementa
Caldari
Perkone
|
Posted - 2011.04.11 12:29:00 -
[571]
Originally by: Grimpak
Originally by: Akita T
Originally by: Grimpak
wait, are you telling me that this the exact same ****up as on boot.ini but in a different place?
It would appear so, at least as far as signatures are concerned...
wtf, didn't they fired that guy?
I wouldn't call this the same ****up at all. The signature exploit sounds like they forgot to HTML encode, the boot.ini was a file name conflict.
----
<sig goes here> |
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.11 12:34:00 -
[572]
Originally by: Grimpak
Originally by: Akita T
Originally by: Grimpak
wait, are you telling me that this the exact same ****up as on boot.ini but in a different place?
It would appear so, at least as far as signatures are concerned...
wtf, didn't they fired that guy?
Not exactly "fire"ą.
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
Grimpak
Gallente
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.11 12:39:00 -
[573]
Originally by: Frecator Dementa
Originally by: Grimpak
Originally by: Akita T
Originally by: Grimpak
wait, are you telling me that this the exact same ****up as on boot.ini but in a different place?
It would appear so, at least as far as signatures are concerned...
wtf, didn't they fired that guy?
I wouldn't call this the same ****up at all. The signature exploit sounds like they forgot to HTML encode, the boot.ini was a file name conflict.
somebody displaced/forgot a few characters in a file.
granted not really the same but the type of mistake is basically the same.
---
Quote:
The more I know about humans, the more I love animals.
ain't that right. |
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.11 12:54:00 -
[574]
Originally by: Grimpak
granted not really the same but the type of mistake is basically the same.
The boot.ini thing could have been an honest mistake, this one however, not so much (like Tippia pointed out, they do obsessively sanitize it in some other place).
So, meh.
_
CCP LEADERSHIP MENTALITY NEEDS TO CHANGE FAST !
"New junky features sell, old polished content doesn't" ? KILL IT WITH FIRE. |
Grimpak
Gallente
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.11 13:07:00 -
[575]
Originally by: Akita T
Originally by: Grimpak
granted not really the same but the type of mistake is basically the same.
The boot.ini thing could have been an honest mistake, this one however, not so much (like Tippia pointed out, they do obsessively sanitize it in some other place).
So, meh.
oh well, it's still an epic ****up.
---
Quote:
The more I know about humans, the more I love animals.
ain't that right. |
Hakaru Ishiwara
Minmatar
Republic Military School
|
Posted - 2011.04.11 13:17:00 -
[576]
Originally by: El'Niaga
Okay what we need to do is fire the individuals responsible for this fiasco. We don't need some lame excuse that the boss is gone on vacation, call him back if he is.
I seriously hope a team didn't spend 70k hours on modifying a YAF board to fit EVE's needs. If they did, then get rid of these leeches.
Whomever was project managing this initiative is the person at fault. Even if they had management breathing heavily down their neck, they should have had the professional back-bone to hold the release. We already know that CCP management is terrible and that they hold their customers in low regard.
Originally by: El'Niaga
Also its now past 11 am your time, where is our promised update?
CCP's promises are always meant to be broken. Over-promise and under-deliver is CCP's unstated motto.
I am honestly surprised somebody hasn't coined the term "Unicorn Development" where a company's customers get the shaft from a ****ed-up and proprietary implementation of an Open Source product. A new Internet meme perhaps....
To wikipedia!
|
Niraia
Zaratha Zarati
Shaktipat Revelators
|
Posted - 2011.04.11 13:22:00 -
[577]
My point exactly. I know web developers who have been rejected by CCP who wouldn't do something this stupid. Whoever was in charge of recruiting them should probably be apologizing for doing a terrible job too, don't you think?
Does CCP care about the quality of their staff? Does the CEO? Where is the CEO?
-
shipsofeve.com
eohpoker.com
sanshasnation.net
|
MisterAl tt1
|
Posted - 2011.04.11 13:24:00 -
[578]
After having read some external info regarding your "brand new" forums I would say that the whole team in charge of this f... up is to be fired!
To allow code insertion into signatures! What kind of "specialists" work there?! How could've you bring OUR computers under such a risk?!
Well, I'm sure CCP will state everything is OK and there was no risk. Even with my little knowledge I can say that they LIE.
_________________________
Dynamic WH map for everyone! |
Shade Millith
Caldari
Macabre Votum
Morsus Mihi
|
Posted - 2011.04.11 13:28:00 -
[579]
Edited by: Shade Millith on 11/04/2011 13:33:28
Edited by: Shade Millith on 11/04/2011 13:30:54
Quote:
IĘm not claiming. IĘm stating outright that customer data was never at risk. WeĘve also said there will be a blog which will detail what occurred and what was wrong. -CCP Sreegs
And according to http://www.machine9.net/blog/?p=592 , and the bloke who made it public on SHC (Because you ignored his petitions, then banned him), you're lying out your arse.
Screw you. Seriously, screw you. You managed to put everyone at risk. Apparently with known security issues from beta.
------------------------
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 13:28:00 -
[580]
Originally by: MisterAl tt1
After having read some external info regarding your "brand new" forums I would say that the whole team in charge of this f... up is to be fired!
To allow code insertion into signatures! What kind of "specialists" work there?! How could've you bring OUR computers under such a risk?!
Well, I'm sure CCP will state everything is OK and there was no risk. Even with my little knowledge I can say that they LIE.
I say we cancel your account after we fire them, deal?
Fair exchange?
|
|
|
Grimpak
Gallente
The Whitehound Corporation
Frontline Assembly Point
|
Posted - 2011.04.11 13:31:00 -
[581]
Edited by: Grimpak on 11/04/2011 13:31:19
Originally by: Shade Millith
Quote:
IĘm not claiming. IĘm stating outright that customer data was never at risk. WeĘve also said there will be a blog which will detail what occurred and what was wrong. -CCP Sreegs
And according to http://www.machine9.net/blog/?p=592 , and the bloke who made it public on SHC (Because you ignored his petitions, then banned him), you're lying out your arse.
Screw you.
well it's kinda true since Sreegs might be saying that the customer data that THEY HAVE was never at risk.
---
Quote:
The more I know about humans, the more I love animals.
ain't that right. |
dexington
Caldari
Baconoration
|
Posted - 2011.04.11 13:31:00 -
[582]
Originally by: MisterAl tt1
To allow code insertion into signatures! What kind of "specialists" work there?! How could've you bring OUR computers under such a risk?!
Well, I'm sure CCP will state everything is OK and there was no risk. Even with my little knowledge I can say that they LIE.
hahah... you better format you computer, to be sure there is no malware installed. Remember to turn off your computer for 45 min after the format, just to be sure nothing survives in memory!
anyways, when do we see the dev blog?, can someone confirm the rumors that the head of security called in sick today?
|
MisterAl tt1
|
Posted - 2011.04.11 13:32:00 -
[583]
Edited by: MisterAl tt1 on 11/04/2011 13:35:17
Originally by: Miilla
I say we cancel your account after we fire them, deal?
Fair exchange?
My dear, if you are somewhat connected to CCP (which you seem not to) them you are getting PIAD from such users as I am, and thus you are expected to do nice job for the money paid. A job like this is expected from a 16-year old pupil who has made his first "site" in his life.
Originally by: dexington
hahah... you better format you computer, to be sure there is no malware installed. Remember to turn off your computer for 45 min after the format, just to be sure nothing survives in memory!
anyways, when do we see the dev blog?, can someone confirm the rumors that the head of security called in sick today?
1st - my knowledge is enough not to use some "beta", so I'm only angry about the whole CCP being that bunch of non-professionals.
2nd - those external blogs I saw are enough evidence for me. And I'm well sure that CCP will never agree they had a hole like this, like they never did about "monkey magic" and other things like that.
_________________________
Dynamic WH map for everyone! |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 13:37:00 -
[584]
Do we still need this thread? All it encourages is bashing and whining. We get the point :)
How about putting some real content into the forums instead of tears?
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.11 13:40:00 -
[585]
Originally by: Miilla
How about putting some real content into the forums instead of tears?
Content is soooo mainstream...
/emote adjust horn-rimmed glasses
_
CCP LEADERSHIP MENTALITY NEEDS TO CHANGE FAST !
"New junky features sell, old polished content doesn't" ? KILL IT WITH FIRE. |
Zey Nadar
Gallente
Unknown Soldiers
Wildly Inappropriate.
|
Posted - 2011.04.11 13:42:00 -
[586]
Edited by: Zey Nadar on 11/04/2011 13:45:25
Originally by: Frecator Dementa
I wouldn't call this the same ****up at all. The signature exploit sounds like they forgot to HTML encode, the boot.ini was a file name conflict.
Pointing out that there are more glaring holes in the new forum than just the signature exploit.
And the best part is that these holes were reported in the test phase.
|
MisterAl tt1
|
Posted - 2011.04.11 13:42:00 -
[587]
Originally by: Miilla
Do we still need this thread? All it encourages is bashing and whining. We get the point :)
How about putting some real content into the forums instead of tears?
Meaning "let it slide and let CCP don't bother about doing some non-professional work again" ? No. I want CCP to see that users ARE interested in seeing CCP really do something like they should.
_________________________
Dynamic WH map for everyone! |
dexington
Caldari
Baconoration
|
Posted - 2011.04.11 13:45:00 -
[588]
Originally by: MisterAl tt1
Meaning "let it slide and let CCP don't bother about doing some non-professional work again" ? No. I want CCP to see that users ARE interested in seeing CCP really do something like they should.
You just want to ***** and whine, did someone put chilly on your tampax or what?
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 13:52:00 -
[589]
Edited by: Miilla on 11/04/2011 13:52:06
Originally by: dexington
Originally by: MisterAl tt1
Meaning "let it slide and let CCP don't bother about doing some non-professional work again" ? No. I want CCP to see that users ARE interested in seeing CCP really do something like they should.
You just want to ***** and whine, did someone put chilly on your tampax or what?
I think CCP get the point. If you really want to make a point, STOP PAYING (and PLAYING). Right?
|
MisterAl tt1
|
Posted - 2011.04.11 13:55:00 -
[590]
Trolls damage controling CCP ? How nice.
_________________________
Dynamic WH map for everyone! |
|
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 13:57:00 -
[591]
Originally by: MisterAl tt1
Trolls damage controling CCP ? How nice.
Not at all, I just know reality and don't have my head firmly rammed up my buttocks like the rest of the "engineering" "experts" on here whining and demanding firings etc.
|
Gnulpie
Minmatar
Miner Tech
|
Posted - 2011.04.11 14:03:00 -
[592]
Edited by: Gnulpie on 11/04/2011 14:03:23
Originally by: Zey Nadar
Pointing out that there are more glaring holes in the new forum than just the signature exploit.
And the best part is that these holes were reported in the test phase.
Do you have any proof that those issues were reported? Any mails/correspondence? Forum posts? Bug ID's?
And who reported them? And in which detail were those problems reported? |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 14:12:00 -
[593]
Edited by: Miilla on 11/04/2011 14:15:09
Originally by: Gnulpie
Edited by: Gnulpie on 11/04/2011 14:03:23
Originally by: Zey Nadar
Pointing out that there are more glaring holes in the new forum than just the signature exploit.
And the best part is that these holes were reported in the test phase.
Do you have any proof that those issues were reported? Any mails/correspondence? Forum posts? Bug ID's?
And who reported them? And in which detail were those problems reported?
That's not the problem, the problem is, he went and exploited it. He should have just made the problem public and let it at that. But no, he had to be an a.sshat and exploit it.
There is a little thing called TRIAGE on bugs. If only you saw the amount of issues triaged out to wont fix or postponed at Microsoft, why? They are below the fix bar at that point in time, and probably lack of resources and also not their primary focus or perhaps just a badly explained bug repro and impact.
There is no reason to go exploit the bug to deny us all the service we pay for. That is a no no. Shout all he wants publically, thats what whistleblowers do. End of story.
Given the attitude this guy has, he probably wrote it in rage speak in the email and bug report with l33t too. I can see why it would be downgraded or ignored.
He crossed the line.
|
Niraia
Zaratha Zarati
Shaktipat Revelators
|
Posted - 2011.04.11 14:18:00 -
[594]
Originally by: Miilla
That's not the problem, the problem is, he went and exploited it.
I don't think that's a problem for anyone but himself, assuming he did no damage..
-
shipsofeve.com
eohpoker.com
sanshasnation.net
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 14:32:00 -
[595]
Originally by: Niraia
Originally by: Miilla
That's not the problem, the problem is, he went and exploited it.
I don't think that's a problem for anyone but himself, assuming he did no damage..
He did do damage, he started posting as somebody else, modifying other customers posts and end result we where denied access to the service for a few days.
|
Bomberlocks
Minmatar
CTRL-Q
|
Posted - 2011.04.11 14:33:00 -
[596]
Originally by: Miilla
Edited by: Miilla on 11/04/2011 14:15:09
Originally by: Gnulpie
Edited by: Gnulpie on 11/04/2011 14:03:23
Originally by: Zey Nadar
Pointing out that there are more glaring holes in the new forum than just the signature exploit.
And the best part is that these holes were reported in the test phase.
Do you have any proof that those issues were reported? Any mails/correspondence? Forum posts? Bug ID's?
And who reported them? And in which detail were those problems reported?
That's not the problem, the problem is, he went and exploited it. He should have just made the problem public and let it at that. But no, he had to be an a.sshat and exploit it.
There is a little thing called TRIAGE on bugs. If only you saw the amount of issues triaged out to wont fix or postponed at Microsoft, why? They are below the fix bar at that point in time, and probably lack of resources and also not their primary focus or perhaps just a badly explained bug repro and impact.
There is no reason to go exploit the bug to deny us all the service we pay for. That is a no no. Shout all he wants publically, thats what whistleblowers do. End of story.
Given the attitude this guy has, he probably wrote it in rage speak in the email and bug report with l33t too. I can see why it would be downgraded or ignored.
He crossed the line.
Catari Taga, the person who was banned, was not the only person who discovered the vulnerabilities and was not the only person to petition and report them. Regardless of your opinion of him, it doesn't change the extent of the vulnerabilities.
|
Niraia
Zaratha Zarati
Shaktipat Revelators
|
Posted - 2011.04.11 14:33:00 -
[597]
Edited by: Niraia on 11/04/2011 14:33:57
Originally by: Miilla
He did do damage, he started posting as somebody else, modifying other customers posts and end result we where denied access to the service for a few days.
So why is the fact that he exploited it the problem, as you stated?
-
shipsofeve.com
eohpoker.com
sanshasnation.net
|
Siigari Kitawa
Gallente
Senex Legio
Get Off My Lawn
|
Posted - 2011.04.11 14:34:00 -
[598]
lol
|
LtCol Laurentius
Zor Industries
|
Posted - 2011.04.11 14:35:00 -
[599]
Originally by: Miilla
That's not the problem, the problem is, he went and exploited it. He should have just made the problem public and let it at that. But no, he had to be an a.sshat and exploit it.
There is a little thing called TRIAGE on bugs. If only you saw the amount of issues triaged out to wont fix or postponed at Microsoft, why? They are below the fix bar at that point in time, and probably lack of resources and also not their primary focus or perhaps just a badly explained bug repro and impact.
There is no reason to go exploit the bug to deny us all the service we pay for. That is a no no. Shout all he wants publically, thats what whistleblowers do. End of story.
Given the attitude this guy has, he probably wrote it in rage speak in the email and bug report with l33t too. I can see why it would be downgraded or ignored.
He crossed the line.
You use the word exploits as if it were true. Previosly you linked the definition of "whistleblower" in you ongoing campaign to whiteknight CCP. Let me thus prove a definition of "exploit": "An exploit, in video games, is the use of a bug or design flaw by a player to their advantage in a manner not intended by the game's designers".
Its very clear that you dont like him "feeding his ego", but I doubt that it can be classified as en "exploit".
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 14:36:00 -
[600]
Originally by: LtCol Laurentius
Originally by: Miilla
That's not the problem, the problem is, he went and exploited it. He should have just made the problem public and let it at that. But no, he had to be an a.sshat and exploit it.
There is a little thing called TRIAGE on bugs. If only you saw the amount of issues triaged out to wont fix or postponed at Microsoft, why? They are below the fix bar at that point in time, and probably lack of resources and also not their primary focus or perhaps just a badly explained bug repro and impact.
There is no reason to go exploit the bug to deny us all the service we pay for. That is a no no. Shout all he wants publically, thats what whistleblowers do. End of story.
Given the attitude this guy has, he probably wrote it in rage speak in the email and bug report with l33t too. I can see why it would be downgraded or ignored.
He crossed the line.
You use the word exploits as if it were true. Previosly you linked the definition of "whistleblower" in you ongoing campaign to whiteknight CCP. Let me thus prove a definition of "exploit": "An exploit, in video games, is the use of a bug or design flaw by a player to their advantage in a manner not intended by the game's designers".
Its very clear that you dont like him "feeding his ego", but I doubt that it can be classified as en "exploit".
He took advantage of his bug and used it to post as other people and gain moderator privlidges and also modifying other customers posts, that is exploiting.
|
|
|
dexington
Caldari
Baconoration
|
Posted - 2011.04.11 14:37:00 -
[601]
Originally by: MisterAl tt1
Trolls damage controling CCP ? How nice.
You don't seem to understand troll culture, they are the superheros of the internet, fighting to save the internet from people like you!
Every time to many self-righteous, to stupid to know better, angry forum warriors gather for a session of group jerking, while discussing some crack pot theory, eg. how html/javascript injection in mmo forums is going to change the world as we know it, what's when the superhero troll emerge to try and save the internet from stupidity.
|
Hel O'Ween
Men On A Mission
|
Posted - 2011.04.11 14:37:00 -
[602]
Originally by: Miilla
Given the attitude this guy has, he probably wrote it in rage speak in the email and bug report with l33t too. I can see why it would be downgraded or ignored.
Granted, Cat isn't a trained diplomat, but he has been a helpful member of the 3rd party dev community over the years. Just check out the Tech Lab forums for his posts, before you make any wild assumptions.
And if you as a company ignore a bug report about a serious security issue because you don't like "the sound" of it, you're doing it terribly wrong.
--
EVEWalletAware - an offline wallet manager |
dexington
Caldari
Baconoration
|
Posted - 2011.04.11 14:40:00 -
[603]
Originally by: Hel O'Ween
Originally by: Miilla
Given the attitude this guy has, he probably wrote it in rage speak in the email and bug report with l33t too. I can see why it would be downgraded or ignored.
Granted, Cat isn't a trained diplomat, but he has been a helpful member of the 3rd party dev community over the years. Just check out the Tech Lab forums for his posts, before you make any wild assumptions.
And if you as a company ignore a bug report about a serious security issue because you don't like "the sound" of it, you're doing it terribly wrong.
A. ****** was also a productive member of society as a youth, no one really seemed to care about that after WW2.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 14:41:00 -
[604]
Originally by: Hel O'Ween
Originally by: Miilla
Given the attitude this guy has, he probably wrote it in rage speak in the email and bug report with l33t too. I can see why it would be downgraded or ignored.
Granted, Cat isn't a trained diplomat, but he has been a helpful member of the 3rd party dev community over the years. Just check out the Tech Lab forums for his posts, before you make any wild assumptions.
And if you as a company ignore a bug report about a serious security issue because you don't like "the sound" of it, you're doing it terribly wrong.
When you write a bug, write it clear and concise and include the impact. you dont run off in an ego tantrum and exploit it then post to the world asking if they also want to exploit it. You just post the facts, and leave it at that.
He is not involved in the decision process, however how he presents it can influence the decision if done correctly.
|
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.11 14:43:00 -
[605]
Originally by: Miilla
He did do damage, he started posting as somebody else, modifying other customers posts and end result we where denied access to the service for a few days.
So where's the damage?
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
dexington
Caldari
Baconoration
|
Posted - 2011.04.11 14:45:00 -
[606]
Edited by: dexington on 11/04/2011 14:45:06
Originally by: Miilla
When you write a bug, write it clear and concise and include the impact. you dont run off in an ego tantrum...
Finding security bugs is all about showing the other guy you know more about programming and it-tech then he does, the world needs to know when you are better then someone else.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 14:45:00 -
[607]
Edited by: Miilla on 11/04/2011 14:45:17
Originally by: Tippia
Originally by: Miilla
He did do damage, he started posting as somebody else, modifying other customers posts and end result we where denied access to the service for a few days.
So where's the damage?
2 days inaccessible forum service we pay for, loss of confidence in our account security, damage to the reputation of the product and processes. Damage is not always measurable as money.
|
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.11 14:46:00 -
[608]
Originally by: Miilla
2 days inaccessible forum service we pay for, loss of confidence in our account security, damage to the reputation of the product and processes.
Yes, but where's the damage he did?
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 14:48:00 -
[609]
Originally by: dexington
Edited by: dexington on 11/04/2011 14:45:06
Originally by: Miilla
When you write a bug, write it clear and concise and include the impact. you dont run off in an ego tantrum...
Finding security bugs is all about showing the other guy you know more about programming and it-tech then he does, the world needs to know when you are better then someone else.
That is why those people never make management or lead positions as they cannot handle the decision process and lack maturity in the thinking. The higher up you go the more it becomes less a technical decision and more a business decision. Learn that and you will go far otherwise you end up sitting in your cage competing with students (cheaper and work longer hours). True fact of employment.
|
Valator Uel
Caldari
Mercenaries of Andosia
Northern Coalition.
|
Posted - 2011.04.11 14:48:00 -
[610]
Originally by: Miilla
Edited by: Miilla on 11/04/2011 14:45:17
Originally by: Tippia
Originally by: Miilla
He did do damage, he started posting as somebody else, modifying other customers posts and end result we where denied access to the service for a few days.
So where's the damage?
2 days inaccessible forum service we pay for, loss of confidence in our account security, damage to the reputation of the product and processes. Damage is not always measurable as money.
And who's fault is it? Had CCP did their job, he wouldn't have had to.
------------------
empty sig |
|
|
Yuki Kulotsuki
|
Posted - 2011.04.11 14:50:00 -
[611]
Originally by: Miilla
2 days inaccessible forum service we pay for, loss of confidence in our account security, damage to the reputation of the product and processes. Damage is not always measurable as money.
CCP did that themselves and should have REGARDLESS of "hack" posting. Your so-called damage is reasonable reaction to shipping a vulnerable product that puts customers at risk. Proof of concept posting simply made it so that it could not be ignored which is a good thing. Ignoring such issues is willfully negligent.
--
Did you know there's an alliance who's name you're not allowed to say, or website you're not allowed to link? |
Calathea Sata
State War Academy
|
Posted - 2011.04.11 14:50:00 -
[612]
It is all CCP's fault. They know this themselves so they put down their new creation for good.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 14:51:00 -
[613]
Pay me 10 plex and I will change sides :)
|
dexington
Caldari
Baconoration
|
Posted - 2011.04.11 14:52:00 -
[614]
Edited by: dexington on 11/04/2011 14:52:10
Originally by: Miilla
That is why those people never make management or lead positions as they cannot handle the decision process and lack maturity in the thinking. The higher up you go the more it becomes less a technical decision and more a business decision. Learn that and you will go far otherwise you end up sitting in your cage competing with students (cheaper and work longer hours). True fact of employment.
You make it sounds like that's a bad thing, you can easily get a salary where money is not a big deal without being in management, and you don't have to do the meeting and the hierarchical butt kissing... not being in management is win/win.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 14:55:00 -
[615]
Originally by: dexington
Edited by: dexington on 11/04/2011 14:52:10
Originally by: Miilla
That is why those people never make management or lead positions as they cannot handle the decision process and lack maturity in the thinking. The higher up you go the more it becomes less a technical decision and more a business decision. Learn that and you will go far otherwise you end up sitting in your cage competing with students (cheaper and work longer hours). True fact of employment.
You make it sounds like that's a bad thing, you can easily get a salary where money is not a big deal without being in management, and you don't have to do the meeting and the hierarchical butt kissing... not being in management is win/win.
Still being in a lead role also means you have to factor in business decisions which are inherently non-technically influenced and you have to at the end of the day, accept the decision made and 99% of those decisions have very good business reasons for not doing A or B when you think about it and you have to then execute that decision, a lot of rage boy engineers cannot do that and keep ranting oh but thats not right yes theyre right, from an engineer perspective, but that's not the perspective the decision was taken with (well that was factored in ofcourse), I've seen it first hand.
|
Zey Nadar
Gallente
Unknown Soldiers
Wildly Inappropriate.
|
Posted - 2011.04.11 15:01:00 -
[616]
Originally by: Miilla
There is no reason to go exploit the bug to deny us all the service we pay for. That is a no no. Shout all he wants publically, thats what whistleblowers do. End of story.
Given the attitude this guy has, he probably wrote it in rage speak in the email and bug report with l33t too. I can see why it would be downgraded or ignored.
He crossed the line.
The new forums put every user who browsed those forums at risk. People could inject any malicious code they wanted into the signatures, including code that defines how the page looks like. So they could have in practise added something extra to the forums which would have made unaware users log in again and give out their login credentials etc to the hackers. The forums should have been pulled down at first light. They were a banal mockery of online security. The guy in question did what he did to force a response and Im happy that he did.
Check eve news site for an article that explains at more detail what was open.
|
LtCol Laurentius
Zor Industries
|
Posted - 2011.04.11 15:03:00 -
[617]
Originally by: Miilla
He took advantage of his bug and used it to post as other people and gain moderator privlidges and also modifying other customers posts, that is exploiting.
Even using YOUR own definition, he exploited a bug in the forums (not a game) and elevated his privlidges against the intent by the designers as is injecting formatting and markup, changing the content of the intended design by the designers.
Exploit is exploited.
Its not my definition, its wikipedias. But sorry no, I dont buy it. After CCP did a ****poor job converting a open source forum for their own use, and then utterly failing to heed feedback during testing, they rolled out u product with such basic security flaws that would make a high school student blush. So he SHOWED THEM what they had done. Sometimes, when people just dont want to listen, thats what you do. He didnt gain any advantage from it (if you dont count him getting banned an advantage). He is not an exploiter, he is a whistleblower. But by all means, dont let me stop you sucking CCPs ****, because you seem to be really really good at it.
|
Niraia
Zaratha Zarati
Shaktipat Revelators
|
Posted - 2011.04.11 15:06:00 -
[618]
Originally by: Miilla
Originally by: dexington
Edited by: dexington on 11/04/2011 14:52:10
Originally by: Miilla
That is why those people never make management or lead positions as they cannot handle the decision process and lack maturity in the thinking. The higher up you go the more it becomes less a technical decision and more a business decision. Learn that and you will go far otherwise you end up sitting in your cage competing with students (cheaper and work longer hours). True fact of employment.
You make it sounds like that's a bad thing, you can easily get a salary where money is not a big deal without being in management, and you don't have to do the meeting and the hierarchical butt kissing... not being in management is win/win.
Still being in a lead role also means you have to factor in business decisions which are inherently non-technically influenced and you have to at the end of the day, accept the decision made and 99% of those decisions have very good business reasons for not doing A or B when you think about it and you have to then execute that decision, a lot of rage boy engineers cannot do that and keep ranting oh but thats not right yes theyre right, from an engineer perspective, but that's not the perspective the decision was taken with (well that was factored in ofcourse), I've seen it first hand.
I'm trying to figure out what the business reasons for releasing a forum replacement that wasn't tested for security are, but I can't.
I see it like this:
Best case, company is seen to be doing something productive.
Worst/this case, customers lose faith in company, company loses customers.
What am I missing, from my naive engineering perspective?
-
shipsofeve.com
eohpoker.com
sanshasnation.net
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 15:09:00 -
[619]
Originally by: Niraia
Originally by: Miilla
Originally by: dexington
Edited by: dexington on 11/04/2011 14:52:10
Originally by: Miilla
That is why those people never make management or lead positions as they cannot handle the decision process and lack maturity in the thinking. The higher up you go the more it becomes less a technical decision and more a business decision. Learn that and you will go far otherwise you end up sitting in your cage competing with students (cheaper and work longer hours). True fact of employment.
You make it sounds like that's a bad thing, you can easily get a salary where money is not a big deal without being in management, and you don't have to do the meeting and the hierarchical butt kissing... not being in management is win/win.
Still being in a lead role also means you have to factor in business decisions which are inherently non-technically influenced and you have to at the end of the day, accept the decision made and 99% of those decisions have very good business reasons for not doing A or B when you think about it and you have to then execute that decision, a lot of rage boy engineers cannot do that and keep ranting oh but thats not right yes theyre right, from an engineer perspective, but that's not the perspective the decision was taken with (well that was factored in ofcourse), I've seen it first hand.
I'm trying to figure out what the business reasons for releasing a forum replacement that wasn't tested for security are, but I can't.
I see it like this:
Best case, company is seen to be doing something productive.
Worst/this case, customers lose faith in company, company loses customers.
What am I missing, from my naive engineering perspective?
It probalby was evaluated for security. Saying it was not just naieve. Most processes have a threat model.
|
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.11 15:12:00 -
[620]
Edited by: Tippia on 11/04/2011 15:12:11
Originally by: Miilla
It probalby was evaluated for security. Saying it was not just naieve. Most processes have a threat model.
ąand yet the most common threat imaginable was not found.
So either the process was deeply flawed (and shouldn't exist in its current incarnation) or it already didn't exist. The effect is much the same.
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
|
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 15:13:00 -
[621]
Originally by: Tippia
Originally by: Miilla
It probalby was evaluated for security. Saying it was not just naieve. Most processes have a threat model.
ąand yet the most common thread imaginable was not found.
So either the process was deeply flawed (and shouldn't exist in its current incarnation) or it already didn't exist. The effect is much the same.
Or perhaps it wasn't reported correctly which resulted in a breakdown of communication, that seems one factor here. I would love to see his report on this but I didn't all I saw was him exploiting it. Bad news.
|
dexington
Caldari
Baconoration
|
Posted - 2011.04.11 15:13:00 -
[622]
Originally by: Niraia
I'm trying to figure out what the business reasons for releasing a forum replacement that wasn't tested for security are, but I can't.
Maybe they were behind schedule, and then asked if they were ready to deploy someone took a chance and said yes. It¦s always the last 10% that takes 90% of the time, it's so much easier to do the last changes/fixes when you have user feedback/test data from a running system, someone probably believed the last fixes and changes could be applied to the deployed system. Probably would even have been a good idea, had it not been security issues they needed to fix.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 15:15:00 -
[623]
Originally by: dexington
Originally by: Niraia
I'm trying to figure out what the business reasons for releasing a forum replacement that wasn't tested for security are, but I can't.
Maybe they were behind schedule, and then asked if they were ready to deploy someone took a chance and said yes. It¦s always the last 10% that takes 90% of the time, it's so much easier to do the last changes/fixes when you have user feedback/test data from a running system, someone probably believed the last fixes and changes could be applied to the deployed system. Probably would even have been a good idea, had it not been security issues they needed to fix.
Bingo, DATE DRIVEN. Most businesses are date driven, when do we deliver this to market, when does this go live? How can you plan a business without dates? Especially in a competitive world where you don't have the luxary of "when its ready" or perhaps you already committed to this date by communicating it and then you have to run with it.
|
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.11 15:16:00 -
[624]
Edited by: Tippia on 11/04/2011 15:17:07
Originally by: Miilla
Or perhaps it wasn't reported correctly which resulted in a breakdown of communication, that seems one factor here. I would love to see his report on this but I didn't all I saw was him exploiting it. Bad news.
Now you're mixing two completely different processes.
I'm talking about the security evaluation; you're talking about what happened because no such evaluation took place (while at the same time saying that it did, even though, as mentioned, the effect of any such evaluation was the same as if there was none).
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
Niraia
Zaratha Zarati
Shaktipat Revelators
|
Posted - 2011.04.11 15:17:00 -
[625]
Originally by: Miilla
stuff
You aren't going to answer the question, though?
Assume that it was evaluated, and replace my assumption of a lack of evaluation with that of a failure in evaluation, if it helps.
-
shipsofeve.com
eohpoker.com
sanshasnation.net
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 15:18:00 -
[626]
Originally by: Tippia
Originally by: Miilla
Or perhaps it wasn't reported correctly which resulted in a breakdown of communication, that seems one factor here. I would love to see his report on this but I didn't all I saw was him exploiting it. Bad news.
Now you're mixing two completely different processes.
I'm talking about the security evaluation; you're talking about what happened because no such evaluation took place.
So what your saying is, we're both guessing. Like everybody else, all acting experts and claiming to know what happened and why, guessing and blame raging.
Right? I know I am, just as you are.
|
William Henry McGregor
|
Posted - 2011.04.11 15:19:00 -
[627]
Originally by: Miilla
It probalby was evaluated for security. Saying it was not just naieve. Most processes have a threat model.
Your believe - I don't buy it, no one does!
The "new and shiny" forum was "Broken by Design"(TM) - there was absolutely no QA.
Everyone with a functioning brain could see it.
Well, the reason behind this new forum is simple:
CCP wants all of us forced into SpaceBook! Something no sane person ever wanted.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 15:21:00 -
[628]
Originally by: William Henry McGregor
Originally by: Miilla
It probalby was evaluated for security. Saying it was not just naieve. Most processes have a threat model.
Your believe - I don't buy it, no one does!
The "new and shiny" forum was "Broken by Design"(TM) - there was absolutely no QA.
Everyone with a functioning brain could see it.
Well, the reason behind this new forum is simple:
CCP wants all of us forced into SpaceBook! Something no sane person ever wanted.
You're right no sane person wants to be social or be able to single sign on to their service and no sane person wants to read their eve mail without logging onto eve client, right? No sane company wants to integrate their own service seamlessly.
|
Zey Nadar
Gallente
Unknown Soldiers
Wildly Inappropriate.
|
Posted - 2011.04.11 15:22:00 -
[629]
Edited by: Zey Nadar on 11/04/2011 15:22:28
Originally by: Miilla
LALALALALALALA
Jeez dude, get a grip. If you want us to stop posting, why are you yourself still posting?
edit: Actually I don't think youre a guy, only girls are this stubborn.
|
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.11 15:23:00 -
[630]
Originally by: Miilla
So what your saying is, we're both guessing.
No, what I'm saying is that you can't call people nanve for saying that no security evaluation when the one solid fact we have is the end result had a security hole so huge that "no security evaluation" ł be it in practice or by active choice ł is the only reasonable explanation.
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
|
|
El'Niaga
Minmatar
Republic Military School
|
Posted - 2011.04.11 15:24:00 -
[631]
I think Miilla is a CCP employee being paid to troll this thread instead of doing real work like perhaps checking code for the new forums.....
It is now well into the afternoon CCP, we would like that update we were promised. Yes I'm expecting some heads to roll, you've been to lax for far to long with your employees. Just remember as SOE trashed their own community with the NGE rollout of SWG and have never had a successful launch since, you could do that to your own name with the way things are going.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 15:25:00 -
[632]
Originally by: El'Niaga
I think Miilla is a CCP employee being paid to troll this thread instead of doing real work like perhaps checking code for the new forums.....
It is now well into the afternoon CCP, we would like that update we were promised. Yes I'm expecting some heads to roll, you've been to lax for far to long with your employees. Just remember as SOE trashed their own community with the NGE rollout of SWG and have never had a successful launch since, you could do that to your own name with the way things are going.
Wow, its true, all those 3 letters really do make you look like you know what you are talking about.
|
Misanth
RABBLE RABBLE RABBLE
|
Posted - 2011.04.11 15:27:00 -
[633]
Originally by: El'Niaga
It is now well into the afternoon CCP, we would like that update we were promised.
Hey it's several hours left of Monday. If we pretend devs work US TZ they got half a day or so to conjure up that devblog.
-
|
Yuki Kulotsuki
|
Posted - 2011.04.11 15:29:00 -
[634]
Originally by: Miilla
Wow, its true, all those 3 letters really do make you look like you know what you are talking about.
Anyone who follows MMOs should be aware of those acronyms. It's a well known story.
--
Did you know there's an alliance who's name you're not allowed to say, or website you're not allowed to link? |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 15:30:00 -
[635]
Originally by: Yuki Kulotsuki
Originally by: Miilla
Wow, its true, all those 3 letters really do make you look like you know what you are talking about.
Anyone who follows MMOs should be aware of those acronyms. It's a well known story.
What's an MMO?
|
Yuki Kulotsuki
|
Posted - 2011.04.11 15:33:00 -
[636]
Edited by: Yuki Kulotsuki on 11/04/2011 15:32:44
Originally by: Miilla
Originally by: Yuki Kulotsuki
Originally by: Miilla
Wow, its true, all those 3 letters really do make you look like you know what you are talking about.
Anyone who follows MMOs should be aware of those acronyms. It's a well known story.
What's an MMO?
I-i-it's not l-like I want to tell you or anything. I just happened to have a link lying around. Jeez!
--
Did you know there's an alliance who's name you're not allowed to say, or website you're not allowed to link? |
Niraia
Zaratha Zarati
Shaktipat Revelators
|
Posted - 2011.04.11 15:35:00 -
[637]
Originally by: El'Niaga
I think Miilla is a CCP employee
I was thinking one of Sreegs' HBGary friends! Or maybe Ankhesentapemkah.
-
shipsofeve.com
eohpoker.com
sanshasnation.net
|
El'Niaga
Minmatar
Republic Military School
|
Posted - 2011.04.11 15:35:00 -
[638]
Originally by: Miilla
Originally by: El'Niaga
I think Miilla is a CCP employee being paid to troll this thread instead of doing real work like perhaps checking code for the new forums.....
It is now well into the afternoon CCP, we would like that update we were promised. Yes I'm expecting some heads to roll, you've been to lax for far to long with your employees. Just remember as SOE trashed their own community with the NGE rollout of SWG and have never had a successful launch since, you could do that to your own name with the way things are going.
Wow, its true, all those 3 letters really do make you look like you know what you are talking about.
Like many events in life, this is a pivot point. It's already on 3rd party sites, many of the same sites that led to the decline of SWG over the NGE. CCP can hone up to what's been done, smooth over community relations or decide not to learn from SOE and have their reputation damaged.
That's what's at stake, it isn't just EVE, this would spill over to all their projects just like it did for SOE. That would greatly hurt a successful launch of DUST and of World of Darkness. There CEO should have come in over the weekend and made a statement etc. Stonewalling will not help them and will only lead to further problems down the road for them.
People though can be fantastically forgiving if you're honest with them, it's when they feel you are hiding something or withholding from them that quickly love turns to hate, and all the energy they used previously to build up something they use to destroy that same thing.
|
William Henry McGregor
|
Posted - 2011.04.11 15:36:00 -
[639]
Originally by: Niraia
Originally by: El'Niaga
I think Miilla is a CCP employee
I was thinking one of Sreegs' HBGary friends!
This! HBGary was offering such services...
|
Jaik7
|
Posted - 2011.04.11 15:37:00 -
[640]
i actually liked() a few of the features in the new forums. for instance, addign some topics to favorites lets me find them easily, so when my favorite topic ends up on page three i don't have to read each title in order to find it.
i also enjoyed participating in Cal's thread of twenty thousand likes. that has got to have been the most fun i've ever had on a forum.
in these forums, making a hyperlink is not very straightforward, i still havent gotten it right. in the new ones all i had to do was copy/paste a URL.
i don't get the whole "bleeding eyes" drama about the font. i hardly noticed the change.
the thing i hated most about them was the way my did not lol
|
|
|
Bomberlocks
Minmatar
CTRL-Q
|
Posted - 2011.04.11 15:38:00 -
[641]
Originally by: Miilla
Originally by: Tippia
Originally by: Miilla
It probalby was evaluated for security. Saying it was not just naieve. Most processes have a threat model.
ąand yet the most common thread imaginable was not found.
So either the process was deeply flawed (and shouldn't exist in its current incarnation) or it already didn't exist. The effect is much the same.
Or perhaps it wasn't reported correctly which resulted in a breakdown of communication, that seems one factor here. I would love to see his report on this but I didn't all I saw was him exploiting it. Bad news.
You are avoiding the fact that it was not only Catari who reported and petitioned bugs. I know of at least three others who did as well. Helicity, who posted earlier on in this thread is one of them. It would be most helpful if you stopped trying to put all the focus on Catari and instead stick to the issue of how the forums got released in the state they did.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 15:39:00 -
[642]
Originally by: El'Niaga
Originally by: Miilla
Originally by: El'Niaga
I think Miilla is a CCP employee being paid to troll this thread instead of doing real work like perhaps checking code for the new forums.....
It is now well into the afternoon CCP, we would like that update we were promised. Yes I'm expecting some heads to roll, you've been to lax for far to long with your employees. Just remember as SOE trashed their own community with the NGE rollout of SWG and have never had a successful launch since, you could do that to your own name with the way things are going.
Wow, its true, all those 3 letters really do make you look like you know what you are talking about.
Like many events in life, this is a pivot point. It's already on 3rd party sites, many of the same sites that led to the decline of SWG over the NGE. CCP can hone up to what's been done, smooth over community relations or decide not to learn from SOE and have their reputation damaged.
That's what's at stake, it isn't just EVE, this would spill over to all their projects just like it did for SOE. That would greatly hurt a successful launch of DUST and of World of Darkness. There CEO should have come in over the weekend and made a statement etc. Stonewalling will not help them and will only lead to further problems down the road for them.
People though can be fantastically forgiving if you're honest with them, it's when they feel you are hiding something or withholding from them that quickly love turns to hate, and all the energy they used previously to build up something they use to destroy that same thing.
Yes a forum can kill Dust which is on consoles because console users care about a keyboard which is required to type into a forum.
|
Yuki Kulotsuki
|
Posted - 2011.04.11 15:40:00 -
[643]
Originally by: Miilla
Yes a forum can kill Dust which is on consoles because console users care about a keyboard which is required to type into a forum.
Pro forum *****s use on-screen keyboards and joypads. 20WPM FTW!
--
Did you know there's an alliance who's name you're not allowed to say, or website you're not allowed to link? |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 15:41:00 -
[644]
Originally by: Bomberlocks
Originally by: Miilla
Originally by: Tippia
Originally by: Miilla
It probalby was evaluated for security. Saying it was not just naieve. Most processes have a threat model.
ąand yet the most common thread imaginable was not found.
So either the process was deeply flawed (and shouldn't exist in its current incarnation) or it already didn't exist. The effect is much the same.
Or perhaps it wasn't reported correctly which resulted in a breakdown of communication, that seems one factor here. I would love to see his report on this but I didn't all I saw was him exploiting it. Bad news.
You are avoiding the fact that it was not only Catari who reported and petitioned bugs. I know of at least three others who did as well. Helicity, who posted earlier on in this thread is one of them. It would be most helpful if you stopped trying to put all the focus on Catari and instead stick to the issue of how the forums got released in the state they did.
You are avoiding the fact that it was Catari who EXPLOITED this for his own ego gain. He even bragged about it.
|
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.11 15:41:00 -
[645]
Edited by: Tippia on 11/04/2011 15:43:16
Originally by: Jaik7
in these forums, making a hyperlink is not very straightforward, i still havent gotten it right. in the new ones all i had to do was copy/paste a URL.
Funnily enough, the old new forums use the same linking button as the new new (old) forumsą
ąunless you're talking about the auto-discovery and translation of link-like text strings pasted straight into the text flow, which is somewhat nifty, but which tends to cause quite a lot of funny issues if you want to discuss more technical things.
Originally by: Miilla
You are avoiding the fact that it was Catari who EXPLOITED this for his own ego gain. He even bragged about it.
And you have yet to specify the damage he supposedly did.
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
Zey Nadar
Gallente
Unknown Soldiers
Wildly Inappropriate.
|
Posted - 2011.04.11 15:43:00 -
[646]
Edited by: Zey Nadar on 11/04/2011 15:46:45
Originally by: El'Niaga
Like many events in life, this is a pivot point. It's already on 3rd party sites, many of the same sites that led to the decline of SWG over the NGE. CCP can hone up to what's been done, smooth over community relations or decide not to learn from SOE and have their reputation damaged.
That's what's at stake, it isn't just EVE, this would spill over to all their projects just like it did for SOE. That would greatly hurt a successful launch of DUST and of World of Darkness. There CEO should have come in over the weekend and made a statement etc. Stonewalling will not help them and will only lead to further problems down the road for them.
People though can be fantastically forgiving if you're honest with them, it's when they feel you are hiding something or withholding from them that quickly love turns to hate, and all the energy they used previously to build up something they use to destroy that same thing.
The basic damage-control of politics: Admit as soon as possible that there has been an error, its being worked on, and all the niceties like forum will be back better after that.
And not post blatant lies like that we werent at risk because we were.
Stonewalling is very poor idea at this time and age, the grumblings will only grow exponentially. Im sure you US people know such examples from your politics (Or for example, whats going on at Fukushima nuclear plant in Japan etc). Best method is to soothe the people who are aware of the issue at first, before they start telling other people. If people don't know, they start expecting the worst, and the problems escalate.
|
El'Niaga
Minmatar
Republic Military School
|
Posted - 2011.04.11 15:47:00 -
[647]
Originally by: Miilla
Originally by: El'Niaga
Originally by: Miilla
Originally by: El'Niaga
I think Miilla is a CCP employee being paid to troll this thread instead of doing real work like perhaps checking code for the new forums.....
It is now well into the afternoon CCP, we would like that update we were promised. Yes I'm expecting some heads to roll, you've been to lax for far to long with your employees. Just remember as SOE trashed their own community with the NGE rollout of SWG and have never had a successful launch since, you could do that to your own name with the way things are going.
Wow, its true, all those 3 letters really do make you look like you know what you are talking about.
Like many events in life, this is a pivot point. It's already on 3rd party sites, many of the same sites that led to the decline of SWG over the NGE. CCP can hone up to what's been done, smooth over community relations or decide not to learn from SOE and have their reputation damaged.
That's what's at stake, it isn't just EVE, this would spill over to all their projects just like it did for SOE. That would greatly hurt a successful launch of DUST and of World of Darkness. There CEO should have come in over the weekend and made a statement etc. Stonewalling will not help them and will only lead to further problems down the road for them.
People though can be fantastically forgiving if you're honest with them, it's when they feel you are hiding something or withholding from them that quickly love turns to hate, and all the energy they used previously to build up something they use to destroy that same thing.
Yes a forum can kill Dust which is on consoles because console users care about a keyboard which is required to type into a forum.
I'm beginning to wonder at your intelligence. Has nothing to do with the error was on a forum etc. It is a series of events that shows incompetence on CCPs part going back years. Over time that erodes customer support and confidence. As customers who were once stalwart supporters feel slighted they can turn into some of the greatest critics.
That's what happened with SOE and SWG. They made changes, they made unpopular changes, they decried their customers. Much like yourself challenging their intelligence etc. In the end those customers who had loved the game prior became its most vocal critics.
SWG lost over half its population in 90 days (EVE on the other hand doubled population in that time....to give you a hint where they went). Due to the events of those days, SOE has not had a successful launch of any MMO since. It has now been over 6 years and they have not recovered, and it will probably be many more before they do.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 15:50:00 -
[648]
Edited by: Miilla on 11/04/2011 15:51:10
Originally by: El'Niaga
I'm beginning to wonder at your intelligence. Has nothing to do with the error was on a forum etc. It is a series of events that shows incompetence on CCPs part going back years. Over time that erodes customer support and confidence. As customers who were once stalwart supporters feel slighted they can turn into some of the greatest critics.
That's what happened with SOE and SWG. They made changes, they made unpopular changes, they decried their customers. Much like yourself challenging their intelligence etc. In the end those customers who had loved the game prior became its most vocal critics.
SWG lost over half its population in 90 days (EVE on the other hand doubled population in that time....to give you a hint where they went). Due to the events of those days, SOE has not had a successful launch of any MMO since. It has now been over 6 years and they have not recovered, and it will probably be many more before they do.
And yet you still are here using their service and probably paying them in some form or other.
If you don't like their service, quit using it.
|
Yuki Kulotsuki
|
Posted - 2011.04.11 15:51:00 -
[649]
Just because someone is a hypocrite doesn't mean they aren't telling the truth.
--
Did you know there's an alliance who's name you're not allowed to say, or website you're not allowed to link? |
Zey Nadar
Gallente
Unknown Soldiers
Wildly Inappropriate.
|
Posted - 2011.04.11 15:51:00 -
[650]
Originally by: El'Niaga
I'm beginning to wonder at your intelligence.
Don't you see Miilla is a professional troll? Youve been trolled! Above post proves it.
|
|
|
Steve Thomas
Minmatar
Sebiestor Tribe
|
Posted - 2011.04.11 16:20:00 -
[651]
Edited by: Steve Thomas on 11/04/2011 16:22:16
ok reguarding this exploit
We did a mockup of a forum (not eves just a dummy) useing a modified version of YAF.net to permit the exploits
bascialy if you were running IE 8 or 9, crome, on nonuptated Vista or newer none of the redirect scripts worked without you specificaly allowing redirect scripts in settings.
the best I could get was to have IE 8 throw up a yes-no box on instaling anything, Firefox 3.5 I could somehow install active X controls and Java applets, aparently because it was a trusted sight. this was not a problem with Firefox 4.0
Crome I was promptly told that it had detected and blocked suspected attacks BEFORE THE PAGE LOADED ok I may need to replace Firefox.
IE 7, well if your stubborn enough to be still useing THAT antique POC then you probably already know just how badly that went.
http://desusig.crumplecorn.com/sigs.html Crumplecorn's DesuSigs
|
dexington
Caldari
Baconoration
|
Posted - 2011.04.11 16:21:00 -
[652]
Originally by: Zey Nadar
Don't you see Miilla is a professional troll? Youve been trolled! Above post proves it.
ZOMG!1 you are so off topic, you must be one of the trolls in cohorts with Miilla, i see right through your trolling disguised as counter trolling.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 16:27:00 -
[653]
Stable and Secure
YAF has been vetted.
YAF has been around since 2003. During that time, the application has been throughly tested. Since the code has been freely available for 7 years, there is nothing to hide and no stone has been left unturned.
|
Helicity Boson
Amarr
The Python Cartel.
The Defenders of Pen Island
|
Posted - 2011.04.11 16:30:00 -
[654]
Originally by: Miilla
Stable and Secure
YAF has been vetted.
YAF has been around since 2003. During that time, the application has been throughly tested. Since the code has been freely available for 7 years, there is nothing to hide and no stone has been left unturned.
You are correct. There's nothing inherently wrong with YAF.
The blame for this shameful debacle lies squarely with CCP and their incompetent gutting of a working bit of software.
I'm still not entirely sure how I feel about all this.
|
Yuki Kulotsuki
|
Posted - 2011.04.11 16:31:00 -
[655]
Originally by: Helicity Boson
I'm still not entirely sure how I feel about all this.
Conflicted? Ambivalent? Of two minds?
--
Did you know there's an alliance who's name you're not allowed to say, or website you're not allowed to link? |
Erichk Knaar
Caldari
Noir.
Noir. Mercenary Group
|
Posted - 2011.04.11 16:32:00 -
[656]
Originally by: Steve Thomas
Crome I was promptly told that it had detected and blocked suspected attacks BEFORE THE PAGE LOADED ok I may need to replace Firefox.
^^ This is good advice.
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 16:34:00 -
[657]
Originally by: Erichk Knaar
Originally by: Steve Thomas
Crome I was promptly told that it had detected and blocked suspected attacks BEFORE THE PAGE LOADED ok I may need to replace Firefox.
^^ This is good advice.
Or reconfigure it and install NoScript etc. I don't think noscript allows finegrained script blocking, just at the CDN level. Pitty, correct me if I am wrong. It would be awesome to allow just some scripts on a CDN.
|
Bomberlocks
Minmatar
CTRL-Q
|
Posted - 2011.04.11 16:44:00 -
[658]
Originally by: Miilla
Originally by: Bomberlocks
....You are avoiding the fact that it was not only Catari who reported and petitioned bugs. I know of at least three others who did as well. Helicity, who posted earlier on in this thread is one of them. It would be most helpful if you stopped trying to put all the focus on Catari and instead stick to the issue of how the forums got released in the state they did.
You are avoiding the fact that it was Catari who EXPLOITED this for his own ego gain. He even bragged about it.
No, I am not. He did brag about it on SHC. Why he did that is something you'll have to ask him.
Now that we've got that out of the way, do you think we could go back to the problem of the forums, or would that be asking too much?
|
Daedalus II
Helios Research
|
Posted - 2011.04.11 16:46:00 -
[659]
I came to think of:
How safe are these forums? I assume people have tried to crack them before, but if the new forums had holes like that, what is to say there aren't some unknown holes in this one as well? How is the logon information stored in cookies here?
___________
Interested in incursions? Join Helios Research! |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 16:53:00 -
[660]
Originally by: Bomberlocks
Originally by: Miilla
Originally by: Bomberlocks
....You are avoiding the fact that it was not only Catari who reported and petitioned bugs. I know of at least three others who did as well. Helicity, who posted earlier on in this thread is one of them. It would be most helpful if you stopped trying to put all the focus on Catari and instead stick to the issue of how the forums got released in the state they did.
You are avoiding the fact that it was Catari who EXPLOITED this for his own ego gain. He even bragged about it.
No, I am not. He did brag about it on SHC. Why he did that is something you'll have to ask him.
Now that we've got that out of the way, do you think we could go back to the problem of the forums, or would that be asking too much?
He not only bragged about it, he EXPLOITED the issue.
Stop avoiding the fact he EXPLOITED a forum bug.
|
|
|
Steve Thomas
Minmatar
Sebiestor Tribe
|
Posted - 2011.04.11 16:55:00 -
[661]
Originally by: Helicity Boson
Originally by: Miilla
Stable and Secure
YAF has been vetted.
YAF has been around since 2003. During that time, the application has been throughly tested. Since the code has been freely available for 7 years, there is nothing to hide and no stone has been left unturned.
You are correct. There's nothing inherently wrong with YAF.
The blame for this shameful debacle lies squarely with CCP and their incompetent gutting of a working bit of software.
I'm still not entirely sure how I feel about all this.
Terified might be a good place to start, after all there Database is also a off the shelf product just like YAF is. only they customised it to work the way they wanted it to work...
which reminds me, Im never ever going to use the IGB in EvE again.
http://desusig.crumplecorn.com/sigs.html Crumplecorn's DesuSigs
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 16:57:00 -
[662]
Originally by: Steve Thomas
Originally by: Helicity Boson
Originally by: Miilla
Stable and Secure
YAF has been vetted.
YAF has been around since 2003. During that time, the application has been throughly tested. Since the code has been freely available for 7 years, there is nothing to hide and no stone has been left unturned.
You are correct. There's nothing inherently wrong with YAF.
The blame for this shameful debacle lies squarely with CCP and their incompetent gutting of a working bit of software.
I'm still not entirely sure how I feel about all this.
Terified might be a good place to start, after all there Database is also a off the shelf product just like YAF is. only they customised it to work the way they wanted it to work...
which reminds me, Im never ever going to use the IGB in EvE again.
YAF being open source they could have submitted their functional changes back into the project which would also get a review.
|
Elyssa MacLeod
|
Posted - 2011.04.11 16:57:00 -
[663]
hey Yuki Kulotsuki,
whats the alliance?
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 16:59:00 -
[664]
Originally by: Elyssa MacLeod
hey Yuki Kulotsuki,
whats the alliance?
Electrified dead skunk hair Inc.
|
Sullen Skoung
|
Posted - 2011.04.11 17:03:00 -
[665]
Originally by: Grimpak
Originally by: Akita T
Originally by: Grimpak
wait, are you telling me that this the exact same ****up as on boot.ini but in a different place?
It would appear so, at least as far as signatures are concerned...
wtf, didn't they fired that guy?
no, they did with him the same as they did with T20; xferred him to a new department... Web design would be my guess
----------------------------------------
CCP Forum fail ALMOST as much fail as this:
http://www.youtube.com/watch?v=hnZb5wi_jsU |
Bomberlocks
Minmatar
CTRL-Q
|
Posted - 2011.04.11 17:03:00 -
[666]
Originally by: Miilla
Originally by: Bomberlocks
Originally by: Miilla
Originally by: Bomberlocks
....You are avoiding the fact that it was not only Catari who reported and petitioned bugs. I know of at least three others who did as well. Helicity, who posted earlier on in this thread is one of them. It would be most helpful if you stopped trying to put all the focus on Catari and instead stick to the issue of how the forums got released in the state they did.
You are avoiding the fact that it was Catari who EXPLOITED this for his own ego gain. He even bragged about it.
No, I am not. He did brag about it on SHC. Why he did that is something you'll have to ask him.
Now that we've got that out of the way, do you think we could go back to the problem of the forums, or would that be asking too much?
He not only bragged about it, he EXPLOITED the issue.
Stop avoiding the fact he EXPLOITED a forum bug.
There's a reason that 95% of Rens had you on block. Oh well, my fault for trying, I suppose.
|
Yuki Kulotsuki
|
Posted - 2011.04.11 17:03:00 -
[667]
Originally by: Elyssa MacLeod
hey Yuki Kulotsuki,
whats the alliance?
Oh no. I'm not falling for that. You're trying to get me to do something I'm not supposed to and end up banned.
...
Maybe it's ok to use the ticker... C0M
--
Did you know there's an alliance who's name you're not allowed to say, or website you're not allowed to link? |
Sullen Skoung
|
Posted - 2011.04.11 17:07:00 -
[668]
Originally by: Yuki Kulotsuki
Originally by: Elyssa MacLeod
hey Yuki Kulotsuki,
whats the alliance?
Oh no. I'm not falling for that. You're trying to get me to do something I'm not supposed to and end up banned.
...
Maybe it's ok to use the ticker... C0M
you can get BANNED for saying an alliance's NAME??
WOW these guys are ban happy now arent they?
What rule does that violate on the forums TOS or w/e again?
Oh yeah, where is that blog Sreegs was writing? I looked in the info area and I dont see it; I could be blind though
----------------------------------------
CCP Forum fail ALMOST as much fail as this:
http://www.youtube.com/watch?v=hnZb5wi_jsU |
Richard Aiel
Caldari
FireTech Industries
|
Posted - 2011.04.11 17:08:00 -
[669]
Originally by: Sullen Skoung
Originally by: Yuki Kulotsuki
Originally by: Elyssa MacLeod
hey Yuki Kulotsuki,
whats the alliance?
Oh no. I'm not falling for that. You're trying to get me to do something I'm not supposed to and end up banned.
...
Maybe it's ok to use the ticker... C0M
you can get BANNED for saying an alliance's NAME??
WOW these guys are ban happy now arent they?
What rule does that violate on the forums TOS or w/e again?
Oh yeah, where is that blog Sreegs was writing? I looked in the info area and I dont see it; I could be blind though
I caught, no ****, a 7 day ban once for calling BoB BoD back in the day, its not a surprise really.
-----------------------------------------
If you dont learn from the past you are doomed to repeat it
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1469262&page=2#51 |
Hel O'Ween
Men On A Mission
|
Posted - 2011.04.11 17:13:00 -
[670]
Originally by: Miilla
Stop avoiding the fact he EXPLOITED a forum bug.
After no action has been taken by CCP, he demonstrated the security problems. This is common practice.
As guess you call it "kidnapping" if someone hinders a thief of running away until the police arrives.
--
EVEWalletAware - an offline wallet manager |
|
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 17:17:00 -
[671]
Originally by: Hel O'Ween
Originally by: Miilla
Stop avoiding the fact he EXPLOITED a forum bug.
After no action has been taken by CCP, he demonstrated the security problems. This is common practice.
As guess you call it "kidnapping" if someone hinders a thief of running away until the police arrives.
You should ask the customers who's accounts he exploited on the forum if they liked his "demonstration".
|
dexington
Caldari
Baconoration
|
Posted - 2011.04.11 17:22:00 -
[672]
Originally by: Hel O'Ween
After no action has been taken by CCP, he demonstrated the security problems. This is common practice.
Common practice would be to wait with public disclouser, until it's confirmed that the issue is solved. Hacking into a website no matter what the reason is a crime, in most parts of the world.
|
Yuki Kulotsuki
|
Posted - 2011.04.11 17:23:00 -
[673]
Originally by: Miilla
You should ask the customers who's accounts he exploited on the forum if they liked his "demonstration".
The one person he did thought it was amusing or said as much in the SHC thread.
--
Did you know there's an alliance who's name you're not allowed to say, or website you're not allowed to link? |
Marcus Fey
|
Posted - 2011.04.11 17:23:00 -
[674]
Lol Miilla
Clearly you didnt bother to read the SHC thread while it was up
"exploited account" customer didn't seem that bothered to me
|
Kengutsi Akira
|
Posted - 2011.04.11 17:25:00 -
[675]
Originally by: Marcus Fey
Lol Miilla
Clearly you didnt bother to read the SHC thread while it was up
"exploited account" customer didn't seem that bothered to me
You have to understand, miilla cant hear us from the white knight standpoint. "Its the PRINCIPLE. It doesnt MATTER if they cared or not."
------------------------------------
"You know, my foot oughta vandilize your ass" |
Marcus Fey
|
Posted - 2011.04.11 17:28:00 -
[676]
Originally by: Kengutsi Akira
Originally by: Marcus Fey
Lol Miilla
Clearly you didnt bother to read the SHC thread while it was up
"exploited account" customer didn't seem that bothered to me
You have to understand, miilla cant hear us from the white knight standpoint. "Its the PRINCIPLE. It doesnt MATTER if they cared or not."
Hummm : Will we get a "block r@tard" function on the new forums then ? :)
|
Ix Forres
Caldari
Righteous Chaps
|
Posted - 2011.04.11 17:29:00 -
[677]
Edited by: Ix Forres on 11/04/2011 17:31:05
Originally by: Miilla
Originally by: Hel O'Ween
Originally by: Miilla
Stop avoiding the fact he EXPLOITED a forum bug.
After no action has been taken by CCP, he demonstrated the security problems. This is common practice.
As guess you call it "kidnapping" if someone hinders a thief of running away until the police arrives.
You should ask the customers who's accounts he exploited on the forum if they liked his "demonstration".
I'm sure they had no real issue with it given the severity. The one other customer who had a post made from him using the exploit probably didn't mind. If that customer wants to come forward and counter my statement then fair enough.
You cannot properly perform such a security check on a forum like this without exploiting the flaw publicly. That's kind of the point. You have to be able to use the exploit to prove that it exists in order for you to report it.
The guy did this in a limited capacity to see if it worked, it did, he reported it. CCP did nothing so he demonstrated a proof of concept.
Now, when it comes to reasonable disclosure policies, that's pretty sane. The timeframe between reporting and actioning was unacceptably slow on CCP's part given the potential for naughtiness from malicious people. The severity of the flaws was massive and the implications similarly massive. A proof of concept in public to demonstrate just how massive a problem it was to the people using the forums was not only the right thing to do morally but the right thing to do for CCP. CCP was then forced to move -right then- to take the forums down, which was absolutely the right thing to do - take them down, then have a good long hard look at them, get some external help, and so on. Do that behind the scenes and test it all internally. If management forced early deployment in a broken state then that's proof to management that you needed more time. If the developers were at fault they can say they've acted in the interests of the company when their performance review comes up. This isn't rocket science.
Edit: I archived the SHC thread (and all of SHC) before it went down. http://assets.talkunafraid.co.uk/shc/viewtopic.php%3Ft=40002&start=405.html
In fact, in that thread you can see the response from the customer who was impersonated: "lol brilliant".
http://assets.talkunafraid.co.uk/shc/viewtopic.php%3Fp=1589423.html#1589423
--
Ix Forres - Used to be a third party developer, now a full-time bittervet |
Steve Thomas
Minmatar
Sebiestor Tribe
|
Posted - 2011.04.11 17:32:00 -
[678]
Originally by: Erichk Knaar
Originally by: Steve Thomas
Crome I was promptly told that it had detected and blocked suspected attacks BEFORE THE PAGE LOADED ok I may need to replace Firefox.
^^ This is good advice.
In fairness IE9 and CROME and other new browsers were about the same and frankly I was not trying to outsmart them nor realy know how to in the first place.
http://desusig.crumplecorn.com/sigs.html Crumplecorn's DesuSigs
|
Zey Nadar
Gallente
Unknown Soldiers
Wildly Inappropriate.
|
Posted - 2011.04.11 17:36:00 -
[679]
Originally by: Miilla
YAF being open source they could have submitted their functional changes back into the project which would also get a review.
I don't know why Im responding to you, but the point is that CCP ripped off what security measures YAF HAD and tried to put in their own miserable ****-up of eve gate-integration.
|
NinjaSpud
|
Posted - 2011.04.11 17:49:00 -
[680]
Edited by: NinjaSpud on 11/04/2011 17:51:11
ok, I just skimmed threw the last 20 pages of people flaming CCP for the new forums....Seriously People? You're getting that riled up about a few bugs in a forum?
One of the things IĘve always liked about Eve, is the kind of ōhelp me help youö attitude CCP has towards their gamers. Think about it, after every major patch/addition to the game hasnĘt there always been a ōWe want your feedbackö thread? At this very moment isnĘt CCP investing time, effort and money helping the players out with the bot problem? They could have ignored it, bots pay subscriptions too ya know. But they are doing something about it because the playersąYOU GUYSąare asking them to.
IĘm not saying the new forums are perfect, neither is CCPątheyĘre all human. And yes, the forums had a major bug that needed to be recalled. But thatĘs life, it happens all the time even to the biggest and the baddest. Remember Windows Vista...or MEą or the XBOX360 red ring of deathą or pretty much anything Microsoft related lol. IĘd like to see any professional or amateur coder here make any kind of major program that could satisfy the needs of 300,000 people.
All IĘm saying is cut them some slack people, I think theyĘre doing a pretty good job.
Originally by: Zey Nadar
hey devs, if youre reading this I want a "ignore user" option to the new forums.
I also support this
|
|
|
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 17:52:00 -
[681]
Originally by: Zey Nadar
Edited by: Zey Nadar on 11/04/2011 17:40:50
Originally by: Miilla
YAF being open source they could have submitted their functional changes back into the project which would also get a review.
I don't know why Im responding to you, but the point is that CCP ripped off what security measures YAF HAD and tried to put in their own miserable ****-up of eve gate-integration.
edit: hey devs, if youre reading this I want a "ignore user" option to the new forums.
Originally by: Miilla
You should ask the customers who's accounts he exploited on the forum if they liked his "demonstration".
Ironically, I believe they were CCP's.
I guess CCP didn't mind.
|
Sullen Skoung
|
Posted - 2011.04.11 17:53:00 -
[682]
is Sreegs' blog out yet?
----------------------------------------
Whats the forum TOS violation for saying an alliance's name? |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 17:54:00 -
[683]
Originally by: Sullen Skoung
is Sreegs' blog out yet?
He's in the WC preparing it.
|
Bomberlocks
Minmatar
CTRL-Q
|
Posted - 2011.04.11 17:55:00 -
[684]
Originally by: Ix Forres
...
I'm sure they had no real issue with it given the severity. The one other customer who had a post made from him using the exploit probably didn't mind. If that customer wants to come forward and counter my statement then fair enough.
You cannot properly perform such a security check on a forum like this without exploiting the flaw publicly. That's kind of the point. You have to be able to use the exploit to prove that it exists in order for you to report it.
The guy did this in a limited capacity to see if it worked, it did, he reported it. CCP did nothing so he demonstrated a proof of concept.
Now, when it comes to reasonable disclosure policies, that's pretty sane. The timeframe between reporting and actioning was unacceptably slow on CCP's part given the potential for naughtiness from malicious people. The severity of the flaws was massive and the implications similarly massive. A proof of concept in public to demonstrate just how massive a problem it was to the people using the forums was not only the right thing to do morally but the right thing to do for CCP. CCP was then forced to move -right then- to take the forums down, which was absolutely the right thing to do - take them down, then have a good long hard look at them, get some external help, and so on. Do that behind the scenes and test it all internally. If management forced early deployment in a broken state then that's proof to management that you needed more time. If the developers were at fault they can say they've acted in the interests of the company when their performance review comes up. This isn't rocket science.
Edit: I archived the SHC thread (and all of SHC) before it went down. http://assets.talkunafraid.co.uk/shc/viewtopic.php%3Ft=40002&start=405.html
In fact, in that thread you can see the response from the customer who was impersonated: "lol brilliant".
http://assets.talkunafraid.co.uk/shc/viewtopic.php%3Fp=1589423.html#1589423
Quoting because this nonsense over Cat needs to end now. It's not about Catari (or strawmen being used by trolls), it's about the vulnerability of the forums which said trolls, who apparently used to work for Microsoft, seem to want to ignore.
|
Yuki Kulotsuki
|
Posted - 2011.04.11 17:55:00 -
[685]
Originally by: NinjaSpud
stuff
The errors in the forums was the kind of thing that should never make it past code review. There were feedback threads on the test set up that were ignored and the forums were pushed live. When you're adapting software that works and you make it unstable that's a problem.
--
Did you know there's an alliance who's name you're not allowed to say, or website you're not allowed to link? |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 17:57:00 -
[686]
Originally by: Yuki Kulotsuki
Originally by: NinjaSpud
stuff
The errors in the forums was the kind of thing that should never make it past code review. There were feedback threads on the test set up that were ignored and the forums were pushed live. When you're adapting software that works and you make it unstable that's a problem.
It is even more of a problem when people EXPLOIT the defects for their own gain.
|
Yuki Kulotsuki
|
Posted - 2011.04.11 17:58:00 -
[687]
Originally by: Miilla
Originally by: Sullen Skoung
is Sreegs' blog out yet?
He's in the WC preparing it.
That's a bit...
irrevenant.
--
Did you know there's an alliance who's name you're not allowed to say, or website you're not allowed to link? |
Sullen Skoung
|
Posted - 2011.04.11 17:58:00 -
[688]
Edited by: Sullen Skoung on 11/04/2011 18:00:36
Edited by: Sullen Skoung on 11/04/2011 18:00:17
Edited by: Sullen Skoung on 11/04/2011 17:59:10
Originally by: Miilla
Originally by: Yuki Kulotsuki
Originally by: NinjaSpud
stuff
The errors in the forums was the kind of thing that should never make it past code review. There were feedback threads on the test set up that were ignored and the forums were pushed live. When you're adapting software that works and you make it unstable that's a problem.
It is even more of a problem when people EXPLOIT the defects for their own gain.
woo, beat that dead horse
Miilla, I think it twitched, beat it again.
Originally by: Kengutsi Akira
Originally by: Marcus Fey
Lol Miilla
Clearly you didnt bother to read the SHC thread while it was up
"exploited account" customer didn't seem that bothered to me
You have to understand, miilla cant hear us from the white knight standpoint. "Its the PRINCIPLE. It doesnt MATTER if they cared or not."
Originally by: Miilla
It is even more of a problem when people EXPLOIT the defects for their own gain.
see?
----------------------------------------
Whats the forum TOS violation for saying an alliance's name? |
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.11 18:02:00 -
[689]
Originally by: Miilla
It is even more of a problem when people EXPLOIT the defects for their own gain.
Good thing no-one did that then.
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 18:03:00 -
[690]
Edited by: Miilla on 11/04/2011 18:03:05
Originally by: Tippia
Originally by: Miilla
It is even more of a problem when people EXPLOIT the defects for their own gain.
Good thing no-one did that then.
You're right, nothing happened. The forums just modified themselves.
|
|
|
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.11 18:04:00 -
[691]
Originally by: Miilla
You're right, nothing happened. The forums just modified themselves.
So who exploited the defects for their own gain?
Oh, and you still haven't answered the question about what damage Cat did. What was it?
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 18:06:00 -
[692]
Originally by: Tippia
Originally by: Miilla
You're right, nothing happened. The forums just modified themselves.
So who exploited the defects for their own gain?
Oh, and you still haven't answered the question about what damage Cat did. What was it?
Apparently the forum will answer you all by itself, its sentient.
|
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.11 18:07:00 -
[693]
Originally by: Miilla
Apparently the forum will answer you all by itself, its sentient.
So who exploited the defects for their own gain?
Oh, and you still haven't answered the question about what damage Cat did. What was it?
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.11 18:08:00 -
[694]
Originally by: Tippia
Originally by: Miilla
Apparently the forum will answer you all by itself, its sentient.
So who exploited the defects for their own gain?
Oh, and you still haven't answered the question about what damage Cat did. What was it?
The forums will type up a response all by itself any minute now.
|
Tippia
Sunshine and Lollipops
|
Posted - 2011.04.11 18:09:00 -
[695]
Originally by: Miilla
The forums will type up a response all by itself any minute now.
So who exploited the defects for their own gain?
Oh, and you still haven't answered the question about what damage Cat did. What was it?
Last chance.
łłł
ōIf you're not willing to fight for what you have in ≡v≡ą
you don't deserve it, and you will lose it.ö
ł Karath Piki |
Yuki Kulotsuki
|
Posted - 2011.04.11 18:09:00 -
[696]
--
Did you know there's an alliance who's name you're not allowed to say, or website you're not allowed to link? |
Titus Phook
|
Posted - 2011.04.11 18:30:00 -
[697]
I see your Graham Chapman and raise you a Rik Mayall
Flash by name flash by nature
---------------------------------------------
|
Copine Callmeknau
Kangaroos With Frickin Lazerbeams
The KWFL Republic
|
Posted - 2011.04.11 18:34:00 -
[698]
Originally by: Titus Phook
I see your Graham Chapman and raise you a Rik Mayall
Flash by name flash by nature
She's got a tongue like an electric eel and she likes the taste of a MAN'S tonsils!
Stunning EVE Online Theme for PS3 |
Sullen Skoung
|
Posted - 2011.04.11 18:48:00 -
[699]
Anyone noticing, sigs aside, theres almost no forum moderation going on right now? Wonder if it cause theyre just gonna freeze this once they un**** the new forums?
----------------------------------------
Whats the forum TOS violation for saying an alliance's name? |
Prince Kobol
|
Posted - 2011.04.11 18:49:00 -
[700]
Edited by: Prince Kobol on 11/04/2011 18:50:22
|
|
|
El'Niaga
Minmatar
Republic Military School
|
Posted - 2011.04.11 18:49:00 -
[701]
Originally by: Sullen Skoung
Anyone noticing, sigs aside, theres almost no forum moderation going on right now? Wonder if it cause theyre just gonna freeze this once they un**** the new forums?
Actually that's one of the smart things they're doing right now. One thing in the SOE NGE/SWG fiasco was the over moderation of everything by SOE which continued to fan the flames. By allowing some voice they ease the pressure.
|
Sullen Skoung
|
Posted - 2011.04.11 18:53:00 -
[702]
Originally by: El'Niaga
Originally by: Sullen Skoung
Anyone noticing, sigs aside, theres almost no forum moderation going on right now? Wonder if it cause theyre just gonna freeze this once they un**** the new forums?
Actually that's one of the smart things they're doing right now. One thing in the SOE NGE/SWG fiasco was the over moderation of everything by SOE which continued to fan the flames. By allowing some voice they ease the pressure.
then again they were doing just that before this fiasco, over the Botting fiasco (which everyone seems to have forgotten) locking all threads and pointing to the One Botting Thread
----------------------------------------
Whats the forum TOS violation for saying an alliance's name? |
Demoness Lolth
|
Posted - 2011.04.11 19:05:00 -
[703]
To all in this thread.
Want some cheese with your ****ing Whine ?
|
Sullen Skoung
|
Posted - 2011.04.11 19:05:00 -
[704]
Originally by: Demoness Lolth
To all in this thread.
Want some cheese with your ****ing Whine ?
Shouldnt you have black skin and white hair?
----------------------------------------
Whats the forum TOS violation for saying an alliance's name? |
phintais
|
Posted - 2011.04.11 19:58:00 -
[705]
I can't find anyone online that likes the new forums.
Terrible format.
Please keep the old format. Much easier to see and navigate.
Keep the eye candy in the game.
|
Sullen Skoung
|
Posted - 2011.04.11 20:06:00 -
[706]
Originally by: phintais
I can't find anyone online that likes the new forums.
Well noone that REALLY likes it and isnt just trolling for luls
|
Diomedes Calypso
|
Posted - 2011.04.11 20:41:00 -
[707]
Originally by: El'Niaga
Originally by: Sullen Skoung
Anyone noticing, sigs aside, theres almost no forum moderation going on right now? Wonder if it cause theyre just gonna freeze this once they un**** the new forums?
Actually that's one of the smart things they're doing right now. One thing in the SOE NGE/SWG fiasco was the over moderation of everything by SOE which continued to fan the flames. By allowing some voice they ease the pressure.
I think this is true ....
also the very idea that a company has always allowed posts critical to their company to exist on their forums is something that won me over to the game from day 1
This is a major statement of theirs that attacted me to the game.
|
Sullen Skoung
|
Posted - 2011.04.11 20:45:00 -
[708]
Originally by: Diomedes Calypso
[
I think this is true ....
also the very idea that a company has always allowed posts critical to their company to exist on their forums is something that won me over to the game from day 1
This is a major statement of theirs that attacted me to the game.
lol what company/game is this?
I know ppl that have gotten band for saying certain names or misspelling certain alliance's names lol
Quote:
a company has always allowed posts critical to their company to exist on their forums
lol thats just so funny I had to quote it twice
|
Copine Callmeknau
Kangaroos With Frickin Lazerbeams
The KWFL Republic
|
Posted - 2011.04.11 20:50:00 -
[709]
Originally by: Diomedes Calypso
Originally by: El'Niaga
Originally by: Sullen Skoung
Anyone noticing, sigs aside, theres almost no forum moderation going on right now? Wonder if it cause theyre just gonna freeze this once they un**** the new forums?
Actually that's one of the smart things they're doing right now. One thing in the SOE NGE/SWG fiasco was the over moderation of everything by SOE which continued to fan the flames. By allowing some voice they ease the pressure.
I think this is true ....
also the very idea that a company has always allowed posts critical to their company to exist on their forums is something that won me over to the game from day 1
This is a major statement of theirs that attacted me to the game.
Jeez I hope you're kidding.
I got temp-banned for making and using this sig (bet I get tempbanned again for posting it.
--
Stunning EVE Online Theme for PS3 |
dexington
Caldari
Baconoration
|
Posted - 2011.04.11 20:51:00 -
[710]
Originally by: phintais
I can't find anyone online that likes the new forums.
I liked the new forums.
|
|
|
Sullen Skoung
|
Posted - 2011.04.11 21:04:00 -
[711]
Originally by: dexington
Originally by: phintais
I can't find anyone online that likes the new forums.
I liked the new forums.
like I said, that arent trolling
lol
|
Barakkus
|
Posted - 2011.04.11 21:15:00 -
[712]
Originally by: El'Niaga
Originally by: Sullen Skoung
Anyone noticing, sigs aside, theres almost no forum moderation going on right now? Wonder if it cause theyre just gonna freeze this once they un**** the new forums?
Actually that's one of the smart things they're doing right now. One thing in the SOE NGE/SWG fiasco was the over moderation of everything by SOE which continued to fan the flames. By allowing some voice they ease the pressure.
This ^^
I used to be a forum mod for SOE for EQ2, when I was doing it they tried to be rather draconian about it and it backfired....I at least escaped being the least hated forum moderator out of the bunch, and it was because I didn't just nerf/lock everything unless it was completely ******ed.
-
-
[SERVICE] Corp Standings For POS anchoring
|
dexington
Caldari
Baconoration
|
Posted - 2011.04.11 21:16:00 -
[713]
Originally by: Sullen Skoung
Has Sreegs posted that blog yet?
They kicked him out before he had time to write it.
|
Diomedes Calypso
|
Posted - 2011.04.11 21:19:00 -
[714]
Originally by: Copine Callmeknau
Originally by: Diomedes Calypso
Originally by: El'Niaga
Originally by: Sullen Skoung
Anyone noticing, sigs aside, theres almost no forum moderation going on right now? Wonder if it cause theyre just gonna freeze this once they un**** the new forums?
Actually that's one of the smart things they're doing right now. One thing in the SOE NGE/SWG fiasco was the over moderation of everything by SOE which continued to fan the flames. By allowing some voice they ease the pressure.
I think this is true ....
also the very idea that a company has always allowed posts critical to their company to exist on their forums is something that won me over to the game from day 1
This is a major statement of theirs that attacted me to the game.
Jeez I hope you're kidding.
I got temp-banned for making and using this sig (bet I get tempbanned again for posting it.
Everything is relative...
of course they will have some moderation excesses now and then but compared to other games they allow an incredible amount of dialogue
|
Yuki Kulotsuki
|
Posted - 2011.04.11 21:21:00 -
[715]
Originally by: Diomedes Calypso
Everything is relative...
Subjectivist tripe from Godless heathens.
--
Did you know there's an alliance who's name you're not allowed to say, or website you're not allowed to link? |
William Loire
State War Academy
|
Posted - 2011.04.11 21:27:00 -
[716]
Originally by: Miilla
Originally by: Tippia
Originally by: Miilla
You're right, nothing happened. The forums just modified themselves.
So who exploited the defects for their own gain?
Oh, and you still haven't answered the question about what damage Cat did. What was it?
Apparently the forum will answer you all by itself, its sentient.
Since you are clueless let me help you out. There was very little "modification required" to manipulate the forums as they were. Anyone with a basic understanding of html could have done it. And when I say basic I don't mean "har-har I've been working with code since I was six, this is basic." I open up an online guide for some quick reading basic.
Of what Catari told us he:
-Petitioned his findings with CCP.
-Realized he could not only pose as any character, but edit any post, login in as a GM, access moderator controls and see invisible forums such as the private CSM forums.
-He was taunted by one SHC member to prove it. Which he did by posting as said SHC member. Said customer then proceeded to say "brilliant" and showed no issue with the post.
- Looked over CSM topics related to the forums. (Worthy of a temp ban)
- Received his ban. Then upon the return of the forums posted in the Dev thread explaining the hotfix that he should not be able to post considering he was ip banned.
- He never received an explanation for his ban or a time frame for how long it will last even though he deserves a medal from CCP for revealing such a obvious hole that could have literally ****ed over thousands of customers.
- He never revealed how either exploit works to anyone on SHC or EVEO.
All in all these forums were a monumental ****up. You can say "lol bugs happen" all you want. Not only were this security issues so completely amateur that it frightens me that I allow CCP to handle my credit card but they were previously reported AND ignored. Everyone who reads those forums was in enormous danger. You can sit here and pretend if a well done popup told you you were disconnected from the forums and covered your login information in the top corner with a sign in box you would have known it was a scam, but you wouldn't have. You would have tried to login and lost all your login data. Just like that. The worst part is the EVE forums used to disconnect users all the time so most people wouldn't have thought twice about such an phish.
|
William Loire
State War Academy
|
Posted - 2011.04.11 21:34:00 -
[717]
Edited by: William Loire on 11/04/2011 21:35:37
Woo double post. Apologies.
|
Aeronwen Carys
Empire of Dust
|
Posted - 2011.04.11 21:35:00 -
[718]
Any idea when the Monday Devblog is coming out?
|
William Loire
State War Academy
|
Posted - 2011.04.11 21:37:00 -
[719]
Edited by: William Loire on 11/04/2011 21:37:54
Probably Tuesday.
|
Sullen Skoung
|
Posted - 2011.04.11 21:44:00 -
[720]
Originally by: Diomedes Calypso
Everything is relative...
of course they will have some moderation excesses now and then but compared to other games they allow an incredible amount of dialogue
lol rose colored glasses
You used to get BANNED for calling BoB BoD
No joke
|
|
|
Hakaru Ishiwara
Minmatar
Republic Military School
|
Posted - 2011.04.11 21:52:00 -
[721]
Originally by: Barakkus
Originally by: El'Niaga
Originally by: Sullen Skoung
Anyone noticing, sigs aside, theres almost no forum moderation going on right now? Wonder if it cause theyre just gonna freeze this once they un**** the new forums?
Actually that's one of the smart things they're doing right now. One thing in the SOE NGE/SWG fiasco was the over moderation of everything by SOE which continued to fan the flames. By allowing some voice they ease the pressure.
This ^^
I used to be a forum mod for SOE for EQ2, when I was doing it they tried to be rather draconian about it and it backfired....I at least escaped being the least hated forum moderator out of the bunch, and it was because I didn't just nerf/lock everything unless it was completely ******ed.
This also allows CCP to maintain some level of control over the **** storms that arise after their ****-ups. This is like having a controlled burn at the edge of a forest rather than a conflagration that envelopes the nearby town burning the church and town hall to the ground.
I am in agreement that this is the proper way to handle things as sometimes there are some pretty damn intelligent ideas published amongst the trolls and flamers.
Now if only CCP and their management team would stop repeating the same damn software development mistakes made time and time again over the years.
|
Siiee
Recycled Heroes
|
Posted - 2011.04.11 22:02:00 -
[722]
RE: Miilla
Dear God make it stop!
Originally by: NinjaSpud
ok, I just skimmed threw the last 20 pages of people flaming CCP for the new forums....Seriously People? You're getting that riled up about a few bugs in a forum?
A lot of this CCP has done to themselves. It's not just that there are bugs in the forum, but the way that they had several rounds of public testing and the utter disregard for the feedback they received. That set the tone for this whole thing going in, that now not only have they ignored almost all of the feedback and have made very little visible progress on the thing otherwise, but they've also released it with bugs that appear to be due to elementary incompetence. All of these little (and not so little) pokes combine to be a very not nice thing.
Now getting feedback from others is part of the very core of my industry, so I understand that taking feedback doesn't mean just doing everything that anyone tells you to do. Feedback needs to be filtered and not every suggested change is appropriate, but what I've seen so far doesn't look at all like a good professional approach to it. It really does appear that we are just being outright ignored.
People keep bringing up the email and bugreport thing and I'm not really sure where it's all coming from. People are outraged claiming that the vulnerability was reported in beta and not acted on, and that is what Darius is asking for proof of. Given that it took a couple of hours for the exploits to start appearing in the wild once the forum went live I don't think that anyone knew about the vulnerability from beta at all (at least no one that has said anything about it at all) So this isn't at all an issue that was brought up and not acted on, and the delay in responding to petitions was all on ones that were submitted after the forum went live.
|
Sullen Skoung
|
Posted - 2011.04.11 22:03:00 -
[723]
Originally by: Hakaru Ishiwara
Now if only CCP and their management team would stop repeating the same damn software development mistakes made time and time again over the years.
Or the same bull**** excuses over an over
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.11 22:08:00 -
[724]
Originally by: Aeronwen Carys
Any idea when the Monday Devblog is coming out?
Monday, April 18 ?
_
CCP LEADERSHIP MENTALITY NEEDS TO CHANGE FAST !
"New junky features sell, old polished content doesn't" ? KILL IT WITH FIRE. |
Sullen Skoung
|
Posted - 2011.04.11 22:09:00 -
[725]
Originally by: Akita T
Originally by: Aeronwen Carys
Any idea when the Monday Devblog is coming out?
Monday, April 18 ?
He DID say monday, not WHAT monday
|
Barakkus
|
Posted - 2011.04.11 22:18:00 -
[726]
Originally by: Siiee
People keep bringing up the email and bugreport thing and I'm not really sure where it's all coming from. People are outraged claiming that the vulnerability was reported in beta and not acted on, and that is what Darius is asking for proof of. Given that it took a couple of hours for the exploits to start appearing in the wild once the forum went live I don't think that anyone knew about the vulnerability from beta at all (at least no one that has said anything about it at all) So this isn't at all an issue that was brought up and not acted on, and the delay in responding to petitions was all on ones that were submitted after the forum went live.
Yeah, I pretty much doubt anyone testing the forums decided "gee I should go examine the cookies!" or "maybe I should try to post some html in the sigs!"...they tested it to see if **** worked, not how to exploit it. I seriously doubt any users tested for any of that mess...I agree I don't think this is a case of CCP ignoring feedback/bugs, simply a lack of thinking outside of the box about matters of security by their web team...which as I mentioned elsewhere, it's virtually impossible to come up with every single usage scenario when developing software...end users come up with the weirdest ways to do something that wouldn't have crossed the developer(s) minds in 1000 years..
...they should have done a code review though before releasing it to make sure the security was sound though...I think this will probably light a few fires to get that sort of thing done in the future...
-
-
[SERVICE] Corp Standings For POS anchoring
|
Elyssa MacLeod
|
Posted - 2011.04.11 22:36:00 -
[727]
Apparently they chose to publish the CSM blog over his blog lol
that strikes me as damn funny
Like even they dont give a **** about informing us to what happened cause we already KNOW thanks to Helicity Boson
|
William Loire
State War Academy
|
Posted - 2011.04.11 22:59:00 -
[728]
Edited by: William Loire on 11/04/2011 23:00:32
Originally by: Barakkus
Originally by: Siiee
People keep bringing up the email and bugreport thing and I'm not really sure where it's all coming from. People are outraged claiming that the vulnerability was reported in beta and not acted on, and that is what Darius is asking for proof of. Given that it took a couple of hours for the exploits to start appearing in the wild once the forum went live I don't think that anyone knew about the vulnerability from beta at all (at least no one that has said anything about it at all) So this isn't at all an issue that was brought up and not acted on, and the delay in responding to petitions was all on ones that were submitted after the forum went live.
E.: The security dev blog seems to be up if you go through the side bar.
Yeah, I pretty much doubt anyone testing the forums decided "gee I should go examine the cookies!" or "maybe I should try to post some html in the sigs!"...they tested it to see if **** worked, not how to exploit it. I seriously doubt any users tested for any of that mess...I agree I don't think this is a case of CCP ignoring feedback/bugs, simply a lack of thinking outside of the box about matters of security by their web team...which as I mentioned elsewhere, it's virtually impossible to come up with every single usage scenario when developing software...end users come up with the weirdest ways to do something that wouldn't have crossed the developer(s) minds in 1000 years..
...they should have done a code review though before releasing it to make sure the security was sound though...I think this will probably light a few fires to get that sort of thing done in the future...
As soon as Ga'len figured out how to inject a image into his signature the possibilities were discovered and I assume reported in full. For whatever reason CCP chose to ignore them and go ahead with release. Maybe they were hoping a player would offer them a workable solution? Or maybe the forum team were up against the wall and told CCP management everything was good to go.
|
|
CCP Sreegs
|
Posted - 2011.04.11 23:03:00 -
[729]
Originally by: Elyssa MacLeod
Apparently they chose to publish the CSM blog over his blog lol
that strikes me as damn funny
Like even they dont give a **** about informing us to what happened cause we already KNOW thanks to Helicity Boson
I just had it published... |
|
Elyssa MacLeod
|
Posted - 2011.04.11 23:05:00 -
[730]
Originally by: CCP Sreegs
Originally by: Elyssa MacLeod
Apparently they chose to publish the CSM blog over his blog lol
that strikes me as damn funny
Like even they dont give a **** about informing us to what happened cause we already KNOW thanks to Helicity Boson
I just had it published...
link lol I dont see it in the info portal or does it take time to get put in there?
|
|
|
Calathea Sata
State War Academy
|
Posted - 2011.04.11 23:05:00 -
[731]
Originally by: CCP Sreegs
Originally by: Elyssa MacLeod
Apparently they chose to publish the CSM blog over his blog lol
that strikes me as damn funny
Like even they dont give a **** about informing us to what happened cause we already KNOW thanks to Helicity Boson
I just had it published...
Confimed
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.11 23:05:00 -
[732]
Originally by: Elyssa MacLeod
link lol I dont see it in the info portal or does it take time to get put in there?
http://www.eveonline.com/devblog.asp?a=blog&bid=898
_
CCP LEADERSHIP MENTALITY NEEDS TO CHANGE FAST !
"New junky features sell, old polished content doesn't" ? KILL IT WITH FIRE. |
Calathea Sata
State War Academy
|
Posted - 2011.04.11 23:10:00 -
[733]
Quote:
[email protected]
[email protected]
|
Siiee
Recycled Heroes
|
Posted - 2011.04.11 23:10:00 -
[734]
Originally by: Barakkus
simply a lack of thinking outside of the box about matters of security by their web team...
That's part of what I don't understand about this whole mess (as I've said before I'm barely even a hobbyist programmer) Sure it would have been much more difficult to exploit if they had encrypted the cookie, and it's fixable by confirming the clients credentials on each action. But if the server can verify that the particular char ID that is submitted with the session belongs to that session, why bother having the client manage any of that data in the first place? All of that should be maintained entirely server side where it's safe and protected, the only thing that the client needs to provide (and that needs to be constantly verified) is it's specific session. The entire idea behind taking such an important part of the authentication process, tearing it out and putting it in the untrusted client, only to re-authenticate it every step of the way (which was missing here) seems like such a total WTF to me. This isn't a clever exploit of some obscure loophole or code gotcha, it's just such a fundamentally flawed idea on the conceptual level, or at least that's what it seems like with my understanding.
|
|
CCP Sreegs
|
Posted - 2011.04.11 23:11:00 -
[735]
Originally by: Siiee
Originally by: Barakkus
simply a lack of thinking outside of the box about matters of security by their web team...
That's part of what I don't understand about this whole mess (as I've said before I'm barely even a hobbyist programmer) Sure it would have been much more difficult to exploit if they had encrypted the cookie, and it's fixable by confirming the clients credentials on each action. But if the server can verify that the particular char ID that is submitted with the session belongs to that session, why bother having the client manage any of that data in the first place? All of that should be maintained entirely server side where it's safe and protected, the only thing that the client needs to provide (and that needs to be constantly verified) is it's specific session. The entire idea behind taking such an important part of the authentication process, tearing it out and putting it in the untrusted client, only to re-authenticate it every step of the way (which was missing here) seems like such a total WTF to me. This isn't a clever exploit of some obscure loophole or code gotcha, it's just such a fundamentally flawed idea on the conceptual level, or at least that's what it seems like with my understanding.
Your understanding is pretty correct. |
|
Jada Maroo
|
Posted - 2011.04.11 23:12:00 -
[736]
Originally by: CCP Sreegs
I just had it published...
It lacks an overly optimistic estimate of when the new forums will make their grand return.
|
|
CCP Sreegs
|
Posted - 2011.04.11 23:13:00 -
[737]
Originally by: Jada Maroo
Originally by: CCP Sreegs
I just had it published...
It lacks an overly optimistic estimate of when the new forums will make their grand return.
Not my department. :) |
|
Calathea Sata
State War Academy
|
Posted - 2011.04.11 23:13:00 -
[738]
Originally by: Jada Maroo
Originally by: CCP Sreegs
I just had it published...
It lacks an overly optimistic estimate of when the new forums will make their grand return.
I hope it won't.
|
Sullen Skoung
|
Posted - 2011.04.11 23:14:00 -
[739]
Originally by: CCP Sreegs
Your understanding is pretty correct.
Doesnt that usually qualify as the part where you say you cant tell us cause it might get you in trouble, being that the guy you are responding to seems to be saying that this was a giant ****up that never should have happened and youre agreeing?
Or could someone layman's terms it? I dont do code lol
|
Jada Maroo
|
Posted - 2011.04.11 23:14:00 -
[740]
Originally by: CCP Sreegs
Originally by: Jada Maroo
Originally by: CCP Sreegs
I just had it published...
It lacks an overly optimistic estimate of when the new forums will make their grand return.
Not my department. :)
CCP isn't that big! That department must be like 15 feet from you. Go over there and ask you lazy bum!
|
|
|
Elyssa MacLeod
|
Posted - 2011.04.11 23:17:00 -
[741]
Originally by: Jada Maroo
Originally by: CCP Sreegs
Originally by: Jada Maroo
Originally by: CCP Sreegs
I just had it published...
It lacks an overly optimistic estimate of when the new forums will make their grand return.
Not my department. :)
CCP isn't that big! That department must be like 15 feet from you. Go over there and ask you lazy bum!
roflmao!!!
yeah! Throw a damn paper airplane even!
|
|
CCP Sreegs
|
Posted - 2011.04.11 23:17:00 -
[742]
Originally by: Jada Maroo
Originally by: CCP Sreegs
Originally by: Jada Maroo
Originally by: CCP Sreegs
I just had it published...
It lacks an overly optimistic estimate of when the new forums will make their grand return.
Not my department. :)
CCP isn't that big! That department must be like 15 feet from you. Go over there and ask you lazy bum!
It's 23:30 at night. |
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.11 23:19:00 -
[743]
Originally by: CCP Sreegs
Originally by: Jada Maroo
It lacks an overly optimistic estimate of when the new forums will make their grand return.
Not my department. :)
Which one, the hopelessly optimistic and obviously unattainable estimate department (or, as you probably call it, PR and/or Marketing), or the forum coding one ?
_
CCP LEADERSHIP MENTALITY NEEDS TO CHANGE FAST !
"New junky features sell, old polished content doesn't" ? KILL IT WITH FIRE. |
Yuki Kulotsuki
|
Posted - 2011.04.11 23:23:00 -
[744]
Originally by: CCP Sreegs
It's 23:30 at night.
Game devs subsist on a diet of insomnia, caffeine, alcohol and take out. 23:30 may as well be noon.
--
Did you know there's an alliance who's name you're not allowed to say, or website you're not allowed to link? |
Siiee
Recycled Heroes
|
Posted - 2011.04.11 23:25:00 -
[745]
Originally by: CCP Sreegs
Originally by: Jada Maroo
Originally by: CCP Sreegs
I just had it published...
It lacks an overly optimistic estimate of when the new forums will make their grand return.
Not my department. :)
I believe the official CCP translation of that is "Soon TM" :p
|
Elyssa MacLeod
|
Posted - 2011.04.11 23:28:00 -
[746]
Originally by: CCP Sreegs
It's 23:30 at night.
send em an IM or a phone call
|
Barakkus
|
Posted - 2011.04.11 23:28:00 -
[747]
Originally by: Siiee
Originally by: Barakkus
simply a lack of thinking outside of the box about matters of security by their web team...
That's part of what I don't understand about this whole mess (as I've said before I'm barely even a hobbyist programmer) Sure it would have been much more difficult to exploit if they had encrypted the cookie, and it's fixable by confirming the clients credentials on each action. But if the server can verify that the particular char ID that is submitted with the session belongs to that session, why bother having the client manage any of that data in the first place? All of that should be maintained entirely server side where it's safe and protected, the only thing that the client needs to provide (and that needs to be constantly verified) is it's specific session. The entire idea behind taking such an important part of the authentication process, tearing it out and putting it in the untrusted client, only to re-authenticate it every step of the way (which was missing here) seems like such a total WTF to me. This isn't a clever exploit of some obscure loophole or code gotcha, it's just such a fundamentally flawed idea on the conceptual level, or at least that's what it seems like with my understanding.
I completely agree. From past experience of having a number of web developers at work, I've seen the DUMBEST ideas about how to do security for your sites. In my experience most web designers don't know much about anything but bling, security of what they're doing is an after thought. There was a situation at work where we'd have x client log in and all of a sudden be seeing client y's data mid session, because the web designers had no clue of what they were doing with managing sessions. Trust me I've had my days of dealing with almost exactly what happened with the new forums, a few times over...and it still amazes me the total lack of forethought on security a lot of web people posess, or the people managing them.
I personally would have fired each web designer that made the above listed mistakes at work, but it wasn't my call, and my boss is waaaaaaaaaaaaay to lenient on that sort of thing. Took me 3 years to get our network admin canned even though we had a complete and total breach of our network due to him making conduits in the routers to each of the servers and leaving all ports wide open, including our domain controllers and exchange server....he still kept his job though...it came down to him not installing everything on a new set of servers when we were switching over to all new equipment and we were shut down for almost a day while I finished what he didn't and he went on vacation...
-
-
[SERVICE] Corp Standings For POS anchoring
|
Calathea Sata
State War Academy
|
Posted - 2011.04.11 23:28:00 -
[748]
They need another 72,000 man hour... to fix the problems they have created. So here goes another 18 months!
|
dexington
Caldari
Baconoration
|
Posted - 2011.04.11 23:38:00 -
[749]
Originally by: Calathea Sata
They need another 72,000 man hour... to fix the problems they have created. So here goes another 18 months!
I don¦t believe you!
After multiple threads about you are leaving the game you are still here, how can you except anyone to ever believe anything you say?.
|
Calathea Sata
State War Academy
|
Posted - 2011.04.11 23:41:00 -
[750]
Originally by: dexington
Originally by: Calathea Sata
They need another 72,000 man hour... to fix the problems they have created. So here goes another 18 months!
I don¦t believe you!
After multiple threads about you are leaving the game you are still here, how can you except anyone to ever believe anything you say?.
There were no multiple threads, your argument is invalid. INSERT COINS
|
|
|
Marwood Ford
|
Posted - 2011.04.12 02:06:00 -
[751]
You are leaving the failboat though, right?
|
dexington
Caldari
Baconoration
|
Posted - 2011.04.12 02:49:00 -
[752]
Originally by: Marwood Ford
You are leaving the failboat though, right?
Seems like she got off the fail boat, and jumped on the attention ***** train...
|
Jada Maroo
|
Posted - 2011.04.12 03:07:00 -
[753]
Originally by: Marwood Ford
You are leaving the failboat though, right?
The failboat was in the middle of the ocean, so she's actually in a dingy being pulled behind the failboat.
|
Sullen Skoung
|
Posted - 2011.04.12 03:41:00 -
[754]
arrrg they killed the post I wanted to sig lol
--------
Dammit, they killed the post where Sreegs says personal attacks are against the rules. I wanted to lol at him for that |
Diomedes Calypso
|
Posted - 2011.04.12 04:00:00 -
[755]
Originally by: Sullen Skoung
Originally by: Diomedes Calypso
Everything is relative...
of course they will have some moderation excesses now and then but compared to other games they allow an incredible amount of dialogue
lol rose colored glasses
You used to get BANNED for calling BoB BoD
No joke
wow.. that seriously would be enough for me to leave a game.
I 've got a very hard time enjoying a game run by arbitrary control freaks
|
Londo Cebb
Official Market Discussions Troll
|
Posted - 2011.04.12 05:41:00 -
[756]
Edited by: Londo Cebb on 12/04/2011 05:46:40
@CCP Sreegs
Thank you for this explanation of the situation so far.
I was rather ****ed off when I found out the extent of the problems with the new forums, and still am.
I have lost a fair amount of my faith in your company to keep my data secure, but your formal apology and acknowledgement of the problems has restored some small amount. I think even you will admit that you still have a long way to go to earn back that trust.
I am looking forward to a follow up blog detailing exactly what went wrong (to the extent that you can).
I would like to thank you again for owning up to your mistakes. That is the first step in making sure something like this never happens again.
|
Calistai Huranu
Red Federation
|
Posted - 2011.04.12 07:32:00 -
[757]
Not a bad Devblog considering.
"I think we can all agree that the forums went live in a security state which was less than desirable" Is as close to outright disgraceful as you can post within :CCP: at a guess.
And though we all want transparency I think most of us can understand you remaining quiet concerning internal corporate policy with regards to what happen's now with the folks that derped on the forum design.
How they are to remain at ccp after such a monumental disaster of there own making though..
|
Kristina Vanszar
Caldari
|
Posted - 2011.04.12 10:00:00 -
[758]
Edited by: Kristina Vanszar on 12/04/2011 10:05:00
The DEV BLOG,
not at risk, sorry guys this must be joke, as you've said, it was possible to include HTML.
Who would prevent me for adding a div, which looks exactly like your login one, make it be at the exatly same position as the original one, and gather a some login informations???
OR, add a HTML or even Iframe which calls an external script?
Sorry, but i do not belive that devblog....
Just as an sidetip, PLEASE check that it is not possible to execute server side commands, like SHELLs and stuff....
|
dexington
Caldari
Baconoration
|
Posted - 2011.04.12 12:01:00 -
[759]
Originally by: Kristina Vanszar
Edited by: Kristina Vanszar on 12/04/2011 10:05:00
The DEV BLOG,
not at risk, sorry guys this must be joke, as you've said, it was possible to include HTML.
Who would prevent me for adding a div, which looks exactly like your login one, make it be at the exatly same position as the original one, and gather a some login informations???
OR, add a HTML or even Iframe which calls an external script?
Sorry, but i do not belive that devblog....
Just as an sidetip, PLEASE check that it is not possible to execute server side commands, like SHELLs and stuff....
lol, who would stop you from using that bug to launching some nukes... we better call the pentagon right away, and make them aware of the danger.
|
Barakkus
|
Posted - 2011.04.12 12:11:00 -
[760]
Edited by: Barakkus on 12/04/2011 12:11:57
Originally by: Kristina Vanszar
Edited by: Kristina Vanszar on 12/04/2011 10:05:00
The DEV BLOG,
not at risk, sorry guys this must be joke, as you've said, it was possible to include HTML.
Who would prevent me for adding a div, which looks exactly like your login one, make it be at the exatly same position as the original one, and gather a some login informations???
OR, add a HTML or even Iframe which calls an external script?
Sorry, but i do not belive that devblog....
Just as an sidetip, PLEASE check that it is not possible to execute server side commands, like SHELLs and stuff....
The html injection into sigs didn't work so well anyways, I experimented trying to get an image and stuff in my sig while the forums were up and a lot of it got stripped or messed with that broke what I was trying to do anyways.
-
-
[SERVICE] Corp Standings For POS anchoring
|
|
|
Zey Nadar
Gallente
Unknown Soldiers
Wildly Inappropriate.
|
Posted - 2011.04.12 12:21:00 -
[761]
CCP Sreegs' post tells me that its sometimes possible to get on the same wavelength as the devs, for this I am happy. I trust you devs all do your best to avoid something like this happening again. Let the reconstruction begin.
|
Helicity Boson
Amarr
The Python Cartel.
The Defenders of Pen Island
|
Posted - 2011.04.12 12:33:00 -
[762]
Originally by: Barakkus
Edited by: Barakkus on 12/04/2011 12:11:57
Originally by: Kristina Vanszar
Edited by: Kristina Vanszar on 12/04/2011 10:05:00
The DEV BLOG,
not at risk, sorry guys this must be joke, as you've said, it was possible to include HTML.
Who would prevent me for adding a div, which looks exactly like your login one, make it be at the exatly same position as the original one, and gather a some login informations???
OR, add a HTML or even Iframe which calls an external script?
Sorry, but i do not belive that devblog....
Just as an sidetip, PLEASE check that it is not possible to execute server side commands, like SHELLs and stuff....
The html injection into sigs didn't work so well anyways, I experimented trying to get an image and stuff in my sig while the forums were up and a lot of it got stripped or messed with that broke what I was trying to do anyways.
My associate and I do not fully agree with his assesment about the injection, we're quite sure it was still possible (just not easy).
But for the most part I am content with the blog, we have sent our further concerns to the security email address so they can verify and fix.
This blog is about as good as we're going to get, and it's appropriate and correct from Sreeg's position.
The real reckoning needs to come from higher up, as to how this was even possible, and how 72,000 man hours could yield such an unworthy result.
|
Amber Accelerando
|
Posted - 2011.04.12 12:49:00 -
[763]
Edited by: Amber Accelerando on 12/04/2011 12:51:25
At least the community has a sense of humor, security issues worry me tho!
Yes Hellcity, I agree - do you ever get the feeling CCP might be in over their heads on this? I certainly do!
|
Richard Aiel
Caldari
FireTech Industries
|
Posted - 2011.04.12 13:47:00 -
[764]
Originally by: Diomedes Calypso
Originally by: Sullen Skoung
Originally by: Diomedes Calypso
Everything is relative...
of course they will have some moderation excesses now and then but compared to other games they allow an incredible amount of dialogue
lol rose colored glasses
You used to get BANNED for calling BoB BoD
No joke
wow.. that seriously would be enough for me to leave a game.
I 've got a very hard time enjoying a game run by arbitrary control freaks
Cant PROVE it given it was 4 years ago but Im a step from perma for exactly that
-----------------------------------------
If you dont learn from the past you are doomed to repeat it
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1469262&page=2#51 |
Suboran
Gallente
Best Path Inc.
Cascade Imminent
|
Posted - 2011.04.13 13:18:00 -
[765]
I hope they stay disabled forever
|
MatrixSkye Mk2
Minmatar
|
Posted - 2011.04.13 13:55:00 -
[766]
Haven't read all pages, so don't know if it's been answered yet. Is the new forum still on the works? I am actually looking forware to it.
Grief a PVP'er. Run a mission today! |
Myra2007
Millstone Industries
|
Posted - 2011.04.13 14:22:00 -
[767]
Originally by: MatrixSkye Mk2
Haven't read all pages, so don't know if it's been answered yet. Is the new forum still on the works? I am actually looking forware to it.
It has been answered elsewhere and the answer is yes. Reading the title of this thread very carefully also gives it away.
--
Originally by: CCP Elais
It was a great Frankenstein moment [...] to see the forum [...] come alive.
|
Sullen Skoung
|
Posted - 2011.04.13 23:30:00 -
[768]
You know, if they disabled the 2 min wait and added a like button here, they could stuff the new ones
--------
Dammit, they killed the post where Sreegs says personal attacks are against the rules. I wanted to lol at him for that |
MatrixSkye Mk2
Minmatar
|
Posted - 2011.04.14 12:09:00 -
[769]
Originally by: Myra2007
Originally by: MatrixSkye Mk2
Haven't read all pages, so don't know if it's been answered yet. Is the new forum still on the works? I am actually looking forware to it.
It has been answered elsewhere and the answer is yes. Reading the title of this thread very carefully also gives it away.
The incessant protesting from a very loud minority has me questioning whether it will still be deployed. A response from CCP on the issue would be most reassuring.
Grief a PVP'er. Run a mission today! |
Miilla
Minmatar
Hulkageddon Orphanage
|
Posted - 2011.04.14 22:43:00 -
[770]
Edited by: Miilla on 14/04/2011 22:44:32
Perhaps he should get some certifications?
|
|
|
Darius III
|
Posted - 2011.04.15 00:48:00 -
[771]
Originally by: Kengutsi Akira
Originally by: Jada Maroo
but it's a wasted year.
The whole of the CSM IS a waste lol
Not JUST this group of them
I have to say this-THE CSM and in particular THIS CSM are defiantly a ANYTHING BUT a waste.
I stole my seat on the CSM, trolled scammed and thieved my way in. I will tell you osme things about the CSM this year:
The vast majority of the CSM are unbelievably self inflated ego types who are inordinately smug. That being said-those are actually good personality types for the job. The current crop of CSM's are actually IMO, doing a very good job. What is more significant is that CCP meant it when they elevated the CSM to stakeholder status. Shizzle is in fact getting done and CCP for their part are being very attentive and not just in the limited sense.
I think a lot of people would be surprised by whats going on in the CSM-I know I was and still am very pleasantly surprised as to what I have seen both on CCP's part and the CSM itself. Although most CCP and many CSM hate me, they will be stuck with me for the next year as alternate and the year after as full CSM Delegate. CCP even listening to the CSM alternates, but most of what they say is lip service and 'yesman' posting.
|
Sullen Skoung
|
Posted - 2011.04.15 19:47:00 -
[772]
lol @ unstickying the thread
"lets make this disappear..."
--------
Dammit, they killed the post where Sreegs says personal attacks are against the rules. I wanted to lol at him for that |
Kengutsi Akira
|
Posted - 2011.04.15 19:52:00 -
[773]
Originally by: Darius III
I have to say this-THE CSM and in particular THIS CSM are defiantly a ANYTHING BUT a waste.
An I wasnt talking about the people that make up the CSM (though lol at the goons) I was talking about the position. The "council" is a joke.
Do you know what the original reason and mission for the CSM was?
Better yet, what about when CCP bypass the CSM entirely and pop nerfs like the recent 0.0 one into the game? Things like that dont inspire confidence in that group. They look even more like the PR bull**** job that they were formed for in the very first place (cause we all knew the original reason was the purest BS).
------------------------------------
"You know, my foot oughta vandilize your ass" |
Ranger 1
Amarr
Paragon Fury
Cascade Imminent
|
Posted - 2011.04.15 20:17:00 -
[774]
Originally by: Richard Aiel
Originally by: Diomedes Calypso
Originally by: Sullen Skoung
Originally by: Diomedes Calypso
Everything is relative...
of course they will have some moderation excesses now and then but compared to other games they allow an incredible amount of dialogue
lol rose colored glasses
You used to get BANNED for calling BoB BoD
No joke
wow.. that seriously would be enough for me to leave a game.
I 've got a very hard time enjoying a game run by arbitrary control freaks
Cant PROVE it given it was 4 years ago but Im a step from perma for exactly that
Why can't you prove it? You didn't keep the corrospondence that confirms this? Why not?
I'll let you in on a little secret. If you are, in fact, one step from being perma banned it is for doing significantly more than using the term BOD (Band of Devs).
If CCP policy was to ban people for such things half of the posters currently on these boards would be perma banned. Since I've used the term myself in the past, and never drew any attention what-so-ever, I have no doubt that the above is a sweet little lie you tell yourself to keep warm at night.
=====
The world will not end in 2012, however there will be a serious nerf to Planetary Interaction. |
Richard Aiel
Caldari
FireTech Industries
|
Posted - 2011.04.15 20:29:00 -
[775]
Edited by: Richard Aiel on 15/04/2011 20:34:45
Edited by: Richard Aiel on 15/04/2011 20:31:21
Originally by: Ranger 1
Why can't you prove it? You didn't keep the corrospondence that confirms this? Why not?
Im sorry, I may have missed a memo in the 4 years or so I was inactive, is it now allowed to post mails you get from GMs? It used to be a bannable offense.
Originally by: Ranger 1
I have no doubt that the above is a sweet little lie you tell yourself to keep warm at night.
lol apparently you havent been playing that long, ill let you in on a secret, they havent always been as even keeled as they are now.
IF you had been playing and posting back then, youd see I was right, but apparently you havent been so you wouldnt know. You can think its a lie all you want, but those that were playing from back then, know what Im saying.
Edit: apparently, no, the rules havent changed:
Forum Rules
specifically:
Quote:
9.) Private communication between the Game Masters, Eve Team members, moderators and administrators of the forum and the forum users is not to be made public on these forums or by any other venue.
You are not permitted to publicize any private correspondence (including petitions) received from any of the aforementioned.
So yeah, Im not getting permabanned to prove it. Sorry, Im not that stupid lol
-----------------------------------------
If you dont learn from the past you are doomed to repeat it
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1469262&page=2#51 |
Ranger 1
Amarr
Paragon Fury
Cascade Imminent
|
Posted - 2011.04.15 21:07:00 -
[776]
Originally by: Richard Aiel
Edited by: Richard Aiel on 15/04/2011 20:34:45
Edited by: Richard Aiel on 15/04/2011 20:31:21
Originally by: Ranger 1
Why can't you prove it? You didn't keep the corrospondence that confirms this? Why not?
Im sorry, I may have missed a memo in the 4 years or so I was inactive, is it now allowed to post mails you get from GMs? It used to be a bannable offense.
Originally by: Ranger 1
I have no doubt that the above is a sweet little lie you tell yourself to keep warm at night.
lol apparently you havent been playing that long, ill let you in on a secret, they havent always been as even keeled as they are now.
IF you had been playing and posting back then, youd see I was right, but apparently you havent been so you wouldnt know. You can think its a lie all you want, but those that were playing from back then, know what Im saying.
Edit: apparently, no, the rules havent changed:
Forum Rules
specifically:
Quote:
9.) Private communication between the Game Masters, Eve Team members, moderators and administrators of the forum and the forum users is not to be made public on these forums or by any other venue.
You are not permitted to publicize any private correspondence (including petitions) received from any of the aforementioned.
So yeah, Im not getting permabanned to prove it. Sorry, Im not that stupid lol
So post them on Kug instead, like everyone else.
I suppose that pre-beta they may have had a different mentality. Anything from Beta on however, I (and many others from that era that are still actively playing and posting on this forum) know better.
CCP has never been overly thin skinned about snide comments directed their way. At least not to the point of threatening to ban someone for it.
=====
The world will not end in 2012, however there will be a serious nerf to Planetary Interaction. |
Richard Aiel
Caldari
FireTech Industries
|
Posted - 2011.04.16 02:15:00 -
[777]
Originally by: Ranger 1
CCP has never been overly thin skinned about snide comments directed their way. At least not to the point of threatening to ban someone for it.
Bah, I actually went an scoured my old emails, all I got are the things telling me that I got it, not why. Im fairly amazed I even HAVE emails from 2007, an the threads they pointed at dont work. The most likely one I found just says "you are trying to post in a locked thread"
So, like I said, believe it or not, up to you, I dont care. I know why I got it, and I bet there are others here who have too.
-----------------------------------------
If you dont learn from the past you are doomed to repeat it
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1469262&page=2#51 |
Ranger 1
Amarr
Paragon Fury
Cascade Imminent
|
Posted - 2011.04.16 07:45:00 -
[778]
Originally by: Richard Aiel
Originally by: Ranger 1
CCP has never been overly thin skinned about snide comments directed their way. At least not to the point of threatening to ban someone for it.
Bah, I actually went an scoured my old emails, all I got are the things telling me that I got it, not why. Im fairly amazed I even HAVE emails from 2007, an the threads they pointed at dont work. The most likely one I found just says "you are trying to post in a locked thread"
So, like I said, believe it or not, up to you, I dont care. I know why I got it, and I bet there are others here who have too.
... apparently not...
=====
The world will not end in 2012, however there will be a serious nerf to Planetary Interaction. |
Sullen Skoung
|
Posted - 2011.04.18 12:49:00 -
[779]
wonder what page this was on when I bumped it?
--------
Dammit, they killed the post where Sreegs says personal attacks are against the rules. I wanted to lol at him for that |
Londo Cebb
Official Market Discussions Troll
|
Posted - 2011.04.20 09:41:00 -
[780]
Originally by: Sullen Skoung
wonder what page this was on when I bumped it?
I have no idea, but it was on page 4 when I did.
|
|
|
Chesty McJubblies
Gallente
Center for Advanced Studies
|
Posted - 2011.04.20 11:17:00 -
[781]
Originally by: Sullen Skoung
lol @ unstickying the thread
"lets make this disappear..."
lol. Either that or they've been re-enabled.
----------------------------------------
Looking for a good system, or area, to AFK Cloak. PM me with infos, or if you want a partner to be AFK with. |
Sybil Harman
|
Posted - 2011.04.20 11:34:00 -
[782]
Shhuush... CCP are embarrassed... best not to talk about the new forums.
Great name by the way Chesty...
|
Chesty McJubblies
Gallente
Center for Advanced Studies
|
Posted - 2011.04.20 11:56:00 -
[783]
Originally by: Sybil Harman
Great name by the way Chesty...
/me blushes
TY.
----------------------------------------
Looking for a good system, or area, to AFK Cloak. PM me with infos, or if you want a partner to be AFK with. |
William Henry McGregor
|
Posted - 2011.04.21 14:16:00 -
[784]
Originally by: Helicity Boson
The real reckoning needs to come from higher up, as to how this was even possible, and how 72,000 man hours could yield such an unworthy result.
72.000 men hours - sounds like all the time on Facebook in Space AKA EVEGate.
So far, this looks like under-performing in a big way.
|
|
|
| |
|
| Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 .. 27 :: [one page] |