Wow! a fallen comrade, we may know the causes later, but I Propose a SECURITY SECTION on the board... anyone second the motion?

I'm all for it, but them my opinion is not really worth a whole lot these days.

there is nothing really needed for hackers discussions, there is a millions sites discussing hacking, and the more we talk about it, the more interest we bring around these guys... that is their goal...

there is nothing really needed for hackers discussions, there is a millions sites discussing hacking, and the more we talk about it, the more interest we bring around these guys... that is their goal...
No... it's crucial that people know how to defend their websites, and themselves.

I proposed a SECURITY SECTION, where guidelines for safe management are discussed.

I think is the "It's Not Gonna Happen to Me" mentality

See? I told you my opinion was worthless. ;)

there is nothing really needed for hackers discussions, there is a millions sites discussing hacking, and the more we talk about it, the more interest we bring around these guys... that is their goal...

3 weeks ago I witnessed the Funeral Service in Honor of the SWAT Team Cop who was killed in a shooting here in L.A., the core of the City was practically paralyzed half of the day, I saw around 300 police units surrounding the Church were the mass took place, it was an impressive view, you can't help to notice that among cops, they have Unity... I rest my case ;)

Honoring A Hero: Officer Simmons Laid To Rest
Final Salute To Slain SWAT Officer
OfficerRandal Simmons Trust Fund
SLIDESHOWS: LAPD Officer Randal Simmons, 1956-2008
LOS ANGELES (AP) ― The city's first SWAT officer slain in the line of duty was remembered Friday as a deeply religious family man who went above and beyond the duties of a good cop, dedicating his life to protecting others as well as helping poor children escape inner-city streets.

Thousands of police officers, some from across the country and overseas, filled the 10,000-seat Crenshaw Christian Center Faithdome to pay their final respects to Randal Simmons. Another SWAT officer wounded in the same shooting attended the funeral with Simmons' family, along with numerous officials.

You totally lost me on that one. What does that sad and unfortunate event have to do with a hacking discussion forum?

there is nothing really needed for hackers discussions, there is a millions sites discussing hacking, and the more we talk about it, the more interest we bring around these guys... that is their goal...

Not discussing how-to hack sites. Discussing how-to prevent it. :D

I think a security section would be a great idea.

You totally lost me on that one. What does that sad and unfortunate event have to do with a hacking discussion forum?

The UNITY among comrades, we may have not share the same grade on expertise, but we do share the same passion for vB ;)

Oh, Ok, LOL

You were talking about a brother in arms and I was starting to get a little unnerved.

We can start with a small one :D

As one who had two sites hacked since the new year I would like to see this added also. Not on how to hack but how to prevent being hacked, tips, etc. Maybe a stickied thread where the latest security issues found with various add ons for vbulletin could be posted warning others if they didn't know about them.

My case with vbgallery I hadn't been on their site lately and did not receive an email they sent out stating issues with the gallery and that they had an update out for it.

I was hacked a few years ago on my old server but it turned out they just replaced the index.html in the domain directory with their own and renamed mine. Copying mine over theirs fixed it for me. That is one of the most common ways I have seen and it causes a lot of concern until you find out how they do it. I don't think we all ought to go out and buy guns because someone tripped over someone else's shoestring. Nex is right in the idea that if we bring attention to these clowns, it is only going to draw them out and make it worse.

(You owe me, Nex)

Bravo.

Anyone can get that kind of response. Hacking and coding are amazingly two entirely different things. It can happen to anyone of us.

What can we do?

Pray?

lol

Not much really, if they have the skill they can get into it and while I own a website and forum I respect that. When we actually do something worth hacking, like a shop, I'm going to hire a hacker to make it hacker proof and make them liable if it's hacked if they'll accept the job. If not, I don't really care. Boo hoo, call your host, get your Super Admin account set back up and own them. However they deserve to be respected and since I can't beat them, I can hire them.

That's my perspective.

Moved to Site Feedback.

I don't see much use of creating a seperate section on this.

There are already advices on how to operate your board securely on both vB.com and vB.org. If there are more security tips, then feel free to write an article about it.

If a vulnerability is found on a modification here on vBulletin.org, we already do warn the users of that modification.

My view: All information is already there, but people tend to ignore it until too late. No new section will change that.

We can start with a small one :D

if you see the mean for such security service, why don't you start a new vBulletin-Security-SWAT ?!... starting a forum with just these kind of topics in mind ?!

it is like when people wants a forum for SEO and search engine related topics... nobody block you from doing so, maybe just not ALL HERE... that's all...

also, hacking a hosted account have not a single link between vBulletin and the server... 95% of the hacking related to the sites that were listed here as "hacked" were hacked outside vBulletin engine, by not having enough securities on the server, so people need to understand what they are doing when they host a site like this, instead of thinking everything is fine until they are hit...

when someone come here and say "my site was hacked, he accessed my database and i'm crashed"... i can say that most of the time, if not all the time, that was a serverside situation of a hacker who knew how to obtain the config.php data to hack into the database... no need to crash an entire site, you just have to infiltrate and make fun of it... this is basic site administration, not forum code.

this topic started because one of the partner of the admin trashed from the inside... not a single bit of code related to security.. it's all about confidence to the persons you're supposed to trust before giving them access to the administration...

i don't think Bill Gates would give the key from his house to his business partners...

if you see the mean for such security service, why don't you start a new vBulletin-Security-SWAT ?!... starting a forum with just these kind of topics in mind ?!

it is like when people wants a forum for SEO and search engine related topics... nobody block you from doing so, maybe just not ALL HERE... that's all...

also, hacking a hosted account have not a single link between vBulletin and the server... 95% of the hacking related to the sites that were listed here as "hacked" were hacked outside vBulletin engine, by not having enough securities on the server, so people need to understand what they are doing when they host a site like this, instead of thinking everything is fine until they are hit...

when someone come here and say "my site was hacked, he accessed my database and i'm crashed"... i can say that most of the time, if not all the time, that was a serverside situation of a hacker who knew how to obtain the config.php data to hack into the database... no need to crash an entire site, you just have to infiltrate and make fun of it... this is basic site administration, not forum code.

this topic started because one of the partner of the admin trashed from the inside... not a single bit of code related to security.. it's all about confidence to the persons you're supposed to trust before giving them access to the administration...

i don't think Bill Gates would give the key from his house to his business partners...

Well before I started this thread I went to look for the vBSecurity.com domain and I tried a few more combinations, but they aren't available...

I think I got all the security measures in place on my board and despite that I got my dB deleted totally for a hired coder.

Well security is a plus anywhere, so if we keep thinking that vB is mostly a hobby than a Business/Investment then forget about protection.

your problem is actually not related to vBulletin at all, you know it... it depend on the access you gave to someone... even if Jelsoft develop a level 7 security protocol, there will be nothing they can do if the best security is to not give access to the database... this is not security of a script at all..

the first words are always : BACKUP YOUR DAMN DATABASE AND KEEP IT SAFE...

if you can't follow that, forget about securities...

What harm is there in organizing information to help protect administrators?

there is nothing really needed for hackers discussions, there is a millions sites discussing hacking, and the more we talk about it, the more interest we bring around these guys... that is their goal...

UGH!
--------------------------
--------------------------

Anyway - I think it's a very valid suggestion - I'm frankly surprised it hasn't been mentioned before really. At anyrate - yes - A how-to prevent hacking/steps to reorder after being hacked forum would be very nice IMO

Great suggestion - I doubt it will be implemented though - but we can always hope that vB.org and/or vB.com shows an interest in helping those who have had their $160+ vBulletin forum hacked by providing such an informational NEW section.

And I'm equally sure that there is a great bulk of helpful and invaluable suggestions/information to be added in the NEW section from the talented Coders of this vBulletin Community that would help immensely in such a case as having been hacked...

Jacquii.

--------------- Added 1204502244 at 1204502244 ---------------

your problem is actually not related to vBulletin at all, you know it... it depend on the access you gave to someone... even if Jelsoft develop a level 7 security protocol, there will be nothing they can do if the best security is to not give access to the database... this is not security of a script at all..

the first words are always : BACKUP YOUR DAMN DATABASE AND KEEP IT SAFE...

if you can't follow that, forget about securities...

dang TROLL!

Jacquii.

UGH!

Great suggestion - I doubt it will be implemented though - but we can always hope that vB.org and/or vB.com shows an interest in helping those who have had their $160* vBulletin forum hacked by providing such an informational NEW section.



If there's a REAL DEBATE= Yes!

*Ouch! someone mentioned his/her money to claim rights

Well, maybe my opinion does matter. I shall rally the troops! ;)

LOL - well my view is this...

My view: All information is already there, but people tend to ignore it until too late. No new section will change that.

If there IS a new section - Members could go directly to that new section to find the information they need quickly, efficiently and without any hassle, rather than having to use that most ridiculous vB.org search mechanism LOL - There's no doubt about it IMO - If I have a wonderful product such as a vBulletin application to SELL - then I WANT to provide my customer with THE BEST informational source there is to PROTECT their investment - especially considering the nature of the internet and having read about peoples' experiences with having been hacked.

I'd recommend putting the NEW section on the very forum index.

Anyway...

Jacquii.

since security is mostly a hosting/server related issue since standard vBulletin is pretty secure, couldn't everyone just use the Hosting forum here that really doesn't get much more then a "I NEEDZ NEW HOSTZORS!!" threads?

since security is mostly a hosting/server related issue since standard vBulletin is pretty secure, couldn't everyone just use the Hosting forum here that really doesn't get much more then a "I NEEDZ NEW HOSTZORS!!" threads?

i second that... ;)

I think a re-purposing of the hosting forum (plus some security related stickies) would be a great compromise. vb.org search can be a little...hard to wade through sometimes.

i second that... ;)

Well I can't surrender so easy right?

Nexialys, such 'infallible attitude' surprises me, can you tell me if here in vB.org we don't have 'dormant hackers'? we are 100% safe?

if there is dormant hackers in the mod team or the admins, that will be hilarious when he make his coming-out, because it would be a really lazy hacker who is dormant for years...

nobody who is not IN CHARGE have access to the core elements of vb.org ... that's part of the securities... this is helping on the paranoid attitudes...

and actually, nobody can even be sure.. maybe Paul is trying to hide some secret means...

Well, I for one think both ideas are great. We really don't need it until we do need it and then we should have it. And then not have it until we need it again.

I'll let you guys work the details out for that.

Thank you,
Middle-of-the-road Boofo

Well, maybe my opinion does matter. I shall rally the troops! ;)

Well, I for one think both ideas are great. We really don't need it until we do need it and then we should have it. And then not have it until we need it again.

I'll let you guys work the details out for that.

Thank you,
Middle-of-the-road Boofo

They got you so easy? what they 'promised' to you???

They got you so easy? what they 'promised' to you???

food...

oh, and that dress Danny found one day in one of my posts....


...

actually, if you misread the forum's sub-title, it is "The Official VBulletin Modification Site", not "The Ultimate vBulletin Resource" ... that one you can deal with, if you want... want to make a complete resource site for vB owners, be my guest, i'll register on your site the day you open.

I'm a pushover...

3D pushover...

That hurts, Nexia. :(


Well, I'm over that now.

I'm a pushover...

Ok... it comes with the age ;)

Ok, just rememeber the old sly fox...

Lol

3D pushover...

Well, back on the Topic, I think is very easy to Implement ;)

http://www.arcadia.progvisual.com/easy.png

with such a forum, everybody would fail in all security protocols... not good to use an image with my face on it btw, your reputation will drop iO...

Yes, we see enough of Nexia as it is.

Hopefully the Pentagon install vB as soon as possible!

Pentagon: China trying to hack U.S. computers
WASHINGTON (CNN) -- The Chinese military continues to increase spending on efforts to break into U.S. military computer systems, expand its Navy, and invest in intercontinental nuclear missiles and weapons to destroy satellites, according to the latest U.S report on China's military power.

Last summer, a cyber-attack on Department of Defense computer systems took down the e-mail capability of hundreds of staffers for weeks, but the Pentagon still will not comment on who initiated the attack. It is widely believed among the military to have been the Peoples Liberation Army.

http://www.cnn.com/2008/US/03/03/pentagon.china/index.html?iref=werecommend

My site was "hacked" this year. My super moderator used the forum on a lan house and they got his password and deleted the whole forum. If it wasn't for Paul's daily backup mod I was screwed, blessed be him. But there's not much I can do about that. It freaked me out though, as I had never been hacked before. And I'm not using lan houses anymore too.

--------------- Added 1204614885 at 1204614885 ---------------

Actually I think Paul should quote my message in his mod release, I think that would be a good idea.

3 simple rules:
1) dont give ANYONE permission to physically delete
2) keep your vbulletin patched/up-to-date
3)trust no one
-don't run brand new plugins without letting the community test it out and view the code first
-dont add moderators simply cause they ask to become one (if that wasn't obvious)
-if you don't want to pay the hired help.. change the passwords.

What can we do?

Bro,

What the OP is suggesting is 'how it's done', the good guys get together and share info. I belong to a couple such groups in other domains.

If you don't personally have the skills, then hang around such a group, and you could still pick up something valuable within your skill level.

As mentioned ... best coding practices, general safeguards, security mods. These protect your site like a locking bar on your steering wheel protects your car. It keeps the casual thief/defacer out, and steers the professional thief to an easier target.

There is not really a central place to discuss those on these forums. I think vB is seemingly not a full disclosure shop, and their sensitivity on that score may prevent them from fostering such a forum.

Wise as serpents, gentle as doves, yah?

See you there or in the air,

'snore

3 simple rules:
1) dont give ANYONE permission to physically delete
2) keep your vbulletin patched/up-to-date
3)trust no one
-don't run brand new plugins without letting the community test it out and view the code first
-dont add moderators simply cause they ask to become one (if that wasn't obvious)
-if you don't want to pay the hired help.. change the passwords.

I say make this a sticky in the new forum!

:D

Let's be honest, would it really matter? I'd say a large majority of the vBulletin owners here are the "click-and-play" types, who understand as much about security as they do quantum mechanics. They indiscriminately install modifications with no regards as to server load, hook conflict or, yes, even security. Most people who get "hacked" are asking for it. They're generally the forum with the more modifications installed than members.

How can one really be secure without understanding the priciples behind why what they currently have is inherently insecure. At best, you would have a forum of security suggestions where people would simply peruse the thread looking for various step-by-step instructions on how to do something -- not even understanding why it is they're doing what they're doing. I just see the whole thing as a wasted effort, really. vBulletin.org does a decent enough job of trying to keep hacks with security risks under wraps and out from public consumption -- that's really all you can ask for.

You want to be truly secure? Don't run a site. You want to be relatively secure? Run a default vBulletin installation. I'm not trying to be a prick, I'm just being honest.

Let's be honest, would it really matter? I'd say a large majority of the vBulletin owners here are the "click-and-play" types, who understand as much about security as they do quantum mechanics. They indiscriminately install modifications with no regards as to server load, hook conflict or, yes, even security. Most people who get "hacked" are asking for it. They're generally the forum with the more modifications installed than members.

How can one really be secure without understanding the priciples behind why what they currently have is inherently insecure. At best, you would have a forum of security suggestions where people would simply peruse the thread looking for various step-by-step instructions on how to do something -- not even understanding why it is they're doing what they're doing. I just see the whole thing as a wasted effort, really. vBulletin.org does a decent enough job of trying to keep hacks with security risks under wraps and out from public consumption -- that's really all you can ask for.

You want to be truly secure? Don't run a site. You want to be relatively secure? Run a default vBulletin installation. I'm not trying to be a prick, I'm just being honest.

So you have never been hacked? honestly..?

So you have never been hacked? honestly..?
To what degree? Have I suffered data loss due to an exploit? No, never.

Regardless, what does this have to do with the issue at hand? The current state of security of my own personal sites has nothing to do with a public discussion/repository for security related topics. If any of my sites are compromised, I can immediately reference my logs, find out what happened, and either patch the exploit or take it offline for further review.

Could you say the same?

My point being, a vBulletin-focused security discussion isn't inherently a bad thing -- but it's not going to accomplish what many think it will. If you want to keep up to date on security issues, subscribe to Bugtraq. Consider getting a basic grasp of PHP, so you can skim through the multitude of hacks before installing to look for basic security risks -- such as unsanitized inputs. Be proactive.

My point being, a vBulletin-focused security discussion isn't inherently a bad thing -- but it's not going to accomplish what many think it will. If you want to keep up to date on security issues, subscribe to Bugtraq. Consider getting a basic grasp of PHP, so you can skim through the multitude of hacks before installing to look for basic security risks -- such as unsanitized inputs. Be proactive.

So it's better to have nothing that something, that is what you said?

p.s. Thanks for your time

To what degree? Have I suffered data loss due to an exploit? No, never.

Regardless, what does this have to do with the issue at hand? The current state of security of my own personal sites has nothing to do with a public discussion/repository for security related topics. If any of my sites are compromised, I can immediately reference my logs, find out what happened, and either patch the exploit or take it offline for further review.

Could you say the same?

My point being, a vBulletin-focused security discussion isn't inherently a bad thing -- but it's not going to accomplish what many think it will. If you want to keep up to date on security issues, subscribe to Bugtraq. Consider getting a basic grasp of PHP, so you can skim through the multitude of hacks before installing to look for basic security risks -- such as unsanitized inputs. Be proactive.

I think you're missing the point of this whole debate. First, you as an experienced Admin could obviously take care of it if it happened to you. But there are those out there that have no clue what to look for or how to fix it if it does happen to them. Have you noticed how many "I've been hacked! Help!" threads have been popping up lately? And all from Admins that are either new to the being-hacked arena or inexperienced in the process of running a vb site. That doesn't make them any less deserving than you or I, and yes, even iogames (although, that is debatable). I get fed up hearing "then you shouldn't be running a site if you don't know who to fix it" statements. How many of us were born with the knowledge to run a site? I sure as hell wasn't. And neither was anyone else. It is a learning process and vbulletin.org is the school.

An area like we are discussing it a great idea for reference if nothing else. If gives a user a place to go to hear others stories about how they were hacked and what it took to fix it or stop it, or whatever. Something like this would be invaluable to a new Admin. I wish they had had something like this around when I was first starting out.

I think you're missing the point of this whole debate. First, you as an experienced Admin could obviously take care of it if it happened to you. But there are those out there that have no clue what to look for or how to fix it if it does happen to them. Have you noticed how many "I've been hacked! Help!" threads have been popping up lately? And all from Admins that are either new to the being-hacked arena or inexperienced in the process of running a vb site. That doesn't make them any less deserving than you or I, and yes, even iogames (although, that is debatable). I get fed up hearing "then you shouldn't be running a site if you don't know who to fix it" statements. How many of us were born with the knowledge to run a site? I sure as hell wasn't. And neither was anyone else. It is a learning process and vbulletin.org is the school.

An area like we are discussing it a great idea for reference if nothing else. If gives a user a place to go to hear others stories about how they were hacked and what it took to fix it or stop it, or whatever. Something like this would be invaluable to a new Admin. I wish they had had something like this around when I was first starting out.

I'm glad to have you back! [sob,sob,sniff]

I guess I just snapped there for a second with all the "why don't the newbies know as much as I do" stuff. That is a very sore point with me. We all were newbies at one time or another and didn't know squat about vb. We can learn here but not pass on what we have learned along the way? Sounds like crap to me.

On the 1st page, some guy mentioned that the more you bring attention to it, the more it encourages hackers.

Maybe someone should make a Security Mod that will trace will mods are most likely to be hacked or what parts of the site have open ports, what files have recently been changed, etc. Sort of like a spysweeper/virus checker.

Then instead of talking about hacking, you focus on the security more.

On the 1st page, some guy mentioned that the more you bring attention to it, the more it encourages hackers.

Maybe someone should make a Security Mod that will trace will mods are most likely to be hacked or what parts of the site have open ports, what files have recently been changed, etc. Sort of like a spysweeper/virus checker.

Then instead of talking about hacking, you focus on the security more.

I agree with the use of the word Security over hacking. Security can cover a lot of areas, including being hacked.

Just a side note in hope of getting this thread to "calm" a little bit I have posted an idea here: https://vborg.vbsupport.ru/showthread.php?t=172019

Just a side note in hope of getting this thread to "calm" a little bit I have posted an idea here: https://vborg.vbsupport.ru/showthread.php?t=172019

When you start mentioning paid hacks in the same breath as a free security area, looks like a bait-and-switch to me. I want no part of it.

Me either, and on a side note, i'm amazed this has made 4 pages, of well...really not much of anything. And this post isn't helping anything!

On the 1st page, some guy mentioned that the more you bring attention to it, the more it encourages hackers.

thanks to not mention my name... lol

actually, the goal to have a "Quarantine" place where to put the mods with inserts or security issues is one of the reasons why hacking mods may not be discussed here... when you announce that the hack XYZ have an exploit ABC, that is the way to break all the securities... you just need one moron to ask "hey, i have that hack and that version on my site, what can i do to secure my site"... 30 seconds after that post, someone would exploit his site...

that's why the guys on vb.org are NEVER discussing exploits of any hack here... neither would Jelsoft on vb.com ... so why start a place for the opposite means ?!

thanks to not mention my name... lol

actually, the goal to have a "Quarantine" place where to put the mods with inserts or security issues is one of the reasons why hacking mods may not be discussed here... when you announce that the hack XYZ have an exploit ABC, that is the way to break all the securities... you just need one moron to ask "hey, i have that hack and that version on my site, what can i do to secure my site"... 30 seconds after that post, someone would exploit his site...

that's why the guys on vb.org are NEVER discussing exploits of any hack here... neither would Jelsoft on vb.com ... so why start a place for the opposite means ?!

'Theorically' [sighs]

Is like NOT TEACHING Cops how to evaluate a crime, is like NOT TEACHING Doctors how to prevent diseases...

When an exploit is announced 95% of users will run to solve the problem, reducing the risk, just a few will commit the mistake that you mentioned above...

thanks to not mention my name... lol

actually, the goal to have a "Quarantine" place where to put the mods with inserts or security issues is one of the reasons why hacking mods may not be discussed here... when you announce that the hack XYZ have an exploit ABC, that is the way to break all the securities... you just need one moron to ask "hey, i have that hack and that version on my site, what can i do to secure my site"... 30 seconds after that post, someone would exploit his site...

that's why the guys on vb.org are NEVER discussing exploits of any hack here... neither would Jelsoft on vb.com ... so why start a place for the opposite means ?!

Yes and no. I agree we shouldn't discuss what the exploits are and give any script-kiddies any information on exploits, but I think it's OK to discuss how to fix things when they are exploited. That would be valuable information to new Admins that haven't experienced that and for when and if he ever does run into that. Knowledge is never a bad thing.

no need for a specific place to discuss how to fix these exploits... when an exploit is found on vb.org, you receive a notation on email to tell you how to deactivate or replace the hack when something have to be done...

each time we will have a new element to add to the reasons why starting such a service, we will have an existing solution here on vb.org... this was debated already... and i don't know why this thread and the other are running over ...

Not all exploits are found on the org. And security covers more than just exploits, too. Put yourself in the shoes of a new Admin who has just been hit by a hacker or an exploit and not knowing what to do or where to go for help. The com sends you to the org and the org sends you to the com. Where does it all end?

Wanna know what happened to the forum in the first post?
The TEMPLATE got modified... nothing more.

I mean, some idiot got access to the AdminCP and emptied a few templates and wrote "Hacked by n00b".

That's all.

Wanna know what happened to the forum in the first post?
The TEMPLATE got modified... nothing more.

I mean, some idiot got access to the AdminCP and emptied a few templates and wrote "Hacked by n00b".

That's all.

That's is one of the problems that we can discuss on the new section, can you tell us how can be avoided?

Thanx for the mention here guys and yea, we got it again today wholly crap, what'd we do,
oh yea Blackhat.
We will definitely learn from this, and too many user mods can cause probs.

I'm all for a Security Section, I've gotten hacked once with vBulletin, and it defaced my forums a while ago... also a few of my users were hacked recently by the same team.

Well I think this goes well since I can see a change on Nexialys :)


Security Section (http://labs.sim2world.com/secure/showthread.php?p=19#post19)

I don't think there's a need for a security section. (most problems with security are on the server end and not related to vbulletin software)

iogames, i would drop that page and all the things you copied from my username and avatar please... for your own sakes...

Wanna know what happened to the forum in the first post?
The TEMPLATE got modified... nothing more.

I mean, some idiot got access to the AdminCP and emptied a few templates and wrote "Hacked by n00b".

That's all.


lol glad to hear that
but u have to be honest
the topic is nice to read :D

Wanna know what happened to the forum in the first post?
The TEMPLATE got modified... nothing more.

I mean, some idiot got access to the AdminCP and emptied a few templates and wrote "Hacked by n00b".

That's all.
They could have done a lot worse with template access... so that's really a moot point.

Eaxctly! He was lucky they didn't do whole lot more damage.

Chinese hackers: No site is safe

ZHOUSHAN, China (CNN) -- They operate from a bare apartment on a Chinese island. They are intelligent 20-somethings who seem harmless. But they are hard-core hackers who claim to have gained access to the world's most sensitive sites, including the Pentagon.

The leader of these Chinese hackers says there "is always a weakness" on networks that allows cyber break-ins.

In fact, they say they are sometimes paid secretly by the Chinese government -- a claim the Beijing government denies.

"No Web site is one hundred percent safe. There are Web sites with high-level security, but there is always a weakness," says Xiao Chen, the leader of this group.

"Xiao Chen" is his online name. Along with his two colleagues, he does not want to reveal his true identity. The three belong to what some Western experts say is a civilian cyber militia in China, launching attacks on government and private Web sites around the world.

http://www.cnn.com/2008/TECH/03/07/china.hackers/index.html?iref=mpstoryview

I say: THEY DON'T KNOW VBULLETIN :p

Ok this thread just 'beated' the sticky on this section...

Like in all Social Groups, the leaders tend to ignore the popular demands till the point were is sustainable, there's not new tricks on this old world :(

http://www.arcadia.progvisual.com/beated.gif

Ok this thread just 'beated' the sticky on this section...

Like in all Social Groups, the leaders tend to ignore the popular demands till the point were is sustainable, there's not new tricks on this old world :(



Nice thesis but ultimately incorrect. We've been discussing this in secret almighty staff lounge over coffee and cake for a while now. :)

Nice thesis but ultimately incorrect. We've been discussing this in secret almighty staff lounge over coffee and cake for a while now. :)

I will LOVE to be wrong!

Wonderful.

Also, as always, just because the staff is discussing this doesn't mean that it will result in your expected proposal.

I will LOVE to be wrong!

Why if vB.org decides to offer such a forum, it'll pretty much destroy all that hope you seemed to have to start a seperate forum for such things

Chinese hackers: No site is safe
http://www.cnn.com/2008/TECH/03/07/china.hackers/index.html?iref=mpstoryview
I say: THEY DON'T KNOW VBULLETIN :p

that's what we call PARANOIA ... the more you post that kind of crap, the more people will think you are aside of your own track...

oh, btw, if there is a so high Views count on this thread... that is not because of the topic ... it's because of the jokes we post... people are willing to know the next line.

Flying under the radar is always better than flying over it. ;)

that's what we call PARANOIA ... the more you post that kind of crap, the more people will think you are aside of your own track...

oh, btw, if there is a so high Views count on this thread... that is not because of the topic ... it's because of the jokes we post... people are willing to know the next line.

1. I'm enjoying this; isn't Paranoia
2. You call reality crap?
3. There's so few just causes left in this world to fight for, that it's the sense of accomplishment
4. I admire you and respect you for many reasons, sad that we disagree on this issue [no hard feelings uh?]
5. My profession is Architect, so when CNN does a report on Hackers I tend to believe 95% since they're professionals too...

CNN = News
News = Entertainment
Entertainment = Ratings
Ratings = Bigfoot, Elvis Sightings, etc.

4. I admire you and respect you for many reasons, sad that we disagree on this issue [no hard feelings uh?]

you just missed a point here... you never asked for my opinion, and i never showed it in this same thread... you do not know if i am on your side or not...

btw you can continue to respect me the way you do, i find it strange, but you can.. lol

and i am not calling you paranoid, i say that the announcement is related to paranoia... the more there is that fear,the more the hackers are happy... 90% of hacking/pirating is based on fear, not real life.

--------------- Added 1205083293 at 1205083293 ---------------

CNN = News
News = Entertainment
Entertainment = Ratings
Ratings = Bigfoot, Elvis Sightings, etc.

Ah, come on, Elvis is not dead, and THIS is entertainment to tell the opposite...

--------------- Added 1205083325 at 1205083325 ---------------

Flying under the radar is always better than flying over it. ;)

stop flying, you will have no problem

you just missed a point here... you never asked for my opinion, and i never showed it in this same thread... you do not know if i am on your side or not...

btw you can continue to respect me the way you do, i find it strange, but you can.. lol


For no one is a secret that you're a opposed to the idea of a security section...

Ok, I devised an 'Experiment' based on the premise that the most powerful computer in the world is equivalent to the brain of a worm...

I've hooked a regular brain's rat to a Server and teach it how to find its way through your Site, so if the attempt is successful you will be 'virtually hacked' and then maybe based on your experience you can vote in a reasonable manner in favor of the whole community :D

https://vborg.vbsupport.ru/external/2008/03/48.jpg

you just missed a point here... you never asked for my opinion, and i never showed it in this same thread... you do not know if i am on your side or not...

btw you can continue to respect me the way you do, i find it strange, but you can.. lol

and i am not calling you paranoid, i say that the announcement is related to paranoia... the more there is that fear,the more the hackers are happy... 90% of hacking/pirating is based on fear, not real life.

--------------- Added 09 Mar 2008 at 12:21 ---------------



Ah, come on, Elvis is not dead, and THIS is entertainment to tell the opposite...

--------------- Added 09 Mar 2008 at 12:22 ---------------



stop flying, you will have no problem

Boy, you missed the point to both of those. Are you from France by chance? ;)

Nice thesis but ultimately incorrect. We've been discussing this in secret almighty staff lounge over coffee and cake for a while now. :)

Ok, ok, ok... I can predict the outcome of the desicion by the flavor of the cake, it's a extremely hard technique and mentally dangerous but I will try my best...

Okay - as stated earlier, the staff has heard and is discussing your suggesting. This thread is turning into a circus and I'm not sure who the ring leader is, so thread closed.

You can continue your discussion of elvis, rats, and media in the Community Lounge. :)

Thanks for your feedback.

Ok, ok, ok... I can predict the outcome of the desicion by the flavor of the cake, it's a extremely hard technique and mentally dangerous but I will try my best...
Once you get the hang of it, the cake method can be very easy used to manipulate. Just balance ingrediants like chocolate (for a positive look on the subject) or lemon (for a more negative stance).