vb.org Archive
Page 10 of 16 « First 89 10 1112 Last »
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vBulletin.org Site Feedback (https://vborg.vbsupport.ru/forumdisplay.php?f=7)
-   -   Sending of Hacks to the Graveyard (https://vborg.vbsupport.ru/showthread.php?t=153206)

Paul M 07-25-2007 07:15 PM
Quote:
Originally Posted by MicroHellas (Post 1301179)
A first step is to inform members to Disable a product and not to uninstall it. Most members don't know that by uninstalling it they're loosing their data. I realized it from a huge amount of emails that I got from members asking me (but after uninstallation) if they lost their data.
I believe this highlights that we need to standardize the actual message that is sent, and I agree that it should now suggest disabling rather than uninstalling - this is really something left over from the past, as before we had products, the advice of uninstalling was not really a problem as few modifications actually had an uninstall function that removed data. Now that the vb product system automates this, different advice is needed.

MaryTheG(r)eek 07-26-2007 03:24 AM
Quote:
Originally Posted by Paul M (Post 1301510)
.....and I agree that it should now suggest disabling rather than uninstalling .
Thank you for supporting my suggestion Paul. I believe that this will reduce the problem by 50%. Further more I believe that all new mods must be check by Moderators before going to public. That's adds an extra security and protect end users from rubish (don't like to say "defaces"(?).

Maria

Distance 07-26-2007 03:36 AM
Although it would be a solution its never going to happen unless vBulletin.org hire someone, the moderators here get paid nothing and are voluntary, most:p of them have lives too and don't have enough time to check every modification.

Anyway if the person who created the script cannot spot one how do you expect someone who has never seen the script to have a better chance at finding it!

Also you have to think that if a moderator does check it and gives it the all clear and later an exploit is found and forums get comprimised, it puts alot of pressure on vBulletin.org and on the moderator, possibly legally too.


Distance

MaryTheG(r)eek 07-26-2007 07:04 AM
Quote:
Originally Posted by odonel (Post 1300021)
The answer is clear people, vb will eventually charge us for these hacks....
Even if it's something that many users thought, I believe that the real reason is something else than Marco wrote before ("Lots of reports lately").

In my opinion the problem came from the new moderators who came in the field like bulls in crystall shop, trying to get their first congratulations.

To be honest, I was very upset with this situation (for many reasons) but when I seen the moderator's profile, I understood many things just by seeing his photo. By the way (this is for Cordinators and Administrator), don't you think that Moderators (in other words staff) must be more carefull on choosing their photo? "Caesar's wife dosen't need just to be good. She must look good too". At least he has the 2 fingers up and not just one :D

Marco van Herwaarden 07-26-2007 07:16 AM
Maria,

I do not like to be called a liar. Also my previous post on the reason of the amount of vulnerabilities found the last few days was simply the truth, please stop trying to suggest that there is anything else to it.

The vulnerabilities have been reported by regular members/coders and staff investigated each report and took action if confirmed.

MaryTheG(r)eek 07-26-2007 07:38 AM
Quote:
Originally Posted by Marco van Herwaarden (Post 1301964)
I do not like to be called a liar.
I NEVER called you liar, or at least my meaning wasn't this one. I've never called anybody liar. My meaning is (with much more simple words): "There are lots of reasons. Some of them 1st priority, some other 2nd. I do believe that there were lots of reports and the staff hasn't the time to check all of them, so everyday the queue becaming bigger and bigger. So, when the new staff started on duty, they started from there. And because (here is my point) they don't have the experiance, they did mistakes.".

I apologize if you got my meaning on the bad side.

Dismounted 07-26-2007 07:42 AM
Actually, the reports started coming in AFTER the new staff were introduced.

MaryTheG(r)eek 07-26-2007 07:50 AM
Quote:
Originally Posted by Dismounted (Post 1301977)
Actually, the reports started coming in AFTER the new staff were introduced.
The timing was just for refference. The main goal is that reports checked by the new unexperiant moderators. And to avoid any future misunderstanding: Unexperiant as Moderators. Maybe he is guru on vB.

Marco van Herwaarden 07-26-2007 07:50 AM
We are not running behind in handling vulnerability reports. Until now we have been able to address each report within a day (more often within hours).

You can make a lot of assumptions, but unless you can provide some facts, they are nothing more then unfounded assumptions. Obfuscating a discussion with such assumptions does not lead to any constructive discussions.

PS The only time that Staff checked for unreported vulnerabilities in a modification has been when a larger number of modifications of the same author have already been reported. In that case staff might be looking into other modifications by the same author to see if there are similar vulnerabilities.

Marco van Herwaarden 07-26-2007 07:53 AM
Quote:
Originally Posted by MicroHellas (Post 1301985)
The timing was just for refference. The main goal is that reports checked by the new unexperiant moderators. And to avoid any future misunderstanding: Unexperiant as Moderators. Maybe he is guru on vB.
Again you are assuming that new moderators are uncapable of verifying and handling a vulnerabity report or that they have to handle such a report without the assistence of more experienced staff.

I kindly ask you to stop feeding the discussion with such unfounded acquisations.


All times are GMT. The time now is 12:50 PM.
Page 10 of 16 « First 89 10 1112 Last »
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01226 seconds
  • Memory Usage 1,746KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (6)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete