|
Quote:
By labelling my post as deleted/edited due to 'bringing personal issues' in, you're giving people the impression that I came into this thread and moaned at someone, which I did not. What I did was to disclose a material fact that has a bearing on the viewpoint of a particular poster. Not to get anyone into trouble, but to put the vociferous claims for the banning of Paul M into some sort of context. It is so much *not* a personal issue that it didn't even occur to me at first, otherwise I'd obviously have mentioned it earlier. Nonetheless, you're the boss, if you don't want it brought up then fine. But I'd appreciate it if the wording in my now-edited post could be amended as it grossly misrepresents what was said. |
I'm sorry, but 'the entire modification is doing stuff the end user never knew about and auto clicking the install button' (WHEN THEY WERE FREAKING INSTALLING IT) is about as malicious as
PHP Code:
I installed a style once. It had a wc3 image at the bottom that clearly didn't come with the style. Freaky stuff ill tell you. If you download my work but don't install it, what the hell are you doing with it? It plays a lousy game of Parcheesi. I didn't even know you could download 400 hacks from here. I think a simple word to the offender would have sufficed instead of having it seem that clicking an install button was akin to cannibalism. |
Quote:
Chris |
Quote:
|
This is not about "one person". This "problem" is bigger than some may think.
|
Quote:
Quote:
Quote:
Quote:
Quote:
|
The point I am trying to make is that it isn't malicious regardless of if 1 person does it or if 1000 people do it.
If the thread says 'if you install this, click install' then you NOT clicking it is a violation of the terms set forth by the coder :P My point is that if its regarding clicking the install button - you guys have turned a mountain out of a (non malicious) molehill. If its about something greater than that - then focus the debate on that! :D |
Quote:
Just exactly what am I searching for ways out of ?? I PM'd you and asked if this thread was about my code and you flatly refused to answer. Even now it's not actually been stated anywhere that this is about my auto install link code, it's been left to us to work it out. You avoid and bluster like a politician when asked to confirm a simple question - was this about my code or not. Do you see me deny that that I included this in a few hacks last month ? No. Did it break any rules, No. In fact, had it worked 100% correctly the only thing it would do is make the install count a little more accurate, since it only got called if you installed it (not downloaded it) - and it clicked uninstall if you removed it (how many people do that manually ?) You state that you have been discussing this for weeks (it's only existed for five weeks !) yet no one once actually bothered to contact me once - instead you wait a few weeks and post a massive thread which has a tone like the end of the world has just arrived. Talk of nonsense like loopholes, security threats, and the like - none of which has any relevance to my two lines of code. |
This is nothing new - I recall seeing that in other older hacks/mods - even in vb2. Also, when I was with wbb (before converting to vb 2.x.x) I noticed most of theirs had that as well as other board systems.
I personally see nothing wrong with this as long as its function is stated in the install/readme file. However, I can also see where this could potientially(msp?) be a major issue if left alone and unaddressed. I am glad this was noticed so the proper action could be taken. :) |
Quote:
|
Quote:
Why is the staff so scared to state that this is ALL about Paul and a few others adding the 2 lines of code to the install link? I've already confirmed that it was in private, why can't you just tell everyone else. |
Quote:
:cool: |
Cause (going off of what Princton said) this is way bigger than we think, however cross referencing that information with Marco's post, i'm inclined to think that people are actually requesting usage statistics, i also wouldn't rule out the vBsoccer hack.
Either way, it's been discussed to death now, we've seen how it should've been done. how it was actually done and they don't look the same, lesson learned for next time. nothing more can be done (bar the HOTM being restored). |
Quote:
|
Ya know, if Paul hadn't posted in the thread, his name never would have come up as being the offender. Personally, I had way more issues with the way another coder snuck the install click in on his template mods disguised as products, but managed to forget to have it automatically click the uninstall button when the product was uninstallled.
Staff handled this pretty fairly, I think. 1. They posted a warning, allowing offenders to clean up their code before being called out on it. 2. They pulled the hotmod from voting for a bit to prevent people from losing their votes if some mods are pulled from the poll. I think both actions were pretty darn reasonable. I would have gone straight for a public calling out of offending code and skipped the polite notice. |
Slippery slope that opens the door to others adding seemingly 'innocent' links without explaining them to the end users. I couldn't begin to compete the thousands of emails I got over the years about my little signature sign that confused people as to just what was being collected and why:
https://vborg.vbsupport.ru/external/2006/05/10.jpg Once you open the door to this kind of behavior, it opens a can of worms that suggests calling other scripts which installing your mods are also acceptible. Lesson learned on my signature, that it makes sense to you doesn't mean it won't freak out alot of others. |
Quote:
They knew about this weeks in adavanced. They should have PMed all the offending users to let them know about the new rule soon to come. They stated them selfs that there are only a few users who had broken this upcoming rule. So it woudn't be so hard to PM them before this thread was made. If they would have done that and worded this thread diffrently, I bet a years salary that this wouldn't have escalade to what it is now. From my time here and noticed Paul, I'm confident to say that he and others would have removed the code with out much fuss. Then the whole HOTM issue would have never even had come up, because then they wouldn't be breaking this new rule. No one was breaking any rules prior to this thread. Stefan stated this himself for crying out loud. |
Quote:
www.vbulletin.org/forum/showgroups.php see for yourself. :) |
Quote:
She's just teh coolies :D Chris |
Anyone with permissions to the private staff forums is considered some sort of staff to me. Showgroups doesn't display all users with moding rights peterska2. Surly you should have known that.
|
I amnot staff, Livewire. I am the one who pitches a quiet fit in a pm to Stefan or Erwin if I think a staff member has been unfair to you guys. And, you know that I like you and we have worked together on mods before. I have no reason to dissemble on this.
|
Quote:
|
Quite frankly, it would be a lot better to close this thread. The new policy is a fair one. The install-link conundrum is a non-issue really, especially since it doesn't even work properly in most instances! Therefore a blanket ban on such things is no cause for concern, and avoids the possibility of the slippery-slope argument.
The staff line of view will conflict with that of the coders sometimes (that's just an example, it applies to all ;) ) - that's just life, learn to accept it. It's painful to see people squabbling over nothing, some even leaving because of disagreements. It's everyone's responsibility to keep the community atmosphere positive. It doesn't help if people feel the need to retaliate to every comment made. |
Mods, Thank you for bringing this to our attention and taking action to ensure the integrity of the system which so many users are dependent on.
|
@Amy
I don't mean to sound like I'm taking my fustrations out on you as I'm not. I like you and we have done work together in the past. I have nothing agaist you persoanlly. Though you do have certains rights to forums in which we can't see so that gives you both sides of the story. I persoanly think a simple PM would have been more approaitate. Paul has nothing to hide, he has said it himself, Stefan stated that no one was breaking any rules. Theres a new rule? Okay great thats fine and I have no problem with this new rule, please understand that. I just have a problem on how things come off as personally attacks. Can you honesly sit here and tell me that never once the staff persoanlly attacked a members? In private or public? Come one now, I'm not stupid. I've been here a long time and managed to meet and make alot of nice people. Some staff, some coders, others are regular members. I hear about what goes on around here quite often, whether it be IRC, IMs, Emails, or on my forums. |
Quote:
In the first post noone mentioned a single username. Most names came out, because users did actually feel offended, and tend to lead into personal attacks then. It's a pitty, that the current situation is very instable here, that's why i'd like to ask everyone, to think twice before posting anything. That counts for staff as well as for all users. It's never one side alone, there are always two sides of a story.... |
Hi peeps....Just finally read this all the way through...wow what a load of cackling....
I knew nothing of this "install code" and if i know nothing of that what else do i know nothing about? It just goes to show, that if you dont know anything about coding that you could be leaving yourself wide open. I have installed hundreds of hacks in good faith and not had and security issues as yet /me touches wood all i ask is to be told about any extra that i am installing? As i have said before, you peeps do a great job with ya coding. Now leave the staff to do thiers, surely you all know how hard it can be to staff a forum and to be honest i dont think half the posts in this thread is really helping.... If anyone actually thinks that they fall into this threads catergory then do something about it, modify ya code and /or state it in the 1st post, this to me is all that needs doing or have i misread? |
Quote:
|
Ken,
One other problem is that staff has to go through all the mods to determine who all is doing this. That's why no PMs at this point to people using this code. Posting the new policy and giving a grace period to clean up the code just seemed the smarter thing to do. It gave people a chance to remove the problem without being called on the carpet. |
I'm not sure but, for some reason I think you were better off keeping this quiet. It may give people idea's, as I hadn't even thought of the possibilty yet before reading this :/
But yeah, it's good you guys are cracking down on it. These things should not be distributed. |
Quote:
:) On a serious note.. people are both taking this all far too personally, and blowing it way out of proportion. They are just pieces of code! It's just temporary! (well, for those innocent ones that are just 1 line in the Install part of the product .. if there are nasty ones, then hell, remove them permanently). This is a community site. Getting all huffy and calling names and threatening to leave and removing all your hacks out of spite for this situation is going to do nothing good in the short-term, and is as unlikely to be beneficial to you in the long term. Can't we all just get along? |
Well, i just realised that if i installed some hack or un-installed it from my board, it would instal or un-install in my installed hacks here @ vb.org?? WTF!?!?
oh well, let there be peace and start editing all codes and/or putting warnings about what hacks do when un/installing) |
Quote:
This whole thread is about a policy being introduced, as stated in the first post. Nothing more and nothing less. Whatever event triggered us to start thinking about this issue and made us write this policy, is not relevant to the policy (and thus this thread) itself. This thread is here to discuss this new policy. This policy is bigger then any current issue that i am aware of, and is just here to make things clear for the future. The question that is relevant to you "would this technique i am using fall under the new policy?" has been clearly answered with a yes. So i think we have been clear and open in answering all relevant questions. |
Don't you see that this kind of "non-response" doesn't end the issue, but prolongs it? The thing is, people decide on their own what they find relevant to them, and being told otherwise serves to marginalize them and their issue, which, ironically, only makes the issue more important and more relevant to them. You aren't addressing/ending the issue, you're escalating it.
Why not just say "Yes, it was your code that got us thinking about the issue in general. We didn't mean to imply that you had bad intentions... your code was just the catalyst for the policy change." That would put an end to it. As it is, it looks like you're trying to avoid/hide something and/or spin some issue. |
It wasn't Paul's code that triggered it. The reported mods list didn't contain Paul's mods. They were discovered and added later when the matter was being researched. Now, feel free to call me a liar if you will, but the original mdb file of offending mods didn't have a single Paul mod on it.
And, staff didn't name Paul in this thread. He posted and askied if his code was covered under that policy. And, he was told that it is. |
It matters not now (to me anyway) - I updated all mine last night.
Despite your post Amy (an honest answer at last) I still don't think this was done in the correct manner - the first post reads like a tale of doom and gloom, the fact that what was being discussed was considered harmless was buried in scaremongering talk of backdoors, password extraction, hidden functionality and even shame on the part of vb.org ! - no doubt causing completely unnecessary panic in the minds of people reading it. |
Paul, I disagree on the gloom and doom thing. The user that ticked me off the most in this whole issue is just the type to use that 'harmless' little link to do some more nefarious things. The policy had to be broad enough to stop these kinds of things in their tracks.
I still think this was handled very politely by staff. No fingers were pointed, no names were named. The new rule was spelled out and time was given to comply. |
Quote:
As the staff meets to discuss ways to improve the site and research/resolve the causes of the recent tension, I'd hope that "Staff Responses/Professionalism" be on the agenda, with this thread being a case-in-point. I don't have much more to say, so will back quietly away from this discussion now. |
Obviously the coder(s) put that line of code in for a reason. To generate an 'installed' click instead of counting on the user to manually do it.
Why not consider this: Take away the ability for users to manually hit the install/uninstall button. Have every hack that is created contain two lines of additional code. One to add to the install count when the hack is installed by the user and another to uninstall, when it is removed by the user. Obviously this would have to be disclosed somewhere on VB.org like in a sticky or the FAQ so everyone is aware of it. This would in fact IMO, help the coders by giving them a truer account of how many people in fact installed their hack as well as helping the installer with receiving the 'hack updated' emails. Could be a win/win situation if handled properly. :cool: |
Quote:
--------------- Now while I thank the staff for bringing up this issue I'm curious on the way it was announced: 1) I understand that not one of the questionable hacks breached security (thus, no harm to board or users). 2) I understand that time is given for these authors to revise their code(s) or release statements. I have no issues here. What I question is if the two previous statements are true could this issue have been announced after it was taken care of? The immediate reaction when limited information is offered (while excluding the answers to two key questions: Which hacks and which authors) is to want answers or at least some control to rectify the issue on their own terms (uninstall the hacks). Now there will be two weeks of wondering... |
| All times are GMT. The time now is 01:04 PM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|