vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   Flashchat; safe or not? (https://vborg.vbsupport.ru/showthread.php?t=133562)

Scormen 12-09-2006 07:44 AM
Flashchat; safe or not?
 
Hi everyone,

I would like to use a chat on my website, currently I'm using the latest versions of vB (3.6.4) and flashchat (4.7.7).

But, I have read that a lot of boards are hacked due to flashchat. What do you think, is it safe to use or not? Yeah I know, it is coded by people, so it is never 100% save...

Do you suggest another chat system? What do you use?

Thanks,
Kris

Saulie 12-09-2006 06:46 PM
I would say it's pretty safe, I use it on my forum and it's never been hacked so far.

If you have a moderately small forum it is allways best to use a shoutbox in my opinion something along the lines of vShout. Allways there so you can quickly have a look at whats going on while browsing the forum, whereas with flash chat you have load it up and you cant just flick throgh it all. But then on the other hand if you have a larger forum I guess a shoutbox would be too small.

Scormen 12-11-2006 05:03 PM
:) Thanks for your reaction, Saulie!

My forum will start at 16 dec, I'm curious how the chat will react on public.

Grtz,
Kris

salata 12-14-2006 06:48 PM
i thought you just had to delete some file in flashchat and that would solve the hacker problem

Scormen 12-14-2006 06:53 PM
Do you mean the install folder and the files of the other CMS's we don't need?

Kris

Paul M 12-14-2006 07:01 PM
If you read the various theads on the subject you will know that the AEDating CMS security hole was fixed months ago, sometime around Flashchat version 4.6.2, the current version is 4.7.7.

I would be very interested to hear why the people who voted 'No' have done so.

Ntfu2 12-14-2006 07:07 PM
I'd like to hear so to.

Flashchat is perfectly safe, and i'm using it on a forum with 12k members. No security holes, and you should delete the extra CMS files anyway

davidw 12-14-2006 11:36 PM
My .02 cents - It is safe (but only until an exploit is discovered). This goes with any software though.

I used it for 1 year and updated it several times. My site was defaced twice while using it, both times because of flashchat, both times because I failed to update it when a fix came out (update). Because of the lack of attention that I give to addons such as flashchat, I decided to remove it. For the most part it was safe, but twice was too much for me. My time is stretched too far to worry about something that was never used on my site, so I removed it. Had it been used more, I may have kept up with the updates when they came out. My failure. My responsibility.

Scormen 12-16-2006 08:39 AM
Quote:
If you read the various theads on the subject you will know that the AEDating CMS security hole was fixed months ago, sometime around Flashchat version 4.6.2, the current version is 4.7.7.
Yes I did, because of that I still have deleted these files because we don't need them anyway.

So Christian, you where hacked beacuse you didn't installed the updates? It was no problem of FC...

Grtz,
Kris

davidw 12-16-2006 11:12 AM
Quote:
Originally Posted by Scormen (Post 1139611)
So Christian, you where hacked beacuse you didn't installed the updates?
That's right. There are people out there who look for exploits (more specificially my type of website unfortunately) in programs such as flashchat, see if you have IMPEX install files on your site, pretty much anything they can use against you - and if there's a vulnerability they will take advantage of that. If you are up to date, have removed your install files, etc., there are no worries. In my case, I had two outdated versions of flashchat (one with the more recent AEDating CMS security hole and the other I honestly don't remember - that was when I switched to vbulletin Aug/Sep 2005).

Xoligy 12-16-2006 11:28 AM
There's no 100% secure application, but as long as the development team are prompt at discovering and patching the exploits, you're pretty much safe. Exploits have been found for vBulletin, yet you don't consider that insecure because they've patched them extremely efficiently.

Sober-Teens 12-17-2006 12:10 AM
Works for us! No problems in two years.

Shazz 12-17-2006 12:25 AM
Id say yes, even though some people say there are exploits in it

yotsume 09-10-2007 11:21 PM
Yea its SAVE to use? and Safe to! LOL

Weapon-x 09-11-2007 01:04 AM
It's safe if your up to date on all hacks on your board!

ajmcce 04-15-2008 12:40 PM
its hard to find anything definitive on this safety issue.
http://secunia.com/advisories/24071

And the flashchat website still references upcoming features in 2006.

ugh... looked like a viable option too

davidw 04-15-2008 02:21 PM
Consider the last update on the advisory - Last Update: 2007-02-09
There have been updates on that software since then. Ultimately it is the administrator of each forum to keep their software up to date.

Princeton 04-15-2008 02:51 PM
I voted NO - simply because of the points davidw pointed out.

Personally, I don't feel a chat software is the place for a "forum" site. If you want to get the most BANG out of your forum - don't install a chat software.

Most places that have these installed rarely see any activity.

They are great for offering SUPPORT.

iogames 04-15-2008 02:57 PM
Quote:
Originally Posted by Princeton (Post 1491306)
I voted NO - simply because of the points davidw pointed out.

Personally, I don't feel a chat software is the place for a "forum" site. If you want to get the most BANG out of your forum - don't install a chat software.

Most places that have these installed rarely see any activity.

They are great for offering SUPPORT.
Quite right... :cool:
no stats on that one?

Marco van Herwaarden 04-16-2008 09:54 AM
Please be aware that this thread is already 1.5 years old. Votes on the poll might not reflect the status of current versions released after the start of this thread.


All times are GMT. The time now is 08:43 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01167 seconds
  • Memory Usage 1,753KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (3)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (20)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete