|
[Request] Video Directory Quarantine Info
Can someone tell me why the video directory was quarantined?
It is for sure the author will not repair it because he has not been here for almost 2 years. I for one will have it fixed if I know what's wrong with it., I already invested money to get the youtube api corrected so it could still be used by everyone. Please pm me as to what is wrong with it. I have been around here long enough not to share that info, I just want to fix it. Thank you. Email I received........... ================================================= Quote:
|
No, we cannot and will not disclose such information. On occasion we will if for example its blatantly obvious but specifically identifying the culprit and disclosing to the masses is not our place or prerogative - in fact its your prerogative as a site owner to disable said modification until you know its secure again, don't place your members at risk on a "maybe".
I'd love to say I could, I like you sir but there's all sorts of low-life trolls that browse this forum daily and would simply run amok with said information and cause a ruckus for some unfortunately by taking advantage of others using info we supply. Furthermore, when you receive an email stating a modification has been moved to quarantine, its meant to be received and interpreted as "serious" and taken to heart as such meaning that if you do not know why then don't ask how later (how you were hacked), disable for now until you find out more with ANY mod that is quarantined, ever! As the saying goes "better safe than sorry". Edit: Also as a prime example since you mentioned "investing heavily" Eddie and this goes for anyone whose ever done such; If you've made custom changes or paid someone to customize your particular version of a mod, the person who did that work may be qualified to find the security issue and patch now - this is something you must find out and decide if its worth it at said time. We will not however disclose those details and we cannot guarantee nor endorse anyone or any company who does such including but not limited to speaking of paid request - naturally you'll need to do that in private and or use the Paid OR Unpaid request forums here to discuss such. All modifications and information on this site are pretty much "as-is" meaning you need to make a well informed decision before doing anything to your forum... same as your daily routine, such is life. If anyone discloses anything on here it will be Paul, he is the primary Administrator who makes the super-duper-man-a-ma-jig type decisions when it comes down to it so you may PM him and ask. |
Ugh. I loathe the policy. Sure - some asshats might find it useful to exploit the info - but don't you think those of us who at least had the modification installed PRIOR to the quarantine should be given some sort of info????
What you've said is this ==> I understand your concern - but you're sh*t out of luck! Good luck hiring someone to chase down the exploit and let you know what it is. We understand that we could tell you something or at least point you in the direction of a fix.. No. We cannot do that for you. You're SOL. Thanks for using vB.org and best of luck though!! That's non-sensical. I implore you guys to rethink the policy. Folks like myself and Eddie, who've had the modification installed for years and took the time to click the "Install" link - should be told something. Otherwise = like your insinuated post = We're SOL. And with all due respect - that sux. J. |
|
Quote:
The complaint has merit though. I've never really quite understood why the shroud of secrecy around quarantined modifications. I think if we are to err - then we should err on the side of helping the community. And the majority of this community are novice hobbiests who like to better their forums. We're not advanced coding gurus who can easily delve into code as to find and fix modification exploits. The current policy should take that into consideration - especially for those of use who do tend to stay tuned to the modifications we install by subscribing to installed mods. What good is a QUARANTINED! stamp on the thread when we have no further information as for what course of action to take. "Uninstall the modification and wait until someone gets back to you ... if indeed anyone ever gets back to you." Is not an appropriate solution. It's cold splash of water in the face. :down: I mean - the quarantined email woke many of us up. But what the hell can we do about it?? The policy needs to be revisited if anyone on vB.org Staff would even care to do so... J. |
Well this outright sucks ass....The coder left 3 years ago and now runs on ZenForo....the odds of him fixing whatever you emailed him are about NONE to NEVER.
Now to find out how to remove this without messing up the rest of the forum......and then find some sort of valid replacement. We need another "legit" coder to take this over and you guys can send him/her the issues and they can fix it and get the community back on their feet. Otherwise, this one is DEAD. |
The policy does not need attention, in the least. Remember all, I was once once of you, I voiced the same concerns in fact if you search my past posts you'll find me spouting off to Paul and others long ago... it sounded like the same gibberish you typed above no offense but the forcing someone into doing something over being loud, proud, and funny when calling them or the sites policies into question is my JOB Ooooootay? Also - we're both loud Jacqii and nothings wrong with that unless its Movie night :p. See I'm still being funny while also beating a dead horse, policy won't change but we can surely poke and prod that poor dead horse until the cows come home, pigs fly, or the thread is closed and I'm pretty sure which one will happen first! "How Now Brown Cow"
Edit: Info to those who already downloaded or installed it? What about the 1000x illegal/hacker/download 599 vb4 Mods in this .zip type of sites? Remember that most mods are available illegally and perhaps with tons of injected code or similar in the files so we can't just trust anyone #X-Files. Now corny humor aside, I feel your pain. I also hate the fact when some coders remove their mods (over spite or similar, while nothing is wrong with the mod at all) and I fix tons of hacked sites... my method is restore the site to how it was 100% then upgrade if required - issue comes into play when the mod is in the graveyard and I can't download to help "fix" their site back to original so if you hate just being sol, then try just being sh**ted on eh? Basically what some have done in the past yet we don't see threads about that and those mods broke the mold for sure, some of them. So we can all have our opinions and justify why something should or should not be done but the rules are the rules, I've argued with Paul before and he politely pointed out many oversights in my logic and they just made sense once I took his point of view into consideration. See my post above, if its within your budget many coders here are qualified to change a few lines of coding to make it secure again - this is why we have an unpaid + paid request area for you to utilize. Furthermore you could open a new thread in vB4 programming discussions and ask for advice or what others might see as a vulnerability. *Do not forget though, that a coder can fix a mod then contact staff and if we review and confirm its fixed we can add the fixed mod as an attachment to the first post, the liability IF any at all then does not fall on the new coder nor the original author, it would then fall on you the person downloading and using as it would still be use as-is and at your own risk we would simply verify if a security risk is still present or not. Some coders also fix a mod and attach the fixed file to the mods thread so it stays within the thread and does not violate the do not re-release this mod blah blah as its still within the mods thread here ;) - since its quarantined now and not a misc issue i.e. its a security issue the only way to go about it that way would be to contact staff directly and voice interest in fixing said mod so we can work with you then restore the mod with the fixed version in place ready for download. |
Ooooootay....
I respect everything you are say but, how would I go about wording a thread in the paid section ask for assistance to fix the video directory addon? Example: Hi, I am in need of someone willing to install the video directory addon on their site and wait to be hacked so they can then find out what the exploit was and fix it? I am at a loss here. How about this, for a fee, would you fix the exploit after my site gets hacked? |
Quote:
Quote:
Quote:
The coder already knows its not secure, they can be given access to your site OR duplicate your site and test in a dev/test environment if you're fret'n about anything but it should be a non-trivial fix with a little bit of rewriting not much. Point being anyone whose anyone in vBulletin and dealing with modifications of this nature and/or security in general will see the issue right away and know how to fix it, I mean I saw it sure enough - there it was like a snake in the grass named Charlie... HALP! CHARLIE BIT ME! |
I am very curious what this would cost to fix AND update. If it is reasonable, I might be willing to foot the bill....worst case is the community pools their funds together and gets a legit coder to fix it up and make it current. I do NOT want to rip it off my site but I have disabled it until I know more about why it was quarantiend.
I am not faulting the ORG at all....I just want it fixed and updated so I can enable it on my site again..... |
1 Attachment(s)
Quote:
I didn't realize posting a suggestion would get me insulted by vB.org staff. And you guys wonder why member activity has slowed to a tedious trickle here.. https://vborg.vbsupport.ru/external/2015/08/1.gif The policy does need to be revisited in my opinion, and likely in the opinions of lots of folks left out in the dark as concerns quarantined modifications. It could and should be bettered for legitimate vBulletin license holders. And to be perfectly honest - I can't be bothered to give a damn about folks using illegally shared modifications with their nulled software. That's immaterial here. What's important here is the 706 people who've legitimately marked "Install" on the modification - who are now (by vB.org official policy) sh!t out of luck, no useful information whatsoever coming out of vB.org https://vborg.vbsupport.ru/attachmen...4&d=1439862323 Quote:
Meanwhile in reality = The 706 folks you shot the useless quarantine subscription email to are SOL.. That's extremely frustrating. vB.org can do better. J. |
Insulted?!?!?!?!
Come now Jacquii, your sense of humor is greater than that I know from experience! It was supposed to make that intellect of yours go "well that snazzy terd, look what he did there" in a sense - he basically said that once, he said the same thing like gibberish, was supposed to be witty humor, I tried! Tone, the only thing missing on a forum! Ohh and remember that certain things are not useless, such as the quarantine email - now you/them have the choice to make a decision on whether to disable or remove it until something viable whether that be a fix or replacement comes along. Staff here also does everything on this site, in their spare time Paul and Lynne included... even if they're on staff for vBulletin themselves they ARE NOT PAID for time spent on vbulletin.org so please don't assume that we're responsible for breaking the bank, we're just investors as well and the tedious trickle, vB5 for sure :p. |
Quote:
Quote:
Anyway. Yeah. A wee bit of melodrama for your nerves. Hope it made you smile - or more appropriately - I hope it made you roll your eyes like I did once I started wondering what to do about the quarantine :( LOL J. --------------- Added [DATE]1439890217[/DATE] at [TIME]1439890217[/TIME] --------------- Quote:
J. |
World wouldn't be quite the same without a few "characters" in it, now would it?! Character - love that word and its uses! All of you have it and we're all quite a character as well I'd dare say, in that good type of way!
I would contact Blind-Eddie who posted above, looks as if he has a paid request up already and perhaps you all could split that, something you would need to contact him over though. |
Quote:
|
Quote:
The original org user paid to fix the YouTube API 2.0 - 3.0 issue, not the "exploit". How are we to pay to get it fixed when we have no idea WHY you killed it and what needs to be fixed? For all we know this could be a simple syntax issue or a the worst....the need for a whole re-write. That could make the cost $20 or many hundreds, or more! I find it hard to believe that the 701 one of us who checked that we have it installed actually have any future hopes of seeing this fixed and brought back to life.....but I am a pessimist by nature. Time will tell I guess but for now I will just embed any youtube videos in posts and carry on. |
I created a thread in the paid section and received two pm's with regards fixing it. I am still waiting to hear something.
|
Quote:
|
I had to remove this mod and go with Nicks. I have lost a library with many years of media.
I understand the policy of not making a known exploit public knowledge but maybe it could have been shared with at least a few well known and trust worthy members so a fix could have been found. At any rate this plug wasn't working correctly in a long time. |
Quote:
|
| All times are GMT. The time now is 09:59 PM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|