[JacquiiDesigns]

Quote:

Originally Posted by Marco van Herwaarden

Ok let me start by addressing some of the issues you raise in this thread.

There are only 2 situations in which a modification is quarantined:

- A (possible) exploit has been discovered. As per our Mod Exploit Guidelines we will snet out a warning email to all that have marked the modification as installed. Such an email is only sent in case of an exploit. So if you receive such an email it is to warn you about a possible vulnerability.
- The modification is breaking a rule that can be resolved. No email to the users is sent in this case as this is a private issue between vB.org (rules) and the author.

Details of a possible vulnerability are only sent to the coder and not to the users. We have no intention to change this. But if you think that we should update our text to make it more clear that the email was sent because of a possible vulnerability, then feel free to suggest an alternative text. But the current text was made after discussions with members.

Files are not available for download when a modification is quarantined. One of the reasons for this is not to help potential hackers to exploit such a vulnerability before a fix is provided by the author. But also the current version might not be available anymore.

Files can become unavailable for many reasons, in most of the situations these files are either deleted or can not be shared anymore for copyright issues. This is not limited to a quarantined modification. For this reason it is always your own responsibility to ensure that you can uninstall a modifiction, even if the files are not available anymore. There are many ways to solve this, most people simply save a copy of a modification when they install it. You can try to make this our responsibility, but how you run your board is really your own.

Now let's address your complaint on how you are treated by staff.

- You start a thread on a topic that has already been discussed before, and you know this. Now i don't have a problem with someone making a suggestion again, but you bring no new arguments, you only repeat the same as in older threads on this topic. Not a surprise that you will receive the same answers.
- The title of your post is not like your intentions are to make a serious suggestion, it is more the start of a rant: Concerned about another quarantine email I received. Does vB.org just not give a damn. If it had been only the first sentence it would have been fine, but by adding that vb.org doesn't give a damn you are already paving the way to get a negative response by staff.
- "Why the HELL are the people who have marked the modification as installed not given the reason for the quarantine?" Why the need to use langauge like "Why the HELL". Also you are asking a question that has been answered to before.
- "And it's my assumption that vB.org just does not give a damn about its Members' board security if the only thing to do is send that bogus email as quoted above." Again, no positive suggestions, only a rant. If you think these mails are bogus then this would invalidate most of your rant. If you don't want them, don't mark modifications as installed. Sending out a warning is a service we provide to our members to help them mitigate security issues.

How do you think staff should respond when you only post a rant about things already discussed before in such a negative way?

I won't go anyalyzing your other posts in this thread as i think i already gave enough examples from your first post in this thread, but your responses only go further down the road.

Marco - My intentions with posting this thread was NOT TO START A FLAME WAR - it was to make a suggestion! Instead of treating this thread as some "ranting of Jacquii" as you obviously have done - you can analyze the content of my SUGGESTION:

Quote:

The idea here is to have a board which is SECURE from exploits, as well as modified to our liking. And if a modification is no longer classified as secure and quarantined as such - then it's not only the responsibility of the board owner to take appropriate action BUT it's ALSO the responsibility of vBulletin.org to provide all information available so that Members CAN take the appropriate action for the security of their forum.

If you cannot see that as a valid - then YES - It seems as if vB.org just not give a damn- in fact - why not just close the thread as AGAIN it's quite apparent that another suggestion for the betterment of vBulletin.org and for the security of Members' forums will not be considered.

Jacquii.

btw - Thanks a lot for that bogus infraction. I do not see how any of my posts in this thread deserve an infraction. It's ridiculous - but I've come to expect absolutely nothing better from the likes of you Marco.

--------------- Added [DATE]1252695192[/DATE] at [TIME]1252695192[/TIME] ---------------

Quote:

Originally Posted by Paul M

The mod in question consists entirely of a single product, all that is needed (if you so wish) is to disable it.

Paul - This thread is not about "the mod in question" -- This thread is regarding ANY AND ALL modifications which may have been quarantined and/or graveyarded. Your comment is exactly the kind which lead to the 2nd sentence of the thread title "Does vB.org just not give a damn" --- Meh.

Jacquii.

--------------- Added [DATE]1252695628[/DATE] at [TIME]1252695628[/TIME] ---------------

Quote:

Originally Posted by kevcj

It is not vbulletins place to discuss security issues....

Yes it IS! This is an official vBulletin modification site. If vBulletin is not to care about the security of its Members purchased products, then who is? And yes - I know - vBulletin cannot officially blablabla offer support for modified boards blablabla... But the gist of my suggestion and others who have made the same suggestion is that vBulletin.org should have a policy in place which actually is for the security of Members' boards.

I don't understand what's so difficult to grasp about the concept... And again - this is the type of comment which makes me ask, "Does vB.org just not give a damn?" --- hmmm perhaps that is an incendiary, not-quite-tactful way to phrase the question and I just did not realize it. Meh. That's not to say that it's not a damn good question though. I think it is - and obviously the vB.org Coordinator and one of the Administrator have answered with an overt, "Nope. Sure doesn't. And neither do I."

Oh well...

Jacquii.