Go Back   vb.org Archive > News and Announcements > News and Announcements
Reload this Page vBulletin 3.7.2 PL1 and 3.6.10 PL3 Released
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Closed Thread
Page 3 of 4 12 3 4
 
Thread Tools Display Modes
  #21  
Old 07-09-2008, 07:46 PM
Shazz's Avatar
Shazz Shazz is offline
 
Join Date: Jun 2006
Location: Utah
Posts: 4,758
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
v/Jessica to jelsoft
  #22  
Old 07-10-2008, 06:51 AM
gamerfu gamerfu is offline
 
Join Date: Apr 2008
Location: 台灣,&
Posts: 326
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Jase2 View Post
She seems a really nice person. Afterall, the exploit fixed would of never been found if it wasn't for her. There's an interesting debate going on in the vBulletin 3.7.2 Release Discussion - Jessica Hope is actually participating in that. Some people seem to think it is wrong for her to give a demo link exploit... well I don't think it is. She reported it in private to Jelsoft first, but they just said it isn't an exploit and dismissed it. So, she reported it publicly. Check it out: http://securitytracker.com/alerts/2008/Jun/1020322.html
Intresting how Jelsoft does not always take concerns seriously.
  #23  
Old 07-10-2008, 07:20 AM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
She reported it in private to Jelsoft first, but they just said it isn't an exploit and dismissed it.
I wonder where you got that impression.
  #24  
Old 07-10-2008, 09:58 AM
KURTZ KURTZ is offline
 
Join Date: Nov 2006
Location: Italy
Posts: 2,257
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by gamerfu View Post
Intresting how Jelsoft does not always take concerns seriously.
exactly ... :down:

Quote:
Originally Posted by Marco van Herwaarden View Post
I wonder where you got that impression.
maybe Jason has some private channels ...
  #25  
Old 07-10-2008, 11:29 AM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Where was it posted that Jelsoft does not take security concerns serious? If we would not take it serious, then why are we releasing a patch immediate after the discovery of a new possible exploit?

PS I doubt Jason has private channels that give him any more information then i have, on the contrary.
  #26  
Old 07-10-2008, 02:43 PM
Jase2 Jase2 is offline
 
Join Date: Dec 2007
Location: USA
Posts: 1,575
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
She told vBulletin about it first. Jelsoft downplayed it, putting their users at risk. So what about blaming them instead of Jessica? They are the ones who didn't take responsibility. But in the end, you have nobody to blame but yourself. It is attitudes like these that are the reason that Storm and others continue to thrive.
I'm reading the discussion thread over @ vbulletin.com and Jessica is posting in that thread.

Marco, are you employed by Jelsoft?
  #27  
Old 07-10-2008, 03:24 PM
King Kovifor's Avatar
King Kovifor King Kovifor is offline
 
Join Date: Nov 2004
Location: PA
Posts: 3,872
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Jase2 View Post
I'm reading the discussion thread over @ vbulletin.com and Jessica is posting in that thread.

Marco, are you employed by Jelsoft?
Yes. Marco is the only Paid Staff member at vBulletin.org as he is employed by Jelsoft. He is here to coordinate between vB.com and vB.org.
  #28  
Old 07-10-2008, 03:39 PM
Shazz's Avatar
Shazz Shazz is offline
 
Join Date: Jun 2006
Location: Utah
Posts: 4,758
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Jase2 View Post
I'm reading the discussion thread over @ vbulletin.com and Jessica is posting in that thread.

Marco, are you employed by Jelsoft?
http://www.vbulletin.com/forum/member.php?u=60067
  #29  
Old 07-11-2008, 06:26 AM
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Posts: 25,415
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Jase2 View Post
I'm reading the discussion thread over @ vbulletin.com and Jessica is posting in that thread.
If you would read it good you will find that the discussion is only about the wording in the release announcement.

We did take our responsibility, we did not deny or let go the report, a patch was constructed and released immediate. The discussion is only if we should have classified the real life risk of this vulnerability as Low/Medium/High in the announcement. I can hardly see this as not taking responsibility.
Quote:
Originally Posted by Jase2 View Post
Marco, are you employed by Jelsoft?
Yes i am employed by Jelsoft.
  #30  
Old 07-11-2008, 02:30 PM
nexialys
Guest
  
Posts: n/a
Default
Quote:
Originally Posted by Marco van Herwaarden View Post
Yes i am employed by Jelsoft.
no, no, i thought you were sooo devoted to your task that you refused to be paid....

gosh, we're all managed by a monstruous conglomerate.... AAARRGGHHHHH

in some countries, employed mean slaved... i suppose that's what some guys here are reading now...
Closed Thread
Page 3 of 4 12 3 4

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 07:33 PM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04546 seconds
  • Memory Usage 2,246KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (10)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (9)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete