The Arcive of Official vBulletin Modifications Site.

flup · #21 06-26-2005, 10:16 AM

No i get it now, haven't thought with that one

Paul M · #22 06-26-2005, 12:33 PM

Quote:

Originally Posted by Dean C

As said above, it's a privacy issue. For example, if there was a modification which had a big exploit, one could go to the list of users who have installed, and look to see which have it in their profile, and then go round exploiting. Whilst, we realise that 99% of vB.org users would never do this, there is always the slim possibility

Maybe I'm missing something here. Exactly how is this an issue ? ONLY the hack author would be able to see this list, not everyone. How is there any more of a risk of the AUTHOR doing this then there already is - and in most cases (as I have complained elsewhere) - few people have any link to their site from here anyway, so even if I knew "joebloggs" had it installed - I have no idea what his site is.

Dean C · #23 06-26-2005, 01:35 PM

Ah, we're talking about showing this list to everyone though Paul

Andreas · #24 06-26-2005, 01:50 PM

A list of all users who installed a Hack just for the Hack author would be nice

And I don't se privacy issues there, as he can already compile such a list be viewing all posts - which is a PITA when the Thread is several hundred posts long.

Marco van Herwaarden · #25 06-26-2005, 01:56 PM

Quote:

Originally Posted by KirbyDE

A list of all users who installed a Hack just for the Hack author would be nice

And I don't se privacy issues there, as he can already compile such a list be viewing all posts - which is a PITA when the Thread is several hundred posts long.

That would only be possible if everybody who installed made a reply.

Paul M · #26 06-26-2005, 02:07 PM

Quote:

Originally Posted by Dean C

Ah, we're talking about showing this list to everyone though Paul

Ah, but I wasn't

Quote:

Originally Posted by Paul M

If only the author can pull up a list then where's the harm.

I would never suggest that everyone could see it - as that clearly would be an issue.

flup · #27 06-26-2005, 02:25 PM

I wasn't talking about everyone either, just for the hack author...

Chris M · #28 06-26-2005, 02:34 PM

It used to be for all, but I agree, only the hack author, co-authors, and obviously staff, can see the list...

This could also be useful, because even if users do not reply, or accept hack updates via email, you could still contact them via PM or another method or alert a staff member that "User x" has a serious vulnerability with their site (after checking it out), and you could get the hole patched

Satan

Marco van Herwaarden · #29 06-26-2005, 09:44 PM

For that it would be better to create a button to send a security warning by mail and pm. Still no need to see the names.

Atm even staff can not see the names.

Xenon · #30 06-27-2005, 09:44 AM

As already said, it's because of privacy issues.

A user who posts within the supportthread, realises, that when a security flaw is found, he could be a possible victim, but if he does not post then he has to be sure he is "safe".
Of course we could just generate a list just for authors, but there could always be a black sheep there as well.

I can understand both sides, i sometimes miss that feature myself, but as said, the disadvantages are bigger than the fun factor, so we won't add it again.

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.05058 seconds Memory Usage 2,254KB Queries Executed 13 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (1)ad_showthread_firstpost (1)ad_showthread_firstpost_sig (1)ad_showthread_firstpost_start (4)bbcode_quote (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)navbar (3)navbar_link (120)option (1)pagenav (1)pagenav_curpage (4)pagenav_pagelink (10)post_thanks_box (10)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (10)post_thanks_postbit_info (10)postbit (10)postbit_onlinestatus (10)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start pagenav_page pagenav_complete tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!