Go Back   vb.org Archive > News and Announcements > News and Announcements
  #151  
Old 05-22-2006, 12:04 AM
FASherman's Avatar
FASherman FASherman is offline
 
Join Date: Aug 2002
Posts: 289
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

What the bloody hell is going on around here?

1. Why would any programmer give a damned about getting credit for the install? Two reasons come to mind. The first is ego and there is no accounting for that. The second is the ridiculous method used to choose Hack of the Month nominees. Get rid of that. Nominate hacks based on merit, not clicks. Oh yeah, and subject every nominee to a code review. Kind of like the way NASCAR does vehicle inspections.

2. I'm sick of the way VB.Org either is or isn't independent of Jelsoft, depending on what they need at the moment. Pick one. Either admit to being a momma's boy or cut the freaking apron strings, but don't play it both ways.

3. Coders are the life's blood of this place. Every user needs to appreciate the hell out of them. They develop code because THEY need it and happen, out of the kindness of their hearts, to make it available to us too. Bee damned greatful. When you have a problem, make an effort to fix it yourself, if you can and post the fix - if you are able. If not, don't PM them. Post in the release thread so that the 100 other people that have the same problem can get the fix. AND BE PATIENT. None of them are full time professional VB developers and celebate PHP monks. They have lives, jobs and families that need the occasional care and feeding.

4. Somebody better get a handle on this site pronto. The snail pace of development of VB and the inability to deliver the years-ago promised vbCMS isn't why VB is the best damned message board for the money. VB.Org and the ability to customize my site to what I need is the real reason. But I see that reason slipping away. Not just this thread but several others show this place in near shambles. The Bush administration is run better with less controversy. This is a site that CANNOT exist without coders. When you run them off hiding behind rules and make mountains out off molehills, then YOU are doing something wrong, rules be damned.

I'll get off my soapbox now. Talk among yourselves.
  #152  
Old 05-22-2006, 12:59 AM
Ramsesx's Avatar
Ramsesx Ramsesx is offline
 
Join Date: Aug 2005
Location: Southern Germany
Posts: 512
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by FASherman
What the bloody hell is going on around here?

1. Why would any programmer give a damned about getting credit for the install? Two reasons come to mind. The first is ego and there is no accounting for that. The second is the ridiculous method used to choose Hack of the Month nominees. Get rid of that. Nominate hacks based on merit, not clicks. Oh yeah, and subject every nominee to a code review. Kind of like the way NASCAR does vehicle inspections.

2. I'm sick of the way VB.Org either is or isn't independent of Jelsoft, depending on what they need at the moment. Pick one. Either admit to being a momma's boy or cut the freaking apron strings, but don't play it both ways.

3. Coders are the life's blood of this place. Every user needs to appreciate the hell out of them. They develop code because THEY need it and happen, out of the kindness of their hearts, to make it available to us too. Bee damned greatful. When you have a problem, make an effort to fix it yourself, if you can and post the fix - if you are able. If not, don't PM them. Post in the release thread so that the 100 other people that have the same problem can get the fix. AND BE PATIENT. None of them are full time professional VB developers and celebate PHP monks. They have lives, jobs and families that need the occasional care and feeding.

4. Somebody better get a handle on this site pronto. The snail pace of development of VB and the inability to deliver the years-ago promised vbCMS isn't why VB is the best damned message board for the money. VB.Org and the ability to customize my site to what I need is the real reason. But I see that reason slipping away. Not just this thread but several others show this place in near shambles. The Bush administration is run better with less controversy. This is a site that CANNOT exist without coders. When you run them off hiding behind rules and make mountains out off molehills, then YOU are doing something wrong, rules be damned.

I'll get off my soapbox now. Talk among yourselves.
I fully agree to that. To point 1 maybe it would be a good idea to make it if somebody is downloading a hack it will be counted automatically as a install.
Also give every coder the title "super master of the universe coder"
  #153  
Old 05-22-2006, 01:57 AM
Shaliza Shaliza is offline
 
Join Date: Apr 2006
Posts: 193
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Paul M
Nope, I think it's about the code that tries to call the vb.org "install" link when a product is first installed.
What if someone didn't click "install" because they simply forgot to & not because they were trying to be slick or something?

Quote:
Originally Posted by Mark.B
This is, as you say, about trust, therefore the list of known affected hacks MUST be disclosed, without question.
Absolutely. I bet some people are holding off installing hacks until they know.

I guess the thing I don't understand is why some coders didn't mention that they did this in the readme files? Doesn't the person installing the hack have the right to know what exactly they're uploading onto their site? Why be sneaky about it if it's just "nothing"?

I didn't know about this "install" issue until I read this post. I haven't installed any hacks yet & it looks like I won't be until this list is finally let out in the open.

Quote:
Originally Posted by Chroder
This is true. I think maybe we should create some sort of "verified" system. When we upload attachments, they are marked as unverified (but still downloadable). Then maybe have a team that goes around and checks newly uploaded or updated attachments for unsafe code. Once it's passed the check, display a "verified" badge on the attachment.
That sounds like a fantastic idea.

I also agree with some of what FASherman.
  #154  
Old 05-22-2006, 02:04 AM
libertate's Avatar
libertate libertate is offline
 
Join Date: Feb 2005
Location: Kiribati
Posts: 107
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

VBulletin.org is Jelsoft.
  #155  
Old 05-22-2006, 02:11 AM
JohnBee JohnBee is offline
 
Join Date: Oct 2004
Posts: 544
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

If vb.org doesn't release the hack names to protect the users who failed to press [install] then you are not doing your job. I'm not sure it was said officially but if my board is compromised because some debilated coder thought he had the right to slip some backdoor code past my security then watch out.

Some people who come here are not simple Joe Blows with a forum full of jibber jabbers some people actually have serious data to protect. If you are telling me that I have no right to know what code was compromised then I will take the initiative to show vb.org how serious things can get.

simple said, don't mess with peoples companies and money by playing the blame game. There is no way some coders integrity will come before the information on my site.

I will contact the individual who posted this thread the fuse short and my associates will not mess around with this situation at all.
  #156  
Old 05-22-2006, 02:13 AM
Shaliza Shaliza is offline
 
Join Date: Apr 2006
Posts: 193
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Well said.
  #157  
Old 05-22-2006, 02:18 AM
FASherman's Avatar
FASherman FASherman is offline
 
Join Date: Aug 2002
Posts: 289
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by JohnBee
If vb.org doesn't release the hack names to protect the users who failed to press [install] then you are not doing your job. I'm not sure it was said officially but if my board is compromised because some debilated coder thought he had the right to slip some backdoor code past my security then watch out.

Some people who come here are not simple Joe Blows with a forum full of jibber jabbers some people actually have serious data to protect. If you are telling me that I have no right to know what code was compromised then I will take the initiative to show vb.org how serious things can get.

simple said, don't mess with peoples companies and money by playing the blame game. There is no way some coders integrity will come before the information on my site.

I will contact the individual who posted this thread the fuse short and my associates will not mess around with this situation at all.
Can you say "class action"?

The IBM pSeries Users Groups forums run vBulletin with some modifications from this site. Be ready for an excrement storm when I inform their sysadmin that they have potential backdoors but have no right to know.
  #158  
Old 05-22-2006, 02:31 AM
Code Monkey's Avatar
Code Monkey Code Monkey is offline
 
Join Date: May 2004
Posts: 1,080
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Way OTT
  #159  
Old 05-22-2006, 02:32 AM
Boofo's Avatar
Boofo Boofo is offline
 
Join Date: Mar 2002
Location: Des Moines, IA (USA)
Posts: 15,776
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Exactly!
  #160  
Old 05-22-2006, 02:44 AM
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Location: Nottingham, UK
Posts: 23,748
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

There are/were no "backdoors", perhaps you should re-read the original message.
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:59 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.06833 seconds
  • Memory Usage 2,258KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (5)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete