The Arcive of Official vBulletin Modifications Site.

Paul M · #91 07-25-2007, 07:15 PM

Quote:

Originally Posted by MicroHellas

A first step is to inform members to Disable a product and not to uninstall it. Most members don't know that by uninstalling it they're loosing their data. I realized it from a huge amount of emails that I got from members asking me (but after uninstallation) if they lost their data.

I believe this highlights that we need to standardize the actual message that is sent, and I agree that it should now suggest disabling rather than uninstalling - this is really something left over from the past, as before we had products, the advice of uninstalling was not really a problem as few modifications actually had an uninstall function that removed data. Now that the vb product system automates this, different advice is needed.

MaryTheG(r)eek · #92 07-26-2007, 03:24 AM

Quote:

Originally Posted by Paul M

.....and I agree that it should now suggest disabling rather than uninstalling .

Thank you for supporting my suggestion Paul. I believe that this will reduce the problem by 50%. Further more I believe that all new mods must be check by Moderators before going to public. That's adds an extra security and protect end users from rubish (don't like to say "defaces"(?).

Maria

Distance · #93 07-26-2007, 03:36 AM

Although it would be a solution its never going to happen unless vBulletin.org hire someone, the moderators here get paid nothing and are voluntary, most of them have lives too and don't have enough time to check every modification.

Anyway if the person who created the script cannot spot one how do you expect someone who has never seen the script to have a better chance at finding it!

Also you have to think that if a moderator does check it and gives it the all clear and later an exploit is found and forums get comprimised, it puts alot of pressure on vBulletin.org and on the moderator, possibly legally too.

Distance

MaryTheG(r)eek · #94 07-26-2007, 07:04 AM

Quote:

Originally Posted by odonel

The answer is clear people, vb will eventually charge us for these hacks....

Even if it's something that many users thought, I believe that the real reason is something else than Marco wrote before ("Lots of reports lately").

In my opinion the problem came from the new moderators who came in the field like bulls in crystall shop, trying to get their first congratulations.

To be honest, I was very upset with this situation (for many reasons) but when I seen the moderator's profile, I understood many things just by seeing his photo. By the way (this is for Cordinators and Administrator), don't you think that Moderators (in other words staff) must be more carefull on choosing their photo? "Caesar's wife dosen't need just to be good. She must look good too". At least he has the 2 fingers up and not just one

Marco van Herwaarden · #95 07-26-2007, 07:16 AM

Maria,

I do not like to be called a liar. Also my previous post on the reason of the amount of vulnerabilities found the last few days was simply the truth, please stop trying to suggest that there is anything else to it.

The vulnerabilities have been reported by regular members/coders and staff investigated each report and took action if confirmed.

MaryTheG(r)eek · #96 07-26-2007, 07:38 AM

Quote:

Originally Posted by Marco van Herwaarden

I do not like to be called a liar.

I NEVER called you liar, or at least my meaning wasn't this one. I've never called anybody liar. My meaning is (with much more simple words): "There are lots of reasons. Some of them 1st priority, some other 2nd. I do believe that there were lots of reports and the staff hasn't the time to check all of them, so everyday the queue becaming bigger and bigger. So, when the new staff started on duty, they started from there. And because (here is my point) they don't have the experiance, they did mistakes.".

I apologize if you got my meaning on the bad side.

Dismounted · #97 07-26-2007, 07:42 AM

Actually, the reports started coming in AFTER the new staff were introduced.

MaryTheG(r)eek · #98 07-26-2007, 07:50 AM

Quote:

Originally Posted by Dismounted

Actually, the reports started coming in AFTER the new staff were introduced.

The timing was just for refference. The main goal is that reports checked by the new unexperiant moderators. And to avoid any future misunderstanding: Unexperiant as Moderators. Maybe he is guru on vB.

Marco van Herwaarden · #99 07-26-2007, 07:50 AM

We are not running behind in handling vulnerability reports. Until now we have been able to address each report within a day (more often within hours).

You can make a lot of assumptions, but unless you can provide some facts, they are nothing more then unfounded assumptions. Obfuscating a discussion with such assumptions does not lead to any constructive discussions.

PS The only time that Staff checked for unreported vulnerabilities in a modification has been when a larger number of modifications of the same author have already been reported. In that case staff might be looking into other modifications by the same author to see if there are similar vulnerabilities.

Marco van Herwaarden · #**100** 07-26-2007, 07:53 AM

Quote:

Originally Posted by MicroHellas

The timing was just for refference. The main goal is that reports checked by the new unexperiant moderators. And to avoid any future misunderstanding: Unexperiant as Moderators. Maybe he is guru on vB.

Again you are assuming that new moderators are uncapable of verifying and handling a vulnerabity report or that they have to handle such a report without the assistence of more experienced staff.

I kindly ask you to stop feeding the discussion with such unfounded acquisations.

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.13403 seconds Memory Usage 2,261KB Queries Executed 11 (?)
More Information
Template Usage: (1)SHOWTHREAD (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)ad_showthread_beforeqr (1)ad_showthread_firstpost (1)ad_showthread_firstpost_sig (1)ad_showthread_firstpost_start (6)bbcode_quote (1)footer (1)forumjump (1)forumrules (1)gobutton (1)header (1)headinclude (1)navbar (3)navbar_link (120)option (1)pagenav (1)pagenav_curpage (4)pagenav_pagelink (10)post_thanks_box (10)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (10)post_thanks_postbit_info (10)postbit (10)postbit_onlinestatus (10)postbit_wrapper (1)spacer_close (1)spacer_open (1)tagbit_wrapper Phrase Groups Available: global inlinemod postbit posting reputationlevel showthread	Included Files: ./showthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showthread_start showthread_getinfo forumjump showthread_post_start showthread_query_postids showthread_query bbcode_fetch_tags bbcode_create showthread_postbit_create postbit_factory postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start pagenav_page pagenav_complete tag_fetchbit_complete forumrules navbits navbits_complete showthread_complete
Messages:

The Arcive of Official vBulletin Modifications Site.

It is not a VB3 engine, just a parsed copy!