Go Back   vb.org Archive > Community Central > vBulletin.org Site Feedback
Reload this Page Public discussions of staff decisions are not permitted on the site.
FAQ Community Calendar Today's Posts Search

Reply
Page 2 of 3 1 2 3
 
Thread Tools Display Modes
  #11  
Old 06-30-2007, 08:14 AM
RedTyger's Avatar
RedTyger RedTyger is offline
 
Join Date: Nov 2006
Location: UK
Posts: 1,310
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by SirAdrian View Post
I run a gaming site, pretty much overrun by stupidity.
Haha! Boy does that ever ring true for gaming forums.



Quote:
Originally Posted by SirAdrian View Post
Considering this is a business site, and not really a public discussion board, they have a public image to maintain. Having hacks here with security holes could hurt thousands of customers, so they treat it with the highest priority to 1) remove the hack, and 2) notify the customers at risk. 3) is a lower priority, and that's notifying the creator of the hack for it to be dealt with.
Normally I wouldn't put my oar in, a person's forum is their own and they can run it how they like. But since this appears to be open for discussion I'll expand on what I said in the locked thread.

vBulletin.org when finding a vulnerability:
- instantly remove the software
- notify all the customers and then allow the author to organise a fix and issue an update to the software
- when it's done the software back in circulation. It could be done at any speed so I can't comment.

vBulletin.com when finding a vulnerability:
- Do Jelsoft remove the vulnerable versions until a fix is released? I don't know.
- organise a fix and issue an update to the software, usually within a day or so
- notify all the customers when it's done, anywhere between instantly via an announcement and the AdminCP message to several days via email.

Well, I'm hoping the point is made there.
Reply With Quote
  #12  
Old 06-30-2007, 08:37 AM
Michael Biddle Michael Biddle is offline
 
Join Date: Apr 2004
Location: Anaheim, CA
Posts: 774
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by RedTyger View Post
vBulletin.com when finding a vulnerability:
- Do Jelsoft remove the vulnerable versions until a fix is released? I don't know.
I do not think the announce until its fixed already.
Reply With Quote
  #13  
Old 06-30-2007, 11:45 AM
Dismounted's Avatar
Dismounted Dismounted is offline
 
Join Date: Jun 2005
Location: Melbourne, Australia
Posts: 15,047
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Yea, vB.com don't announce there's any problems until a fix is out. It's better that way, as script kiddies don't catch wind of it.
Reply With Quote
  #14  
Old 06-30-2007, 11:56 AM
The Geek's Avatar
The Geek The Geek is offline
 
Join Date: Sep 2003
Location: Behind you
Posts: 2,779
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Isn't this post ironic? It is a discussion about not allowing discussions on the very topic it is discussing

I would hope that constructive threads regarding current policies would be welcomed with open arms (as I am sure all of us do). But threads reacting to specific incidents where policies were enforced only do more harm than good.
Reply With Quote
  #15  
Old 06-30-2007, 11:58 AM
RedTyger's Avatar
RedTyger RedTyger is offline
 
Join Date: Nov 2006
Location: UK
Posts: 1,310
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Dismounted View Post
Yea, vB.com don't announce there's any problems until a fix is out. It's better that way, as script kiddies don't catch wind of it.
That wasn't what I was getting at, whether it's better or worse is up to the individual. Both have their pros and cons.

But if vBulletin.org say that this is the minimally acceptable way of dealing with vulnerabilities then it makes Jelsoft look rather slack and raises questions about why coders here should be subject to stricter rules than they are.

And if you subsribe to the Jelsoft method then it raises questions about why vBulletin.org are laying out such hardass smackdown on the coders.

I appreciate that in Jelsoft's case you are guaranteed to get a very swift fix which is not true of coders here, but surely it's only fair to at least offer them the opportunity? It would seem reasonable to me that we should be subject to the same standards as Jelsoft, otherwise as I say, questions are raised.
Reply With Quote
  #16  
Old 06-30-2007, 02:40 PM
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Location: Nottingham, UK
Posts: 23,748
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Dream View Post
I don't agree with this rule. And this is feedback about the site.
Actually, you agreed with it when you joined.


Almost every forum I know has such a rule - (i.e. Staff decisions are final, no public discussion of them will be entered into).


Equally, there are many laws I don's agree with, but I still have to abide by them or face the consequences - this is just the same.
Reply With Quote
  #17  
Old 06-30-2007, 09:28 PM
cyberphr's Avatar
cyberphr cyberphr is offline
 
Join Date: Jul 2006
Location: Hell
Posts: 293
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
This rule should stay. And I believe those whom wrote the TOS here have more experience in these fields than almost all of the members.
Reply With Quote
  #18  
Old 06-30-2007, 11:22 PM
Dream's Avatar
Dream Dream is offline
 
Join Date: Oct 2001
Posts: 2,251
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Paul M View Post
Actually, you agreed with it when you joined.
I would never agree to such a rule *shakes fist*

May you all see the light one day. I pray for your souls.
Reply With Quote
  #19  
Old 06-30-2007, 11:30 PM
nexialys
Guest
  
Posts: n/a
Default
actually we did not agree to these rules, because they are not in the welcome rules but in a specific section of the site...

and i was registered here even before these rules were written...
Reply With Quote
  #20  
Old 06-30-2007, 11:44 PM
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Location: Nottingham, UK
Posts: 23,748
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Rule 1 is all that we actually require if you boil it down

Quote:
1. Staff decisions are final. Ultimately, staff has complete discretion over what is and is not acceptable on the site.

However we do list a lot of things specifically to aid you.


You might also note ;
Quote:
Members of VBULLETIN.ORG are responsible for reviewing VBULLETIN.ORG General Site Rules. VBULLETIN.ORG reserves the right to modify General Site Rules at any time. Your continued use of the VBULLETIN.ORG constitutes your consent to such changes.
Reply With Quote
Reply
Page 2 of 3 1 2 3

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 10:31 AM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04701 seconds
  • Memory Usage 2,260KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (8)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (9)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete