Just have been a DB error, and now I see this on top of my screen:


The /home/forums/public_html/clientscript/vbsc.js cache has a modification time of before /home/forums/public_html/clientscript/vbulletin-core.js. Your cache is almost certainly out of date. Please run Compress Javascript under vB4: SuperCharged in your Admin CP.
If you recently updated vBulletin, you should of course run Compress CSS also :)
To prevent issues, your forum is currently running without optimised Javascript as a fallback.

As a last resort if you cannot get this message to disappear, disable the Javascript Optimiser.

in big orange on black letters. :confused:

And some of the feature are going derpy...

Hackers.

I would like to ask anyone logged in at the time of the hacking until the forum came back online to run a virus scan. I got a virus warning just as it happened, so just to be safe, please do this.

Thanks.

Has anyone else also noticed that the page layouts are also going weird? Like the login screen looked messed up like this:



If this is a result of hackers and not just VB acting up again, then said hackers should be allowed to be hunted down and destroyed with impunity. ><

Only one thing to ask...

Is it safe ??

I did notice a version upgrade, though.
4.1.6 > 4.1.8

Not sure if that was FFS or the hackers.
I'm going with FFS, as I know 4.1.8 had a security upgrade.

@docrate1 yes it is because the administrating team updated their vbulletin.

I really don't understand the logic behind hacking. hacking for the sake of saying you're "elite" or shit like that seems pretty pointless to me. Ah, well, twas useful. I had some trojan in the temp folder. now it's clean.

''I really don't understand the logic behind hacking. hacking for the sake of saying you're "elite" or shit like that seems pretty pointless to me. Ah, well, twas useful. I had some trojan in the temp folder. now it's clean.''


Orly? Lol

I did notice a version upgrade, though.
4.1.6 > 4.1.8

Not sure if that was FFS or the hackers.
I'm going with FFS, as I know 4.1.8 had a security upgrade.

no it didnt ?____?

why do you profess random stuff like this when you dont know what youre on aboot

no it didnt ?____?

why do you profess random stuff like this when you dont know what youre on aboot

That's what an administrator from another forum said.

Anyway, the index page for FFS is still messed up and has that website URL.

geez. more hackers are tryin to ruin good sites. this is like the time when the PSN was down for months earlier this year.

timewarp is white, MY EYES!

timewarp is white, MY EYES!
That's exactly what I was going to say.

Did anyone notice Sarah's old posts now say Guest on them? Whoever hacked, must've known that Sarah was an admin, so likely a registered user.

BTW, when was the hacking?

timewarp is white, MY EYES!

I would rather call it the Michael Jackson effect.


*jking.*

Any chance of getting the blue scheme back?

I FEEL SO VIOLATED

Look at how small the font is! They've fucked EVERYTHING UP

Wow, i don't think having the whole user table posted and available freely to anyone is a good news.

Linking to where people can get the user table isn't really gonna help either, it would actually do more damage. :facepalm:

Is there any sensitive info released, though. Should i be changing passwords?

Also: I never thought there would be losers that have so little to do with their lives that they just hack sites for the sake of hacking sites. Douchebags.

EDIT: Just saw the announcement.

I FEEL SO VIOLATED

Me too
I have to update ALL my thread links that I redirected...........
dammit.

No don't do that, they'll be fixed soon.

ok. So why the urls changed then? :/

No idea, but i've been told they'll be back after Sarah gets home. So no point changing everything and having it all undone again when she fixes it.

ah ok. I was scared 0.0 that it was not going to be retrieved at all.

we were hacked and all passwords were compromised in salted form. in other words, CHANGE YOUR PASSWORDS. also change your passwords on any site that uses the same pass as your account on here.
I don't see where the need to change passwords on other sites comes from. First of all the passwords was salted before the hash (according to the admin) and probability of other forums using the same salt is nearly zero.

For the people who have no idea what a salt is:

The benefit provided by using a salted password is making a lookup table assisted dictionary attack against the stored values impractical, provided the salt is large enough.

*LiquidAcid....Liquid Acid Display.*
`*Why the hell that came to my mind? 0.0????*

I don't see where the need to change passwords on other sites comes from. First of all the passwords was salted before the hash (according to the admin) and probability of other forums using the same salt is nearly zero.

For the people who have no idea what a salt is:

salted passwords can be cracked via rainbow tables and they can use said pass to access other sites

salted passwords can be cracked via rainbow tables and they can use said pass to access other sites
Wrong. One uses a salt, so that rainbow tables can't be used / are impractical to use.

except it's not wrong. and there's proof in this thread. based on the salted pass of tk, one of the silly kids logged into his account. it's only possible to login with the real password, not the salted version. they have the real one. how? the only way possible: rainbow tables

md5 is a one way algorithm. it is with a salt, too. you have to construct a new rainbow table for each salt, true, but that just makes it tedious (and means your rainbow table cant be as big)

you import your list of possible unencrypted passwords (this is why password strength is important people), generate the hash based on the possible pass plus the salt, and have a table of said possible passes and resulting hashes. if the hash in the table matches the hash in the vb user table, you suddenly can find the original password.

Stop trying to cover your failures sarah. It is clear you did not salt my password well enough. Now avilla will purchase embarassing things with my ebay account. :(

Stop trying to cover your failures sarah. It is clear you did not salt my password well enough. Now avilla will purchase embarassing things with my ebay account. :(

Be nice, Headphones Girl. :)

Now avilla will purchase embarassing things with my ebay account. :(

Uh... I'm pretty sure you can report to eBay that someone else is in control of your account, and they'll either shut it down or help you get it back.

except it's not wrong. and there's proof in this thread. based on the salted pass of tk, one of the silly kids logged into his account. it's only possible to login with the real password, not the salted version. they have the real one. how? the only way possible: rainbow tables

md5 is a one way algorithm. it is with a salt, too. you have to construct a new rainbow table for each salt, true, but that just makes it tedious (and means your rainbow table cant be as big)

you import your list of possible unencrypted passwords (this is why password strength is important people), generate the hash based on the possible pass plus the salt, and have a table of said possible passes and resulting hashes. if the hash in the table matches the hash in the vb user table, you suddenly can find the original password.



rainbow tables, salted passwords, sand cats

except it's not wrong. and there's proof in this thread. based on the salted pass of tk, one of the silly kids logged into his account. it's only possible to login with the real password, not the salted version. they have the real one. how? the only way possible: rainbow tables
Nonsense. You just need a keyphrase that yields the same hash after applying the salt and the hash function. All hash fuctions have collisions so there are always two different keyphrases that yield the same hash.


md5 is a one way algorithm. it is with a salt, too. you have to construct a new rainbow table for each salt, true, but that just makes it tedious (and means your rainbow table cant be as big)
I know that, and I also know the timeframe with sane password length and a good salt (>= centuries). If your salt is too short or your keyphrase is, then of course you can easily compute this. Same goes for keyphrases which can be found in dictionaries.


you import your list of possible unencrypted passwords (this is why password strength is important people), generate the hash based on the possible pass plus the salt, and have a table of said possible passes and resulting hashes. if the hash in the table matches the hash in the vb user table, you suddenly can find the original password.
That only works together with a dictionary. My keyphrases aren't found in any dictionary and rarely are shorter than 20 characters.

No idea, but i've been told they'll be back after Sarah gets home. So no point changing everything and having it all undone again when she fixes it.


Good. I don't have to re-do my old anime OSt thread index.

Stop trying to cover your failures sarah. It is clear you did not salt my password well enough. Now avilla will purchase embarassing things with my ebay account. :(

He will spend all your hard earned tuna money :(

I suspect that Avilla didn't work alone, however. Perhaps Mod_X reacted to her frustration over Jelsoft's years of non-response in the only way she and her sister knew how.

p.s. recommend me some books please

Good. I don't have to re-do my old anime OSt thread index.

I am waiting for the urls to go back as they were. :/
It really "killed" in a manner of speech, the things i was doing :/

Uh... I'm pretty sure you can report to eBay that someone else is in control of your account, and they'll either shut it down or help you get it back.

Yeah, but then they'll see all the embarrassing stuff! What if they post about it on facebook? My mom is on my facebook, man. Oh man. What do I do?

I see only one possible solution: Sabotage your Mom's internet.

He will spend all your hard earned tuna money :(

I suspect that Avilla didn't work alone, however. Perhaps Mod_X reacted to her frustration over Jelsoft's years of non-response in the only way she and her sister knew how.

p.s. recommend me some books please

Mod_X was a girl? Damn. I am an old man and the years are dimming my memories. ;_;

I assumed you had enough book suggestions because I saw there were a lot of comments!

Umm, I forget, have you read Tom Robbins? Because I always recommend him to everybody. I think if I recall correctly you have at least read Even Cowgirls Get the Blues and/or Still Life With Woodpecker. Those are two of his best. But the most consistently underread, underrated and underappreciated book by him in my opinion is his latter day masterpiece, Fierce Invalids Home From Hot Climates. It's one of the funniest books I've ever read in addition to being a total mindfuck and an addictive page-turner.

If you are at all interested in reading non-fiction, I recommend Don't Sleep, There Are Snakes by Daniel Everett. Everett is a linguist and former missionary who spent around 30 years of his life with one of the most unusual groups of people on earth, both culturally and linguistically, in the Amazon. Just a taste of what these people are like: they almost never sleep for more than two hours at a time; their language has one of the smallest set of phonemes on earth and can be whistled while they are hunting in the jungle; they have no histories, myths, ideas about their origins, or concepts of any gods; they don't have words for numbers and can't be taught how to count. A lot of the book is about the nature of the language that he had to learn, but it's all made very understandable for people who haven't studied a lot of linguistics. And a lot of it is also about how much he changed personally and spiritually from getting to know a culture that basically disproved everything he ever believed about people. It's one of the most eye-opening books about human beings I've ever read.

Have you ever read Gene Wolfe? I have actually never read the books he is best known for, but a friend of mine lent me Latro In the Mist a while ago and I loved it. It's actually two books put together into the form of one and I think there is a third now. It's basically fantasy that's very "realistically" about ancient Greece, as in, it uses that mythology very very accurately with no real embellishment. It's about a soldier who suffers a head injury and loses his short term memory, and the book is a journal he keeps to know what's happened to him every day - so, sort of a Memento thing, but better. Part of the thing that's really fascinating about the story is that after he suffers his injury he starts seeing spirits and gods that other people can't. Anyway based on how good it was, I could probably just recommend anything by Gene Wolfe because my friend who lent me that book is more or less obsessed with him and I was skeptical for a long time because I usually don't like fantasy/sci fi authors that people rave about, but I was totally blown away by this book. Definitely planning to read more by him myself.

Also I recently finally read Oryx and Crake by Margaret Atwood. You've probably read that already, I'm guessing, but it was very good and you should if you haven't!

I can probably think of more ideas later. Sorry I do not have any good mystery or short story collection ideas though. :(

p.s. give me feedback on Kitten-Girl, I've started the next couple chapters already~

I see only one possible solution: Sabotage your Mom's internet.

Hey. You leave my mother out of this.

I do not want sound picky. :(
It is, just, when will the threads urls be ok again?... :/

I was planning to collect urls for some backup, and now I cannot do it, because they are different. I know it work out to be fine. I was just wondering...

again, sorry if I am being picky. Not my intention though. I understand all the work you all have been having to put everything at place. :/

Well, they've just been changed AGAIN.

I notice :/:(

Links are still OK, in a way........

Look, they messed up this pattern


Thread 82905

that won't open, but the thread number (82905) at the end is valid, you need to replace everything before the number with


http://forums.ffshrine.org/showthread.php?t=

so you get


Thread 82905

which works with the intended thread, but for people who have MANY links, this probably doesn't help much.

well.... the thing is I have tooooo many links to had to deal with , and all redirected in my threads, which are not little as you may know.
I am waiting to see if the problem gets fixed as they were because if not, I will have to loose 2 weeks of my life around this. Yes 2 weeks, because I work and teh time I have left here is at night. :/
So I am hopping things to get as they were. I really do not feel like to sort everything again..

What happened, how serious is this hack? Why do I need to change my passwords on other sites if they are the same as the one here? Lets say I use the same password here as I do on the FSM board. My username on there might be different, but I may have the same password. Surely getting my password from here alone is useless if there are no other usernames/logins to match it up against?

I really do not know if we need to change password or not. I changed mine.

What happened, how serious is this hack? Why do I need to change my passwords on other sites if they are the same as the one here? Lets say I use the same password here as I do on the FSM board. My username on there might be different, but I may have the same password. Surely getting my password from here alone is useless if there are no other usernames/logins to match it up against?

I'd recommend changing your password to be safe, as people have managed to obtain at least one password and hijack an account.

I'm not really experienced when it comes to things like this, but I would think if you used the same email address, they'd be able to match it to the account with no problems, even if you have your email address hidden here. They would've been able to see everyone's email addresses.

Ultimately, it's your call, and if you feel safe leaving your password as is, do that. I am a fan of having different passwords everywhere, but I know that's not everyone's thing.

I only use the email address I have here for the FFShrine alone.

timewarp is white, MY EYES!

Hope this will fix soon

Does this forum has Enemies?

Does this forum has Enemies?

Now that's a rhetorical question.

Yes. yes it has.

Hope this will fix soon

Me too. The white is just too bright.

Hope this will fix soon


Me too. The white is just too bright.

Everything will be back to normal within a week or two.

I feel so much better now that I've been given an ETA by someone who has absolutely no idea what's going on.

http://i210.photobucket.com/albums/bb1/ConstantMnemonic/Sparky/gentathumbsup.gif

lol

I feel so much better now that I've been given an ETA by someone who has absolutely no idea what's going on.
Wow, really? I don't find that kind of thing very comforting.
Oh, wait.

I feel so much better now that I've been given an ETA by someone who has absolutely no idea what's going on.

http://i210.photobucket.com/albums/bb1/ConstantMnemonic/Sparky/gentathumbsup.gif

Marceline told me that.

Point stands.

I haven't been given an ETA yet? I also haven't been given the go ahead either.

Does this forum has Enemies?

Nope. We got admirers. More like stalkers. More like dangerous, ravenous, rabid stalkers.
With knives.
Poison-tipped.
Serrated.
Rusted.

Nope. We got admirers. More like stalkers. More like dangerous, ravenous, rabid stalkers.
With knives.
Poison-tipped.
Serrated.
Rusted.

Knives ? I thought they intended to use spoons ?

I thought about forks......

Sporks.
JonC

Spoon+Forks= SPORKS


hey.. good one Jonc :p

So this is why the links from Google lead to nothing? I was wondering why that was... I had to get new bookmarks. :P

Sporks. (http://en.wikipedia.org/wiki/Spork)
JonC

Dude, everyone knows it's called a "Foon"!

I'm keeping my bookmarks backedup, for when things return to normal.

In the meantime, I just got one active bookmark. For the main forum page.

"New Posts" also comes in handy, especially at a time like this!
:smrt:

Why don't you just leave a tab open....

Who needs bookmarks....

I need. I have a busy life. Of course, I already notice that your life is

Say it. You are glued and can't take the eye over a screen. That is pretty your life.

You're here as much as I am, now.

If that is your face...........


















I wanna date you? http://i416.photobucket.com/albums/pp243/AzulE05/K_oN/K-ON-yui-shy.gif