Sign In
Close
So FA is down by Ghostfox
So I heard from many journals that FA is down. And for a week because of some source code leak. Fun huh? Well, it isn't. I might have to deliver another George Carlin-style rant. But once again, I have some unfinished business to take care of on there. Also, I have a job now. But it's not one I want to do. Because it's a lot of hard work. And it's also hell. Because I have to fold sheets, towels and some other things. But I'm going to have another job soon.
Journal Information
- Views:
- 149
- Comments:
- 6
- Favorites:
- 0
- Rating:
- General
Comments
-
-
Apparently some hacker used a newly discovered server plug-in exploit to access the source code, put it on a USB drive, and left copies lying around everywhere at a hacking convention. The exploit was patched almost immediately upon discovery, but they'd already gotten the site's source code by then. For once, this wasn't actually the site management's fault or any negligence on their part, but rather sophisticated malignant action against the very structure of the site. They deleted pretty much all submissions, comments, and faves. Fortunately they have full backups for the site and are restoring things, but anything done in the last week only had inclemental backups and will have to be manually reloaded by each user. Quite a mess.
-
Actually.... it is because of negligence.
Allow me to explain why.
Firstly the initial exploit was indeed via a plugin for the imaging program they used, the plugin had too much permissions and thus created the exploit, that was patched and would have been the end of the issue completely.
But.... from that exploit a hacker obtained a copy of the entire code that FA runs on, the same code that everyone knows is buggy to all hell and has more holes in the security then swiss cheese, yes there was a USB drives with FA's code laying around at a furry convention, FA staff knew this before the attack, this is the part that negligence and incompetence comes into effect, at this point after discovering that their site code was compromised they should have taken the site offline and worked to patch the code for however long it took to patch the major and easy to spot holes, but they didn't do that, instead they waited and an attack happened, the moment this occurred the site should have again been taken offline, but for whatever reason they gave the hacker time to start deleting everything before they finally took the site down to stop any more data from being lost, however the damage was done, forcing the staff to have to use a saved back up, problem is this back up was a week old, so data was still lost anyway, either way you look at it the hacker accomplished to delete data successfully.
Again at this point it would have been all said and done and over, but it gets worse, staff claimed that there was "no reason to believe that users accounts were compromised." but they still suggested that you change your password, two days after the first attack user accounts were reported as being compromised, this forced the staff to quickly put the site into read only mode where it still currently is at.
-
-
Fa will return when they finish work getting servers online.
-
Fa will return when they finish work getting servers online.
-
Yeah it's currently in read only mode right now
Link
Digitalpotato
FA is down. So you know what that means.
Time for people to start flooding the Weasyl and SoFurry accounts that have gone inactive since the last time they left FA. :P